Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Newdotnet en CiD popups

pimvandenderen
12 antwoorden
  • Allow

    Graag hulp om een laptop spywarevrij te krijgen. Bij het opstarten komt er een error van newdotnet op, en er komen constant popups van CiD.

    Het is de computer van een kennis die nogal veel gratis games enz zoekt… :?

    Ik heb hitmanpro eens laten lopen, en nadien nog eens ad-aware, spybot en cwshredder. Maar deze 2 problemen blijven dus… Ik heb wel al wat forums afgezocht maar probleem nog niet opgelost. Van newdotnet staat er trouwens geen mapje meer in program files. En de CiD popups zijn door spybot denk ik al half geblokkeerd, de popups zijn nu leeg (wit).

    Hierbij de Hijakthis logfile. Alvast bedankt!


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:47:00, on 9/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Acer\eManager\anbmServ.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Arcade\PCMService.exe
    C:\Program Files\Launch Manager\QtZgAcer.EXE
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Eset
    od32kui.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Spybot - S&D\TeaTimer.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\MAGENTIC\bin\MgApp.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [Antiy Auto Update] C:\Program Files\Antiy Labs\Alive\AliveCenter0.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ROAD ITCH AMOK PING] C:\Documents and Settings\All Users\Application Data\Long slow road itch\iso cast.exe
    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\MAGENTIC\bin\Magentic.exe /c
    O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\charlie\APPLIC~1\ELSEPL~1\AXISNEW.exe
    O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - S&D\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O18 - Protocol: bw+0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: C:\WINDOWS\system32\rlai.dll
    O20 - Winlogon Notify: RelevantKnowledge - C:\WINDOWS\system32\rlls.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Caretaker Service (CaretakerSvc) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
    O23 - Service: Caretaker Updater (CaretakerUpdate) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: PC Tools Auxiliary Service (sdauxservice) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdcoreservice) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe


    End of file - 21001 bytes



  • Hoi Juul,

    Download dit bestand:
    [b:2ce67bcf34]Deljob.exe[/b:2ce67bcf34]
    Plaats het op je bureaublad.
    Indien je virusscanner de download van deljob.exe blokkeert,
    schakel dan tijdelijk je virusscanner uit of download de zip-versie
    [b:2ce67bcf34]deljob.zip[/b:2ce67bcf34]
    en pak deze uit naar je Bureaublad.
    Dubbelklik [b:2ce67bcf34]Deljob.exe[/b:2ce67bcf34].
    Een logje(logit.txt) zal openen, het bestandje kan je ook terugvinden op je bureaublad.
    Post de inhoud van [b:2ce67bcf34]logit.txt[/b:2ce67bcf34] in je volgende bericht.

    Probeer de volgende mogelijke manieren om New.net te verwijderen, in deze volgorde:

    1) Ga naar Configuratiescherm > Software. Kijk of [b:2ce67bcf34]New.net Domains[/b:2ce67bcf34] of [b:2ce67bcf34]New.net Application[/b:2ce67bcf34] in de softwarelijst staat en, zo ja, deïnstalleer dit.
    Staat het niet in de softwarelijst of lukt het deïnstalleren niet, ga dan naar 2).

    2) Kijk in de map C:\Program Files\NewDotNet of daarin een uninstaller staat. Die uninstaller heet [b:2ce67bcf34]uninstallX_XX.exe[/b:2ce67bcf34] (waarbij de X'en staan voor cijfers). Zo ja, dubbelklik daarop om New.net te verwijderen.
    Lukt het op deze manier niet, ga dan naar 3).

    3) Kijk in de map C:\Windows of daarin een unistaller staat. Die uninstaller heet [b:2ce67bcf34]NDNuninstallx_xx.exe[/b:2ce67bcf34] (waarbij de X'en staan voor cijfers). Zo ja, dubbelklik daarop om New.net te verwijderen.
    Lukt het op deze manier niet, ga dan naar 4).

    4) Download deze uninstaller, plaats het op je bureablad. Dubbelklik op [b:2ce67bcf34]NNuninstall.exe[/b:2ce67bcf34], dat nu op je bureaublad staat, om New.net te verwijderen.

    Na het verwijderen van New.net, moet de pc opnieuw worden opgestart. Maak daarna een nieuw HijackThis-log en plaats dat hier samen met het logje van Deljob.

    Pim
  • Bedankt voor vlugge reactie!

    Ik heb ondertussen nog een full system scan met nod32 gedaan en een paar restarts. En de newdotnet uninstaller gedraaid ook. De error is weg en voorlopig nog geen CiD popups gekregen.

    Hier nog de gevraagde logs.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:56:15, on 9/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Acer\eManager\anbmServ.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Launch Manager\QtZgAcer.EXE
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Eset
    od32kui.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\MAGENTIC\bin\MgApp.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [Antiy Auto Update] C:\Program Files\Antiy Labs\Alive\AliveCenter0.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ROAD ITCH AMOK PING] C:\Documents and Settings\All Users\Application Data\Long slow road itch\iso cast.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\MAGENTIC\bin\Magentic.exe /c
    O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\charlie\APPLIC~1\ELSEPL~1\AXISNEW.exe
    O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O18 - Protocol: bw+0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: C:\WINDOWS\system32\rlai.dll
    O20 - Winlogon Notify: RelevantKnowledge - C:\WINDOWS\system32\rlls.dll (file missing)
    O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe


    End of file - 19471 bytes


    En die van deljob.

    ——————————————————–
    File(s) moved to C:\deljob

    A9C81B8D918B936D.job
    ——————————————————–
    Files remaining after cleaning

    AppleSoftwareUpdate.job
    ——————————————————–
    App data folders

    De volumenaam van station C is ACER
    Het volumenummer is 320D-180E

    Map van C:\Documents and Settings\charlie\Application Data

    28/05/2006 01:46 <DIR> .
    28/05/2006 01:46 <DIR> ..
    06/08/2005 18:28 <DIR> IDENTI~1 Identities
    06/08/2005 18:12 <DIR> MICROS~1 Microsoft
    27/05/2006 20:07 <DIR> MACROM~1 Macromedia
    27/05/2006 20:08 <DIR> SYMANTEC Symantec
    28/05/2006 14:07 <DIR> CYBERL~1 CyberLink
    15/06/2006 22:34 <DIR> ADOBE Adobe
    27/06/2006 20:51 <DIR> HELP Help
    04/07/2006 21:12 <DIR> ZYLOM Zylom
    05/07/2006 21:18 <DIR> PLAYFI~1 PlayFirst
    06/07/2006 09:14 <DIR> SUN Sun
    15/08/2006 09:22 <DIR> ADOBEUM AdobeUM
    15/08/2006 11:07 <DIR> WILDFIRE Wildfire
    25/08/2006 21:46 <DIR> SCANSOFT ScanSoft
    26/08/2006 21:30 <DIR> CANON Canon
    05/09/2006 20:11 <DIR> ARCSOFT ArcSoft
    15/09/2006 20:12 <DIR> XNVIEW XnView
    21/09/2006 18:19 <DIR> APPLEC~1 Apple Computer
    08/10/2006 17:22 <DIR> CD-LAB~1 CD-LabelPrint
    03/05/2007 18:08 <DIR> ELSEPL~1 Else plus
    22/06/2007 12:56 <DIR> hln
    08/08/2007 20:31 <DIR> SECUROM SecuROM
    20/10/2007 16:12 <DIR> SURFRI~1 SurfRight
    07/11/2007 21:55 <DIR> LAVASOFT Lavasoft
    07/11/2007 23:17 <DIR> GOOGLE Google
    0 bestand(en) 0 bytes
    26 map(pen) 4.627.300.352 bytes beschikbaar
    De volumenaam van station C is ACER
    Het volumenummer is 320D-180E

    Map van C:\Documents and Settings\All Users\Application Data

    28/05/2006 01:34 <DIR> .
    28/05/2006 01:34 <DIR> ..
    06/08/2005 18:12 <DIR> MICROS~1 Microsoft
    04/07/2006 21:12 <DIR> ZYLOM Zylom
    04/07/2006 21:18 <DIR> SANDLO~1 Sandlot Games
    05/07/2006 21:18 <DIR> PLAYFI~1 PlayFirst
    25/08/2006 21:46 <DIR> SSSCAN~1 SSScanAppDataDir
    25/08/2006 21:46 <DIR> SSSCAN~2 SSScanWizard
    28/08/2006 19:26 <DIR> WINDOW~1 Windows Genuine Advantage
    19/09/2006 19:07 <DIR> CANONBJ CanonBJ
    21/09/2006 18:17 <DIR> APPLEC~1 Apple Computer
    18/10/2006 19:48 <DIR> NTIDVD~1 NtiDvdCopy
    30/10/2006 12:49 <DIR> AVERY Avery
    02/02/2007 21:29 <DIR> TEMP
    03/05/2007 18:08 <DIR> INTRAK~1 Intra knob for aim
    03/05/2007 18:09 <DIR> MESSEN~1 Messenger Plus!
    20/05/2007 19:24 <DIR> SCANSOFT ScanSoft
    03/08/2007 17:15 <DIR> LONGSL~1 Long slow road itch
    03/08/2007 17:16 <DIR> 16NEWP~1 16 new ping long
    02/09/2007 17:37 <DIR> APPLE Apple
    29/09/2007 09:21 <DIR> ADOBE Adobe
    20/10/2007 16:08 <DIR> SURFRI~1 SurfRight
    29/10/2007 13:46 <DIR> UBISOFT Ubisoft
    07/11/2007 21:49 <DIR> SPYBOT~1 Spybot - Search & Destroy
    07/11/2007 21:52 <DIR> GOOGLE Google
    07/11/2007 23:17 <DIR> PREVX Prevx
    0 bestand(en) 0 bytes
    26 map(pen) 4.627.300.352 bytes beschikbaar
    ——————————————————–



  • Start Hijackthis, kies voor [i:6afa73c8f4]'Do a system scan only'[/i:6afa73c8f4] en vink onderstaande regels aan:
    [b:6afa73c8f4]
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [ROAD ITCH AMOK PING] C:\Documents and Settings\All Users\Application Data\Long slow road itch\iso cast.exe
    O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\charlie\APPLIC~1\ELSEPL~1\AXISNEW.exe
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
    O20 - AppInit_DLLs: C:\WINDOWS\system32\rlai.dll
    O20 - Winlogon Notify: RelevantKnowledge - C:\WINDOWS\system32\rlls.dll (file missing)
    [/b:6afa73c8f4]

    Sluit nu [u:6afa73c8f4]alle[/u:6afa73c8f4] openstaande vensters, behalve Hijackthis en klik op [b:6afa73c8f4]Fix Checked[/b:6afa73c8f4].

    Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:
    [b:6afa73c8f4]
    Folder::
    C:\Documents and Settings\charlie\Application Data\Else plus
    C:\Documents and Settings\All Users\Application Data\Long slow road itch
    C:\Documents and Settings\All Users\Application Data\Intra knob for aim
    C:\Documents and Settings\All Users\Application Data
    ew ping long

    File::
    C:\WINDOWS\system32\rlai.dll

    [/b:6afa73c8f4]
    Sla dit op op je Bureaublad als [b:6afa73c8f4]CFScript.txt[/b:6afa73c8f4]

    Sleep [b:6afa73c8f4]CFScript.txt[/b:6afa73c8f4] in [b:6afa73c8f4]ComboFix.exe[/b:6afa73c8f4] zoals getoond in onderstaand voorbeeld :

    [img:6afa73c8f4]http://img.photobucket.com/albums/v666/sUBs/CFScript.gif[/img:6afa73c8f4]

    Dit zal [b:6afa73c8f4]ComboFix[/b:6afa73c8f4] doen herstarten.
    Start opnieuw op als daarom gevraagd wordt,
    en post de inhoud van de [b:6afa73c8f4]Combofix.txt[/b:6afa73c8f4] in je volgende antwoord samen met een nieuw HijackThislogje.

    Succes!

    Pim
  • Bedankt alweer. Ondertussen bleek de CiD popup al terug…

    Hier de gevraagde logjes.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:16:51, on 10/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Acer\eManager\anbmServ.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Launch Manager\QtZgAcer.EXE
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Eset
    od32kui.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\PROGRA~1\MAGENTIC\bin\MgApp.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [Antiy Auto Update] C:\Program Files\Antiy Labs\Alive\AliveCenter0.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\MAGENTIC\bin\Magentic.exe /c
    O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O18 - Protocol: bw+0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {E9227E1C-12AB-40C9-8F12-79FAD0AD7689} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe


    End of file - 19044 bytes


    En combofix…


    ComboFix 07-11-08.1 - charlie 2007-11-10 13:01:56.1 -



  • Trouwens, als alles er nu goed uitziet, wat kan ik nog doen om zo veel mogelijk spyware te voorkomen? Nu heb ik Tea Timer van Spybot S&D aanstaan. Of windows defender doet ook goed werk naar het schijnt?

    Ik weet wel dat echte real time protection tegen spyware niet bestaat, maar anders mag ik binnen een maand weer die laptop kuisen…
  • Hoi Juul,

    Eerst gaan we je pc helemaal malwarevrij maken en daarna zullen we je beveiliging eens nakijken :)

    Teatimer van Spybot is actief, deze kan de fix hinderen dus schakelen we deze tijdelijk uit.
    - Start Spybot
    - Ga naar Mode > selecteer Advanced Mode
    - Ga naar Tools en klik op het Resident-icoon in de lijst
    - Haal het vinkje weg bij Resident TeaTimer en klik OK
    - Herstart de computer
    - Download vervolgens ResetTeaTimer.bat naar je Bureaublad.
    Dubbelklik op ResetTeaTimer.bat om alle entries in TeaTimer te verwijderen.


    Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:

    [b:958120d242]Folder::
    C:\Program Files\Else plus
    C:\deljob
    C:\FOUND.034
    C:\FOUND.033

    File::
    C:\WINDOWS\system32\silc.dat
    C:\WINDOWS\system32\lvci1150.dll
    [/b:958120d242]
    Sla dit op op je Bureaublad als [b:958120d242]CFScript.txt[/b:958120d242]

    Sleep [b:958120d242]CFScript.txt[/b:958120d242] in [b:958120d242]ComboFix.exe[/b:958120d242] zoals getoond in onderstaand voorbeeld :

    [img:958120d242]http://img.photobucket.com/albums/v666/sUBs/CFScript.gif[/img:958120d242]

    Dit zal [b:958120d242]ComboFix[/b:958120d242] doen herstarten.
    Start opnieuw op als daarom gevraagd wordt,
    en post de inhoud van de [b:958120d242]Combofix.txt[/b:958120d242] in je volgende antwoord.

    Pim
  • Alweer merci. Combofix log:

    ComboFix 07-11-08.1 - charlie 2007-11-11 23:53:30.2 -
  • Nog één dingetje over het hoofd gezien :oops:

    Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:
    [b:314f8f337f]
    File::
    C:\WINDOWS\system32\rlph.dll
    [/b:314f8f337f]

    Sla dit op op je Bureaublad als [b:314f8f337f]CFScript.txt[/b:314f8f337f]

    Sleep [b:314f8f337f]CFScript.txt[/b:314f8f337f] in [b:314f8f337f]ComboFix.exe[/b:314f8f337f] zoals getoond in onderstaand voorbeeld :
    [img:314f8f337f]http://img.photobucket.com/albums/v666/sUBs/CFScript.gif[/img:314f8f337f]

    Dit zal [b:314f8f337f]ComboFix[/b:314f8f337f] doen herstarten.
    Start opnieuw op als daarom gevraagd wordt en post de inhoud van de Combofix.txt in je volgende antwoord.

    Hoe is het met je problemen?

    Pim
  • Bedankt!! Geen (zichtbare) problemen meer. :D

    Nu zorgen dat het zo blijft… Moet die teatimer nu terug aan? Of andere software? Ik doe voorlopig nog niets zelf, ik wacht uw advies af :lol:

    En nog het combofix logje:

    ComboFix 07-11-08.1 - charlie 2007-11-12 10:54:03.3 -
  • Mooi dat je problemen zijn opgelost Juul :)

    Qua beveiliging zie ik dat je NOD32 hebt als virusscanner wat een prima scanner is, daarnaast is Teatimer van Spybot een prima aanvulling. Echter heb je het ook over Windows Defender wat ik nergens terug zie in je logfile. Deze zou ik echter niet installeren, omdat deze dan in conflict kan raken met Spybot's teatimer.

    Conclusie: Je bent prima beveiligd :)

    Echter raad ik je wel aan om deze beveilingstips nog eens door te lezen:
    http://users.telenet.be/marcvn/spyware/1564073.htm
    http://users.telenet.be/bluepatchy/miekiemoes/preventie.html

    Pim
  • Enorm bedankt!!!! Laptop draait een heel stuk rapper nu. Ik hoop dat het nu lang zo blijft…

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.