Killer Queen

Ik heb het gevonden ^^

Nieuwsgierigen kunnen de oplossing nalezen in http://www.pc-helpforum.be/f168/google-doet-vreemd-na-terug-knop-18851/

Zo, ben erg opgelucht.

Bedankt voor de hulp iedereen.

KQ

xx

HAH!

We zijn eruit

Mijn vriend was hier als Ff me na en toektocht ook weer toevallig terugstuurde naar Google Dark.

En hij vroeg wat dat was, dus gingen we eens naar de site.

En ik die al de hele tijd dacht dat Google Dark een site op zich was,

bleek het een scriptje te zijn, natuurlijk ging er onmiddellijk een lampje branden

Effectief, onder Greasemonkey stond er Google Dark geïnstalleerd, dat even met 1 druk op de knop uninstalled en het probleem was verholpen!

Nu kan je wel zeggen, dat weet je dan toch wel zelf, als je zo iets installeert en er begint iets mis te lopen dat het daaraan ligt.

Maar ik heb Firefox zo lang zonder problemen gebruikt tot het begon mis te lopen,

ik herinner me wel nog dat ik ooit eens die Dark uitgeprobeerd heb, maar ondanks formatjes en herinstalls zal dat script altijd mee verhuisd zijn in de Firefox profielen die ik netjes backup, tot als Ff tot een versie is gekomen waar het waarschijnlijk problemen gaf met Google Dark, vandaar

Kan me moeilijk inbeelden dat er nog veel mensen zijn met een gelijkaardig probleem , je weet maar nooit, dan hoop ik dat ze met deze thread eveneens geholpen zijn ^^

Groetjes en bedankt voor de moeite lieve mensen

KQ

xx

Heb een Combofix log ook. Probleem nog niet opgelost. Plak hier ook nog even een screenie aan, want toen ik het testte stuurde hij me terug naar Google Dark, dat zoals ik eerder vermeldde ook wel eens voorkomt, heel wisselvallig.

ComboFix 09-11-11.01 - Killer Queen 11/11/2009 18:10.1.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.32.1043.18.1023.520 [GMT 1:00]

Gestart vanuit: c:\program files\Programs\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\recycler\S-1-5-21-1004336348-261903793-839522115-1003

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-10-11 to 2009-11-11 ))))))))))))))))))))))))))))))

.

2009-11-10 12:38 . 2009-11-10 12:38 -------- d-----w- c:\documents and settings\Killer Queen\Application Data\Malwarebytes

2009-11-10 12:38 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-11-10 12:38 . 2009-11-10 12:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-11-10 12:38 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-11-10 12:38 . 2009-11-10 13:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-11-07 18:47 . 2009-11-07 18:47 -------- d-----w- c:\program files\Trend Micro

2009-11-06 02:14 . 2009-11-06 02:14 41872 ----a-w- c:\windows\system32\xfcodec.dll

2009-11-05 21:06 . 2009-11-05 21:06 -------- d-----w- c:\program files\Microsoft

2009-10-29 19:40 . 2009-10-29 16:37 15880 ----a-w- c:\windows\system32\lsdelete.exe

2009-10-29 16:36 . 2009-10-29 16:36 5908024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll

2009-10-29 16:36 . 2009-10-29 16:36 327000 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll

2009-10-29 16:36 . 2009-10-29 16:36 87496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll

2009-10-29 16:36 . 2009-10-29 16:36 933120 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll

2009-10-29 16:36 . 2009-10-29 16:36 640608 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe

2009-10-29 16:35 . 2009-10-29 16:35 815760 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe

2009-10-29 16:35 . 2009-10-29 16:35 822904 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe

2009-10-29 16:35 . 2009-10-29 16:35 1638104 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe

2009-10-29 16:34 . 2009-10-29 16:35 788368 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe

2009-10-29 16:31 . 2009-10-29 16:34 1179232 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe

2009-10-29 16:26 . 2009-10-29 16:26 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}

2009-10-29 16:26 . 2009-10-03 08:15 2924848 -c--a-w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe

2009-10-29 16:26 . 2009-10-29 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2009-10-29 16:26 . 2009-10-29 16:26 -------- d-----w- c:\program files\Lavasoft

2009-10-27 19:29 . 2009-10-27 19:29 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google

2009-10-27 19:24 . 2009-11-05 21:29 -------- d-----w- c:\documents and settings\Killer Queen\Local Settings\Application Data\Temp

2009-10-27 19:24 . 2009-10-27 19:24 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google

2009-10-27 19:24 . 2009-11-07 21:34 -------- d-----w- c:\documents and settings\Killer Queen\Local Settings\Application Data\Google

2009-10-27 19:24 . 2009-10-27 19:26 -------- d-----w- c:\program files\Google

2009-10-21 07:28 . 2009-10-21 07:27 2064152 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll

2009-10-17 10:45 . 2009-10-17 10:44 2025752 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgtray.exe

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-11-11 17:05 . 2009-08-28 15:44 -------- d-----r- c:\program files\Programs

2009-11-11 14:47 . 2009-03-28 15:54 -------- d-----w- c:\program files\Mozilla Thunderbird

2009-11-11 02:47 . 2009-04-19 18:43 -------- d-----w- c:\program files\Xfire

2009-11-10 10:14 . 2009-04-19 18:43 -------- d-----w- c:\documents and settings\Killer Queen\Application Data\Xfire

2009-11-10 00:16 . 2009-04-19 18:47 -------- d-----w- c:\documents and settings\Killer Queen\Application Data\Skype

2009-11-09 23:06 . 2009-04-19 18:52 -------- d-----w- c:\documents and settings\Killer Queen\Application Data\skypePM

2009-11-07 21:44 . 2009-04-19 20:10 -------- d-----w- c:\program files\Windows Live Safety Center

2009-11-07 21:15 . 2009-04-24 15:10 -------- d-----w- c:\documents and settings\Killer Queen\Application Data\FrostWire

2009-11-07 18:03 . 2009-03-28 15:59 -------- d-----w- c:\program files\Messenger Plus! Live

2009-11-06 00:33 . 2009-03-28 15:20 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin

2009-11-05 21:05 . 2009-03-28 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8

2009-10-25 10:53 . 2004-08-04 12:00 91836 ----a-w- c:\windows\system32\perfc013.dat

2009-10-25 10:53 . 2004-08-04 12:00 512196 ----a-w- c:\windows\system32\perfh013.dat

2009-10-15 10:50 . 2009-03-28 16:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2009-10-10 14:17 . 2009-10-10 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia

2009-10-10 14:16 . 2009-08-02 17:20 -------- d-----w- c:\program files\Common Files\Nokia

2009-10-10 14:16 . 2009-06-12 16:35 -------- d-----w- c:\program files\Nokia

2009-10-10 14:15 . 2009-10-10 14:15 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\Sleep.exe

2009-10-10 14:15 . 2009-10-10 14:15 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\msxml6Exec.exe

2009-10-10 14:15 . 2009-10-10 14:15 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\vcredistExec.exe

2009-10-10 14:15 . 2009-06-12 16:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations

2009-10-10 13:24 . 2009-10-10 14:16 24501456 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\NokiaSoftwareUpdaterSetup_en.exe

2009-09-27 16:44 . 2009-04-19 19:28 172032 ----a-w- c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\FlashGot.exe

2009-09-25 05:58 . 2004-08-04 12:00 665088 ----a-w- c:\windows\system32\wininet.dll

2009-09-25 05:58 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll

2009-09-23 12:55 . 2009-10-29 16:37 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys

2009-09-15 08:26 . 2009-07-12 23:57 -------- d-----w- c:\program files\Steam

2009-09-11 14:37 . 2004-08-04 12:00 133632 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-04 20:47 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll

2009-09-01 10:28 . 2009-09-27 16:44 65536 ----a-w- c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\extensions\fotofox@mozilla.com\platform\WINNT_x86-msvc\components\mozFotofox.dll

2009-08-26 08:16 . 2004-08-04 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll

2009-08-24 08:25 . 2009-08-24 08:24 8 ----a-w- c:\windows\system32\nvModes.dat

2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL

2009-08-16 09:09 . 2009-03-28 16:37 11952 ----a-w- c:\windows\system32\avgrsstx.dll

2009-08-16 09:09 . 2009-03-28 16:37 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2009-08-16 09:09 . 2009-03-28 16:37 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2006-05-06 16:42 . 2009-04-19 18:10 7260160 ----a-w- c:\program files\mozilla firefox\plugins\libvlc.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"ISPMonitor"="c:\program files\ISP Monitor\isp.exe" [2009-05-03 422496]

"Netlog Music Tool"="c:\program files\Netlog Music Tool\NetlogMusicTool.exe" [2009-05-02 1728456]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]

"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-12 8429568]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-12 81920]

"GamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-02-14 380928]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-05 2028312]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-24 148888]

"ToolBoxFX"="c:\program files\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2007-03-26 53248]

"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-03-21 16126464]

"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-04-12 1626112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

c:\documents and settings\Killer Queen\Menu Start\Programma's\Opstarten\

Xfire.lnk - c:\program files\Xfire\xfire.exe [2009-11-6 3152272]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Office-Bibliothek-Direktsuche.lnk - c:\program files\Office-Bibliothek\PCLib.exe [2009-6-5 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-08-16 09:09 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\ICQ6.5\\ICQ.exe"=

"c:\\Program Files\\Xfire\\xfire.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\hp_LJ3050-3052-3055-3390-3392_Full_Solution\\setup\\hppniprint01.exe"=

"c:\\hp_LJ3050-3052-3055-3390-3392_Full_Solution\\setup\\hpntwkexe.exe"=

"c:\\Program Files\\Mozilla Thunderbird\\thunderbird.exe"=

"c:\\Program Files\\FrostWire\\FrostWire.exe"=

"c:\\Program Files\\mIRC\\mirc.exe"=

"c:\\Program Files\\Steam\\steamapps\\killer_queen_666\\counter-strike\\hl.exe"=

"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [29/10/2009 17:37 64288]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [28/03/2009 17:37 335240]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [28/03/2009 17:37 108552]

R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [28/03/2009 17:37 908056]

R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [28/03/2009 17:37 297752]

R2 ISPMonitorSrv;ISP Monitor;c:\program files\ISP Monitor\ISPMonitorSrv.exe [22/08/2007 23:55 36864]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1179232]

R3 ovt530;Webcam Deluxe;c:\windows\system32\drivers\ov530vid.sys [28/03/2009 16:46 161792]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [27/10/2009 20:24 133104]

S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [28/03/2009 15:56 38656]

S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\progra~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS [28/03/2009 16:27 17149]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [18/06/2009 22:31 136704]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - MBR

*NewlyCreated* - PROCEXP113

*Deregistered* - mbr

*Deregistered* - PROCEXP113

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08

.

Inhoud van de 'Gedeelde Taken' map

2009-11-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 16:35]

2009-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-27 19:24]

2009-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-27 19:24]

2009-11-10 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

2009-11-11 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uInternet Connection Wizard,ShellNext = hxxp://www.gameguard.co.kr/gameguard/faq/eng/FAQ_3xx.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MI699F~1\OFFICE11\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be

FF - component: c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll

FF - component: c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll

FF - component: c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\extensions\fotofox@mozilla.com\platform\WINNT_x86-msvc\components\mozFotofox.dll

FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npvlc.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

.

- - - - ORPHANS VERWIJDERD - - - -

AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-11-11 18:14

Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x867681F8]<<

kernel: MBR read successfully

detected MBR rootkit hooks:

\Driver\atapi -> 0x867681f8

Warning: possible MBR rootkit infection !

user & kernel MBR OK

Use "Recovery Console" command "fixmbr" to clear infection !

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|þ»Ñw*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'explorer.exe'(2356)

c:\program files\Xfire\xfire_toucan_40120.dll

c:\windows\system32\msi.dll

.

Voltooingstijd: 2009-11-11 18:15

ComboFix-quarantined-files.txt 2009-11-11 17:15

Pre-Run: 694.633.787.392 bytes beschikbaar

Post-Run: 695.806.763.008 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 565815DA9C0EEC9244E1F72EA234E9F4

Dankjewel, alsjeblief

Je had er wel even mogen bijzeggen dat het alle lopende programma's sluit, best vervelend :/

ComboFix 09-11-11.01 - Killer Queen 11/11/2009 18:10.1.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.32.1043.18.1023.520 [GMT 1:00]

Gestart vanuit: c:\program files\Programs\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\recycler\S-1-5-21-1004336348-261903793-839522115-1003

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-10-11 to 2009-11-11 ))))))))))))))))))))))))))))))

.

2009-11-10 12:38 . 2009-11-10 12:38 -------- d-----w- c:\documents and settings\Killer Queen\Application Data\Malwarebytes

2009-11-10 12:38 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-11-10 12:38 . 2009-11-10 12:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-11-10 12:38 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-11-10 12:38 . 2009-11-10 13:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-11-07 18:47 . 2009-11-07 18:47 -------- d-----w- c:\program files\Trend Micro

2009-11-06 02:14 . 2009-11-06 02:14 41872 ----a-w- c:\windows\system32\xfcodec.dll

2009-11-05 21:06 . 2009-11-05 21:06 -------- d-----w- c:\program files\Microsoft

2009-10-29 19:40 . 2009-10-29 16:37 15880 ----a-w- c:\windows\system32\lsdelete.exe

2009-10-29 16:36 . 2009-10-29 16:36 5908024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll

2009-10-29 16:36 . 2009-10-29 16:36 327000 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll

2009-10-29 16:36 . 2009-10-29 16:36 87496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll

2009-10-29 16:36 . 2009-10-29 16:36 933120 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll

2009-10-29 16:36 . 2009-10-29 16:36 640608 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe

2009-10-29 16:35 . 2009-10-29 16:35 815760 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe

2009-10-29 16:35 . 2009-10-29 16:35 822904 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe

2009-10-29 16:35 . 2009-10-29 16:35 1638104 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe

2009-10-29 16:34 . 2009-10-29 16:35 788368 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe

2009-10-29 16:31 . 2009-10-29 16:34 1179232 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe

2009-10-29 16:26 . 2009-10-29 16:26 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}

2009-10-29 16:26 . 2009-10-03 08:15 2924848 -c--a-w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe

2009-10-29 16:26 . 2009-10-29 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2009-10-29 16:26 . 2009-10-29 16:26 -------- d-----w- c:\program files\Lavasoft

2009-10-27 19:29 . 2009-10-27 19:29 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google

2009-10-27 19:24 . 2009-11-05 21:29 -------- d-----w- c:\documents and settings\Killer Queen\Local Settings\Application Data\Temp

2009-10-27 19:24 . 2009-10-27 19:24 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google

2009-10-27 19:24 . 2009-11-07 21:34 -------- d-----w- c:\documents and settings\Killer Queen\Local Settings\Application Data\Google

2009-10-27 19:24 . 2009-10-27 19:26 -------- d-----w- c:\program files\Google

2009-10-21 07:28 . 2009-10-21 07:27 2064152 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll

2009-10-17 10:45 . 2009-10-17 10:44 2025752 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgtray.exe

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-11-11 17:05 . 2009-08-28 15:44 -------- d-----r- c:\program files\Programs

2009-11-11 14:47 . 2009-03-28 15:54 -------- d-----w- c:\program files\Mozilla Thunderbird

2009-11-11 02:47 . 2009-04-19 18:43 -------- d-----w- c:\program files\Xfire

2009-11-10 10:14 . 2009-04-19 18:43 -------- d-----w- c:\documents and settings\Killer Queen\Application Data\Xfire

2009-11-10 00:16 . 2009-04-19 18:47 -------- d-----w- c:\documents and settings\Killer Queen\Application Data\Skype

2009-11-09 23:06 . 2009-04-19 18:52 -------- d-----w- c:\documents and settings\Killer Queen\Application Data\skypePM

2009-11-07 21:44 . 2009-04-19 20:10 -------- d-----w- c:\program files\Windows Live Safety Center

2009-11-07 21:15 . 2009-04-24 15:10 -------- d-----w- c:\documents and settings\Killer Queen\Application Data\FrostWire

2009-11-07 18:03 . 2009-03-28 15:59 -------- d-----w- c:\program files\Messenger Plus! Live

2009-11-06 00:33 . 2009-03-28 15:20 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin

2009-11-05 21:05 . 2009-03-28 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8

2009-10-25 10:53 . 2004-08-04 12:00 91836 ----a-w- c:\windows\system32\perfc013.dat

2009-10-25 10:53 . 2004-08-04 12:00 512196 ----a-w- c:\windows\system32\perfh013.dat

2009-10-15 10:50 . 2009-03-28 16:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2009-10-10 14:17 . 2009-10-10 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia

2009-10-10 14:16 . 2009-08-02 17:20 -------- d-----w- c:\program files\Common Files\Nokia

2009-10-10 14:16 . 2009-06-12 16:35 -------- d-----w- c:\program files\Nokia

2009-10-10 14:15 . 2009-10-10 14:15 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\Sleep.exe

2009-10-10 14:15 . 2009-10-10 14:15 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\msxml6Exec.exe

2009-10-10 14:15 . 2009-10-10 14:15 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\vcredistExec.exe

2009-10-10 14:15 . 2009-06-12 16:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations

2009-10-10 13:24 . 2009-10-10 14:16 24501456 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\NokiaSoftwareUpdaterSetup_en.exe

2009-09-27 16:44 . 2009-04-19 19:28 172032 ----a-w- c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\FlashGot.exe

2009-09-25 05:58 . 2004-08-04 12:00 665088 ----a-w- c:\windows\system32\wininet.dll

2009-09-25 05:58 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll

2009-09-23 12:55 . 2009-10-29 16:37 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys

2009-09-15 08:26 . 2009-07-12 23:57 -------- d-----w- c:\program files\Steam

2009-09-11 14:37 . 2004-08-04 12:00 133632 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-04 20:47 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll

2009-09-01 10:28 . 2009-09-27 16:44 65536 ----a-w- c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\extensions\fotofox@mozilla.com\platform\WINNT_x86-msvc\components\mozFotofox.dll

2009-08-26 08:16 . 2004-08-04 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll

2009-08-24 08:25 . 2009-08-24 08:24 8 ----a-w- c:\windows\system32\nvModes.dat

2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL

2009-08-16 09:09 . 2009-03-28 16:37 11952 ----a-w- c:\windows\system32\avgrsstx.dll

2009-08-16 09:09 . 2009-03-28 16:37 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2009-08-16 09:09 . 2009-03-28 16:37 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2006-05-06 16:42 . 2009-04-19 18:10 7260160 ----a-w- c:\program files\mozilla firefox\plugins\libvlc.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"ISPMonitor"="c:\program files\ISP Monitor\isp.exe" [2009-05-03 422496]

"Netlog Music Tool"="c:\program files\Netlog Music Tool\NetlogMusicTool.exe" [2009-05-02 1728456]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]

"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-12 8429568]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-12 81920]

"GamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-02-14 380928]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-05 2028312]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-24 148888]

"ToolBoxFX"="c:\program files\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2007-03-26 53248]

"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-03-21 16126464]

"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-04-12 1626112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

c:\documents and settings\Killer Queen\Menu Start\Programma's\Opstarten\

Xfire.lnk - c:\program files\Xfire\xfire.exe [2009-11-6 3152272]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Office-Bibliothek-Direktsuche.lnk - c:\program files\Office-Bibliothek\PCLib.exe [2009-6-5 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-08-16 09:09 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\ICQ6.5\\ICQ.exe"=

"c:\\Program Files\\Xfire\\xfire.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\hp_LJ3050-3052-3055-3390-3392_Full_Solution\\setup\\hppniprint01.exe"=

"c:\\hp_LJ3050-3052-3055-3390-3392_Full_Solution\\setup\\hpntwkexe.exe"=

"c:\\Program Files\\Mozilla Thunderbird\\thunderbird.exe"=

"c:\\Program Files\\FrostWire\\FrostWire.exe"=

"c:\\Program Files\\mIRC\\mirc.exe"=

"c:\\Program Files\\Steam\\steamapps\\killer_queen_666\\counter-strike\\hl.exe"=

"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [29/10/2009 17:37 64288]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [28/03/2009 17:37 335240]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [28/03/2009 17:37 108552]

R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [28/03/2009 17:37 908056]

R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [28/03/2009 17:37 297752]

R2 ISPMonitorSrv;ISP Monitor;c:\program files\ISP Monitor\ISPMonitorSrv.exe [22/08/2007 23:55 36864]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1179232]

R3 ovt530;Webcam Deluxe;c:\windows\system32\drivers\ov530vid.sys [28/03/2009 16:46 161792]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [27/10/2009 20:24 133104]

S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [28/03/2009 15:56 38656]

S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\progra~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS [28/03/2009 16:27 17149]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [18/06/2009 22:31 136704]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - MBR

*NewlyCreated* - PROCEXP113

*Deregistered* - mbr

*Deregistered* - PROCEXP113

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08

.

Inhoud van de 'Gedeelde Taken' map

2009-11-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 16:35]

2009-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-27 19:24]

2009-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-27 19:24]

2009-11-10 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

2009-11-11 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uInternet Connection Wizard,ShellNext = hxxp://www.gameguard.co.kr/gameguard/faq/eng/FAQ_3xx.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MI699F~1\OFFICE11\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be

FF - component: c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll

FF - component: c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll

FF - component: c:\documents and settings\Killer Queen\Application Data\Mozilla\Firefox\Profiles\hp83rv43.default\extensions\fotofox@mozilla.com\platform\WINNT_x86-msvc\components\mozFotofox.dll

FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npvlc.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

.

- - - - ORPHANS VERWIJDERD - - - -

AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-11-11 18:14

Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x867681F8]<<

kernel: MBR read successfully

detected MBR rootkit hooks:

\Driver\atapi -> 0x867681f8

Warning: possible MBR rootkit infection !

user & kernel MBR OK

Use "Recovery Console" command "fixmbr" to clear infection !

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|þ»Ñw*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'explorer.exe'(2356)

c:\program files\Xfire\xfire_toucan_40120.dll

c:\windows\system32\msi.dll

.

Voltooingstijd: 2009-11-11 18:15

ComboFix-quarantined-files.txt 2009-11-11 17:15

Pre-Run: 694.633.787.392 bytes beschikbaar

Post-Run: 695.806.763.008 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 565815DA9C0EEC9244E1F72EA234E9F4

Dat dacht ik al.

mbam laten lopen, ik post de oude log, alles is netjes nu.

Maar m'n probleem blijft.

Misschien hebben jullie meer succes met het zoeken van gelijkaardige problemen op Google?

Nieuwe HJT log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:32:12, on 10/11/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\ATKKBService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\ISP Monitor\isp.exe

C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\Xfire\xfire.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = nProtect Gameguard FAQ

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [GamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files\ISP Monitor\isp.exe

O4 - HKCU\..\Run: [Netlog Music Tool] "C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe"

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe

O4 - Global Startup: Office-Bibliothek-Direktsuche.lnk = C:\Program Files\Office-Bibliothek\PCLib.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI699F~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI699F~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 8299 bytes

Oude mbam log, die is nu leeg na de fix

Malwarebytes' Anti-Malware 1.41

Database version: 3138

Windows 5.1.2600 Service Pack 2

10/11/2009 14:07:40

mbam-log-2009-11-10 (14-07-36).txt

Scan type: Quick Scan

Objects scanned: 124975

Time elapsed: 8 minute(s), 14 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 26

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 11

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

C:\Documents and Settings\Killer Queen\Application Data\FunWebProducts (Adware.MyWebSearch) -> No action taken.

C:\Documents and Settings\Killer Queen\Application Data\FunWebProducts\Data (Adware.MyWebSearch) -> No action taken.

C:\Documents and Settings\Killer Queen\Application Data\FunWebProducts\Data\Killer Queen (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.

Files Infected:

C:\Documents and Settings\Killer Queen\Application Data\FunWebProducts\Data\Killer Queen\avatar.dat (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

Dank je. Ik doe m'n best :]

Nieuwe HJT log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:32:12, on 10/11/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\ATKKBService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\ISP Monitor\isp.exe

C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\Xfire\xfire.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = nProtect Gameguard FAQ

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [GamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files\ISP Monitor\isp.exe

O4 - HKCU\..\Run: [Netlog Music Tool] "C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe"

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe

O4 - Global Startup: Office-Bibliothek-Direktsuche.lnk = C:\Program Files\Office-Bibliothek\PCLib.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI699F~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI699F~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 8299 bytes

Oude mbam log, die is nu leeg na de fix

Malwarebytes' Anti-Malware 1.41

Database version: 3138

Windows 5.1.2600 Service Pack 2

10/11/2009 14:07:40

mbam-log-2009-11-10 (14-07-36).txt

Scan type: Quick Scan

Objects scanned: 124975

Time elapsed: 8 minute(s), 14 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 26

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 11

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

C:\Documents and Settings\Killer Queen\Application Data\FunWebProducts (Adware.MyWebSearch) -> No action taken.

C:\Documents and Settings\Killer Queen\Application Data\FunWebProducts\Data (Adware.MyWebSearch) -> No action taken.

C:\Documents and Settings\Killer Queen\Application Data\FunWebProducts\Data\Killer Queen (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.

Files Infected:

C:\Documents and Settings\Killer Queen\Application Data\FunWebProducts\Data\Killer Queen\avatar.dat (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

Probleem blijft wel...

Maar mijn gameguard functioneert nog helemaal.

...heeft dit nog te maken met mijn oorspronkelijk probleem?

Ik weet wat GameGuard is en zou het toch liever op m'n comp laten zodat m'n game goed functioneert

De anderen zijn eruit weg, maar nog geen verbetering zichtbaar

(wel nog niet herstart mr dno of dat gaat uitmaken.)

Jaja, het blijft een mysterie

Moest even een logje maken voor een probleem dat ik bij netwerken gepost heb.

http://www.pc-helpforum.be/f168/google-doet-vreemd-na-terug-knop-18851/

Maar eigenlijk mag alle rotzooi er gwn uit.

Alvast bedankt

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:47:28, on 7/11/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ATKKBService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\ISP Monitor\isp.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\Xfire\xfire.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\SNDVOL32.EXE

C:\VanDale\Grote woordenboeken\Frans\VDFN.exe

C:\VanDale\Grote woordenboeken\Engels\VDEN.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\Winamp\winamp.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = nProtect Gameguard FAQ

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [GamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files\ISP Monitor\isp.exe

O4 - HKCU\..\Run: [Netlog Music Tool] "C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe"

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe

O4 - Global Startup: Free WebSite Tools.lnk = ?

O4 - Global Startup: Office-Bibliothek-Direktsuche.lnk = C:\Program Files\Office-Bibliothek\PCLib.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI699F~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI699F~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 8460 bytes

Komen die experts dan kijken naar mijn nederige thread ?

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:47:28, on 7/11/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ATKKBService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\ISP Monitor\isp.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\Xfire\xfire.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\SNDVOL32.EXE

C:\VanDale\Grote woordenboeken\Frans\VDFN.exe

C:\VanDale\Grote woordenboeken\Engels\VDEN.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\Winamp\winamp.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = nProtect Gameguard FAQ

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [GamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files\ISP Monitor\isp.exe

O4 - HKCU\..\Run: [Netlog Music Tool] "C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe"

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe

O4 - Global Startup: Free WebSite Tools.lnk = ?

O4 - Global Startup: Office-Bibliothek-Direktsuche.lnk = C:\Program Files\Office-Bibliothek\PCLib.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI699F~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI699F~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 8460 bytes

Ehm. Ik gebruik de gewone Google ... ?

Ik heb uiteraard de laatste versie van Firefox gedownload.

Heb het niet met andere sites aan de hand, en net andere zoekmachines geprobeerd, daar gaat het prima.

Vergeten te vermelden: heel soms stuurt hij me ook terug naar de pagina van Google Dark, zonder de resultaten die ik eerder had.

Hello allemaal

Zo. Lang geleden dat ik hier nog was.

Eigenlijk is dat maar goed zo!

Ik ben hier altijd goed geholpen en ik hoop dat dat deze keer weer lukt!

Mijn probleem is het volgende, al sinds enige tijd doet mijn googlezoekopdracht vreemd.

Ik voer een zoekopdracht in, kies een willekeurige eerste site om te bekijken, maar als ik nadien terugkeer met de terugknop / backbutton, krijg ik een "geschud beeld" als het ware, helemaal zonder layout.

Ik stop er screenshotjes bij om duidelijk te maken wat ik bedoel.

Het is nu al enige tijd aan de gang en ik kan me niet herinneren wat ik veranderd of aangepast zou hebben dat deze verandering teweeg heeft gebracht. Uiteindelijk vond ik het zo vervelend (omdat het gewoon zo onoverzichtelijk is :s ) dat ik beslist heb van dit onderwerp te starten, mijn searches op Google waren erg vruchtloos.

Wat heb ik al geprobeerd? IE, daar doet het probleem zich niet voor. Firefox uninstallen en herinstallen en ook firefox proberen runnen zonder thema. Daar kan het dus alvast niet aan liggen.

Zo mijn beste computervriendjes, heb ik een kluif voor jullie! :]

Ik ben benieuwd of we eruit geraken.

Alvast bedankt

Killer Queen xx

Er komt al een nieuwe iPhone uit

Ik ken en gebruik CCleaner al lang,

maar Firefox heb ik daarbij voor een of andere reden over het hoofd gezien

Thread mag dicht.. denk ik

Sorry leroy

Normaal doe ik het ook altijd zo,

maar deze keer liep er dus telkens iets mis.

CCleaner deed het wel, bedankt Serge.

Kan ik die logs hier zomaar laten staan?

Okay

stond niet aangevinkt, maar heb het effe aangevinkt en dan maar weggedaan.

Heb nog steeds het probleem dat ik m'n downloadgeschiedenis/cache van Ff niet leeg krijg?

O help nee, dat moet nog een hele oude laninstelling zijn :|

Hoe krijg ik die weg?

Goh ja, het ding is, de functies die bij de toolbar komen zijn wel handig,

enkel de toolbar zelf niet.

Wss toch herinstallen

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:47:51, on 1/06/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\ATKKBService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\UAService7.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\ISP Monitor\isp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ICQ6\ICQ.exe

C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\Belkinwcui.exe

C:\Program Files\Rainlendar\Rainlendar.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.fom.be:80

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [GamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files\ISP Monitor\isp.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [iCQ] "C:\Program Files\ICQ6\ICQ.exe" silent

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Belkin Wireless Utility.lnk = ?

O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{DDE93404-823B-4C8A-BF20-D7AAAFB8C482}: NameServer = 172.16.1.1,172.16.1.2

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--

End of file - 9448 bytes

Jep, nu deed ie het wel, bedankt.

---RVAXO.exe Updated: 2008-05-29---first run---

Uninstallers:

Files found:

C:\WINDOWS\system32\netlogun.exe

Folders Found:

Hosts-file was reset, If you use a custom hosts file please replace it...

--------------RVAXO.exe last run---------------

Not deleted items:

--------------RVAXO.exe finished----------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:47:51, on 1/06/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\ATKKBService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\UAService7.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\ISP Monitor\isp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ICQ6\ICQ.exe

C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\Belkinwcui.exe

C:\Program Files\Rainlendar\Rainlendar.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.fom.be:80

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [GamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files\ISP Monitor\isp.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [iCQ] "C:\Program Files\ICQ6\ICQ.exe" silent

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Belkin Wireless Utility.lnk = ?

O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{DDE93404-823B-4C8A-BF20-D7AAAFB8C482}: NameServer = 172.16.1.1,172.16.1.2

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--

End of file - 9448 bytes

Nounou...

Ik weet niet of het aan mij ligt, maar ik snap je probleem niet.

Kan je dat ietsje uitgebreider formuleren?

Gahhh

Heb ik een sirftolbar geïnstallerd, dcaht, da's lekker handig, niet dus.

Krijg ik dat ding weg zonder reinstall :s ?

Java updates wel...

Updates van Microsoft niet.

Van al die updates van MS ben je wel vanaf als je een XP cd slipstreamed met SP3.

Werkt je XP trouwens ook sneller

En als je daaraan zou denken van het te doen kan je gelijk alle drivers van je pc erbij doen. Ben je in 1 keer klaar met te herinstalleren van XP.

En heb je de logjes, of ben je van alles meteen de eerste keer vanaf?

AVG is updated

Java is updated

En RVAXO ... krijg ik gewoon niet geopend, ik heb het al 2x gedownload, ik heb geherstart, ik krijg een enkele flits te zien van dat prog en dan is het weg :/

dit kun je gewoon doen door bovenin op Extra te klikken en dan op privé gegevens opruimen

dan alle hokjes uitvinken behalve het hokje waar achter staat:

Downloadgeschiedenis

dan gewoon op OK klikken en je downloadgeschiedenis is weer helemaal leeg.[...]

Hehe, dat dacht jij ...

niet dus :s ideetje?

Waw, grondig

Bedankt Serge,

je hoort nog van me

Trouwens, ik wou nog wat rommel deleten via control panel - software

en ik zie daar allerlei updatefiles tussenstaan, zoals voor windows,

mag ik die eigenlijk verwijderen?

*edit*

Wou ook m'n downloadgeschiedenis in FF leegmaken (is dit de cache?)

maar het clean-upknopje in het downloadvenster doet het niet,

iemand een idee?

Ok Masters, bedankt!

Ik had zelf nog zo goed gezocht voor ik dit postte, blijkbaar niet goed genoeg