Orbie

Die reader_sl.exe is toch het onderdeel van je Adobe Reader en toch niet toevallig reader_s.exe (zonder de l) ?

Was reader_sl.exe, heb het bestand uitgeschakeld via Winpatrol, zodat het niet meer automatisch opstart, en ik voorlopig verder kan werken zonder dat mijn CPU tilt slaat.

Sinds vanmorgen lopen ook deze processen vast (zie ook eerste postin dit topic):

- googletoolbarnotifier.exe

- reader_sl.exe

Vorige problemen zijn ook nog steeds niet opgelost (cmd.exe, jqsnotify.exe)

Kan iemand mij vertellen wat er aan de hand is met mijn laptop ?

Bedankt voor de tip. Probleem van jqsnotify.exe is daarmee omzeild. Al vraag ik mij wel nog steeds af wat de achterliggende reden is van deze hangende programma's.

cmd.exe blijft nog steeds hangen als het opgestart wordt. Wordt dagelijks door mijn backupprogramma gebruikt om de sql-server te stoppen. Dus een oplossing daarvoor zou meer dan welkom zijn.

Bij het opstarten van Firefox wordt ook het proces jqsnotify.exe opgestart. Deze neemt 50% van de CPU in beslag, terwijl het geheugengebruik niet hoger gaat da 84 kb. Het proces beëindigen lukt niet.

Hetzelfde gebeurt ook nog steeds bij het programma cmd.exe

Het proces cmd.exe blijft nog steeds "hangen". Heb ook hetzelfde probleem gehad met jsqnotify.exe.

Ondertussen java versie 6 Update 17 geïnstalleerd. Dus voorlopig afwachten.

Combofix log bestand

ComboFix 09-11-04.02 - noot 04/11/2009 23:00:52.1.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.3063.2417 [GMT 1:00]

Gestart vanuit: C:\Documents and Settings\noot\Bureaublad\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\noot\Application Data\.#

C:\Documents and Settings\noot\Application Data\EurekaLog

C:\Documents and Settings\noot\Application Data\inst.exe

C:\WINDOWS\system32\zip32.dll

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-10-04 to 2009-11-04 ))))))))))))))))))))))))))))))

.

2009-11-04 09:22:58 . 2009-11-04 09:22:58 0 d-----w- C:\Program Files\Trend Micro

2009-10-31 10:55:03 . 2009-11-04 21:48:47 0 d--h--r- C:\Documents and Settings\noot\Onlangs geopend

2009-10-31 09:43:05 . 2009-10-31 09:43:05 0 d-----w- C:\Documents and Settings\noot\Application Data\LEGO Media

2009-10-29 15:46:23 . 2009-10-29 15:44:48 93360 ----a-w- C:\WINDOWS\system32\drivers\SBREDrv.sys

2009-10-22 14:44:35 . 2009-10-29 15:43:59 1638104 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe

2009-10-22 14:44:34 . 2009-10-29 15:43:57 788368 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe

2009-10-22 14:44:32 . 2009-10-29 15:43:55 1179232 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe

2009-10-21 06:56:37 . 2009-08-06 17:23:46 274288 ----a-w- C:\WINDOWS\system32\mucltui.dll

2009-10-20 10:46:53 . 2009-03-26 23:16:28 12672 ----a-w- C:\WINDOWS\system32\drivers\cpuz132_x32.sys

2009-10-20 10:46:51 . 2009-10-20 10:46:51 0 d-----w- C:\Program Files\CPUID

2009-10-20 09:23:01 . 2009-10-20 09:23:01 117760 ----a-w- C:\Documents and Settings\noot\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

2009-10-20 09:20:30 . 2009-10-20 09:20:30 0 d-----w- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2009-10-20 09:18:51 . 2009-10-20 09:18:51 65024 ----a-r- C:\Documents and Settings\noot\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe

2009-10-20 09:18:51 . 2009-10-20 09:18:51 5120 ----a-r- C:\Documents and Settings\noot\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe

2009-10-20 09:18:51 . 2009-10-20 09:18:51 18944 ----a-r- C:\Documents and Settings\noot\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe

2009-10-20 09:18:19 . 2009-10-20 09:18:46 0 d-----w- C:\Program Files\SUPERAntiSpyware

2009-10-20 09:18:19 . 2009-10-20 09:18:19 0 d-----w- C:\Documents and Settings\noot\Application Data\SUPERAntiSpyware.com

2009-10-19 17:00:09 . 2009-10-19 17:00:09 12464 ----a-w- C:\WINDOWS\system32\avgrsstx.dll

2009-10-19 17:00:04 . 2009-10-24 07:31:36 360584 ----a-w- C:\WINDOWS\system32\drivers\avgtdix.sys

2009-10-19 16:59:56 . 2009-10-19 16:59:57 333192 ----a-w- C:\WINDOWS\system32\drivers\avgldx86.sys

2009-10-19 16:59:53 . 2009-10-19 16:59:53 28424 ----a-w- C:\WINDOWS\system32\drivers\avgmfx86.sys

2009-10-19 16:59:22 . 2009-11-04 21:45:59 0 d-----w- C:\WINDOWS\system32\drivers\Avg

2009-10-19 16:57:24 . 2009-11-04 21:36:12 0 d-----w- C:\Documents and Settings\All Users\Application Data\avg9

2009-10-19 15:17:44 . 2009-09-03 09:17:47 15688 ----a-w- C:\WINDOWS\system32\lsdelete.exe

2009-10-19 14:43:29 . 2009-09-23 12:55:23 64288 ----a-w- C:\WINDOWS\system32\drivers\Lbd.sys

2009-10-19 14:37:43 . 2009-10-19 14:37:44 0 dc-h--w- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}

2009-10-19 14:37:43 . 2009-10-03 08:15:32 2924848 -c--a-w- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe

2009-10-19 14:36:20 . 2009-10-19 14:43:11 0 d-----w- C:\Documents and Settings\All Users\Application Data\Lavasoft

2009-10-19 14:36:20 . 2009-10-19 14:36:20 0 d-----w- C:\Program Files\Lavasoft

2009-10-19 07:11:06 . 2009-11-04 10:52:36 0 d-----w- C:\Program Files\FreeRapid-0.83

2009-10-12 12:30:50 . 2009-10-12 12:41:56 0 d-----w- C:\Documents and Settings\noot\Application Data\OPTIsend Print

2009-10-12 12:24:45 . 2009-10-12 12:24:45 0 d-----w- C:\Program Files\Redemption

2009-10-12 12:24:42 . 2009-10-12 12:32:57 0 d-----w- C:\Program Files\OPTIsend Print

2009-10-12 12:23:19 . 2009-10-12 12:19:36 86016 ----a-w- C:\WINDOWS\system32\OPPDPortMonitor.dll

2009-10-10 13:06:22 . 2009-10-10 13:06:24 0 d-----w- C:\Program Files\7-Zip

2009-10-10 12:59:27 . 2009-10-10 12:59:27 0 d-----w- C:\WINDOWS\vbSkinner

2009-10-10 12:48:18 . 2009-10-10 12:46:40 720896 ----a-w- C:\WINDOWS\iun6002ev.exe

2009-10-10 12:47:57 . 2009-10-20 07:20:12 0 d-----w- C:\Program Files\Factuur Bright

2009-10-06 19:34:29 . 2009-10-06 19:34:29 0 d-----w- C:\Program Files\SyncToy 2.0

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-11-04 21:56:42 . 2008-12-09 08:50:16 0 d---a-w- C:\Documents and Settings\All Users\Application Data\TEMP

2009-11-04 21:51:21 . 2009-07-01 09:00:02 0 d-----w- C:\Program Files\Clipboard Swiss-Knife

2009-11-04 20:33:27 . 2009-07-08 12:29:47 0 d-----w- C:\Documents and Settings\noot\Application Data\vlc

2009-11-04 20:05:13 . 2009-02-03 10:48:42 0 d-----w- C:\Documents and Settings\All Users\Application Data\Google Updater

2009-11-04 10:47:28 . 2009-01-24 09:19:19 0 d-----w- C:\Program Files\East-Tec Backup

2009-11-04 08:01:25 . 2009-10-27 11:34:19 0 d-----w- C:\Program Files\Registry Clean Expert

2009-10-28 08:28:08 . 2009-10-28 08:28:08 0 d-----w- C:\Program Files\HowTo-Outlook

2009-10-25 08:21:42 . 2007-10-29 12:00:00 580950 ----a-w- C:\WINDOWS\system32\perfh013.dat

2009-10-25 08:21:40 . 2007-10-29 12:00:00 119282 ----a-w- C:\WINDOWS\system32\perfc013.dat

2009-10-20 10:48:30 . 2009-04-21 10:20:19 0 d-----w- C:\Program Files\FRD

2009-10-20 09:16:26 . 2009-06-05 15:36:39 0 d-----w- C:\Program Files\Common Files\Wise Installation Wizard

2009-10-20 09:15:56 . 2009-09-24 14:52:24 0 d-----w- C:\Program Files\Malwarebytes' Anti-Malware

2009-10-19 14:28:57 . 2008-09-06 08:34:47 0 d-----w- C:\Documents and Settings\noot\Application Data\Comodo

2009-10-19 14:28:46 . 2009-09-29 10:59:59 0 d-----w- C:\Documents and Settings\All Users\Application Data\Comodo

2009-10-19 14:28:44 . 2008-09-06 08:34:46 0 d-----w- C:\Program Files\COMODO

2009-10-19 08:44:24 . 2008-04-03 07:30:15 0 d-----w- C:\Program Files\Common Files\Adobe

2009-10-14 07:31:04 . 2008-04-02 03:29:39 0 d-----w- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2009-10-10 10:25:17 . 2008-04-02 18:40:38 0 d-----w- C:\Documents and Settings\All Users\Application Data\WinZip

2009-10-08 11:22:49 . 2008-12-30 10:43:14 0 d-----w- C:\Program Files\DYMO Label

2009-10-05 07:57:02 . 2009-10-05 07:57:02 0 d-----w- C:\Program Files\Kluwer Uitgevers

2009-10-02 07:13:21 . 2009-03-23 12:26:05 0 d-----w- C:\Documents and Settings\noot\Application Data\ISP Monitor

2009-10-02 07:11:42 . 2009-10-02 07:08:53 0 d-----w- C:\Program Files\ISP Monitor

2009-10-02 07:08:31 . 2009-03-23 12:25:32 737280 ----a-w- C:\WINDOWS\iun6002.exe

2009-10-02 07:06:24 . 2009-10-02 07:05:44 0 d-----w- C:\Program Files\Telemeter 3.0

2009-09-29 10:59:12 . 2009-09-29 10:59:32 87104 ----a-w- C:\WINDOWS\system32\drivers\inspect.sys

2009-09-29 10:59:12 . 2009-09-29 10:59:32 25160 ----a-w- C:\WINDOWS\system32\drivers\cmdhlp.sys

2009-09-29 10:59:12 . 2009-09-29 10:59:32 179792 ----a-w- C:\WINDOWS\system32\guard32.dll

2009-09-29 10:59:12 . 2009-09-29 10:59:32 132296 ----a-w- C:\WINDOWS\system32\drivers\cmdguard.sys

2009-09-29 09:34:44 . 2009-09-29 09:34:44 1398936 ----a-w- C:\Documents and Settings\noot\Application Data\ISL Online Cache\ISL Light Client\1\ISLLightClient.exe

2009-09-28 20:00:16 . 2009-09-28 20:00:16 0 d-----w- C:\Program Files\Kluwer

2009-09-28 19:56:31 . 2009-09-28 10:37:16 0 d-----w- C:\Program Files\Microsoft SQL Server

2009-09-28 19:22:52 . 2008-04-02 18:40:12 0 d-----w- C:\Program Files\Google

2009-09-28 18:30:18 . 2009-09-28 18:30:18 0 d-----w- C:\Documents and Settings\noot\Application Data\VSRevoGroup

2009-09-28 14:31:00 . 2008-08-29 20:51:03 69232 ----a-w- C:\Documents and Settings\Linda\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-09-28 14:28:17 . 2009-09-28 14:28:17 0 d-----w- C:\Documents and Settings\Linda\Application Data\Realtime Soft

2009-09-28 10:37:16 . 2008-04-02 02:31:53 0 d--h--w- C:\Program Files\InstallShield Installation Information

2009-09-28 10:11:58 . 2009-09-28 10:11:58 0 d-----w- C:\Program Files\Kluwer software

2009-09-25 21:11:22 . 2009-09-17 11:28:48 0 d-----w- C:\Program Files\Siemens

2009-09-25 20:54:02 . 2009-09-25 20:54:02 0 d-----w- C:\Documents and Settings\noot\Application Data\Uniblue

2009-09-25 08:34:22 . 2008-04-02 11:29:31 69232 ----a-w- C:\Documents and Settings\noot\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-09-25 08:13:02 . 2008-04-02 03:33:27 0 d-----w- C:\Program Files\Microsoft Works

2009-09-24 14:02:06 . 2009-01-24 19:59:34 0 d-----w- C:\Program Files\a-squared Free

2009-09-24 08:11:12 . 2008-11-17 21:10:12 0 d-----w- C:\Documents and Settings\All Users\Application Data\ExtraFilm

2009-09-23 13:04:17 . 2009-09-23 13:03:40 0 d-----w- C:\Documents and Settings\noot\Application Data\ISL Online Cache

2009-09-21 09:51:08 . 2009-09-21 09:51:08 0 d-----w- C:\Documents and Settings\noot\Application Data\Siemens

2009-09-21 07:54:23 . 2009-09-21 07:54:18 0 d-----w- C:\Program Files\Key Labelling Tool

2009-09-19 07:13:09 . 2009-09-19 07:13:09 0 d-----w- C:\Documents and Settings\noot\Application Data\Office Genuine Advantage

2009-09-16 06:39:06 . 2009-05-27 08:31:26 0 d-----w- C:\Program Files\JaBack8

2009-09-15 07:15:08 . 2009-09-15 07:15:08 0 d-----w- C:\Documents and Settings\noot\Application Data\Add-in Express

2009-09-15 07:14:41 . 2009-09-15 07:14:41 0 d-----w- C:\Program Files\Add-in Express

2009-09-11 14:20:53 . 2007-10-29 12:00:00 136192 ----a-w- C:\WINDOWS\system32\msv1_0.dll

2009-09-11 09:03:50 . 2009-09-11 09:03:50 1028368 ----a-w- C:\Documents and Settings\All Users\Application Data\Comodo\AVWebScanner\DB\mach32.dll

2009-09-11 09:03:48 . 2009-09-11 09:03:48 295184 ----a-w- C:\Documents and Settings\All Users\Application Data\Comodo\AVWebScanner\DB\pkann.dll

2009-09-10 12:54:06 . 2009-01-24 15:27:53 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2009-09-10 12:53:50 . 2009-01-24 15:28:23 19160 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys

2009-09-09 17:28:23 . 2009-09-09 17:28:03 0 d-----w- C:\Program Files\PowerMenu

2009-09-07 19:25:55 . 2008-12-23 14:11:58 0 d-----w- C:\Documents and Settings\noot\Application Data\dvdcss

2009-09-04 21:05:37 . 2007-10-29 12:00:00 58880 ----a-w- C:\WINDOWS\system32\msasn1.dll

2009-08-29 08:00:55 . 2007-10-29 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll

2009-08-26 08:02:17 . 2007-10-29 12:00:00 247326 ----a-w- C:\WINDOWS\system32\strmdll.dll

2009-08-17 21:33:52 . 2009-08-17 21:33:52 1193832 ----a-w- C:\WINDOWS\system32\FM20.DLL

2007-06-21 17:38:52 . 2007-06-21 17:38:52 30280 ----a-w- C:\Program Files\mozilla firefox\plugins\cgpcfg.dll

2007-06-21 17:38:54 . 2007-06-21 17:38:54 79432 ----a-w- C:\Program Files\mozilla firefox\plugins\CgpCore.dll

2007-06-21 17:38:56 . 2007-06-21 17:38:56 71240 ----a-w- C:\Program Files\mozilla firefox\plugins\confmgr.dll

2007-06-21 17:38:58 . 2007-06-21 17:38:58 140872 ----a-w- C:\Program Files\mozilla firefox\plugins\ctxmui.dll

2007-06-21 17:39:14 . 2007-06-21 17:39:14 38472 ----a-w- C:\Program Files\mozilla firefox\plugins\icafile.dll

2007-06-21 17:39:16 . 2007-06-21 17:39:16 46664 ----a-w- C:\Program Files\mozilla firefox\plugins\icalogon.dll

2007-06-21 17:39:18 . 2007-06-21 17:39:18 34376 ----a-w- C:\Program Files\mozilla firefox\plugins\logging.dll

2007-06-21 17:39:58 . 2007-06-21 17:39:58 685640 ----a-w- C:\Program Files\mozilla firefox\plugins\sslsdk_b.dll

2007-06-21 17:40:02 . 2007-06-21 17:40:02 30280 ----a-w- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll

2009-01-31 15:03:44 . 2009-01-31 15:03:44 0 --sha-w- C:\WINDOWS\system32\sys_drv.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Iconoid"="C:\Program Files\Iconoid\iconoid.exe" [2007-02-03 16:38:24 274432]

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-10-12 19:24:50 2000112]

"RegClean Expert Scheduler"="C:\Program Files\Registry Clean Expert\RCHelper.exe" [2009-07-28 03:33:46 606968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-08-10 11:38:48 166424]

"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-08-10 11:38:58 137752]

"ATKOSD2"="C:\Program Files\ATKOSD2\ATKOSD2.exe" [2007-10-17 17:04:00 7737344]

"Autoroute SMTP"="C:\Program Files\Autoroute SMTP\AutoSmtp.exe" [2001-05-16 12:41:18 159744]

"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [2008-01-27 05:38:16 316728]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-08-10 11:39:02 141848]

"Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 16:01:06 90112]

"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 15:31:26 630784]

"ATKHOTKEY"="C:\Program Files\ATK Hotkey\Hcontrol.exe" [2007-07-12 08:25:28 225280]

"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" [2009-09-29 10:58:42 1799952]

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 09:08:30 935288]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-10-03 09:45:05 39792]

"SkyTel"="SkyTel.EXE" - C:\WINDOWS\SkyTel.exe [2007-10-11 09:04:04 1826816]

"RTHDCPL"="RTHDCPL.EXE" - C:\WINDOWS\RTHDCPL.exe [2007-10-25 09:57:56 16855552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 17:02:53 15360]

C:\Documents and Settings\noot\Menu Start\Programma's\Opstarten\

MRU-Blaster Scheduler.lnk - C:\Program Files\MRU-Blaster\scheduler.exe [2003-7-19 118784]

MRU-Blaster Silent Clean.lnk - C:\Program Files\MRU-Blaster\mrublaster.exe [2004-3-28 1216512]

UltraMon.lnk - C:\Program Files\UltraMon\UltraMon.exe [2008-1-15 694040]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\

Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-8-2 2760704]

Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 13:39:22 294400]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 08:13:36 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 13:21:42 548352 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-10-19 17:00:09 12464 ----a-w- C:\WINDOWS\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\WINDOWS\system32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xlkfs.sys]

@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"C:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtPSS.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\AllNetic Working Time Tracker\\WorkingTimeTracker.exe"=

"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"C:\\Program Files\\iTunes\\iTunes.exe"=

"C:\\Documents and Settings\\noot\\Application Data\\Jetro\\JDsClient\\3.63.0.114\\JDsClient.exe"=

"C:\\Program Files\\JaBack8\\jre\\bin\\javaw.exe"=

"C:\\Program Files\\Autoroute SMTP\\AutoSmtp.exe"=

"C:\\Program Files\\UltraVNC\\vncviewer.exe"=

"C:\\Program Files\\UltraVNC\\vncviewer_tab.exe"=

"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5900:TCP"= 5900:TCP:vnc5900

"5800:TCP"= 5800:TCP:vnc5800

R0 Lbd;Lbd;C:\WINDOWS\system32\drivers\Lbd.sys [19/10/2009 15:43:29 64288]

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\drivers\avgldx86.sys [19/10/2009 17:59:56 333192]

R1 AvgTdiX;AVG Free Network Redirector;C:\WINDOWS\system32\drivers\avgtdix.sys [19/10/2009 18:00:04 360584]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\WINDOWS\system32\drivers\cmdguard.sys [29/09/2009 11:59:32 132296]

R1 cmdHlp;COMODO Internet Security Helper Driver;C:\WINDOWS\system32\drivers\cmdhlp.sys [29/09/2009 11:59:32 25160]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [12/10/2009 20:24:54 9968]

R1 SAS***IL;SAS***IL;C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS [12/10/2009 20:24:52 74480]

R1 xlkfs;xlkfs;C:\WINDOWS\system32\drivers\xlkfs.sys [18/06/2009 8:58:00 18432]

R2 ISPMonitorSrv;ISP Monitor;C:\Program Files\ISP Monitor\ISPMonitorSrv.exe [22/08/2007 23:55:16 36864]

R2 MSSQL$KLUWER;MSSQL$KLUWER;C:\Program Files\Microsoft SQL Server\MSSQL$KLUWER\Binn\sqlservr.exe -sKLUWER --> C:\Program Files\Microsoft SQL Server\MSSQL$KLUWER\Binn\sqlservr.exe -sKLUWER [?]

R2 UltraMonUtility;UltraMon Utility Driver;C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [24/09/2006 19:22:52 11776]

R3 SASENUM;SASENUM;C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [12/10/2009 20:24:56 7408]

R3 teamviewervpn;TeamViewer VPN Adapter;C:\WINDOWS\system32\drivers\teamviewervpn.sys [25/01/2008 10:12:34 25088]

R3 UltraMonMirror;UltraMonMirror;C:\WINDOWS\system32\drivers\UltraMonMirror.sys [24/09/2006 19:23:14 3584]

S1 vcdc;VCDC;C:\WINDOWS\system32\DRIVERS\vcdc.sys --> C:\WINDOWS\system32\DRIVERS\vcdc.sys [?]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17:32 1179232]

S3 ACSSCR;ACR38 Smart Card Reader;C:\WINDOWS\system32\drivers\a38usb.sys [19/03/2009 12:26:36 33536]

S3 cpuz132;cpuz132;C:\WINDOWS\system32\drivers\cpuz132_x32.sys [20/10/2009 11:46:53 12672]

S3 EMVSCARD;EMVSCARD;C:\WINDOWS\system32\drivers\EMVSCARD.sys [18/09/2006 15:12:36 20269]

S3 isdnusb;ISDN USB Driver;C:\WINDOWS\system32\DRIVERS\isdnusb.sys --> C:\WINDOWS\system32\DRIVERS\isdnusb.sys [?]

S3 SQLAgent$KLUWER;SQLAgent$KLUWER;C:\Program Files\Microsoft SQL Server\MSSQL$KLUWER\Binn\sqlagent.EXE -i KLUWER --> C:\Program Files\Microsoft SQL Server\MSSQL$KLUWER\Binn\sqlagent.EXE -i KLUWER [?]

S3 usbcdc;Serial USB CDC Driver;C:\WINDOWS\system32\DRIVERS\usbcdc.sys --> C:\WINDOWS\system32\DRIVERS\usbcdc.sys [?]

S4 TeamViewer4;TeamViewer 4;C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [27/05/2009 13:38:28 185640]

S4 VMCService;Vodafone Mobile Connect Service;C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [4/07/2008 12:52:18 14336]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - PROCEXP113

*Deregistered* - PROCEXP113

.

Inhoud van de 'Gedeelde Taken' map

2009-11-04 C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:06:13 . 2009-10-29 15:44:01]

2009-11-04 C:\WINDOWS\Tasks\Controleren op updates voor Windows Live Toolbar.job

- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 13:54:46 . 2007-02-12 13:54:46]

2009-11-04 C:\WINDOWS\Tasks\Google Software Updater.job

- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-02 18:40:15 . 2009-03-22 14:43:37]

2009-11-03 C:\WINDOWS\Tasks\SyncBack backups Kluwerdata van Server naar Asus.job

- C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe [2009-06-05 22:45:07 . 2008-08-12 10:00:06]

2009-11-03 C:\WINDOWS\Tasks\SyncBack Emails van Asus naar Server.job

- C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe [2009-06-05 22:45:07 . 2008-08-12 10:00:06]

2009-11-03 C:\WINDOWS\Tasks\SyncBack Kluwer van Asus naar Server.job

- C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe [2009-06-05 22:45:07 . 2008-08-12 10:00:06]

2009-11-04 C:\WINDOWS\Tasks\User_Feed_Synchronization-{90FA1E13-C16D-49E0-BA21-894840B76FE2}.job

- C:\WINDOWS\system32\msfeedssync.exe [2007-08-13 16:36:40 . 2009-03-08 02:31:54]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - Sign In

IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: {{A28A0545-4B15-4AC0-B4A4-118ACA2A7317} - {546403CE-6D0C-4357-BA75-F0169B3AB539} - C:\PROGRA~1\SCARABAY\scielib.dll

Trusted Zone: fgov.be\*.minfin

DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll

DPF: {B7C49732-4761-4A66-9945-BAF55E98E0E4} - hxxp://194.78.229.132/cockpit/webclient//JDsAx.cab

DPF: {E62A8B6B-D91C-457C-B1FB-20CC2D96B4EC} - hxxp://eu1.download.comodo.com/avs/ComodoAVScanner.cab

FF - ProfilePath - C:\Documents and Settings\noot\Application Data\Mozilla\Firefox\Profiles\h1tq6l90.default\

FF - component: C:\Program Files\Comodo\HopSurfToolbar\hopsurfext_ff3\components\hopsurf.dll

FF - plugin: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: C:\Program Files\Microsoft\Office Live\npOLW.dll

FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npicaN.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

**************************************************************************

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden:

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(1456)

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

.

Voltooingstijd: 2009-11-04 23:18:44

ComboFix-quarantined-files.txt 2009-11-04 22:17:40

Jotti's malware scan

Bestandsnaam: scielib.dll Status: Scan voltooid. 0 uit 21 scanners vonden malware.

Scan genomen op: wo 4 nov 2009 21:37:53 (CET) Permalink

Ik heb al een tijdje last van een vreemd fenomeen op mijn laptop met windows XP Pro.

Bepaalde toepassingen blijkten niet op te starten. Wel is het proces zichtbaar in Windows taakbeheer. het proces gebruikt 50% van de CPU terwijl het geheugen gebruik blijft hangen op 84kb.

Ik kan het proces niet beëindigen via taakbeheer en ben verplicht om mijn laptop te herstarten om het probleem op te lossen.

Volgende programma's hadden er al last van: mijn boekhoudprogramma, winzip, winrar en nu ook cmd.exe. Het boekhoudprogramma heb ik na volledge herinstallatie weer aan de praat gekregen. Winzip en winrar heb ik eraf gegooid.

Kan iemand mij helpen om dit probleem op te lossen?

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:23:28, on 4/11/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\ATKGFNEX\GFNEXSrv.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Microsoft SQL Server\MSSQL$KLUWER\Binn\sqlservr.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\ATKOSD2\ATKOSD2.exe

C:\Program Files\Autoroute SMTP\AutoSmtp.exe

C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Program Files\ATK Hotkey\Hcontrol.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Iconoid\iconoid.exe

C:\Program Files\ATK Hotkey\ATKOSD.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Registry Clean Expert\RCHelper.exe

C:\Program Files\ATK Hotkey\WDC.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Program Files\MRU-Blaster\scheduler.exe

C:\Program Files\UltraMon\UltraMon.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\UltraMon\UltraMonTaskbar.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\PROGRAM FILES\WINDOWS DESKTOP SEARCH\WINDOWSSEARCH.EXE

C:\PROGRAM FILES\ALLNETIC WORKING TIME TRACKER\WORKINGTIMETRACKER.EXE

C:\WINDOWS\system32\taskmgr.exe

C:\PROGRAM FILES\CLIPBOARD SWISS-KNIFE\CLIPSWISSKNIFE.EXE

C:\PROGRAM FILES\ISP MONITOR\ISP.EXE

C:\PROGRAM FILES\EAST-TEC BACKUP\ETBACKUP.EXE

C:\PROGRAM FILES\TELEMETER 3.0\TELEMETER3.EXE

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: HopSurf toolbar - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"

O4 - HKLM\..\Run: [Autoroute SMTP] C:\Program Files\Autoroute SMTP\AutoSmtp.exe

O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1

O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [iconoid] "C:\Program Files\Iconoid\iconoid.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [RegClean Expert Scheduler] "C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe

O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe

O4 - Startup: UltraMon.lnk = C:\Program Files\UltraMon\UltraMon.exe

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: SCARABAY - {A28A0545-4B15-4AC0-B4A4-118ACA2A7317} - C:\PROGRA~1\SCARABAY\scielib.dll

O9 - Extra 'Tools' menuitem: To fill a login and the password - {A28A0545-4B15-4AC0-B4A4-118ACA2A7317} - C:\PROGRA~1\SCARABAY\scielib.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: HopSurf - {ED98F8D1-09AC-4107-B2FF-91DBE011B0C5} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: *.minfin.fgov.be

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab

O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1207148463109

O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll

O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://ccff02.minfin.fgov.be/CCFF_Authentication/views/login/signature/capicom.cab

O16 - DPF: {B7C49732-4761-4A66-9945-BAF55E98E0E4} (COCKPIT Client) - http://194.78.229.132/cockpit/webclient//JDsAx.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {E62A8B6B-D91C-457C-B1FB-20CC2D96B4EC} (Comodo AV Scanner ActiveX) - http://eu1.download.comodo.com/avs/ComodoAVScanner.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--

End of file - 12740 bytes