Kiiim

Hallo iedereen Het begon allemaal toen er een virus op mijn computer verscheen "antimalware doctor". Er sprongen kadertjes op het scherm die me aanraadden om een antivirus scan te doen bij dit programma. Ik vermoedde al dat het een virus was dus heb hier nergens op geklikt. Er sprongen toch meer en meer kadertjes op mijn scherm, en ik kon praktisch niets meer doen. Ik heb de computer herstart en sindsdien is het opstarten van windows mij niet meer gelukt. De computer start op tot het windowsscherm met het laadbalkje, daar crashed hij en start opnieuw op. Ik heb al geprobeerd om in veilige modus op te starten, of op te starten met de laatste juiste figuratie, maar niets lukt. Na dat dit gebeurde heb ik mijn computer moeten verhuizen naar mijn nieuw kot. Ik ben heel voorzichtig geweest, maar toch verschijnt er nu een melding "primary ide-channel no 80 conductor cable installed". Ik heb alle kabeltjes nog eens goed vastgeduwd maar dit lijkt niet te werken. Het virus zal ik zelf wel verwijderd krijgen, moest ik mijn computer nog kunnen opstarten. Maar ik heb niet genoeg kennis van computers om deze zover te krijgen Kan iemand mij helpen? Alvast bedankt Kim x

Bedankt !!

ja hij gaat een heel stuk sneller bedankt (lang geleden dat hij nog zo snel ging) Zeg maar wat ik verder kan doen.

ComboFix 10-03-03.07 - Kim 04/03/2010 16:15:24.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.32.1043.18.511.145 [GMT 1:00] Gestart vanuit: c:\documents and settings\Kim\Mijn documenten\Downloads\ComboFix.exe AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\Kim\LOCALS~1\Temp\IadHide5.dll c:\documents and settings\Kim\Local Settings\Temp\IadHide5.dll c:\windows\system32\ocgvksvw.ini c:\windows\system32\rhxivtjp.ini c:\windows\system32\sjbalqud.ini c:\windows\system32\wdihoiue.ini c:\windows\system32\winlogon.bak c:\windows\system32\xswyecek.ini c:\windows\system32\yyaHgfii.ini c:\windows\system32\yyaHgfii.ini2 . (((((((((((((((((((( Bestanden Gemaakt van 2010-02-04 to 2010-03-04 )))))))))))))))))))))))))))))) . 2010-03-03 18:02 . 2010-03-03 18:02 5115823 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-03-03 13:51 . 2010-03-03 13:51 388096 ----a-r- c:\documents and settings\Kim\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-03-01 18:22 . 2010-03-02 18:25 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-03-01 18:22 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-03-01 18:22 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-03-01 18:22 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-03-01 18:21 . 2010-03-01 18:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-02-23 16:06 . 2010-02-23 16:06 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-02-23 16:06 . 2010-03-01 15:26 -------- d-----w- c:\documents and settings\Kim\Application Data\skypePM 2010-02-23 16:00 . 2010-03-01 18:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2010-02-18 22:16 . 2001-09-06 20:27 5632 ----a-w- c:\windows\system32\ptpusb.dll 2010-02-18 22:16 . 2004-08-04 00:03 159232 ----a-w- c:\windows\system32\ptpusd.dll 2010-02-18 22:15 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys 2010-02-18 22:15 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-03 10:26 . 2009-11-15 21:35 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2010-03-01 18:31 . 2009-11-17 16:28 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2010-02-23 23:31 . 2007-09-10 19:20 -------- d-----w- c:\documents and settings\Kim\Application Data\Azureus 2010-02-12 03:18 . 2009-02-28 12:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-01-21 09:24 . 2009-09-03 08:36 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-12 09:53 . 2007-09-24 15:18 -------- d-----w- c:\documents and settings\Kim\Application Data\dvdcss 2010-01-09 11:29 . 2007-08-24 19:39 -------- d-----w- c:\program files\Java 2010-01-09 11:24 . 2008-10-11 10:12 -------- d-----w- c:\program files\Common Files\Nero 2010-01-07 15:07 . 2008-10-23 16:45 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2008-10-23 16:45 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-05 09:59 . 2004-08-04 12:00 832512 ----a-w- c:\windows\system32\wininet.dll 2010-01-05 09:59 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-01-05 09:59 . 2004-08-04 12:00 17408 ------w- c:\windows\system32\corpol.dll 2009-12-31 16:14 . 2004-08-04 12:00 352640 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-17 23:32 . 2009-12-17 23:32 10134 ----a-r- c:\documents and settings\Kim\Application Data\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe 2009-12-17 08:00 . 2007-08-24 16:35 345600 ----a-w- c:\windows\system32\mspaint.exe 2009-12-15 17:30 . 2004-08-04 12:00 91892 ----a-w- c:\windows\system32\perfc013.dat 2009-12-15 17:30 . 2004-08-04 12:00 511856 ----a-w- c:\windows\system32\perfh013.dat 2009-12-14 22:45 . 2009-12-14 22:18 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2009-12-14 07:37 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-09 07:18 . 2007-08-24 18:03 69488 ----a-w- c:\documents and settings\Kim\Local Settings\Application Data\GDIPFONTCACHEV1.DAT . ------- Sigcheck ------- [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\winlogon.exe [-] 2007-08-25 . 7BBA4CA9E82794985AFFF1D487A42B40 . 504832 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-24 32768] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="soundman.exe" [2001-05-29 124416] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "avgnt"="g:\tijdelijke documente van kim c-schijf\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] c:\documents and settings\Kim\Menu Start\Programma's\Opstarten\ Mediacontrole PMB.lnk - e:\c-schijf vervolg\PMBCore\SPUVolumeWatcher.exe [2009-12-18 333088] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-8-24 450560] Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-9-25 805392] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2008-05-02 00:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Kim^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk] path=c:\documents and settings\Kim\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeVersionCue] 2003-10-13 15:24 1732608 ----a-w- e:\c-schijf vervolg\Adobe CS\Adobe Version Cue\ControlPanel\VersionCueTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HitmanPro35] 2010-03-01 07:33 5637440 ----a-w- c:\program files\Hitman Pro 3.5\hitmanpro2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2008-06-09 08:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "f:\\Call of Duty 2\\CoD2MP_s.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "f:\\TmNationsForever\\TmForever.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [17/11/2009 18:45 64288] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;g:\tijdelijke documente van kim c-schijf\Avira\AntiVir Desktop\sched.exe [1/03/2010 19:22 108289] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?] S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?] S3 zlportio;zlportio;\??\f:\ultrastar deluxe\zlportio.sys --> f:\ultrastar deluxe\zlportio.sys [?] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map 2010-03-04 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2009-12-08 21:18] . . ------- Bijkomende Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Download with Xilisoft YouTube Video Converter - e:\c-schijf vervolg\YouTube Video Converter\upod_link.HTM IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Kim\Application Data\Mozilla\Firefox\Profiles\s1bqqr9k.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q= FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Picasa2\npPicasa2.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS VERWIJDERD - - - - HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe SafeBoot-TDSSmxjt.sys MSConfigStartUp-26576832796311876924641041209218 - c:\program files\XP Antivirus\xpa.exe AddRemove-HitmanPro3 - c:\program files\Hitman Pro 3\hitmanpro3.exe AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\FlashUtil9c.exe AddRemove-{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} - c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-03-04 16:23 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{057AFF8E-18BB-3F80-364CCC2831522BE6}\{99AD5AFA-2676-F639-545B2C570527D246}\{9515C81F-50C9-6ACD-17AF77618A15A8EB}*] "2YZU6HOQSWBQIZDK3IPF14WSWA1"=hex:01,00,01,00,00,00,00,00,d9,97,c3,c2,c2,a1,75, 50,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{0C0DD146-A2A6-BFA4-F4B84228CE730E88}\{718890A1-4FA8-4866-06B3B07592C0C36E}\{C0B10667-122D-45CB-48A7F7AE622314D0}*] "{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,cf,9a,bd, 2e,05,a2,df,09,6f,eb,b2,0d,10,7e,be,a2,65,ca,6e,96,74,3d,d6,bb,2d,3b,24,02,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{41499515-FE1F-2B25-9CCAFA7C1BD1CD4F}\{E760D6E7-B184-EBBF-DA510F4FC9719600}\{4E25D3C0-199C-C2DC-33A6CFCC543E6F29}*] "{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,cf,9a,bd, 2e,05,a2,df,09,6f,eb,b2,0d,10,7e,be,a2,65,ca,6e,96,74,3d,d6,bb,2d,3b,24,02,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{905039D8-D3A1-70A8-DABF0692B94E6EF4}\{2661643E-85BA-F5BF-30DE18451E945353}\{906FFE4B-845A-CA7B-85F7467A0D70268A}*] "2YZU6HOQSWBQIZDK3IPF14WSWA1"=hex:01,00,01,00,00,00,00,00,d9,97,c3,c2,c2,a1,75, 50,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A73A7B6D-D5C7-2D01-6A3ED58A203D5FEA}\{958FE6C0-B367-4AD6-C310294BFC5DB709}\{E2E9EAF6-387C-4947-07B2C800F4ACC9F3}*] "2YZU6HOQSWBQIZDK3IPF14WSWA1"=hex:01,00,01,00,00,00,00,00,d9,97,c3,c2,c2,a1,75, 50,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EE14E6F1-2126-B92D-85C1E367ED532B77}\{B41DACD9-CA91-C5AB-B721AF64407C4FEE}\{02A113E6-1FE6-618B-B5A2DF9FB3CCBD20}*] "{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,cf,9a,bd, 2e,05,a2,df,09,6f,eb,b2,0d,10,7e,be,a2,65,ca,6e,96,74,3d,d6,bb,2d,3b,24,02,\ [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(520) c:\windows\system32\Ati2evxx.dll c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll - - - - - - - > 'explorer.exe'(2620) c:\docume~1\Kim\LOCALS~1\Temp\IadHide5.dll c:\program files\Logitech\SetPoint\lgscroll.dll c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\browselc.dll e:\c-schijf vervolg\FolderSizeColumn.dll c:\program files\Common Files\Nero\SMC\NeroDigitalExt.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe g:\tijdelijke documente van kim c-schijf\Avira\AntiVir Desktop\avguard.exe e:\c-schijf vervolg\FolderSizeSvc.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\soundman.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\program files\Java\jre6\bin\jucheck.exe . ************************************************************************** . Voltooingstijd: 2010-03-04 16:29:21 - machine werd herstart ComboFix-quarantined-files.txt 2010-03-04 15:29 Pre-Run: 4.083.904.512 bytes beschikbaar Post-Run: 4.274.683.904 bytes beschikbaar WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect Current=5 Default=5 Failed=4 LastKnownGood=6 Sets=1,2,3,4,5,6 - - End Of File - - 524BFE74FD33C7559B0FD243D6E6A63D Kan ik dit ook terug verwijderen zodat dit opstartscherm terug verdwijnt?

Hier is het nieuwe logje: Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 07:29, on 4/03/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16981) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\sched.exe G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avguard.exe E:\C-schijf Vervolg\FolderSizeSvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\soundman.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe E:\C-schijf Vervolg\PMBCore\SPUVolumeWatcher.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\Program Files\Mozilla Firefox\firefox.exe G:\Tijdelijke Documente van Kim c-schijf\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN ! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [soundMan] soundman.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Mediacontrole PMB.lnk = E:\C-schijf Vervolg\PMBCore\SPUVolumeWatcher.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - E:\C-schijf Vervolg\YouTube Video Converter\upod_link.HTM O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AdobeVersionCue - Adobe Sytems - E:\C-schijf Vervolg\Adobe CS\Adobe Version Cue\service\VersionCue.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Folder Size (FolderSize) - Brio - E:\C-schijf Vervolg\FolderSizeSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- End of file - 8647 bytes

Hier de log van MBAM: Malwarebytes' Anti-Malware 1.44 Database versie: 3510 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.13 3/03/2010 19:31:37 mbam-log-2010-03-03 (19-31-37).txt Scan type: Snelle Scan Objecten gescand: 115511 Verstreken tijd: 8 minute(s), 44 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 1 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 4 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TDSSserv (Rootkit.Agent) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: C:\WINDOWS\system32\oobe\AntiWPA_Crypt.dll (Hacktool) -> Quarantined and deleted successfully. C:\Documents and Settings\Kim\Favorieten\Malware Defender.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\Kim\Favorieten\Protect Your Privacy.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\Kim\Favorieten\System Error Fixer.url (Rogue.Link) -> Quarantined and deleted successfully. Hier de log van HiJackThis: Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 19:45, on 3/03/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16981) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\sched.exe G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avguard.exe E:\C-schijf Vervolg\FolderSizeSvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\soundman.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe E:\C-schijf Vervolg\PMBCore\SPUVolumeWatcher.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Java\jre6\bin\jucheck.exe G:\Tijdelijke Documente van Kim c-schijf\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN ! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [soundMan] soundman.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Mediacontrole PMB.lnk = E:\C-schijf Vervolg\PMBCore\SPUVolumeWatcher.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - E:\C-schijf Vervolg\YouTube Video Converter\upod_link.HTM O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: bw+0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: offline-8876480 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AdobeVersionCue - Adobe Sytems - E:\C-schijf Vervolg\Adobe CS\Adobe Version Cue\service\VersionCue.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Folder Size (FolderSize) - Brio - E:\C-schijf Vervolg\FolderSizeSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- End of file - 20410 bytes Mijn computer gaat al wel wat sneller!! Kan ik nog iets doen? Alvast bedankt

klopt het dat ik maar één O18 - Protocol: bw+0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll vindt? (omdat je "ALLE" zo benadrukte?) Malwarebytes heb ik al eens opgestart maar ik zal het nog eens doen De logjes volgen direct.. -Kim

De laatste weken gaat mijn computer echt heel traag. Ik heb al enkele dingen geprobeerd (defragmentatie, Ccleaner, virusscans), maar niets lijkt te werken. Zou iemand me kunnen helpen en mjn logfile is kunnen nakijken? Ik begrijp er zelf niet veel van. Alvast bedankt -Kim ---------- Post toegevoegd om 14:57 ---------- Vorige post was om 14:55 ---------- Hier volgt mijn logfile: Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 14:51, on 3/03/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16981) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avguard.exe E:\C-schijf Vervolg\FolderSizeSvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\soundman.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe E:\C-schijf Vervolg\PMBCore\SPUVolumeWatcher.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\WINDOWS\system32\msiexec.exe G:\Tijdelijke Documente van Kim c-schijf\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN ! R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN ! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [soundMan] soundman.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Mediacontrole PMB.lnk = E:\C-schijf Vervolg\PMBCore\SPUVolumeWatcher.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - E:\C-schijf Vervolg\YouTube Video Converter\upod_link.HTM O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: bw+0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: offline-8876480 - {8592F72B-236B-46AD-B69F-1B8193AC2400} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - AppInit_DLLs: avmnmn.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AdobeVersionCue - Adobe Sytems - E:\C-schijf Vervolg\Adobe CS\Adobe Version Cue\service\VersionCue.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - G:\Tijdelijke Documente van Kim c-schijf\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Folder Size (FolderSize) - Brio - E:\C-schijf Vervolg\FolderSizeSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- End of file - 20957 bytes