comodo applicatie agent is niet gestart

Sinds de laatste update krijg ik na enige tijd ( 5 min. tot enkele uren ) ook deze melding. Geel schild met uitroepteken op systeembalk. zie Attach: Comodo fout.jpg
Dit heb ik alleen op mijn desktop met XP pro en niet op mijn laptop met W7 ultimate.
Diagnose geeft geen fouten en cmd agent draait normaal (7804 kB). De eerste keren liep dit soms op tot 200000kB.
Comodo opnieuw starten heeft de melding steeds verder vertraagd.

Het zou wel zo duidelijk zijn als de foutmelding hetzelfde zou zijn als de servicenaam.

Op de laptop van mijn buurman met W7 ultimate, heb ik Comodo daarom verwijderd en Win firewall met Avast ge

[attachment deleted by admin]

Hallo Arnold,

Blijkbaar breekt je bericht af op een vreemd karakter.
Heb je toevallig in je profiel ‘language’ dutch actief staan? zo ja kun je dat beter naar English zetten.
Blijkbaar ondersteund the charset dit niet.


Sinds de laatste update krijg ik na enige tijd ( 5 min. tot enkele uren ) ook deze melding. Geel schild met uitroepteken op systeembalk. zie Attach: Comodo fout.jpg Dit heb ik alleen op mijn desktop met XP pro en niet op mijn laptop met W7 ultimate. Diagnose geeft geen fouten en cmd agent draait normaal (7804 kB). De eerste keren liep dit soms op tot 200000kB. Comodo opnieuw starten heeft de melding steeds verder vertraagd.

Het zou wel zo duidelijk zijn als de foutmelding hetzelfde zou zijn als de servicenaam.

Op de laptop van mijn buurman met W7 ultimate, heb ik Comodo daarom verwijderd en Win firewall met Avast geïnstalleerd omdat het daar ook optrad.

Herinstallatie nog niet geprobeerd.
Ik gebruik CIS al jaren en heb er weinig problemen mee gehad. Ook hyjackthis.log toegevoegd.
ASC en System Mechanic lossen dit niet op.
Momenteel nog geen Comodo fout!

CIS helper service is gestart. RPC is gestart. RPC locater staat handmatig,niet gestart.
Omdat ik gisteren problemen met kopiëren en plakken had, heb ik nu geprobeerd om dit bericht aan te passen. lukt nog steeds niet.
Als ik op SAVE druk komt de niet aangepaste versie weer te voorschijn.
Zal dit nu met mijn laptop proberen en/of verwijderen en nieuw bericht maken.
Verwijderen lukt ook niet meer. Dus compleet nieuwe versie!!!
Overigens krijg ik sinds ± 2weken bij opstarten de melding: Windows-Station niet gereed.

Ik zag dat dit meer voorkomt. Wie helpt? :o :o :o

Logfile of Trend Micro HijackThis v2.0.4 2-feb-2012 13:092-
Scan saved at 15:22:21, on 1-2-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:Program FilesIObitAdvanced SystemCareASCService.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCOMODOCOMODO Internet Securitycmdagent.exe
C:WINDOWSsystem32svchost.exe2-feb-2012 13:08
C:Program FilesBrowserProtectBpSvc.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesIObitIObit Malware FighterIMFsrv.exe
C:Program FilesNetropaMultimedia Keyboardnhksrv.exe
C:Program FilesSUPERAntiSpywareSASCORE.EXE
C:Program FilesSolutosoluto.exe
C:WINDOWSATKKBService.exe
C:Program FilesIObitAdvanced SystemCarePMonitor.exe
C:WINDOWSExplorer.EXE
C:Program FilesioloCommonLibioloServiceManager.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesSecuniaPSIPSIA.exe
C:Program FilesSolutoSolutoService.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCOMODOCOMODO Internet Securitycfp.exe
C:Program FilesSystem EyeSystemEye.exe
C:Program FilesNetropaMultimedia KeyboardMMKeybd.exe
C:Program FilesTrustAMI MOUSE 250SP WIRELESS OPTICALlwbwheel.exe
C:WINDOWSWBMKbdAP.exe
C:Program FilesRocketDockRocketDock.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesHidden MenuHiddenMenu.exe
C:Program FilesDesktopOKDesktopOK.exe
C:Program FilesPOP PeeperPOPPeeper.exe
C:Program FilesIObitAdvanced SystemCareSuo10_SmartRAM.exe
C:Program FilesIObitAdvanced SystemCareASCTray.exe
C:Documents and SettingsasLocal SettingsApplication DataChemTable SoftwareHandy Start MenuHandyStartMenu.exe
C:Program FilesRainlendar2Rainlendar2.exe
C:PROGRA~1SecuniaPSIpsi_tray.exe
C:Program FilesFSLFSL_LauncherFSL_Launcher.exe
C:Program FilesStardockObjectDockFreeObjectDock.exe
C:Program FilesYankee-ClipperYankClip.exe
C:Program FilesNetropaMultimedia KeyboardTrayMon.exe
C:Program FilesNetropaOnscreen DisplayOSD.exe
C:Program FilesIObitSmart Defrag 2SmartDefrag.exe
C:PROGRA~1X-MOUS~1XMOUSE~1.EXE
C:Documents and SettingsasLocal SettingsApplication DataChemTable SoftwareHandy Start MenuStartMenuService.exe
C:Program FilesioloSystem Mechanic ProfessionalSMTrayNotify.exe
C:Program FilesDittoDitto.exe
C:Program FilesSecuniaPSIsua.exe
C:PROGRA~1SpamPalspampal.exe
C:WINDOWSsystem32LVComsX.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesFree Download Managerfdm.exe
C:Program FilesJGsoftEditPadLiteEditPadLite7.exe
C:Program FilesHijackThisHiJackThis.exe
C:WINDOWSsystem32msiexec.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.zeelandnet.nl
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = Bing
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = Bing
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = IE8
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Hot MP3 Toolbar - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:Program FilesHot_MP3prxtbHot0.dll
F2 - REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,C:Program FilesSolutosoluto.exe /userinit
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:Program FilesLastPassLPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.7.7227.1100swg.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:Program FilesFree Download Manageriefdm2.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre7binjp2ssv.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:Program FilesLastPassLPBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O4 - HKLM…Run: [COMODO Internet Security] “C:Program FilesCOMODOCOMODO Internet Securitycfp.exe” -h
O4 - HKLM…Run: [System Eye] C:Program FilesSystem EyeSystemEye.exe
O4 - HKLM…Run: [MULTIMEDIA KEYBOARD] C:Program FilesNetropaMultimedia KeyboardMMKeybd.exe
O4 - HKLM…Run: [LWBMOUSE] C:Program FilesTrustAMI MOUSE 250SP WIRELESS OPTICALlwbwheel.exe
O4 - HKLM…Run: [WBMKEYBD] C:WINDOWSWBMKbdAP.exe
O4 - HKLM…Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKCU…Run: [RocketDock] “C:Program FilesRocketDockRocketDock.exe”
O4 - HKCU…Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU…Run: [swg] “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
O4 - HKCU…Run: [Hidden Menu] C:Program FilesHidden MenuHiddenMenu.exe
O4 - HKCU…Run: [BpSvc.exe] C:Program FilesBrowserProtectBpSvc.exe
O4 - HKCU…Run: [DesktopOK] “C:Program FilesDesktopOKDesktopOK.exe” -bg -startup
O4 - HKCU…Run: [POP Peeper] “C:Program FilesPOP PeeperPOPPeeper.exe” -min
O4 - HKCU…Run: [SmartRAM] “C:Program FilesIObitAdvanced SystemCareSuo10_SmartRAM.exe” /m
O4 - HKCU…Run: [Advanced SystemCare 5] “C:Program FilesIObitAdvanced SystemCareASCTray.exe” /AutoStart
O4 - HKCU…Run: [Handy Start Menu] “C:Documents and SettingsasLocal SettingsApplication DataChemTable SoftwareHandy Start MenuHandyStartMenu.exe” /Enable
O4 - HKCU…Run: [PMonitor.exe] C:Program FilesIObitAdvanced SystemCarePMonitor.exe
O4 - HKCU…Run: [Suo14_SmartDefrag.exe] C:Program FilesIObitAdvanced SystemCareSuo14_SmartDefrag.exe
O4 - HKCU…Run: [Rainlendar2] C:Program FilesRainlendar2Rainlendar2.exe
O4 - HKUSS-1-5-19…Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Lokale service’)
O4 - HKUSS-1-5-20…Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Netwerkservice’)
O4 - HKUSS-1-5-21-1960408961-152049171-1644491937-1003…Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘UpdatusUser’)
O4 - HKUSS-1-5-18…Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 - S-1-5-21-1960408961-152049171-1644491937-1003 Startup: Install LastPass IE RunOnce.lnk = C:Program FilesCommon Fileslpuninstall.exe (User ‘UpdatusUser’)
O4 - S-1-5-21-1960408961-152049171-1644491937-1003 User Startup: Install LastPass IE RunOnce.lnk = C:Program FilesCommon Fileslpuninstall.exe (User ‘UpdatusUser’)
O4 - S-1-5-18 Startup: FSL Launcher.lnk = C:Program FilesFSLFSL_LauncherFSL_Launcher.exe (User ‘SYSTEM’)
O4 - S-1-5-18 Startup: Stardock ObjectDock.lnk = C:Program FilesStardockObjectDockFreeObjectDock.exe (User ‘SYSTEM’)
O4 - S-1-5-18 Startup: Yankee Clipper III.lnk = C:Program FilesYankee-ClipperYankClip.exe (User ‘SYSTEM’)
O4 - .DEFAULT Startup: FSL Launcher.lnk = C:Program FilesFSLFSL_LauncherFSL_Launcher.exe (User ‘Default user’)
O4 - .DEFAULT Startup: Stardock ObjectDock.lnk = C:Program FilesStardockObjectDockFreeObjectDock.exe (User ‘Default user’)
O4 - .DEFAULT Startup: Yankee Clipper III.lnk = C:Program FilesYankee-ClipperYankClip.exe (User ‘Default user’)
O4 - Startup: FSL Launcher.lnk = C:Program FilesFSLFSL_LauncherFSL_Launcher.exe
O4 - Startup: Stardock ObjectDock.lnk = C:Program FilesStardockObjectDockFreeObjectDock.exe
O4 - Startup: Yankee Clipper III.lnk = C:Program FilesYankee-ClipperYankClip.exe
O4 - Global Startup: Secunia PSI Tray.lnk = ?
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: Download met Free Download Manager - file://C:Program FilesFree Download Managerdllink.htm
O8 - Extra context menu item: LastPass - file://C:Program FilesLastPasscontext.html?cmd=lastpass
O8 - Extra context menu item: LastPass Fill Forms - file://C:Program FilesLastPasscontext.html?cmd=fillforms
O8 - Extra context menu item: LastPass Invulformulieren - file://C:Program FilesLastPasscontext.html?cmd=fillforms
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:Program FilesLastPassLPBar.dll
O9 - Extra ‘Tools’ menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:Program FilesLastPassLPBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: [at]xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1317980792796
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O20 - AppInit_DLLs: C:WINDOWSsystem32guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:Program FilesSUPERAntiSpywareSASWINLO.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:WINDOWSsystem32browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:WINDOWSsystem32browseui.dll
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:Program FilesStardockObjectDockFreeODMenu.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:Program FilesSUPERAntiSpywareSASCORE.EXE
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:Program FilesIObitAdvanced SystemCareASCService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:WINDOWSATKKBService.exe
O23 - Service: BrowserProtect Service (bprot) - Web Eight LLC. - C:Program FilesBrowserProtectBpSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:Program FilesCOMODOCOMODO Internet Securitycmdagent.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:Program FilesIObitIObit Malware FighterIMFsrv.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:Program FilesioloCommonLibioloServiceManager.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:Program FilesNetropaMultimedia Keyboardnhksrv.exe
O23 - Service: NMSAccess - Unknown owner - C:Program FilesCDBurnerXPNMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:Program FilesNVIDIA CorporationNVIDIA Updatusdaemonu.exe
O23 - Service: Secunia PSI Agent - Secunia - C:Program FilesSecuniaPSIPSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:Program FilesSecuniaPSIsua.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:Program FilesSolutoSolutoService.exe

Hi Arnold,

Kun je kijken via Start, Uitvoeren, services.msc [ENTER] of de Comodo Internet Security Helper Service actief is en op ‘automatisch’ staat?

Zou je een nieuwe Hijack This log kunnen maken? Om de één of andere reden staan er geen backslashes in de paden van de applicaties. Dat maakt de analyse lastig.

Ga eens na welke beveiligings programma’s je in het verleden geinstalleerd hebt gehad en laat eens de clean up tools van deze programma’s lopen. Je kunt hier een lijst removal tools vinden: ESET Knowledgebase .

De reden is dat bij deinstallatie niet altijd alle componenten worden gedeinstalleerd. Dat leidt soms tot onverwachte interacties

Sinds eergisteren geen foute Comodo systeembalk icon meer gezien.
Bij opstarten blijft melding: Windows-Station niet gereed.
Na klik op Doorgaan start Iobit SmartDefrag venster 2 seconden geheel vervormd op en blijft staan.
Na sluiten gaat hij pas naar systeembalk. Ik zie ook geen vermelding in het logfile !!!
Vanmorgen stond PopPeeper 2x in de systeembalk, na nieuwe start weer 1x.
Profiel instelling op Engels gezet. Bijzondere karrakters worden nu nog verder verhaspeld,
bv: een met wordt één. Dat is altijd al een probleem geweest, maar tegenwoordig veel minder.
Sinds enkele maanden zit er een nieuw moederbord in deze desktop, omdat de oude plotseling alleen nog doorstarte als de harddisks losgekoppeld werden. Dat werkte dus niet meer.
Daar heb ik 5 jaar mee moeten klooien omdat instellingen niet goed opgeslagen werden. Nu lijkt dit langzamerhand weer te beginnen. Daar heb ik wel heel veel van geleerd over probleemoplossing en honderden freeware programma’s enigzins leren kennen.
Deinstaleren gaat meestal met REVO of ASC en er is toen een nieuwe XP pro geinstalleerd.
Het eerste logfile heeft bij mij wel backslashes, dit zet ik nog eens onderaan!!!

ALLE BIJZONDERE LETTERS NU VERWIJDERD EN NOGMAALS GESAVED

Hierbij het logfile.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:55:39, on 6-2-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BrowserProtect\BpSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Soluto\soluto.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare\PMonitor.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Soluto\SolutoService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\System Eye\SystemEye.exe
C:\Program Files\Trust\AMI MOUSE 250SP WIRELESS OPTICAL\lwbwheel.exe
C:\WINDOWS\WBMKbdAP.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\DesktopOK\DesktopOK.exe
C:\Program Files\IObit\Advanced SystemCare\Suo10_SmartRAM.exe
C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files\Hidden Menu\HiddenMenu.exe
C:\DOCUMENTS AND SETTINGS\AS\LOCAL SETTINGS\APPLICATION DATA\CHEMTABLE SOFTWARE\HANDY START MENU\HANDYSTARTMENU.EXE
C:\PROGRA~1\Secunia\PSI\psi_tray.exe
C:\Program Files\FSL\FSL_Launcher\FSL_Launcher.exe
C:\PROGRA~1\X-MOUS~1\XMOUSE~1.EXE
C:\Program Files\Secunia\PSI\sua.exe
C:\DOCUMENTS AND SETTINGS\AS\LOCAL SETTINGS\APPLICATION DATA\CHEMTABLE SOFTWARE\HANDY START MENU\StartMenuService.exe
C:\Program Files\Ditto\Ditto.exe
C:\PROGRA~1\SpamPal\spampal.exe
C:\PROGRAM FILES\YANKEE-CLIPPER\YANKCLIP.EXE
C:\PROGRAM FILES\POP PEEPER\POPPEEPER.EXE
C:\PROGRAM FILES\NETROPA\MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\PROGRAM FILES\STARDOCK\OBJECTDOCKFREE\OBJECTDOCK.EXE
C:\PROGRAM FILES\RAINLENDAR2\RAINLENDAR2.EXE
C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe
C:\PROGRAM FILES\NETROPA\MULTIMEDIA KEYBOARD\TrayMon.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zeelandnet.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = IE8
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Hot MP3 Toolbar - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files\Hot_MP3\prxtbHot0.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit,
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM..\Run: [COMODO Internet Security] “C:\Program Files\COMODO\COMODO Internet Security\cfp.exe” -h
O4 - HKLM..\Run: [System Eye] C:\Program Files\System Eye\SystemEye.exe
O4 - HKLM..\Run: [LWBMOUSE] C:\Program Files\Trust\AMI MOUSE 250SP WIRELESS OPTICAL\lwbwheel.exe
O4 - HKLM..\Run: [WBMKEYBD] C:\WINDOWS\WBMKbdAP.exe
O4 - HKLM..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU..\Run: [RocketDock] “C:\Program Files\RocketDock\RocketDock.exe”
O4 - HKCU..\Run: [BpSvc.exe] C:\Program Files\BrowserProtect\BpSvc.exe
O4 - HKCU..\Run: [DesktopOK] “C:\Program Files\DesktopOK\DesktopOK.exe” -bg -startup
O4 - HKCU..\Run: [SmartRAM] “C:\Program Files\IObit\Advanced SystemCare\Suo10_SmartRAM.exe” /m
O4 - HKCU..\Run: [Advanced SystemCare 5] “C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe” /AutoStart
O4 - HKCU..\Run: [PMonitor.exe] C:\Program Files\IObit\Advanced SystemCare\PMonitor.exe
O4 - HKCU..\Run: [Hidden Menu] C:\Program Files\Hidden Menu\HiddenMenu.exe
O4 - HKCU..\Run: [swg] “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU..\Run: [Handy Start Menu] “C:\DOCUMENTS AND SETTINGS\AS\LOCAL SETTINGS\APPLICATION DATA\CHEMTABLE SOFTWARE\HANDY START MENU\HANDYSTARTMENU.EXE” /Enable
O4 - S-1-5-21-1960408961-152049171-1644491937-1003 Startup: Install LastPass IE RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (User ‘UpdatusUser’)
O4 - S-1-5-21-1960408961-152049171-1644491937-1003 User Startup: Install LastPass IE RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (User ‘UpdatusUser’)
O4 - S-1-5-18 Startup: FSL Launcher.lnk = C:\Program Files\FSL\FSL_Launcher\FSL_Launcher.exe (User ‘SYSTEM’)
O4 - .DEFAULT Startup: FSL Launcher.lnk = C:\Program Files\FSL\FSL_Launcher\FSL_Launcher.exe (User ‘Default user’)
O4 - Startup: FSL Launcher.lnk = C:\Program Files\FSL\FSL_Launcher\FSL_Launcher.exe
O4 - Global Startup: Secunia PSI Tray.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: LastPass - file://C:\Program Files\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files\LastPass\context.html?cmd=fillforms
O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Program Files\LastPass\context.html?cmd=fillforms
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll
O9 - Extra ‘Tools’ menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1317980792796
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategoriEEn - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: BrowserProtect Service (bprot) - Web Eight LLC. - C:\Program Files\BrowserProtect\BpSvc.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O24 - Desktop Component AutorunsDisabled: (no name) - (no file)

COMMENTAAR: Ik heb geen idee waarom regel 024 hier komt!!!

ONTBREEKT IN NIEUWE Logfile: O4 - HKCU..\Run: [Suo14_SmartDefrag.exe] C:\Program Files\IObit\Advanced SystemCare\Suo14_SmartDefrag.exe
START WEL OP!!!

End of file - 11753 bytes

=============================================================================================================================================================

Logfile of Trend Micro HijackThis v2.0.4 2-feb-2012 13:092-
Scan saved at 15:22:21, on 1-2-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe2-feb-2012 13:08
C:\Program Files\BrowserProtect\BpSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Soluto\soluto.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\IObit\Advanced SystemCare\PMonitor.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Soluto\SolutoService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\System Eye\SystemEye.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\Trust\AMI MOUSE 250SP WIRELESS OPTICAL\lwbwheel.exe
C:\WINDOWS\WBMKbdAP.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hidden Menu\HiddenMenu.exe
C:\Program Files\DesktopOK\DesktopOK.exe
C:\Program Files\POP Peeper\POPPeeper.exe
C:\Program Files\IObit\Advanced SystemCare\Suo10_SmartRAM.exe
C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe
C:\Documents and Settings\as\Local Settings\Application Data\ChemTable Software\Handy Start Menu\HandyStartMenu.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\PROGRA~1\Secunia\PSI\psi_tray.exe
C:\Program Files\FSL\FSL_Launcher\FSL_Launcher.exe
C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
C:\Program Files\Yankee-Clipper\YankClip.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\PROGRA~1\X-MOUS~1\XMOUSE~1.EXE
C:\Documents and Settings\as\Local Settings\Application Data\ChemTable Software\Handy Start Menu\StartMenuService.exe
C:\Program Files\iolo\System Mechanic Professional\SMTrayNotify.exe
C:\Program Files\Ditto\Ditto.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\PROGRA~1\SpamPal\spampal.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\JGsoft\EditPadLite\EditPadLite7.exe
C:\Program Files\HijackThis\HiJackThis.exe
C:\WINDOWS\system32\msiexec.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zeelandnet.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = IE8
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Hot MP3 Toolbar - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files\Hot_MP3\prxtbHot0.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM..\Run: [COMODO Internet Security] “C:\Program Files\COMODO\COMODO Internet Security\cfp.exe” -h
O4 - HKLM..\Run: [System Eye] C:\Program Files\System Eye\SystemEye.exe
O4 - HKLM..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM..\Run: [LWBMOUSE] C:\Program Files\Trust\AMI MOUSE 250SP WIRELESS OPTICAL\lwbwheel.exe
O4 - HKLM..\Run: [WBMKEYBD] C:\WINDOWS\WBMKbdAP.exe
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU..\Run: [RocketDock] “C:\Program Files\RocketDock\RocketDock.exe”
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU..\Run: [swg] “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU..\Run: [Hidden Menu] C:\Program Files\Hidden Menu\HiddenMenu.exe
O4 - HKCU..\Run: [BpSvc.exe] C:\Program Files\BrowserProtect\BpSvc.exe
O4 - HKCU..\Run: [DesktopOK] “C:\Program Files\DesktopOK\DesktopOK.exe” -bg -startup
O4 - HKCU..\Run: [POP Peeper] “C:\Program Files\POP Peeper\POPPeeper.exe” -min
O4 - HKCU..\Run: [SmartRAM] “C:\Program Files\IObit\Advanced SystemCare\Suo10_SmartRAM.exe” /m
O4 - HKCU..\Run: [Advanced SystemCare 5] “C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe” /AutoStart
O4 - HKCU..\Run: [Handy Start Menu] “C:\Documents and Settings\as\Local Settings\Application Data\ChemTable Software\Handy Start Menu\HandyStartMenu.exe” /Enable
O4 - HKCU..\Run: [PMonitor.exe] C:\Program Files\IObit\Advanced SystemCare\PMonitor.exe
O4 - HKCU..\Run: [Suo14_SmartDefrag.exe] C:\Program Files\IObit\Advanced SystemCare\Suo14_SmartDefrag.exe
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKUS\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)
O4 - HKUS\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-21-1960408961-152049171-1644491937-1003..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - S-1-5-21-1960408961-152049171-1644491937-1003 Startup: Install LastPass IE RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (User ‘UpdatusUser’)
O4 - S-1-5-21-1960408961-152049171-1644491937-1003 User Startup: Install LastPass IE RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (User ‘UpdatusUser’)
O4 - S-1-5-18 Startup: FSL Launcher.lnk = C:\Program Files\FSL\FSL_Launcher\FSL_Launcher.exe (User ‘SYSTEM’)
O4 - S-1-5-18 Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe (User ‘SYSTEM’)
O4 - S-1-5-18 Startup: Yankee Clipper III.lnk = C:\Program Files\Yankee-Clipper\YankClip.exe (User ‘SYSTEM’)
O4 - .DEFAULT Startup: FSL Launcher.lnk = C:\Program Files\FSL\FSL_Launcher\FSL_Launcher.exe (User ‘Default user’)
O4 - .DEFAULT Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe (User ‘Default user’)
O4 - .DEFAULT Startup: Yankee Clipper III.lnk = C:\Program Files\Yankee-Clipper\YankClip.exe (User ‘Default user’)
O4 - Startup: FSL Launcher.lnk = C:\Program Files\FSL\FSL_Launcher\FSL_Launcher.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
O4 - Startup: Yankee Clipper III.lnk = C:\Program Files\Yankee-Clipper\YankClip.exe
O4 - Global Startup: Secunia PSI Tray.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: LastPass - file://C:\Program Files\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files\LastPass\context.html?cmd=fillforms
O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Program Files\LastPass\context.html?cmd=fillforms
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll
O9 - Extra ‘Tools’ menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1317980792796
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieEEn - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: BrowserProtect Service (bprot) - Web Eight LLC. - C:\Program Files\BrowserProtect\BpSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe


End of file - 13138 bytes

Ik heb je HJT log door www.hijackthis.de laten analyseren.

C:\Program Files\BrowserProtect\BpSvc.exe O4 - HKCU\..\Run: [BpSvc.exe] C:\Program Files\BrowserProtect\BpSvc.exe O23 - Service: BrowserProtect Service (bprot) - Web Eight LLC. - C:\Program Files\BrowserProtect\BpSvc.exe
Deze is verdacht omdat de naam van het programma hetzelfde is als haar executable. Ken je dit programma? Heb je dit ooit geinstalleerd? Upload dit bestand eens naar Virus Total en post de url naar het analyse rapport hier.

Het zelfde commentaar voor deze twee entries die lijken te behoren bij IOBit Advanced System Care:

O4 - HKCU..\Run: [Suo14_SmartDefrag.exe] C:\Program Files\IObit\Advanced SystemCare\Suo14_SmartDefrag.exe

Er zijn een aantal programma’s die niet bekend zijn. Dat is geen bewijs voor dat ze mogelijk kwaadaardig zijn. Maar kun je nalopen of je deze programma’s kent en zelf geinstalleerd hebt?

[quote]O4 - HKLM..\Run: [System Eye] C:\Program Files\System Eye\SystemEye.exe
O4 - HKLM..\Run: [System Eye] C:\Program Files\System Eye\SystemEye.exe
C:\WINDOWS\WBMKbdAP.exe
O4 - HKLM..\Run: [WBMKEYBD] C:\WINDOWS\WBMKbdAP.exe
C:\Program Files\DesktopOK\DesktopOK.exe
C:\Documents and Settings\as\Local Settings\Application Data\ChemTable Software\Handy Start Menu\StartMenuService.exe
O4 - S-1-5-21-1960408961-152049171-1644491937-1003 Startup: Install LastPass IE RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (User ‘UpdatusUser’)
O4 - S-1-5-21-1960408961-152049171-1644491937-1003 User Startup: Install LastPass IE RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (User ‘UpdatusUser’)
O4 - S-1-5-18 Startup: Yankee Clipper III.lnk = C:\Program Files\Yankee-Clipper\YankClip.exe (User ‘SYSTEM’)
O4 - .DEFAULT Startup: Yankee Clipper III.lnk = C:\Program Files\Yankee-Clipper\YankClip.exe (User ‘Default user’)

Hoi EricJH

Ik moet nog een en ander uitzoeken. Even geduld. ??? ???

arnold

Geen pobleem. Ik controleer altijd of er posts zijn bij topics waar ik in participeer.

Kortom, ik zie het als er gepost is in dit topic.:slight_smile: