ComboFix 10-02-28.03 - Hilaire 01/03/2010 17:55:10.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.958.336 [GMT 1:00] Gestart vanuit: c:\users\Hilaire\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Hilaire\Desktop\CFScript.txt..txt SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((( Bestanden Gemaakt van 2010-02-01 to 2010-03-01 )))))))))))))))))))))))))))))) . 2010-03-01 17:01 . 2010-03-01 17:01 -------- d-----w- c:\users\Hilaire\AppData\Local\temp 2010-03-01 17:01 . 2010-03-01 17:01 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-03-01 17:01 . 2010-03-01 17:01 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-03-01 12:09 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe 2010-02-26 14:37 . 2010-02-26 14:37 -------- d-----w- c:\users\Hilaire\AppData\Roaming\Sahmon Games 2010-02-25 14:56 . 2010-02-25 14:56 -------- d-----w- c:\users\Hilaire\AppData\Local\AVG Security Toolbar 2010-02-25 14:47 . 2010-02-25 14:47 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-02-25 14:47 . 2010-02-25 14:47 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-02-25 14:47 . 2010-02-25 14:47 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-02-25 14:47 . 2010-02-25 14:47 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-02-25 14:46 . 2010-03-01 08:58 -------- d-----w- c:\windows\system32\drivers\Avg 2010-02-25 14:46 . 2010-02-25 14:50 -------- d-----w- c:\programdata\AVG Security Toolbar 2010-02-24 09:06 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll 2010-02-24 09:05 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll 2010-02-24 09:05 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll 2010-02-24 09:05 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-02-24 09:05 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-02-24 09:05 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-02-24 09:05 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll 2010-02-24 09:05 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-02-24 09:05 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe 2010-02-24 09:05 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-02-24 09:05 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll 2010-02-24 09:05 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-02-24 09:05 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-02-22 16:25 . 2010-02-22 16:25 -------- d-----w- c:\program files\Ask.com 2010-02-22 15:38 . 2010-02-22 15:38 -------- d-----w- c:\users\Hilaire\AppData\Roaming\Auslogics 2010-02-20 15:38 . 2010-02-20 15:38 -------- d-----w- c:\users\Hilaire\AppData\Roaming\YouSendIt 2010-02-20 15:37 . 2010-02-20 15:37 -------- d-----w- c:\windows\Downloaded Installations 2010-02-18 16:43 . 2010-02-18 16:43 -------- d-----w- c:\program files\MyRealGames.com 2010-02-18 15:52 . 2010-02-18 15:52 -------- d-----w- c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP 2010-02-18 15:41 . 2010-02-18 15:41 -------- d-----w- c:\users\Hilaire\AppData\Roaming\FarmingSimulator2008Demo 2010-02-18 15:40 . 2010-02-18 15:40 -------- d-----w- c:\program files\AGEIA Technologies 2010-02-18 15:40 . 2010-02-18 15:40 -------- d-----w- c:\windows\system32\AGEIA 2010-02-18 15:38 . 2010-02-18 15:38 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-02-18 15:03 . 2010-02-18 15:08 -------- d-----w- c:\users\Hilaire\AppData\Local\Microsoft Games 2010-02-18 14:39 . 2010-02-18 14:39 -------- d-----w- C:\found.000 2010-02-14 15:59 . 2010-02-14 16:00 -------- d-----w- c:\users\Hilaire\AppData\Roaming\Zapr 2010-02-14 15:59 . 2010-02-14 16:01 -------- d-----w- c:\program files\Zapr 2010-02-14 15:48 . 2010-02-14 15:48 -------- d-----w- c:\users\Hilaire\AppData\Roaming\HTML Executable 2010-02-12 18:06 . 2010-02-12 18:10 -------- d-----w- c:\users\Hilaire\AppData\Roaming\ISP Monitor 2010-02-12 18:05 . 2010-02-12 18:05 737280 ----a-w- c:\windows\iun6002.exe 2010-02-02 17:23 . 2010-02-02 17:23 -------- d-----w- c:\users\Hilaire\AppData\Roaming\ComodoGroup 2010-02-02 17:22 . 2010-01-07 08:27 18184 ----a-w- c:\windows\system32\cnat.exe 2010-02-02 17:22 . 2010-02-02 17:22 -------- d-----w- c:\program files\COMODO 2010-02-02 15:04 . 2010-02-05 08:48 -------- d-----w- c:\program files\DEUTSCHLAND SPIELT 2010-02-02 15:04 . 2010-02-02 15:04 -------- d-----w- c:\program files\OXXOGames 2010-02-01 12:48 . 2010-02-01 12:48 -------- d-----w- C:\Team17 . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-01 16:50 . 2009-07-08 07:10 2140 ----a-w- c:\windows\bthservsdp.dat 2010-03-01 16:29 . 2009-07-06 13:27 1 ----a-w- c:\users\Hilaire\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-03-01 16:26 . 2009-10-06 16:46 -------- d-----w- c:\users\Hilaire\AppData\Roaming\Spamihilator 2010-03-01 12:09 . 2006-11-02 16:11 667114 ----a-w- c:\windows\system32\perfh013.dat 2010-03-01 12:09 . 2006-11-02 16:11 126648 ----a-w- c:\windows\system32\perfc013.dat 2010-02-27 09:09 . 2010-01-05 17:07 0 ----a-w- c:\users\Hilaire\AppData\Local\prvlcl.dat 2010-02-26 18:34 . 2009-08-21 17:56 -------- d-----w- c:\users\Hilaire\AppData\Roaming\vlc 2010-02-26 14:37 . 2009-07-07 10:36 -------- d-----w- c:\program files\FreeGamePick.com 2010-02-25 14:46 . 2009-11-04 09:40 -------- d-----w- c:\programdata\avg9 2010-02-24 13:04 . 2009-07-06 08:14 70472 ----a-w- c:\users\Hilaire\AppData\Local\GDIPFONTCACHEV1.DAT 2010-02-20 15:53 . 2009-07-07 11:00 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-02-18 16:34 . 2009-07-09 17:20 -------- d-----w- c:\program files\GameTop.com 2010-02-17 17:10 . 2009-11-17 16:54 -------- d-----w- c:\program files\Paint.NET 2010-02-12 09:43 . 2009-11-15 16:06 -------- d-----w- c:\program files\Family Toolbar 2010-02-10 17:13 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-02-10 08:19 . 2009-10-06 16:46 -------- d-----w- c:\program files\Spamihilator 2010-01-30 14:36 . 2010-01-30 14:36 -------- d-----w- c:\program files\AMD 2010-01-20 09:23 . 2010-01-19 18:05 -------- d-----w- c:\program files\PeerGuardian2 2010-01-19 17:57 . 2009-07-18 08:15 -------- d-----w- c:\program files\IObit 2010-01-14 10:12 . 2009-10-02 16:17 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-11 15:07 . 2009-12-16 12:45 -------- d-----w- c:\program files\Auslogics 2010-01-08 15:11 . 2010-01-08 15:11 -------- d-----w- c:\users\Hilaire\AppData\Roaming\Template 2010-01-08 14:36 . 2010-01-08 14:36 0 ----a-w- c:\users\Hilaire\AppData\Roaming\wklnhst.dat 2010-01-08 14:26 . 2009-07-08 09:32 -------- d-----w- c:\programdata\ScanSoft 2010-01-08 14:22 . 2009-09-21 08:55 -------- d-----w- c:\users\Hilaire\AppData\Roaming\Canon 2010-01-08 14:21 . 2009-07-08 09:23 -------- d-----w- c:\program files\Canon 2010-01-06 15:38 . 2010-02-24 09:05 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll 2010-01-06 15:38 . 2010-02-24 09:05 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll 2010-01-06 15:38 . 2010-02-24 09:05 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll 2010-01-06 15:38 . 2010-02-24 09:05 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll 2010-01-02 06:38 . 2010-01-22 09:27 916480 ----a-w- c:\windows\system32\wininet.dll 2010-01-02 06:32 . 2010-01-22 09:27 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-01-02 06:32 . 2010-01-22 09:27 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-01-02 04:57 . 2010-01-22 09:27 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-12-24 12:11 . 2009-12-24 12:11 658696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-12-11 11:43 . 2010-02-10 15:08 302080 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-11 11:43 . 2010-02-10 15:08 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys 2009-12-08 20:01 . 2010-02-10 15:08 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-12-08 20:01 . 2010-02-10 15:08 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-12-08 20:01 . 2010-02-10 15:08 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-12-08 17:26 . 2010-02-10 15:08 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2009-12-04 18:30 . 2010-02-10 15:08 12288 ----a-w- c:\windows\system32\tsbyuv.dll 2009-12-04 18:29 . 2010-02-10 15:08 1314816 ----a-w- c:\windows\system32\quartz.dll 2009-12-04 18:28 . 2010-02-10 15:08 22528 ----a-w- c:\windows\system32\msyuv.dll 2009-12-04 18:28 . 2010-02-10 15:08 31744 ----a-w- c:\windows\system32\msvidc32.dll 2009-12-04 18:28 . 2010-02-10 15:08 123904 ----a-w- c:\windows\system32\msvfw32.dll 2009-12-04 18:28 . 2010-02-10 15:08 13312 ----a-w- c:\windows\system32\msrle32.dll 2009-12-04 18:28 . 2010-02-10 15:08 82944 ----a-w- c:\windows\system32\mciavi32.dll 2009-12-04 18:28 . 2010-02-10 15:08 50176 ----a-w- c:\windows\system32\iyuv_32.dll 2009-12-04 18:27 . 2010-02-10 15:08 91136 ----a-w- c:\windows\system32\avifil32.dll 2009-12-04 15:56 . 2010-02-10 15:08 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2009-12-04 15:56 . 2010-02-10 15:08 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2009-12-03 15:57 . 2009-12-03 15:57 715248 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-03 15:14 . 2009-12-12 18:04 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-03 15:13 . 2009-12-12 18:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-04-27 10:18 . 2009-04-27 10:18 132457951 ----a-w- c:\program files\openofficeorg1.cab 2009-04-27 10:17 . 2009-04-27 10:17 9815040 ----a-w- c:\program files\openofficeorg31.msi 2009-04-27 04:42 . 2009-04-27 04:42 336 ----a-w- c:\program files\setup.ini 2002-03-11 09:06 . 2002-03-11 09:06 1822520 ----a-w- c:\program files\instmsiw.exe 2002-03-11 08:45 . 2002-03-11 08:45 1708856 ----a-w- c:\program files\instmsia.exe 2007-02-26 18:59 . 2007-02-26 18:59 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((( SnapShot@2010-03-01_09.39.31 ))))))))))))))))))))))))))))))))))))))))) . + 2010-03-01 11:55 . 2010-03-01 12:09 1560 c:\windows\SoftwareDistribution\EventCache\{1349267B-8E18-4088-A41A-7481852094B6}.bin + 2010-03-01 16:52 . 2010-03-01 16:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2010-03-01 09:22 . 2010-03-01 09:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2010-03-01 09:22 . 2010-03-01 09:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2010-03-01 16:52 . 2010-03-01 16:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2010-03-01 12:09 . 2010-02-12 10:43 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6002.22337_none_6466abc783660745\browserchoice.exe + 2010-03-01 12:09 . 2010-02-12 10:32 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6002.18205_none_63fb7e2c6a31e0fa\browserchoice.exe + 2010-03-01 12:09 . 2010-02-12 10:46 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6001.22632_none_627b386d8644336e\browserchoice.exe + 2010-03-01 12:09 . 2010-02-12 10:48 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6001.18423_none_61fd69f26d1d93e3\browserchoice.exe + 2010-03-01 12:09 . 2010-02-12 10:42 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6000.21223_none_60a0a0398914d5fe\browserchoice.exe + 2010-03-01 12:09 . 2010-02-12 10:49 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6000.17017_none_6025d29c6feb8278\browserchoice.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-11-25 12:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2009-07-10 16:28 1174920 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064] c:\users\Hilaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Spamihilator.lnk - c:\program files\Spamihilator\spamihilator.exe [2010-2-10 1512448] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2009-7-7 679936] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):18,8d,90,e3,ca,03,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3610711996-1769753261-2712777353-1000] "EnableNotificationsRef"=dword:00000001 R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [25/02/2010 15:47 333192] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\drivers\avgtdix.sys [25/02/2010 15:47 360584] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [25/02/2010 15:46 906520] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [25/02/2010 15:46 285392] S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [3/12/2009 16:57 715248] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map 2010-02-26 c:\windows\Tasks\COMODO System Cleaner Update.job - c:\program files\COMODO\COMODO System-Cleaner\UpdateApplications.exe [2010-01-26 15:28] 2010-03-01 c:\windows\Tasks\User_Feed_Synchronization-{E44D27E0-7B62-432F-8035-1BBB9729ED05}.job - c:\windows\system32\msfeedssync.exe [2010-01-22 04:56] . . ------- Bijkomende Scan ------- . mStart Page = hxxp://search.myheritage.com DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} - hxxp://www.tele2.be/mailconfig/config/bin/AccountHelper.cab FF - ProfilePath - c:\users\Hilaire\AppData\Roaming\Mozilla\Firefox\Profiles\2uzn17l8.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fhl%3Dnl%26ui%3Dhtml%26zy%3Dl&bsv=zpwhtygjntrz&scc=1<mpl=default<mplcache=2&hl=nl FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p= FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll FF - component: c:\users\Hilaire\AppData\Roaming\Mozilla\Firefox\Profiles\2uzn17l8.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 16000 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.max.tokenizing.time - 3000000 FF - user.js: content.maxtextrun - 4095 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 1000000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 1000000 FF - user.js: dom.disable_window_status_change - true FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 1000 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-01 18:01 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2010-03-01 18:03:34 ComboFix-quarantined-files.txt 2010-03-01 17:03 ComboFix2.txt 2010-03-01 11:57 ComboFix3.txt 2010-03-01 09:41 ComboFix4.txt 2009-07-05 20:08 Pre-Run: 229.902.123.008 bytes beschikbaar Post-Run: 229.895.880.704 bytes beschikbaar - - End Of File - - AEB49C2FCCCA8DF3AFED5931856430FF