tommyboy

Bedankt voor de info.

Ze zijn besteld. Moet ik nadat de latjes geplaatst zijn, nog met iets rekening houden of iets doen? Of kan de laptop direct gebruikt worden?

Hallo, Na problemen qua snelheid van mijn laptop in een eerdere discussie, is mij verteld dat ik mijn RAM geheugen kan upgraden, van 1x 512KB naar 2x 1GB, hiervoor zou ik SODIMM DDR2 PC2-5300 667 Mhz nodig hebben. Na wat gezocht te hebben op het net, kom ik dit tegen: Kingston Laptop geheugen 1 GB DDR2 667 MHz SODIMM PC2-5300 geschikt voor Acer Aspire 5610 - ReplaceDirect.nl Maar ik kom ook dit tegen:Kingston ValueRAM geheugen - 1 GB - SO DIMM 200-pins - DDR2 (KVR667D2S5/1G) - www.misco.nl Wat is het verschil tussen de twee, vooral dan, wat is ValueRAM? En bij welke webwinkel kan ik dit het beste kopen?

Oke, bedankt voor de hulp

Dat van die latjes snap ik niets van,waar koop je die en waar steek je die? (SODIMM DDR2 PC2-5300 667 Mhz ) en die 2GB RAM upgrade gaat dit ook, en waar doe je dit, want die prijs vind ik best meevallen

De laptop is nieuw gekocht met Vista erop, kan ik zo een nieuw systeem installeren zoals XP of Linux? Ik zal in ieder geval al wat processen die op de achtergrond meedraaien uitschakelen, en anders weet ik wat me te doen staat, een nieuwe, maar er is zo veel keuze, het is maar voor gewoon gebruik, niet voor spel gebruik of zware downloads of zo, ik had al aan Apple gedacht, of hebben jullie een beter idee?

speccy link http://speccy.piriform.com/results/emt8pIZUL68Saxwt0Bxra0P

nog altijd het zelfde, ontzettend traag, de laptop maakt nu ook veel updates tijdens het afsluiten, 24 updates in één keer, mar zoals gezegd geen verbetering

combofix log ComboFix 12-06-13.03 - franky 13/06/2012 19:40:03.3.1 - x86 Gestart vanuit: c:\users\franky\Videos\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\franky\Videos\Desktop\CFScript.txt . FILE :: "C:\user.js" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\BrowserCompanion c:\program files\BrowserCompanion\BCHelper.exe c:\program files\BrowserCompanion\blabbers-ch.crx c:\program files\BrowserCompanion\blabbers-ff-full.xpi c:\program files\BrowserCompanion\logo.ico c:\program files\BrowserCompanion\sqlite3.dll c:\program files\BrowserCompanion\tdataprotocol.dll c:\program files\BrowserCompanion\toolbar.dll c:\program files\BrowserCompanion\uninstall.exe c:\program files\BrowserCompanion\updatebhoWin32.dll c:\program files\BrowserCompanion\updater.ini c:\program files\BrowserCompanion\widgetserv.exe c:\program files\Yontoo c:\programdata\Babylon c:\programdata\Tarma Installer c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico C:\user.js c:\users\franky\AppData\Local\Babylon c:\users\franky\AppData\Local\Babylon\Setup\bab033.tbinst.dat c:\users\franky\AppData\Local\Babylon\Setup\bab091.norecovericon.dat c:\users\franky\AppData\Local\Babylon\Setup\Babylon.dat c:\users\franky\AppData\Local\Babylon\Setup\BExternal.dll c:\users\franky\AppData\Local\Babylon\Setup\Chrome_tb.zpb c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\blueStar.png c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\eula.html c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\globe.png c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\options.js c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\page0.html c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\page2.css c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\page2.html c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\page2Lrg.css c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\page3.css c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\page3.html c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\page3Lrg.css c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\pBar.gif c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\progress.png c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\setup.js c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\title.png c:\users\franky\AppData\Local\Babylon\Setup\HtmlScreens\toolBar.jpg c:\users\franky\AppData\Local\Babylon\Setup\IECookieLow.dll c:\users\franky\AppData\Local\Babylon\Setup\Setup-latest-30b.zpb c:\users\franky\AppData\Local\Babylon\Setup\Setup-tbmntr903.zpb c:\users\franky\AppData\Local\Babylon\Setup\Setup.exe c:\users\franky\AppData\Local\Babylon\Setup\SetupStrings.dat c:\users\franky\AppData\Local\Babylon\Setup\sign c:\users\franky\AppData\Local\Babylon\Setup\sqlite3.dll c:\users\franky\AppData\Roaming\Babylon c:\users\franky\AppData\Roaming\Babylon\log_file.txt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-13 to 2012-06-13 )))))))))))))))))))))))))))))) . . 2012-06-13 18:06 . 2012-06-13 18:07 -------- d-----w- c:\users\franky\AppData\Local\temp 2012-06-13 18:06 . 2012-06-13 18:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-10 20:24 . 2012-06-10 20:24 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73739C26-8EBA-428A-8273-42B394F9ABB7}\offreg.dll 2012-06-10 18:50 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73739C26-8EBA-428A-8273-42B394F9ABB7}\mpengine.dll 2012-06-08 23:18 . 2012-06-08 23:18 -------- d-----w- c:\users\franky\AppData\Roaming\Malwarebytes 2012-06-08 23:18 . 2012-06-08 23:18 -------- d-----w- c:\programdata\Malwarebytes 2012-06-08 23:18 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-08 23:18 . 2012-06-08 23:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-08 20:51 . 2012-06-08 20:51 388096 ----a-r- c:\users\franky\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-08 20:50 . 2012-06-08 20:50 -------- d-----w- c:\program files\Trend Micro 2012-05-14 19:31 . 2012-05-19 11:19 -------- d-----w- c:\users\franky\AppData\Roaming\Media Finder . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-05 14:58 . 2012-04-03 20:58 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-05 14:58 . 2012-04-03 20:58 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-03 19:56 . 2012-04-03 19:56 161792 ----a-w- c:\windows\system32\msls31.dll 2012-04-03 19:56 . 2012-04-03 19:56 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-04-03 19:56 . 2012-04-03 19:56 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-04-03 19:56 . 2012-04-03 19:56 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-04-03 19:56 . 2012-04-03 19:56 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-04-03 19:56 . 2012-04-03 19:56 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-04-03 19:55 . 2012-04-03 19:55 367104 ----a-w- c:\windows\system32\html.iec 2012-04-03 19:55 . 2012-04-03 19:55 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-04-03 19:55 . 2012-04-03 19:55 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-04-03 19:55 . 2012-04-03 19:55 152064 ----a-w- c:\windows\system32\wextract.exe 2012-04-03 19:55 . 2012-04-03 19:55 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-04-03 19:55 . 2012-04-03 19:55 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-04-03 19:55 . 2012-04-03 19:55 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-04-03 19:55 . 2012-04-03 19:55 11776 ----a-w- c:\windows\system32\mshta.exe 2012-04-03 19:55 . 2012-04-03 19:55 101888 ----a-w- c:\windows\system32\admparse.dll 2012-04-03 19:55 . 2012-04-03 19:55 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-04-03 19:55 . 2012-04-03 19:55 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-04-03 08:16 . 2012-05-11 16:21 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-03 08:16 . 2012-05-11 16:21 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-02 13:36 . 2012-05-11 16:21 2044928 ----a-w- c:\windows\system32\win32k.sys 2012-03-30 19:48 . 2010-04-19 13:29 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-30 12:39 . 2012-05-11 16:31 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-20 23:28 . 2012-05-11 16:31 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] 2010-12-19 14:46 86696 ----a-w- c:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2010-12-19 86696] . [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon] @="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}" [HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}] 2011-05-09 10:45 288584 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon] @="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}" [HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}] 2011-05-09 10:45 288584 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "????r"="" [?] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856] "MyTomTomSA.exe"="c:\program files\MyTomTom 3\MyTomTomSA.exe" [2011-11-14 435672] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-20 4018176] "PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616] "PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2006-11-18 151552] "NvSvc"="c:\windows\system32\nvsvc.dll" [2006-11-22 90191] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-11-22 81920] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-11-22 7757824] "LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-11-20 244512] "LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-30 304664] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-11-28 614400] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-11-17 453120] "AcerOrbicamRibbon"="c:\program files\Acer\OrbiCam10\OrbiCam.exe" [2006-11-20 754712] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760] "Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2012-03-19 217256] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-06-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 14:58] . 2012-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-22 14:40] . 2012-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-22 14:40] . 2012-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1433520924-4174861453-4113501684-1000Core.job - c:\users\franky\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-31 21:07] . 2012-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1433520924-4174861453-4113501684-1000UA.job - c:\users\franky\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-31 21:07] . . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*Yahoo! UK IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.3 195.130.130.131 . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-BrowserCompanion - c:\program files\BrowserCompanion\uninstall.exe AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\progra~2\TARMAI~1\{889DF~1\Setup.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-13 20:07 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{2FF8D163-C3C2-46ce-BD8D-D85AC1BC56DD}] "ImagePath"="\??\c:\program files\Acer\Acer Arcade\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-06-13 20:17:09 ComboFix-quarantined-files.txt 2012-06-13 18:16 ComboFix2.txt 2012-06-12 19:05 . Pre-Run: 6.848.225.280 bytes beschikbaar Post-Run: 6.588.776.448 bytes beschikbaar . - - End Of File - - F880F87959CAAD1C262C7937D7092DE4

gevonden, combofix log ComboFix 12-06-12.01 - franky 12/06/2012 20:39:31.2.1 - x86 Gestart vanuit: c:\users\franky\Videos\Desktop\ComboFix.exe AV: Panda Cloud Antivirus *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59} SP: Panda Cloud Antivirus *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming c:\users\franky\AppData\Local\Microsoft\Windows\Temporary Internet Files\tbinst c:\windows\IsUn0413.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-12 to 2012-06-12 )))))))))))))))))))))))))))))) . . 2012-06-12 18:53 . 2012-06-12 18:53 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-12 18:53 . 2012-06-12 18:54 -------- d-----w- c:\users\franky\AppData\Local\temp 2012-06-10 20:24 . 2012-06-10 20:24 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73739C26-8EBA-428A-8273-42B394F9ABB7}\offreg.dll 2012-06-10 18:50 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73739C26-8EBA-428A-8273-42B394F9ABB7}\mpengine.dll 2012-06-08 23:18 . 2012-06-08 23:18 -------- d-----w- c:\users\franky\AppData\Roaming\Malwarebytes 2012-06-08 23:18 . 2012-06-08 23:18 -------- d-----w- c:\programdata\Malwarebytes 2012-06-08 23:18 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-08 23:18 . 2012-06-08 23:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-08 20:51 . 2012-06-08 20:51 388096 ----a-r- c:\users\franky\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-08 20:50 . 2012-06-08 20:50 -------- d-----w- c:\program files\Trend Micro 2012-05-14 19:31 . 2012-05-19 11:19 -------- d-----w- c:\users\franky\AppData\Roaming\Media Finder 2012-05-14 19:14 . 2012-06-08 23:08 -------- d-----w- c:\program files\Yontoo 2012-05-14 19:14 . 2012-05-14 19:14 -------- d-----w- c:\users\franky\AppData\Local\Babylon 2012-05-14 19:13 . 2012-05-14 19:13 -------- d-----w- c:\programdata\Tarma Installer 2012-05-14 19:13 . 2012-05-14 19:13 -------- d-----w- c:\programdata\Babylon 2012-05-14 19:13 . 2012-05-14 19:13 -------- d-----w- c:\users\franky\AppData\Roaming\Babylon 2012-05-14 18:17 . 2012-05-14 19:17 300 -c--a-w- C:\user.js 2012-05-14 18:16 . 2012-06-08 23:08 -------- d-----w- c:\program files\BrowserCompanion . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-05 14:58 . 2012-04-03 20:58 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-05 14:58 . 2012-04-03 20:58 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-03 19:56 . 2012-04-03 19:56 161792 ----a-w- c:\windows\system32\msls31.dll 2012-04-03 19:56 . 2012-04-03 19:56 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-04-03 19:56 . 2012-04-03 19:56 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-04-03 19:56 . 2012-04-03 19:56 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-04-03 19:56 . 2012-04-03 19:56 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-04-03 19:56 . 2012-04-03 19:56 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-04-03 19:55 . 2012-04-03 19:55 367104 ----a-w- c:\windows\system32\html.iec 2012-04-03 19:55 . 2012-04-03 19:55 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-04-03 19:55 . 2012-04-03 19:55 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-04-03 19:55 . 2012-04-03 19:55 152064 ----a-w- c:\windows\system32\wextract.exe 2012-04-03 19:55 . 2012-04-03 19:55 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-04-03 19:55 . 2012-04-03 19:55 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-04-03 19:55 . 2012-04-03 19:55 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-04-03 19:55 . 2012-04-03 19:55 11776 ----a-w- c:\windows\system32\mshta.exe 2012-04-03 19:55 . 2012-04-03 19:55 101888 ----a-w- c:\windows\system32\admparse.dll 2012-04-03 19:55 . 2012-04-03 19:55 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-04-03 19:55 . 2012-04-03 19:55 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-04-03 08:16 . 2012-05-11 16:21 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-03 08:16 . 2012-05-11 16:21 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-02 13:36 . 2012-05-11 16:21 2044928 ----a-w- c:\windows\system32\win32k.sys 2012-03-30 19:48 . 2010-04-19 13:29 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-30 12:39 . 2012-05-11 16:31 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-20 23:28 . 2012-05-11 16:31 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] 2010-12-19 14:46 86696 ----a-w- c:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2010-12-19 86696] . [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon] @="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}" [HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}] 2011-05-09 10:45 288584 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon] @="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}" [HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}] 2011-05-09 10:45 288584 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "????r"="" [?] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856] "MyTomTomSA.exe"="c:\program files\MyTomTom 3\MyTomTomSA.exe" [2011-11-14 435672] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-20 4018176] "PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616] "PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2006-11-18 151552] "NvSvc"="c:\windows\system32\nvsvc.dll" [2006-11-22 90191] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-11-22 81920] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-11-22 7757824] "LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-11-20 244512] "LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-30 304664] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-11-28 614400] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-11-17 453120] "AcerOrbicamRibbon"="c:\program files\Acer\OrbiCam10\OrbiCam.exe" [2006-11-20 754712] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760] "Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2012-03-19 217256] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 14:58] . 2012-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-22 14:40] . 2012-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-22 14:40] . 2012-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1433520924-4174861453-4113501684-1000Core.job - c:\users\franky\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-31 21:07] . 2012-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1433520924-4174861453-4113501684-1000UA.job - c:\users\franky\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-31 21:07] . . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*Yahoo! UK IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.3 195.130.130.131 . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-Media Finder - c:\program files\Media Finder\Media Finder.exe HKLM-Run-Acer Tour - (no file) HKLM-Run-eRecoveryService - (no file) AddRemove-Adobe Photoshop Elements 2.0 - c:\windows\ISUN0413.EXE . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-12 20:54 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{2FF8D163-C3C2-46ce-BD8D-D85AC1BC56DD}] "ImagePath"="\??\c:\program files\Acer\Acer Arcade\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-06-12 21:05:23 ComboFix-quarantined-files.txt 2012-06-12 19:05 . Pre-Run: 7.866.138.624 bytes beschikbaar Post-Run: 7.725.985.792 bytes beschikbaar . - - End Of File - - 5ACBE7F1902EA7A98DA703450CEDCF7E

wanneer het alle delen had gescand, kwam de melding: voorbereiden verwijderen besmette bestanden, van een logje was geen sprake, ik wist niet of dit de bedoeling was, dus heb ik het proces afgebroken, hoort dit zo, want dan doe ik het opnieuw

combofix is blijkbaar toch iets aan het doen nu, blauw scherm is: administrator auto scan, zoeken naar besmette bestanden, voltooid deel 1_1, 1_2, enz.

ik vind enkel dit terug 32788R22FWJFW, maar kan het niet openen, ik kom dan altijd terug op hetzelfde uit verder doet combofix een update van het grogramma en er opent wel een blauw scherm maar verder dus niets

het lukt me niet om MBAM tijdelijk uit te schakelen, heb combofix gedownload maar kan het niet op mijn bureaublad opslaan, als ik dubdelklik op combofix start de tool wel even, maar dan verder niets, er staat nu ook qoobox bij

MBAM log Malwarebytes Anti-Malware 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.06.08.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 franky :: PC_VAN_FRANKY [administrator] 10/06/2012 20:22:31 mbam-log-2012-06-10 (20-22-31).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 193060 Verstreken tijd: 25 minuut/minuten, 36 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 7 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) HijackThis log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:07:22, on 10/06/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe C:\Program Files\Acer\Acer Arcade\PCMService.exe C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\Launch Manager\LManager.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Acer\OrbiCam10\OrbiCam.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\MyTomTom 3\MyTomTomSA.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\rundll32.exe C:\Users\franky\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\igfxext.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\franky\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\franky\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\franky\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\rundll32.exe C:\Users\franky\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Message from the Microsoft Safety & Security Center R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! UK R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [AcerOrbicamRibbon] "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [Google Update] "C:\Users\franky\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [MyTomTomSA.exe] C:\Program Files\MyTomTom 3\MyTomTomSA.exe O4 - HKCU\..\Run: [Media Finder] "C:\Program Files\Media Finder\Media Finder.exe" /opentotray O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Anonymizer Anti-Spyware Service (AnonAswSvc) - Unknown owner - C:\My Downloads\Anonymizer\Anonymizer Software\AnonASW\AnonAswSvc.exe (file missing) O23 - Service: Anonymizer Management Service (AnonMgmtSvc) - Unknown owner - C:\My Downloads\Anonymizer\Anonymizer Software\Common\AnonMgmtSvc.exe (file missing) O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11349 bytes