Ga naar inhoud

Aanbevolen berichten

Geplaatst: (aangepast)

MBAM LOG :

Malwarebytes' Anti-Malware 1.44

Database versie: 3687

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18882

9/02/2010 12:38:48

mbam-log-2010-02-09 (12-38-48).txt

Scan type: Snelle Scan

Objecten gescand: 106227

Verstreken tijd: 9 minute(s), 58 second(s)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 0

Registerwaarden geïnfecteerd: 0

Registerdata bestanden geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registerwaarden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

hijachthis log :

Logfile of Trend Micro HijackThis v2.0.3 (BETA)

Scan saved at 12:42:43, on 9/02/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18882)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\Dwm.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Logitech\Gaming Software\LWEMon.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe

C:\Windows\System32\nvraidservice.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe

C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Acer\Empowering Technology\SysMonitor.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

D:\SetPoint\SetPoint.exe

C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

C:\Windows\ehome\ehmsas.exe

C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Windows\system32\conime.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe

C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Problemen / Vragen software?

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! UK & Ireland

O1 - Hosts: ::1 localhost

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: TBSB08993 - {FD4E08F0-3DE7-4014-99C9-A84E5A99A2AD} - C:\Program Files\HyperCam Toolbar\tbcore3.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [updatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe

O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')

O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')

O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = D:\SetPoint\SetPoint.exe

O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\iEvony\Skype4COM.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe

O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: Google Updateservice (gupdate1c9f122287a9cbc) (gupdate1c9f122287a9cbc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe

--

End of file - 12865 bytes

Ik heb hier die 'O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing))

nog eens verwijdert.

In mijn computer vind ik niks meer van ask.com nu.

Ga nu eens testen of de installatie al werkt.

aangepast door tantjen bertolli
  • Reacties 46
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Geplaatst:

In je laatste logje van HijackThis zat nog meer van Ask. Wil je nog eens een actueel logje van HijackThis maken en in je volgende bericht hangen ?

Geplaatst:

Logfile of Trend Micro HijackThis v2.0.3 (BETA)

Scan saved at 15:28:37, on 9/02/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18882)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Logitech\Gaming Software\LWEMon.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe

C:\Windows\System32\nvraidservice.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe

C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Acer\Empowering Technology\SysMonitor.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

D:\SetPoint\SetPoint.exe

C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

C:\Windows\ehome\ehmsas.exe

C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\conime.exe

C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Problemen / Vragen software?

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! UK & Ireland

O1 - Hosts: ::1 localhost

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: TBSB08993 - {FD4E08F0-3DE7-4014-99C9-A84E5A99A2AD} - C:\Program Files\HyperCam Toolbar\tbcore3.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [updatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe

O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')

O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')

O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = D:\SetPoint\SetPoint.exe

O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\iEvony\Skype4COM.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe

O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: Google Updateservice (gupdate1c9f122287a9cbc) (gupdate1c9f122287a9cbc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe

--

End of file - 12607 bytes

Geplaatst:

Ik heb ondertussen zelf via regedit alles van ask.com proberen te verwijderen.

Daarna revouninstaller laten draaien, en die vond ask.com toolbar terug. Ik heb ze daar mee volledig proberen te' verwijderen.

Nu vind ik in het Hijack log niks meer van ask.com terug.

Webcam installatie lukt echter nog niet.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:36:47, on 9/02/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18882)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\Dwm.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Logitech\Gaming Software\LWEMon.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe

C:\Windows\System32\nvraidservice.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe

C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Acer\Empowering Technology\SysMonitor.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

D:\SetPoint\SetPoint.exe

C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Windows\system32\conime.exe

C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\ipclog.exe

C:\Users\User\AppData\Local\Temp\nro.tmp\SetupX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Problemen / Vragen software?

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Telenet

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! UK & Ireland

O1 - Hosts: ::1 localhost

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: TBSB08993 - {FD4E08F0-3DE7-4014-99C9-A84E5A99A2AD} - C:\Program Files\HyperCam Toolbar\tbcore3.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [updatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe

O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')

O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')

O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = D:\SetPoint\SetPoint.exe

O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\iEvony\Skype4COM.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe

O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: Google Updateservice (gupdate1c9f122287a9cbc) (gupdate1c9f122287a9cbc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe

--

End of file - 12494 bytes

Geplaatst:

Download Combofix naar je Bureaublad.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!


  • Dubbelklik op Combofix.exe om het te starten.
    Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
    Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
    Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
    Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
    Klik na afloop terug op Ja om het scannen op malware te starten.
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

Geplaatst:

Hier is nog wat boeiende lectuur ;-):

ComboFix 10-02-08.09 - User 09/02/2010 16:52:00.5.4 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3070.1846 [GMT 1:00]

Gestart vanuit: c:\users\User\Desktop\ComboFix.exe

SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-01-09 to 2010-02-09 ))))))))))))))))))))))))))))))

.

2010-02-09 15:58 . 2010-02-09 15:58 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-02-09 15:58 . 2010-02-09 15:58 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-02-09 14:31 . 2010-02-09 14:31 -------- d-----w- c:\program files\Trend Micro

2010-02-09 11:34 . 2010-02-09 11:34 -------- d-----w- c:\users\User\Nieuwe map

2010-02-08 11:31 . 2010-02-08 11:31 388096 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe

2010-02-08 11:31 . 2010-02-08 11:31 -------- d-----w- c:\program files\TrendMicro

2010-02-07 08:29 . 2010-02-07 08:29 -------- d-----w- c:\users\User\silver+blue

2010-02-06 19:45 . 2010-02-06 19:46 -------- d-----w- c:\program files\SetPoint

2010-02-06 19:38 . 2010-02-06 19:38 -------- d-----w- c:\users\User\AppData\Roaming\Logitech

2010-02-06 19:22 . 2009-07-20 11:25 301656 ----a-w- c:\windows\system32\BtCoreIf.dll

2010-02-06 19:21 . 2009-07-20 11:26 84496 ----a-w- c:\windows\system32\KemXML.dll

2010-02-06 19:21 . 2009-07-20 11:26 117264 ----a-w- c:\windows\system32\KemWnd.dll

2010-02-06 19:21 . 2009-07-20 11:26 145936 ----a-w- c:\windows\system32\KemUtil.dll

2010-02-06 19:21 . 2009-07-20 11:26 170512 ----a-w- c:\windows\system32\kemutb.dll

2010-02-06 08:38 . 2009-12-16 09:09 11776 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}\lib\WINNT_x86-msvc\1.9.1\yoono.dll

2010-02-06 08:38 . 2009-10-08 09:31 3204096 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\SSS.dll

2010-02-06 08:38 . 2009-10-07 17:06 106496 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\FSAddin.dll

2010-02-06 08:38 . 2009-09-23 20:29 28672 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll

2010-02-06 08:38 . 2009-03-19 22:57 40960 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fireshot-install.exe

2010-02-05 18:17 . 2010-02-05 18:18 -------- d-----w- c:\program files\LyricsSeeker

2010-02-05 18:04 . 2010-02-05 18:04 707354 ----a-w- c:\programdata\Lyrik\Uninstall\Winamp\unins000.exe

2010-02-05 18:04 . 2010-02-05 18:04 -------- d-----w- c:\users\User\AppData\Roaming\Lyrik

2010-02-05 18:04 . 2010-02-05 18:04 -------- d-----w- c:\users\User\AppData\Local\Lyrik

2010-02-05 18:04 . 2010-02-05 18:04 -------- d-----w- c:\programdata\Lyrik

2010-02-05 18:04 . 2010-02-05 18:04 -------- d-----w- c:\program files\Lyrik

2010-02-05 18:04 . 2010-02-05 18:04 707354 ----a-w- c:\programdata\Lyrik\Uninstall\unins000.exe

2010-02-04 19:15 . 2010-02-03 16:28 3144064 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\Impulse_setup.exe

2010-02-04 19:13 . 2010-02-03 16:24 468272 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\757C30BC\ImpulseNow.exe

2010-02-04 19:13 . 2010-02-03 16:15 763248 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\ImpulseMini.exe

2010-02-04 19:13 . 2010-02-03 16:15 570736 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\ImpulseSelfRefresh.exe

2010-02-04 19:13 . 2010-02-03 16:15 523120 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\7za.exe

2010-02-04 19:13 . 2010-02-03 16:15 420720 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\Activate.exe

2010-02-04 19:13 . 2010-02-03 16:15 38256 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\CleanImpulse.exe

2010-02-04 19:13 . 2010-02-03 16:15 2254192 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\Impulse.exe

2010-02-02 18:24 . 2010-02-02 18:24 -------- d-----w- c:\program files\Common Files\Java

2010-01-29 16:34 . 2010-02-09 15:30 -------- d-----w- c:\users\User\AppData\Local\AskToolbar

2010-01-29 15:47 . 2010-01-29 15:47 -------- d-----w- c:\users\User\AppData\Local\Nero

2010-01-29 13:03 . 2010-01-29 13:03 -------- d-----w- c:\programdata\LightScribe

2010-01-29 13:03 . 2010-01-29 13:03 -------- d-----w- c:\users\User\AppData\Roaming\Nero

2010-01-29 12:50 . 2010-02-09 15:42 -------- d-----w- c:\programdata\Nero

2010-01-29 12:50 . 2010-02-09 15:42 -------- d-----w- c:\program files\Common Files\Nero

2010-01-29 12:34 . 2010-01-29 12:36 -------- d-----w- c:\programdata\Pinnacle VideoSpin

2010-01-29 12:34 . 2010-01-29 12:34 -------- d-----w- c:\program files\Pinnacle

2010-01-29 12:34 . 2010-01-29 12:34 -------- d-----w- c:\program files\Common Files\Yahoo!

2010-01-29 12:33 . 2010-01-29 12:33 -------- d-----w- c:\programdata\Pinnacle

2010-01-29 12:23 . 2010-01-29 12:23 -------- d-----w- c:\programdata\NtiDvdCopy

2010-01-27 22:05 . 2010-01-27 22:05 -------- d-----w- c:\program files\honestech Video Editor 7.0

2010-01-24 00:57 . 2010-01-29 10:01 -------- d-----w- c:\users\Public\CyberLink

2010-01-24 00:56 . 2010-01-29 19:49 -------- d-----w- c:\programdata\SmartSound Software Inc

2010-01-24 00:56 . 2010-01-24 00:56 -------- d-----w- c:\program files\SmartSound Software

2010-01-24 00:51 . 2010-01-24 00:51 36864 ----a-w- c:\programdata\TEMP\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe

2010-01-23 12:50 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll

2010-01-23 12:50 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll

2010-01-23 12:50 . 2010-01-23 12:50 -------- d-----w- c:\program files\Winamp Detect

2010-01-23 12:50 . 2010-01-23 12:50 -------- d-----w- c:\program files\Winamp Toolbar

2010-01-19 13:48 . 2009-08-05 21:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2010-01-19 13:27 . 2010-01-19 13:27 335 ----a-w- c:\windows\mozregistry.dat

2010-01-19 13:27 . 2010-01-19 13:27 -------- d-----w- c:\users\User\AppData\Roaming\Thunderbird

2010-01-19 13:27 . 2010-01-19 13:27 -------- d-----w- c:\program files\Qualcomm

2010-01-19 13:27 . 2010-01-19 13:27 -------- d-----w- c:\program files\Netscape

2010-01-19 13:27 . 2010-01-19 13:27 9728 ----a-w- c:\windows\system32\rnaph.dll

2010-01-17 19:04 . 2010-01-17 19:04 91656 ----a-w- c:\users\User\RuneScape.exe

2010-01-17 12:35 . 2008-11-13 07:02 296960 ----a-w- c:\programdata\EPSON\EPSON SX410 Series\Language\0413.E_DIX0RE.DLL

2010-01-17 12:35 . 2008-12-24 05:02 55296 ----a-w- c:\programdata\EPSON\EPSON SX410 Series\Language\0413.E_SBE0C7.DLL

2010-01-13 13:04 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll

2010-01-13 13:04 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll

2010-01-12 20:54 . 2010-01-12 20:54 41872 ----a-w- c:\windows\system32\xfcodec.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-02-08 19:41 . 2009-06-18 19:50 69 ----a-w- c:\users\User\jagex_runescape_preferences.dat

2010-02-08 19:23 . 2009-09-02 14:27 69 ----a-w- c:\users\User\jagex_runescape_preferences2.dat

2010-02-07 07:27 . 2009-05-30 10:40 8268 ----a-w- c:\users\User\AppData\Local\d3d9caps.dat

2010-02-06 19:21 . 2009-12-19 15:45 -------- d-----w- c:\program files\Common Files\Logishrd

2010-02-06 19:21 . 2009-06-24 12:07 -------- d-----w- c:\programdata\Logitech

2010-02-06 19:21 . 2007-12-06 07:16 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-02-06 17:59 . 2009-06-18 19:49 411368 ----a-w- c:\windows\system32\deploytk.dll

2010-02-06 17:52 . 2009-06-25 14:27 -------- d-----w- c:\program files\SwiftKit

2010-02-04 19:15 . 2010-02-04 19:14 -------- dc-h--w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}

2010-02-04 07:11 . 2009-07-19 17:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-02-04 07:10 . 2009-09-15 18:55 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

2010-02-03 19:22 . 2009-10-14 07:05 117760 ----a-w- c:\users\User\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

2010-02-03 16:24 . 2010-02-04 19:14 1119536 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\12FD35EB\impulse.dll

2010-02-03 16:24 . 2010-02-04 19:14 30000 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\757C30BC\SDSecurity.dll

2010-02-03 16:23 . 2010-02-04 19:14 491312 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\Microsoft.WindowsAPICodePack.Shell.dll

2010-02-03 16:23 . 2010-02-04 19:14 87344 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\Microsoft.WindowsAPICodePack.dll

2010-02-02 18:24 . 2009-06-18 19:48 -------- d-----w- c:\program files\Java

2010-01-30 17:59 . 2009-11-26 19:58 -------- d-----w- c:\program files\Philips

2010-01-30 17:59 . 2009-09-11 16:00 -------- d-----w- c:\programdata\McAfee Security Scan

2010-01-30 16:59 . 2009-10-10 10:41 -------- d-----w- c:\program files\Zeallsoft

2010-01-29 12:36 . 2009-05-30 10:43 81872 ----a-w- c:\users\User\AppData\Local\GDIPFONTCACHEV1.DAT

2010-01-29 10:03 . 2009-07-30 20:09 -------- d-----w- c:\users\User\AppData\Roaming\CyberLink

2010-01-29 09:16 . 2006-11-02 16:11 676858 ----a-w- c:\windows\system32\perfh013.dat

2010-01-29 09:16 . 2006-11-02 16:11 131106 ----a-w- c:\windows\system32\perfc013.dat

2010-01-27 22:22 . 2009-12-03 17:07 -------- d-----w- c:\program files\AVS4YOU

2010-01-27 22:21 . 2009-12-03 17:09 -------- d-----w- c:\users\User\AppData\Roaming\AVS4YOU

2010-01-25 18:26 . 2009-06-19 15:34 -------- d-s---w- c:\program files\Xfire

2010-01-25 18:26 . 2009-06-19 15:38 -------- d-----w- c:\programdata\Xfire

2010-01-24 22:00 . 2009-07-19 18:21 -------- d-----w- c:\users\User\AppData\Roaming\Xfire

2010-01-24 17:28 . 2009-12-18 18:39 -------- d-----w- c:\program files\NortonInstaller

2010-01-24 17:28 . 2009-12-18 18:39 -------- d-----w- c:\programdata\Norton

2010-01-24 16:47 . 2009-06-19 10:37 -------- d-----w- c:\users\User\AppData\Roaming\Zylom

2010-01-24 01:18 . 2007-12-06 07:41 -------- d-----w- c:\programdata\CyberLink

2010-01-24 00:53 . 2007-12-06 07:40 -------- d-----w- c:\program files\CyberLink

2010-01-23 12:51 . 2009-10-16 16:40 -------- d-----w- c:\program files\Winamp

2010-01-21 17:30 . 2009-06-18 19:10 -------- d-----w- c:\program files\Microsoft Silverlight

2010-01-19 13:48 . 2009-06-18 19:02 -------- d-----w- c:\program files\Windows Live

2010-01-19 13:27 . 2009-12-17 11:31 608 ----a-w- c:\windows\nsreg.dat

2010-01-16 12:43 . 2009-12-08 14:27 2560 ----a-w- c:\windows\_MSRSTRT.EXE

2010-01-14 15:49 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2010-01-14 10:12 . 2009-10-10 09:03 181120 ------w- c:\windows\system32\MpSigStub.exe

2010-01-07 15:51 . 2009-07-18 19:29 -------- d-----w- c:\users\User\AppData\Roaming\Sony

2010-01-07 15:50 . 2010-01-07 15:50 -------- d-----w- c:\program files\Common Files\Sony Shared

2010-01-07 15:50 . 2009-07-18 19:27 -------- d-----w- c:\program files\Sony

2010-01-07 15:50 . 2010-01-07 15:50 10134 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe

2010-01-07 15:50 . 2010-01-07 15:50 -------- d-----w- c:\programdata\Sony Corporation

2010-01-07 15:50 . 2010-01-07 15:50 -------- d-----w- c:\users\User\AppData\Roaming\Sony Setup

2010-01-07 15:49 . 2009-07-18 19:26 -------- d-----w- c:\program files\Sony Setup

2010-01-07 15:17 . 2009-10-14 07:03 -------- d-----w- c:\program files\SUPERAntiSpyware

2010-01-07 15:07 . 2009-07-19 17:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-01-07 15:07 . 2009-07-19 17:15 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-01-05 15:07 . 2010-01-05 15:07 -------- d-----w- c:\programdata\EPSON

2010-01-03 14:04 . 2009-12-29 15:05 52224 ----a-w- c:\users\User\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

2010-01-02 06:38 . 2010-01-22 16:11 916480 ----a-w- c:\windows\system32\wininet.dll

2010-01-02 06:32 . 2010-01-22 16:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-01-02 06:32 . 2010-01-22 16:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-01-02 04:57 . 2010-01-22 16:11 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-12-31 11:29 . 2009-12-31 11:29 -------- d-----w- c:\programdata\Hewlett-Packard

2009-12-30 13:47 . 2009-12-30 13:46 -------- d-----w- c:\program files\Monopoly 3

2009-12-25 16:50 . 2009-12-25 16:50 9984 ----a-w- c:\windows\system32\drivers\scncap.sys

2009-12-25 16:50 . 2009-12-25 16:50 13184 ----a-w- c:\windows\system32\scncap.dll

2009-12-20 12:30 . 2009-12-20 12:30 -------- d-----w- c:\program files\AviSynth 2.5

2009-12-20 12:29 . 2009-12-20 12:29 -------- d-----w- c:\program files\eRightSoft

2009-12-19 20:13 . 2009-12-19 20:13 -------- d-----w- c:\users\User\AppData\Roaming\Publish Providers

2009-12-19 20:10 . 2009-07-18 19:29 -------- d-----w- c:\programdata\Sony

2009-12-19 16:45 . 2009-12-19 16:45 -------- d-----w- c:\users\User\AppData\Roaming\Leadertech

2009-12-19 15:45 . 2009-06-19 10:57 -------- d-----w- c:\program files\Logitech

2009-12-18 19:37 . 2009-12-18 19:37 -------- d-----w- c:\program files\HyperCam 3

2009-12-18 19:37 . 2009-12-18 19:37 -------- d-----w- c:\program files\Common Files\Solveig Multimedia

2009-12-18 18:39 . 2007-12-06 07:50 -------- d-----w- c:\programdata\Symantec

2009-12-18 18:39 . 2009-12-18 18:39 -------- d-----w- c:\programdata\NortonInstaller

2009-12-18 18:26 . 2009-12-18 18:25 -------- d-----w- c:\program files\AirStrike II Gulf Thunder DEMO

2009-12-18 18:21 . 2009-12-18 18:21 -------- d-----w- c:\program files\Skunk Studios

2009-12-18 18:13 . 2009-12-18 18:07 -------- d-----w- c:\users\User\AppData\Roaming\DreamDale

2009-12-18 18:13 . 2009-12-18 18:07 -------- d-----w- c:\users\User\AppData\Roaming\MagicBall4

2009-12-18 18:05 . 2009-12-18 16:18 -------- d-----w- c:\program files\RealArcade

2009-12-18 18:00 . 2009-12-18 18:00 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 5

2009-12-18 17:43 . 2009-12-18 17:43 -------- d-----w- c:\programdata\GameHouse

2009-12-18 16:21 . 2009-12-18 16:21 -------- d-----w- c:\programdata\Trymedia

2009-12-16 21:52 . 2009-06-20 16:57 -------- d-----w- c:\users\User\AppData\Roaming\SoundSpectrum

2009-12-16 21:51 . 2009-06-20 16:56 -------- d-----w- c:\program files\SoundSpectrum

2009-12-16 21:50 . 2009-12-16 21:50 -------- d-----w- c:\program files\Common Files\Real

2009-12-16 15:05 . 2009-12-22 22:56 347136 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Profiles\hr3xhxp8.kilian\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll

2009-12-16 15:05 . 2009-12-22 22:56 340992 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Profiles\hr3xhxp8.kilian\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll

2009-12-16 15:05 . 2009-12-22 22:56 471040 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Profiles\hr3xhxp8.kilian\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.dll

2009-12-16 15:05 . 2009-12-22 22:56 43008 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Profiles\hr3xhxp8.kilian\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll

2009-12-16 15:05 . 2009-12-22 22:56 1452032 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Profiles\hr3xhxp8.kilian\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

2009-12-14 19:40 . 2009-12-14 19:39 -------- d-----w- c:\program files\K-Lite Codec Pack

2009-12-14 19:38 . 2009-06-19 21:08 -------- d-----w- c:\program files\DivX

2009-12-12 17:47 . 2009-12-12 17:47 -------- d-----w- c:\program files\Free Fire Screensaver

2009-12-12 17:47 . 2009-12-12 17:47 -------- d-----w- c:\users\User\AppData\Roaming\Laconic Software

2009-12-09 17:19 . 2009-12-09 17:19 4608 ----a-w- c:\windows\system32\w95inf32.dll

2009-12-09 17:19 . 2009-12-09 17:19 2272 ----a-w- c:\windows\system32\w95inf16.dll

2009-12-04 16:35 . 2009-06-19 10:34 413696 ----a-w- c:\windows\system32\wrap_oal.dll

2009-12-04 16:35 . 2009-06-19 10:34 110592 ----a-w- c:\windows\system32\OpenAL32.dll

2009-11-28 11:44 . 2009-11-28 11:44 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbE45A.tmp.exe

2009-11-18 15:01 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat

2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

2006-05-03 09:06 . 2009-12-20 12:29 163328 --sh--r- c:\windows\System32\flvDX.dll

2007-02-21 10:47 . 2009-12-20 12:29 31232 --sh--r- c:\windows\System32\msfDX.dll

2008-03-16 12:30 . 2009-12-20 12:29 216064 --sh--r- c:\windows\System32\nbDX.dll

.

((((((((((((((((((((((((((((( SnapShot_2010-02-09_14.47.43 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-11-25 17:48 . 2010-02-09 11:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-11-25 17:48 . 2010-02-09 15:48 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-11-25 17:48 . 2010-02-09 11:50 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-11-25 17:48 . 2010-02-09 15:48 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-11-25 17:48 . 2010-02-09 11:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-11-25 17:48 . 2010-02-09 15:48 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2010-02-09 11:50 . 2010-02-09 11:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2010-02-09 15:48 . 2010-02-09 15:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2010-02-09 15:48 . 2010-02-09 15:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2010-02-09 11:50 . 2010-02-09 11:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD4E08F0-3DE7-4014-99C9-A84E5A99A2AD}]

2009-11-09 16:17 2766336 ------w- c:\program files\HyperCam Toolbar\tbcore3.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour Reminder"="" [bU]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-01-07 2002160]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]

"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]

"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]

"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 92168]

"RtHDVCpl"="RtHDVCpl.exe" [2007-10-11 4702208]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]

"PlayMovie"="c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe" [2007-07-13 178280]

"PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2007-06-21 204908]

"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-06 86016]

"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2007-09-11 187936]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8530464]

"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]

"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-06-19 68592]

"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]

"D-Link D-Link Wireless N DWA-140"="c:\program files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe" [2008-04-15 1675264]

"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]

"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]

"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-09-07 326176]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]

c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

ImpulseNow.lnk - c:\program files\Stardock\Impulse\Now\ImpulseNow.exe [2010-2-3 468272]

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2009-9-5 3446512]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-12-6 535336]

Logitech SetPoint.lnk - d:\setpoint\SetPoint.exe [2010-2-6 813584]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]

2005-01-31 13:13 49152 ----a-w- c:\progra~1\COMMON~1\stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]

2009-12-03 18:44 273200 ----a-w- c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux4"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"VistaSp2"=hex(B):f3,0d,53,03,7b,fc,c9,01

R0 fsbts;fsbts;c:\windows\System32\drivers\fsbts.sys [2/08/2009 15:36 33920]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [15/09/2009 10:42 9968]

R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [15/09/2009 10:42 74480]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl [30/05/2009 11:40 39408]

R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [6/12/2007 8:41 269448]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\System32\drivers\MpNWMon.sys [18/06/2009 17:48 42480]

R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr28u.sys [18/06/2009 19:09 599040]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [26/06/2009 21:55 66080]

R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [15/09/2009 10:42 7408]

S2 gupdate1c9f122287a9cbc;Google Updateservice (gupdate1c9f122287a9cbc);c:\program files\Google\Update\GoogleUpdate.exe [19/06/2009 22:08 133104]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [30/05/2009 16:31 21504]

S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [19/01/2010 14:48 54632]

S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 22:48 704864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Inhoud van de 'Gedeelde Taken' map

2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-19 21:08]

2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-19 21:08]

2009-08-05 c:\windows\Tasks\User_Feed_Synchronization-{0553B684-6004-4510-9FB8-C1A6CCAA1D1E}.job

- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.pc-helpforum.be/f89/

mStart Page = hxxp://www.telenet.be

mWindow Title = Telenet Internet

uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*Yahoo! UK & Ireland

IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

Trusted Zone: microsoft.com\*.windowsupdate

FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\

FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=

FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=NRO&o=101913&locale=nl_EU&q=

FF - component: c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll

FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: c:\program files\Sony\Media Go\npmediago.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: c:\users\User\AppData\Roaming\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "Firefox web browser | Faster, more secure, & customizable");

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-02-09 16:58

Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'Explorer.exe'(2348)

c:\program files\Stardock\ObjectDock\DockShellHook.dll

c:\windows\system32\MsnChatHook.dll

c:\windows\system32\ShowErrMsg.dll

c:\windows\system32\sysenv.dll

c:\windows\system32\BatchCrypto.dll

c:\windows\system32\CryptoAPI.dll

c:\windows\system32\keyManager.dll

d:\setpoint\lgscroll.dll

c:\progra~1\Stardock\OBJECT~1\WINDOW~1\tray.dll

c:\windows\system32\fdproxy.dll

.

Voltooingstijd: 2010-02-09 17:01:04

ComboFix-quarantined-files.txt 2010-02-09 16:01

ComboFix2.txt 2010-02-09 14:50

ComboFix3.txt 2010-02-04 08:04

ComboFix4.txt 2009-09-17 19:26

ComboFix5.txt 2010-02-09 15:51

Pre-Run: 129.647.452.160 bytes beschikbaar

Post-Run: 129.620.267.008 bytes beschikbaar

- - End Of File - - EA8241C49C47F48498FAF1BF8E088870

Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\users\User\AppData\Local\AskToolbar

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD4E08F0-3DE7-4014-99C9-A84E5A99A2AD}]

Firefox -: ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\

Firefox -: prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=NRO&o=101913&locale=nl_EU&q=

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

Geplaatst: (aangepast)

ComboFix 10-02-08.09 - User 09/02/2010 18:30:28.6.4 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3070.1936 [GMT 1:00]

Gestart vanuit: c:\users\User\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\User\Desktop\CFScript.txt

SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\User\AppData\Local\AskToolbar

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-01-09 to 2010-02-09 ))))))))))))))))))))))))))))))

.

2010-02-09 17:35 . 2010-02-09 17:35 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-02-09 17:35 . 2010-02-09 17:35 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-02-09 14:31 . 2010-02-09 14:31 -------- d-----w- c:\program files\Trend Micro

2010-02-09 11:34 . 2010-02-09 11:34 -------- d-----w- c:\users\User\Nieuwe map

2010-02-08 11:31 . 2010-02-08 11:31 388096 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe

2010-02-08 11:31 . 2010-02-08 11:31 -------- d-----w- c:\program files\TrendMicro

2010-02-07 08:29 . 2010-02-07 08:29 -------- d-----w- c:\users\User\silver+blue

2010-02-06 19:45 . 2010-02-06 19:46 -------- d-----w- c:\program files\SetPoint

2010-02-06 19:38 . 2010-02-06 19:38 -------- d-----w- c:\users\User\AppData\Roaming\Logitech

2010-02-06 19:22 . 2009-07-20 11:25 301656 ----a-w- c:\windows\system32\BtCoreIf.dll

2010-02-06 19:21 . 2009-07-20 11:26 84496 ----a-w- c:\windows\system32\KemXML.dll

2010-02-06 19:21 . 2009-07-20 11:26 117264 ----a-w- c:\windows\system32\KemWnd.dll

2010-02-06 19:21 . 2009-07-20 11:26 145936 ----a-w- c:\windows\system32\KemUtil.dll

2010-02-06 19:21 . 2009-07-20 11:26 170512 ----a-w- c:\windows\system32\kemutb.dll

2010-02-06 08:38 . 2009-12-16 09:09 11776 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}\lib\WINNT_x86-msvc\1.9.1\yoono.dll

2010-02-06 08:38 . 2009-10-08 09:31 3204096 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\SSS.dll

2010-02-06 08:38 . 2009-10-07 17:06 106496 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\FSAddin.dll

2010-02-06 08:38 . 2009-09-23 20:29 28672 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll

2010-02-06 08:38 . 2009-03-19 22:57 40960 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fireshot-install.exe

2010-02-05 18:17 . 2010-02-05 18:18 -------- d-----w- c:\program files\LyricsSeeker

2010-02-05 18:04 . 2010-02-05 18:04 707354 ----a-w- c:\programdata\Lyrik\Uninstall\Winamp\unins000.exe

2010-02-05 18:04 . 2010-02-05 18:04 -------- d-----w- c:\users\User\AppData\Roaming\Lyrik

2010-02-05 18:04 . 2010-02-05 18:04 -------- d-----w- c:\users\User\AppData\Local\Lyrik

2010-02-05 18:04 . 2010-02-05 18:04 -------- d-----w- c:\programdata\Lyrik

2010-02-05 18:04 . 2010-02-05 18:04 -------- d-----w- c:\program files\Lyrik

2010-02-05 18:04 . 2010-02-05 18:04 707354 ----a-w- c:\programdata\Lyrik\Uninstall\unins000.exe

2010-02-04 19:15 . 2010-02-03 16:28 3144064 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\Impulse_setup.exe

2010-02-04 19:13 . 2010-02-03 16:24 468272 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\757C30BC\ImpulseNow.exe

2010-02-04 19:13 . 2010-02-03 16:15 763248 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\ImpulseMini.exe

2010-02-04 19:13 . 2010-02-03 16:15 570736 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\ImpulseSelfRefresh.exe

2010-02-04 19:13 . 2010-02-03 16:15 523120 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\7za.exe

2010-02-04 19:13 . 2010-02-03 16:15 420720 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\Activate.exe

2010-02-04 19:13 . 2010-02-03 16:15 38256 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\CleanImpulse.exe

2010-02-04 19:13 . 2010-02-03 16:15 2254192 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\Impulse.exe

2010-02-02 18:24 . 2010-02-02 18:24 -------- d-----w- c:\program files\Common Files\Java

2010-01-29 15:47 . 2010-01-29 15:47 -------- d-----w- c:\users\User\AppData\Local\Nero

2010-01-29 13:03 . 2010-01-29 13:03 -------- d-----w- c:\programdata\LightScribe

2010-01-29 13:03 . 2010-01-29 13:03 -------- d-----w- c:\users\User\AppData\Roaming\Nero

2010-01-29 12:50 . 2010-02-09 15:42 -------- d-----w- c:\programdata\Nero

2010-01-29 12:50 . 2010-02-09 15:42 -------- d-----w- c:\program files\Common Files\Nero

2010-01-29 12:34 . 2010-01-29 12:36 -------- d-----w- c:\programdata\Pinnacle VideoSpin

2010-01-29 12:34 . 2010-01-29 12:34 -------- d-----w- c:\program files\Pinnacle

2010-01-29 12:34 . 2010-01-29 12:34 -------- d-----w- c:\program files\Common Files\Yahoo!

2010-01-29 12:33 . 2010-01-29 12:33 -------- d-----w- c:\programdata\Pinnacle

2010-01-29 12:23 . 2010-01-29 12:23 -------- d-----w- c:\programdata\NtiDvdCopy

2010-01-27 22:05 . 2010-01-27 22:05 -------- d-----w- c:\program files\honestech Video Editor 7.0

2010-01-24 00:57 . 2010-01-29 10:01 -------- d-----w- c:\users\Public\CyberLink

2010-01-24 00:56 . 2010-01-29 19:49 -------- d-----w- c:\programdata\SmartSound Software Inc

2010-01-24 00:56 . 2010-01-24 00:56 -------- d-----w- c:\program files\SmartSound Software

2010-01-24 00:51 . 2010-01-24 00:51 36864 ----a-w- c:\programdata\TEMP\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe

2010-01-23 12:50 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll

2010-01-23 12:50 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll

2010-01-23 12:50 . 2010-01-23 12:50 -------- d-----w- c:\program files\Winamp Detect

2010-01-23 12:50 . 2010-01-23 12:50 -------- d-----w- c:\program files\Winamp Toolbar

2010-01-19 13:48 . 2009-08-05 21:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2010-01-19 13:27 . 2010-01-19 13:27 335 ----a-w- c:\windows\mozregistry.dat

2010-01-19 13:27 . 2010-01-19 13:27 -------- d-----w- c:\users\User\AppData\Roaming\Thunderbird

2010-01-19 13:27 . 2010-01-19 13:27 -------- d-----w- c:\program files\Qualcomm

2010-01-19 13:27 . 2010-01-19 13:27 -------- d-----w- c:\program files\Netscape

2010-01-19 13:27 . 2010-01-19 13:27 9728 ----a-w- c:\windows\system32\rnaph.dll

2010-01-17 19:04 . 2010-01-17 19:04 91656 ----a-w- c:\users\User\RuneScape.exe

2010-01-17 12:35 . 2008-11-13 07:02 296960 ----a-w- c:\programdata\EPSON\EPSON SX410 Series\Language\0413.E_DIX0RE.DLL

2010-01-17 12:35 . 2008-12-24 05:02 55296 ----a-w- c:\programdata\EPSON\EPSON SX410 Series\Language\0413.E_SBE0C7.DLL

2010-01-13 13:04 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll

2010-01-13 13:04 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll

2010-01-12 20:54 . 2010-01-12 20:54 41872 ----a-w- c:\windows\system32\xfcodec.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-02-09 17:08 . 2009-06-18 19:50 69 ----a-w- c:\users\User\jagex_runescape_preferences.dat

2010-02-09 17:02 . 2009-09-02 14:27 69 ----a-w- c:\users\User\jagex_runescape_preferences2.dat

2010-02-09 16:54 . 2009-05-30 10:40 8268 ----a-w- c:\users\User\AppData\Local\d3d9caps.dat

2010-02-06 19:21 . 2009-12-19 15:45 -------- d-----w- c:\program files\Common Files\Logishrd

2010-02-06 19:21 . 2009-06-24 12:07 -------- d-----w- c:\programdata\Logitech

2010-02-06 19:21 . 2007-12-06 07:16 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-02-06 17:59 . 2009-06-18 19:49 411368 ----a-w- c:\windows\system32\deploytk.dll

2010-02-06 17:52 . 2009-06-25 14:27 -------- d-----w- c:\program files\SwiftKit

2010-02-04 19:15 . 2010-02-04 19:14 -------- dc-h--w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}

2010-02-04 07:11 . 2009-07-19 17:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-02-04 07:10 . 2009-09-15 18:55 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

2010-02-03 19:22 . 2009-10-14 07:05 117760 ----a-w- c:\users\User\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

2010-02-03 16:24 . 2010-02-04 19:14 1119536 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\12FD35EB\impulse.dll

2010-02-03 16:24 . 2010-02-04 19:14 30000 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\757C30BC\SDSecurity.dll

2010-02-03 16:23 . 2010-02-04 19:14 491312 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\Microsoft.WindowsAPICodePack.Shell.dll

2010-02-03 16:23 . 2010-02-04 19:14 87344 -c--a-w- c:\programdata\{ACE5B73B-1F6D-45C7-84D6-13FB4EAF3D34}\OFFLINE\86D01CB6\597810BF\Microsoft.WindowsAPICodePack.dll

2010-02-02 18:24 . 2009-06-18 19:48 -------- d-----w- c:\program files\Java

2010-01-30 17:59 . 2009-11-26 19:58 -------- d-----w- c:\program files\Philips

2010-01-30 17:59 . 2009-09-11 16:00 -------- d-----w- c:\programdata\McAfee Security Scan

2010-01-30 16:59 . 2009-10-10 10:41 -------- d-----w- c:\program files\Zeallsoft

2010-01-29 12:36 . 2009-05-30 10:43 81872 ----a-w- c:\users\User\AppData\Local\GDIPFONTCACHEV1.DAT

2010-01-29 10:03 . 2009-07-30 20:09 -------- d-----w- c:\users\User\AppData\Roaming\CyberLink

2010-01-29 09:16 . 2006-11-02 16:11 676858 ----a-w- c:\windows\system32\perfh013.dat

2010-01-29 09:16 . 2006-11-02 16:11 131106 ----a-w- c:\windows\system32\perfc013.dat

2010-01-27 22:22 . 2009-12-03 17:07 -------- d-----w- c:\program files\AVS4YOU

2010-01-27 22:21 . 2009-12-03 17:09 -------- d-----w- c:\users\User\AppData\Roaming\AVS4YOU

2010-01-25 18:26 . 2009-06-19 15:34 -------- d-s---w- c:\program files\Xfire

2010-01-25 18:26 . 2009-06-19 15:38 -------- d-----w- c:\programdata\Xfire

2010-01-24 22:00 . 2009-07-19 18:21 -------- d-----w- c:\users\User\AppData\Roaming\Xfire

2010-01-24 17:28 . 2009-12-18 18:39 -------- d-----w- c:\program files\NortonInstaller

2010-01-24 17:28 . 2009-12-18 18:39 -------- d-----w- c:\programdata\Norton

2010-01-24 16:47 . 2009-06-19 10:37 -------- d-----w- c:\users\User\AppData\Roaming\Zylom

2010-01-24 01:18 . 2007-12-06 07:41 -------- d-----w- c:\programdata\CyberLink

2010-01-24 00:53 . 2007-12-06 07:40 -------- d-----w- c:\program files\CyberLink

2010-01-23 12:51 . 2009-10-16 16:40 -------- d-----w- c:\program files\Winamp

2010-01-21 17:30 . 2009-06-18 19:10 -------- d-----w- c:\program files\Microsoft Silverlight

2010-01-19 13:48 . 2009-06-18 19:02 -------- d-----w- c:\program files\Windows Live

2010-01-19 13:27 . 2009-12-17 11:31 608 ----a-w- c:\windows\nsreg.dat

2010-01-16 12:43 . 2009-12-08 14:27 2560 ----a-w- c:\windows\_MSRSTRT.EXE

2010-01-14 15:49 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2010-01-14 10:12 . 2009-10-10 09:03 181120 ------w- c:\windows\system32\MpSigStub.exe

2010-01-07 15:51 . 2009-07-18 19:29 -------- d-----w- c:\users\User\AppData\Roaming\Sony

2010-01-07 15:50 . 2010-01-07 15:50 -------- d-----w- c:\program files\Common Files\Sony Shared

2010-01-07 15:50 . 2009-07-18 19:27 -------- d-----w- c:\program files\Sony

2010-01-07 15:50 . 2010-01-07 15:50 10134 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe

2010-01-07 15:50 . 2010-01-07 15:50 -------- d-----w- c:\programdata\Sony Corporation

2010-01-07 15:50 . 2010-01-07 15:50 -------- d-----w- c:\users\User\AppData\Roaming\Sony Setup

2010-01-07 15:49 . 2009-07-18 19:26 -------- d-----w- c:\program files\Sony Setup

2010-01-07 15:17 . 2009-10-14 07:03 -------- d-----w- c:\program files\SUPERAntiSpyware

2010-01-07 15:07 . 2009-07-19 17:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-01-07 15:07 . 2009-07-19 17:15 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-01-05 15:07 . 2010-01-05 15:07 -------- d-----w- c:\programdata\EPSON

2010-01-03 14:04 . 2009-12-29 15:05 52224 ----a-w- c:\users\User\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

2010-01-02 06:38 . 2010-01-22 16:11 916480 ----a-w- c:\windows\system32\wininet.dll

2010-01-02 06:32 . 2010-01-22 16:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-01-02 06:32 . 2010-01-22 16:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-01-02 04:57 . 2010-01-22 16:11 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-12-31 11:29 . 2009-12-31 11:29 -------- d-----w- c:\programdata\Hewlett-Packard

2009-12-30 13:47 . 2009-12-30 13:46 -------- d-----w- c:\program files\Monopoly 3

2009-12-25 16:50 . 2009-12-25 16:50 9984 ----a-w- c:\windows\system32\drivers\scncap.sys

2009-12-25 16:50 . 2009-12-25 16:50 13184 ----a-w- c:\windows\system32\scncap.dll

2009-12-20 12:30 . 2009-12-20 12:30 -------- d-----w- c:\program files\AviSynth 2.5

2009-12-20 12:29 . 2009-12-20 12:29 -------- d-----w- c:\program files\eRightSoft

2009-12-19 20:13 . 2009-12-19 20:13 -------- d-----w- c:\users\User\AppData\Roaming\Publish Providers

2009-12-19 20:10 . 2009-07-18 19:29 -------- d-----w- c:\programdata\Sony

2009-12-19 16:45 . 2009-12-19 16:45 -------- d-----w- c:\users\User\AppData\Roaming\Leadertech

2009-12-19 15:45 . 2009-06-19 10:57 -------- d-----w- c:\program files\Logitech

2009-12-18 19:37 . 2009-12-18 19:37 -------- d-----w- c:\program files\HyperCam 3

2009-12-18 19:37 . 2009-12-18 19:37 -------- d-----w- c:\program files\Common Files\Solveig Multimedia

2009-12-18 18:39 . 2007-12-06 07:50 -------- d-----w- c:\programdata\Symantec

2009-12-18 18:39 . 2009-12-18 18:39 -------- d-----w- c:\programdata\NortonInstaller

2009-12-18 18:26 . 2009-12-18 18:25 -------- d-----w- c:\program files\AirStrike II Gulf Thunder DEMO

2009-12-18 18:21 . 2009-12-18 18:21 -------- d-----w- c:\program files\Skunk Studios

2009-12-18 18:13 . 2009-12-18 18:07 -------- d-----w- c:\users\User\AppData\Roaming\DreamDale

2009-12-18 18:13 . 2009-12-18 18:07 -------- d-----w- c:\users\User\AppData\Roaming\MagicBall4

2009-12-18 18:05 . 2009-12-18 16:18 -------- d-----w- c:\program files\RealArcade

2009-12-18 18:00 . 2009-12-18 18:00 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 5

2009-12-18 17:43 . 2009-12-18 17:43 -------- d-----w- c:\programdata\GameHouse

2009-12-18 16:21 . 2009-12-18 16:21 -------- d-----w- c:\programdata\Trymedia

2009-12-16 21:52 . 2009-06-20 16:57 -------- d-----w- c:\users\User\AppData\Roaming\SoundSpectrum

2009-12-16 21:51 . 2009-06-20 16:56 -------- d-----w- c:\program files\SoundSpectrum

2009-12-16 21:50 . 2009-12-16 21:50 -------- d-----w- c:\program files\Common Files\Real

2009-12-16 15:05 . 2009-12-22 22:56 347136 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Profiles\hr3xhxp8.kilian\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll

2009-12-16 15:05 . 2009-12-22 22:56 340992 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Profiles\hr3xhxp8.kilian\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll

2009-12-16 15:05 . 2009-12-22 22:56 471040 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Profiles\hr3xhxp8.kilian\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.dll

2009-12-16 15:05 . 2009-12-22 22:56 43008 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Profiles\hr3xhxp8.kilian\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll

2009-12-16 15:05 . 2009-12-22 22:56 1452032 ----a-w- c:\users\User\AppData\Roaming\Mozilla\Profiles\hr3xhxp8.kilian\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

2009-12-14 19:40 . 2009-12-14 19:39 -------- d-----w- c:\program files\K-Lite Codec Pack

2009-12-14 19:38 . 2009-06-19 21:08 -------- d-----w- c:\program files\DivX

2009-12-12 17:47 . 2009-12-12 17:47 -------- d-----w- c:\program files\Free Fire Screensaver

2009-12-12 17:47 . 2009-12-12 17:47 -------- d-----w- c:\users\User\AppData\Roaming\Laconic Software

2009-12-09 17:19 . 2009-12-09 17:19 4608 ----a-w- c:\windows\system32\w95inf32.dll

2009-12-09 17:19 . 2009-12-09 17:19 2272 ----a-w- c:\windows\system32\w95inf16.dll

2009-12-04 16:35 . 2009-06-19 10:34 413696 ----a-w- c:\windows\system32\wrap_oal.dll

2009-12-04 16:35 . 2009-06-19 10:34 110592 ----a-w- c:\windows\system32\OpenAL32.dll

2009-11-28 11:44 . 2009-11-28 11:44 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbE45A.tmp.exe

2009-11-18 15:01 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat

2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

2006-05-03 09:06 . 2009-12-20 12:29 163328 --sh--r- c:\windows\System32\flvDX.dll

2007-02-21 10:47 . 2009-12-20 12:29 31232 --sh--r- c:\windows\System32\msfDX.dll

2008-03-16 12:30 . 2009-12-20 12:29 216064 --sh--r- c:\windows\System32\nbDX.dll

.

((((((((((((((((((((((((((((( SnapShot_2010-02-09_14.47.43 )))))))))))))))))))))))))))))))))))))))))

.

+ 2007-12-06 07:12 . 2010-02-09 16:56 80706 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2006-11-02 13:05 . 2010-02-09 16:56 73982 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

- 2009-05-30 10:50 . 2010-02-09 11:52 15214 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-322015003-2957608914-2734547552-1000_UserData.bin

+ 2009-05-30 10:50 . 2010-02-09 16:56 15214 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-322015003-2957608914-2734547552-1000_UserData.bin

+ 2009-05-30 10:37 . 2010-02-09 16:54 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-05-30 10:37 . 2010-02-09 11:56 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-05-30 10:37 . 2010-02-09 16:54 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-05-30 10:37 . 2010-02-09 11:56 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-05-30 10:37 . 2010-02-09 16:54 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-05-30 10:37 . 2010-02-09 11:56 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-06-18 19:04 . 2010-02-09 16:55 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-06-18 19:04 . 2010-02-09 11:52 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-06-18 19:04 . 2010-02-09 11:52 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-06-18 19:04 . 2010-02-09 16:55 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-06-18 19:04 . 2010-02-09 11:52 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-06-18 19:04 . 2010-02-09 16:55 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-11-25 17:48 . 2010-02-09 11:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-11-25 17:48 . 2010-02-09 16:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-11-25 17:48 . 2010-02-09 11:50 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-11-25 17:48 . 2010-02-09 16:54 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-11-25 17:48 . 2010-02-09 11:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-11-25 17:48 . 2010-02-09 16:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2006-11-02 10:25 . 2010-02-09 16:03 86016 c:\windows\inf\infpub.dat

- 2006-11-02 10:25 . 2010-02-09 11:51 86016 c:\windows\inf\infpub.dat

- 2010-02-09 11:50 . 2010-02-09 11:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2010-02-09 16:54 . 2010-02-09 16:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2010-02-09 11:50 . 2010-02-09 11:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2010-02-09 16:54 . 2010-02-09 16:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2006-11-02 10:25 . 2010-02-09 16:03 1840005120 c:\windows\inf\infstrng.dat

- 2006-11-02 10:25 . 2010-02-09 11:51 1840005120 c:\windows\inf\infstrng.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour Reminder"="" [bU]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-01-07 2002160]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]

"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]

"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]

"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 92168]

"RtHDVCpl"="RtHDVCpl.exe" [2007-10-11 4702208]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]

"PlayMovie"="c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe" [2007-07-13 178280]

"PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2007-06-21 204908]

"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-06 86016]

"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2007-09-11 187936]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8530464]

"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]

"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-06-19 68592]

"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]

"D-Link D-Link Wireless N DWA-140"="c:\program files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe" [2008-04-15 1675264]

"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]

"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]

"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-09-07 326176]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]

c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

ImpulseNow.lnk - c:\program files\Stardock\Impulse\Now\ImpulseNow.exe [2010-2-3 468272]

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2009-9-5 3446512]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-12-6 535336]

Logitech SetPoint.lnk - d:\setpoint\SetPoint.exe [2010-2-6 813584]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]

2005-01-31 13:13 49152 ----a-w- c:\progra~1\COMMON~1\stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]

2009-12-03 18:44 273200 ----a-w- c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux4"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"VistaSp2"=hex(B):f3,0d,53,03,7b,fc,c9,01

R0 fsbts;fsbts;c:\windows\System32\drivers\fsbts.sys [2/08/2009 15:36 33920]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [15/09/2009 10:42 9968]

R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [15/09/2009 10:42 74480]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl [30/05/2009 11:40 39408]

R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [6/12/2007 8:41 269448]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\System32\drivers\MpNWMon.sys [18/06/2009 17:48 42480]

R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr28u.sys [18/06/2009 19:09 599040]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [26/06/2009 21:55 66080]

R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [15/09/2009 10:42 7408]

S2 gupdate1c9f122287a9cbc;Google Updateservice (gupdate1c9f122287a9cbc);c:\program files\Google\Update\GoogleUpdate.exe [19/06/2009 22:08 133104]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [30/05/2009 16:31 21504]

S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [19/01/2010 14:48 54632]

S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 22:48 704864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Inhoud van de 'Gedeelde Taken' map

2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-19 21:08]

2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-19 21:08]

2009-08-05 c:\windows\Tasks\User_Feed_Synchronization-{0553B684-6004-4510-9FB8-C1A6CCAA1D1E}.job

- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.pc-helpforum.be/forum/

mStart Page = hxxp://www.telenet.be

mWindow Title = Telenet Internet

uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*Yahoo! UK & Ireland

IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

Trusted Zone: microsoft.com\*.windowsupdate

FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\

FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=

FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=NRO&o=101913&locale=nl_EU&q=

FF - component: c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p9b0ctw.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll

FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: c:\program files\Sony\Media Go\npmediago.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: c:\users\User\AppData\Roaming\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "Firefox web browser | Faster, more secure, & customizable");

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-02-09 18:36

Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'Explorer.exe'(2284)

c:\windows\system32\MsnChatHook.dll

c:\windows\system32\ShowErrMsg.dll

c:\windows\system32\sysenv.dll

c:\windows\system32\BatchCrypto.dll

c:\windows\system32\CryptoAPI.dll

c:\windows\system32\keyManager.dll

c:\program files\Stardock\ObjectDock\DockShellHook.dll

d:\setpoint\lgscroll.dll

c:\progra~1\Stardock\OBJECT~1\WINDOW~1\tray.dll

.

Voltooingstijd: 2010-02-09 18:38:40

ComboFix-quarantined-files.txt 2010-02-09 17:38

ComboFix2.txt 2010-02-09 16:01

ComboFix3.txt 2010-02-09 14:50

ComboFix4.txt 2010-02-04 08:04

ComboFix5.txt 2010-02-09 17:29

Pre-Run: 129.282.121.728 bytes beschikbaar

Post-Run: 129.278.197.760 bytes beschikbaar

- - End Of File - - BBE60473F78167A9112ACEACD8924410

_______________________________________________________________________

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:41:05, on 9/02/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18882)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Logitech\Gaming Software\LWEMon.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe

C:\Windows\System32\nvraidservice.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe

C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Acer\Empowering Technology\SysMonitor.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

D:\SetPoint\SetPoint.exe

C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\mobsync.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Windows\system32\conime.exe

C:\Windows\Explorer.exe

C:\Windows\system32\notepad.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pc-helpforum.be/forum/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Telenet

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! UK & Ireland

O1 - Hosts: ::1 localhost

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [updatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe

O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')

O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')

O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = D:\SetPoint\SetPoint.exe

O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\iEvony\Skype4COM.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe

O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: Google Updateservice (gupdate1c9f122287a9cbc) (gupdate1c9f122287a9cbc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe

--

End of file - 11879 bytes

aangepast door kape
Dubbelpost verwijderd

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.