Trage linken openen

[ironmangeorges]

ComboFix 09-07-31.04 - Georges 01/08/2009 11:29.1.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3033.2320 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Georges\Bureaublad\ComboFix.exe

AV: avast! antivirus 4.8.1335 [VPS 090731-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\recycler\S-1-5-21-2479955852-4077184283-4291944271-500

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-07-01 to 2009-08-01 ))))))))))))))))))))))))))))))

.

2009-08-01 08:47 . 2009-08-01 08:47 -------- d-----w- c:\program files\CodeStuff

2009-08-01 06:37 . 2009-08-01 06:37 -------- d-----w- c:\documents and settings\Georges\Application Data\Malwarebytes

2009-08-01 06:37 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-08-01 06:37 . 2009-08-01 06:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-08-01 06:37 . 2009-08-01 06:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-08-01 06:37 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-07-30 19:25 . 2009-07-30 19:25 -------- d-----w- c:\program files\Trend Micro

2009-07-30 19:13 . 2009-07-30 19:13 -------- d-sh--w- c:\documents and settings\Georges\IECompatCache

2009-07-30 19:12 . 2009-07-30 19:12 -------- d-sh--w- c:\documents and settings\Georges\PrivacIE

2009-07-30 19:09 . 2009-07-30 19:09 -------- d-sh--w- c:\documents and settings\Georges\IETldCache

2009-07-30 19:07 . 2009-07-30 19:07 -------- d-----w- c:\windows\ie8updates

2009-07-30 19:06 . 2009-07-30 19:07 -------- dc-h--w- c:\windows\ie8

2009-07-30 19:05 . 2009-07-03 17:00 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll

2009-07-30 19:05 . 2009-07-03 17:00 12800 ------w- c:\windows\system32\dllcache\xpshims.dll

2009-07-30 19:05 . 2009-07-01 07:08 101376 ------w- c:\windows\system32\dllcache\iecompat.dll

2009-07-30 16:25 . 2007-09-06 13:53 18944 ----a-w- c:\windows\system32\drivers\SiLib.sys

2009-07-30 16:25 . 2007-09-06 13:53 14848 ----a-w- c:\windows\system32\drivers\DSI_SiUSBXp_3_1.sys

2009-07-30 15:43 . 2009-07-30 15:43 -------- d-----w- c:\program files\Garmin

2009-07-29 12:40 . 2009-07-29 12:40 -------- d-----w- c:\documents and settings\Georges\Application Data\InstallShield

2009-07-29 11:17 . 2008-06-20 13:15 24576 ----a-w- c:\windows\system32\BAZLib.dll

2009-07-27 15:44 . 2009-07-27 15:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater

2009-07-27 14:27 . 2009-07-27 14:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage

2009-07-24 08:39 . 2009-07-24 08:39 104512 ----a-w- c:\windows\system32\drivers\AnyDVD.sys

2009-07-21 17:51 . 2009-07-23 06:51 -------- d-----w- c:\documents and settings\Georges\Local Settings\Application Data\Temp

2009-07-17 12:52 . 2009-07-17 12:52 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth

2009-07-12 13:39 . 2009-07-14 06:29 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS

2009-07-12 13:39 . 2009-07-14 06:28 -------- d-----w- c:\program files\NOS

2009-07-07 15:05 . 2009-07-30 18:08 -------- d-----w- c:\documents and settings\Georges\Application Data\HPAppData

2009-07-07 14:48 . 2008-04-16 04:05 372736 ----a-r- c:\windows\system32\hppldcoi.dll

2009-07-07 14:48 . 2008-04-16 04:05 309760 ----a-r- c:\windows\system32\difxapi.dll

2009-07-07 14:48 . 2008-04-08 05:39 974848 ----a-r- c:\windows\system32\hpost_p01d.dll

2009-07-07 14:48 . 2008-04-08 05:39 729088 ----a-r- c:\windows\system32\hposwia_p01d.dll

2009-07-07 14:48 . 2008-02-28 10:08 303104 ----a-r- c:\windows\system32\hposc_p01a.dll

2009-07-07 14:43 . 2009-07-07 14:43 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant

2009-07-07 14:43 . 2009-07-07 14:43 -------- d-----w- c:\program files\Hewlett-Packard

2009-07-07 14:43 . 2009-07-07 14:43 -------- d-----w- c:\program files\Common Files\HP

2009-07-07 14:40 . 2009-07-07 14:56 177756 ----a-w- c:\windows\hpoins31.dat

2009-07-07 14:40 . 2008-06-17 09:23 1691 ------w- c:\windows\hpomdl31.dat

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-08-01 09:32 . 2009-05-31 20:36 -------- d-----w- c:\documents and settings\Georges\Application Data\Skype

2009-08-01 09:32 . 2009-03-28 16:58 -------- d-----w- c:\program files\ePrompter

2009-08-01 08:57 . 2009-05-31 20:37 -------- d-----w- c:\documents and settings\Georges\Application Data\skypePM

2009-07-29 12:43 . 2009-04-15 09:47 -------- d-----w- c:\program files\Ascentive

2009-07-29 12:41 . 2009-06-29 21:32 -------- d-----w- c:\program files\Cobian Backup 9

2009-07-29 12:39 . 2009-03-28 13:19 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-07-27 15:44 . 2009-03-28 15:58 -------- d-----w- c:\program files\Google

2009-07-26 09:13 . 2008-06-24 09:38 92412 ----a-w- c:\windows\system32\perfc013.dat

2009-07-26 09:13 . 2008-06-24 09:38 512750 ----a-w- c:\windows\system32\perfh013.dat

2009-07-15 20:39 . 2008-06-25 11:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2009-07-09 13:44 . 2009-04-03 12:32 -------- d-----w- c:\program files\Microsoft ActiveSync

2009-07-09 13:37 . 2009-04-07 19:47 -------- d-----w- c:\documents and settings\Georges\Application Data\Samsung

2009-07-09 12:55 . 2009-04-07 19:24 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys

2009-07-09 12:43 . 2009-04-03 12:37 -------- d-----w- c:\program files\Samsung

2009-07-09 10:36 . 2009-03-28 19:44 -------- d-----w- c:\program files\HP

2009-07-07 14:44 . 2009-03-28 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\HP

2009-07-03 17:00 . 2008-06-24 09:38 915456 ----a-w- c:\windows\system32\wininet.dll

2009-06-30 16:18 . 2009-03-28 20:38 -------- d-----w- c:\documents and settings\Georges\Application Data\U3

2009-06-16 14:40 . 2008-06-24 09:38 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-16 14:40 . 2008-06-24 09:38 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-06-09 11:53 . 2009-06-09 11:53 9843864 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\CT4SKypePlugIn20_Multi_Media.exe

2009-06-09 11:53 . 2009-06-09 11:53 77824 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\RLLauncher.exe

2009-06-09 11:37 . 2009-06-09 11:37 -------- d-----w- c:\program files\Common Files\Skype

2009-06-09 11:37 . 2009-05-31 20:35 -------- d-----r- c:\program files\Skype

2009-06-09 11:37 . 2009-05-31 20:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype

2009-06-03 19:11 . 2008-06-24 09:38 1295360 ----a-w- c:\windows\system32\quartz.dll

2009-05-31 20:37 . 2009-05-31 20:37 56 ---ha-w- c:\windows\system32\ezsidmv.dat

2009-05-25 12:01 . 2009-05-25 12:01 89256 ----a-w- c:\windows\system32\ElbyCDIO.dll

2009-05-07 15:34 . 2008-06-24 09:38 347136 ----a-w- c:\windows\system32\localspl.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2009-07-25 2968512]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-05-25 25477928]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]

"ANT Agent"="c:\garmin\ANT Agent\ANT Agent.exe" [2009-07-08 11008088]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-28 39408]

"gStart"="c:\garmin\gStart.exe" [2008-08-13 1891416]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]

"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]

"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-03-14 54832]

"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]

"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]

"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-07-26 192512]

"GrooveMonitor"="c:\program files\Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

"Google Quick Search Box"="c:\program files\Google\Quick Search Box\qsb.exe" [2009-03-28 68592]

"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712]

"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-03-11 611712]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-02-27 38768]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-02-27 640376]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-03-26 16859136]

"AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2006-05-04 2808832]

"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-15 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]

c:\documents and settings\Georges\Menu Start\Programma's\Opstarten\

ePrompter.lnk - c:\program files\ePrompter\ePrompter.exe [2009-3-28 782336]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-3-14 2938184]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Georges^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk]

path=c:\documents and settings\Georges\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"427:UDP"= 427:UDP:SLP_Port(427)

"5353:TCP"= 5353:TCP:Adobe CSI CS4

"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server

"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server

"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server

"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [18/04/2009 20:53 114768]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18/04/2009 20:53 20560]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [22/05/2009 20:40 55152]

R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3/11/2006 19:19 13592]

R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [28/03/2009 15:12 84240]

R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [28/03/2009 15:19 118784]

S2 gupdate1c9e22f621d9ffe;Google Updateservice (gupdate1c9e22f621d9ffe);c:\program files\Google\Update\GoogleUpdate.exe [31/05/2009 22:35 133104]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15/08/2008 5:46 288112]

S3 cxbu0wdm;SmartTerminal XX44;c:\windows\system32\drivers\cxbu0wdm.sys [15/01/2008 12:39 97792]

S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [6/02/2009 18:08 533360]

S3 softctrl;Software Flow Control Driver;c:\windows\system32\drivers\softctrl.sys [29/03/2009 15:11 9760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Inhoud van de 'Gedeelde Taken' map

2009-08-01 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-28 15:44]

2009-08-01 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

.

- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-Performance Center - c:\program files\Ascentive\Performance Center\ApcMain.exe

HKCU-Run-Nseries.PCSync - c:\program files\Nokia\Ovi\System Utilities\System Utilities\PcSync2.exe

HKCU-Run-AdobeBridge - (no file)

HKLM-Run-CtrlVol - c:\program files\Launch Manager\CtrlVol.exe

HKLM-Run-LaunchAp - c:\program files\Launch Manager\LaunchAp.exe

HKLM-Run-Wbutton - c:\program files\Launch Manager\WButton.exe

HKLM-Run-Nokia FastStart - c:\program files\Nokia\Nokia Music\NokiaMusic.exe

MSConfigStartUp-CTFMON - (no file)

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.ironmangeorges.tk/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: E&xporteren naar Microsoft Excel - c:\progra~1\Office\Office12\EXCEL.EXE/3000

IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-08-01 11:32

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

CtrlVol = c:\program files\Launch Manager\CtrlVol.exe?x???0???\???????0??????????????|???|???????|????????L???????8P????F?????????????h?????????????B????????|@??|????=??|??A???????????A?$?????????????:~?h@???????????????A??<????????A???@?(P??vs@?(P??L?????@?8P?????

LaunchAp = c:\program files\Launch Manager\LaunchAp.exe????0???\???????0??????????????|???|???????|????????L???????8P????F?????????????h?????????????B????????|@??|????=??|??A???????????A?$?????????????:~?h@???????????????A??<????????A???@?(P??vs@?(P??L?????@?8P?????

Wbutton = c:\program files\Launch Manager\WButton.exe?????0???\???????0??????????????|???|???????|????????L???????8P????F?????????????h?????????????B????????|@??|????=??|??A???????????A?$?????????????:~?h@???????????????A??<????????A???@?(P??vs@?(P??L?????@?8P?????

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]

"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(780)

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(148)

c:\program files\SlySoft\AnyDVD\ADvdDiscHlp1.dll

c:\program files\CyberLink\PowerDVD\deskband32.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Voltooingstijd: 2009-08-01 11:33

ComboFix-quarantined-files.txt 2009-08-01 09:33

Pre-Run: 269.372.141.568 bytes beschikbaar

Post-Run: 272.046.084.096 bytes beschikbaar

255 --- E O F --- 2009-07-27 11:55

[kape]

En hoe staat het nu met het openen van de hyperlinks ?