Vraag & Antwoord

Beveiliging & privacy

zonealarm schakelde firefox uit

30 antwoorden
  • Had last van een haperende videokaart (bleek vastlopende ventilator) en onleesbare mededelingen, niet goed doorstarten e.d. Op een gegeven moment gaf zonealarm de melding, dat een programma werd geblokkeerd; kon toen niet zien welk programma. Heb meteen zonnealarm verwijderd voordat het nog meer schade zou aanrichten. Na het installeren van een nieuwe videokaart, Nvidea GT 220, bleek firefox alleen nog in de veilige modus te werken! Dat had zonnealarm dus uitgeschakeld. Is er iemand die kan vertellen waar ik in het register dit weer ongedaan kan maken? Ik werk met XP. Groeten, Cees.
  • http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis :roll: Misschien slim om even een logje te maken en te posten dan kan een expert je wellicht verder helpen.
  • heb inmiddels de Ccleaner gebruikt om o.a. de windowupdate uninstallers te verwijderen, dus ik hoop dat een log nog zin heef! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:50:49, on 19-2-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe E:\Ad-Aware\AAWService.exe E:\AVG\avgchsvx.exe E:\AVG\avgrsx.exe E:\AVG\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe E:\Avira\Avira\AntiVir Desktop\sched.exe E:\Avira\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe E:\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe E:\Ashampoo Magical Defrag 2\bin\aDefragService.exe C:\Program Files\Creative\ShareDLL\CtNotify.exe C:\Program Files\Creative\ShareDLL\MediaDet.Exe C:\Program Files\Brother\ControlCenter2\brctrcen.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\ATKKBService.exe E:\WinPatrol\winpatrol.exe E:\AVG\avgwdsvc.exe C:\WINDOWS\system32\Brmfrmps.exe E:\Avira\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Java\jre6\bin\jqs.exe E:\AVG\avgtray.exe C:\Program Files\Mouse Driver\KMWDSrv.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe E:\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe E:\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe E:\Vista Start Menu\VistaStartMenu.exe E:\CursorXP\CursorXP.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe E:\Creative\SBAudigy\Taskbar\CTLTray.exe E:\AVG\avgnsx.exe E:\Creative\SBAudigy\Taskbar\CTLTask.exe C:\WINDOWS\system32\MsPMSPSv.exe E:\PrintScreen\PrintScreen.exe C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe C:\WINDOWS\system32\SearchIndexer.exe E:\Advanced SystemCare 3\AWC.exe E:\Advanced SystemCare 3\Sup_SmartRAM.exe E:\DriverMax\devices.exe E:\StemPunt\StemPunt.exe E:\AVG\avgemc.exe E:\Corel\Suite8\Programs\DAD8.EXE E:\Logitech\SetPoint\SetPoint.exe E:\AVG\avgcsrvx.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe E:\MagicDisc\MagicDisc.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE E:\NotesHolder\NotesHolder.exe E:\Ad-Aware\AAWTray.exe E:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files\Mozilla Firefox\firefox.exe E:\Mozilla Thunderbird\thunderbird.exe E:\installers&setup's\HijackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: DownloadGuardBHO - {20C1A7F0-528E-444F-BAC5-5804A61CCA7F} - E:\Download Guard for Internet Explorer\DownloadGuardBHO.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\real\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\AVG\avgssie.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [mspwr] C:\WINDOWS\system32\PuXpMan2.exe O4 - HKLM\..\Run: [PwrUpTweakMe] C:\WINDOWS\system32\PuXpTwks.exe /TWEAK O4 - HKLM\..\Run: [DefragTaskBar] "E:\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [CTStartup] E:\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [Jet Detection] E:\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [WinPatrol] E:\WinPatrol\winpatrol.exe -expressboot O4 - HKLM\..\Run: [avgnt] "E:\Avira\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG9_TRAY] E:\AVG\avgtray.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "E:\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [VistaStartMenu] E:\Vista Start Menu\VistaStartMenu.exe O4 - HKCU\..\Run: [CursorXP] E:\CursorXP\CursorXP.exe O4 - HKCU\..\Run: [TaskTray] E:\Creative\SBAudigy\Taskbar\CTLTray.exe O4 - HKCU\..\Run: [Taskbar] E:\Creative\SBAudigy\Taskbar\CTLTask.exe O4 - HKCU\..\Run: [Gadwin PrintScreen] E:\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [UpdateStar] C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe -A O4 - HKCU\..\Run: [Advanced SystemCare 3] "E:\Advanced SystemCare 3\AWC.exe" /startup O4 - HKCU\..\Run: [SmartRAM] "E:\Advanced SystemCare 3\Sup_SmartRAM.exe" /m O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE O4 - HKCU\..\Run: [DriverMax] "E:\DriverMax\devices.exe" -agent O4 - HKCU\..\Run: [StemPunt] E:\StemPunt\StemPunt.exe O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MagicDisc.lnk = E:\MagicDisc\MagicDisc.exe O4 - Startup: NotesHolder.lnk = E:\NotesHolder\NotesHolder.exe O4 - Global Startup: Corel Desktop Application Director 8.LNK = E:\Corel\Suite8\Programs\DAD8.EXE O4 - Global Startup: Logitech SetPoint.lnk = E:\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Download met LeechGet - file://E:\LeechGet 2009\\AddUrl.html O8 - Extra context menu item: Download met LeechGet Wizard - file://E:\LeechGet 2009\\Wizard.html O8 - Extra context menu item: Translate this web page with Babylon - res://E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O8 - Extra context menu item: Verwerk met LeechGet (Parse) - file://E:\LeechGet 2009\\Parser.html O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228503343015 O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5461/mcfscan.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\AVG\avgpp.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - E:\Avira\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Avira\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - E:\Ashampoo Magical Defrag 2\bin\aDefragService.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - E:\AVG\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - E:\AVG\avgwdsvc.exe O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - E:\Ad-Aware\AAWService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: NMSAccessU - Unknown owner - E:\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 13741 bytes Groet Cees.
  • Hallo Cees, wat betreft je Firefox probleem - gewoon deïnstalleren en de allernieuwste versie installeren! Volgens mij heb je overigens weinig van zoneAlarm begrepen; want in het menu ervan bij Programs, heb je de mogelijheid om zelf programma's toetstemming te geven of juist niet te geven om het internet op te gaan! Ni je log: er blijken twee antivirusprogramma's aktief, waarbij ik Avira Antivir als jouw hoofd-antivirus heb vastgesteld. Maar het is geen goede situatie voor de aktieve veiligheid en ook vanwege de extra resources die hierdoor verbruikt worden. Gebruik daarom het AVG Removal Tool, om AVG geheel uit je systeem yekrijgen! http://www.avg.com/nl-nl/download-tools Nadat je PC opnieuw is opgestart, doe dan het volgende: Start HijackThis opnieuw en kies voor [b:e536723d4d]Scan only[/b:e536723d4d], nadat je een vinkje hebt gezet voor de met de onderstaand corresponderende regels, klik je vervolgens op de knop [b:e536723d4d]Fix checked[/b:e536723d4d]: O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) Post hierna tevens een nieuw HJT-log ter controle!
  • het probleem ontstond dan ook in een uitzonderlijke situatie: doordat mijn videokaart haperde, startte de pc niet normaal door en waren de berichten niet meer allemaal te lezen; toen zonnealarm spontaan iets begon te blokkeren, heb ik dit programma dus maar verwijderd(dat lukte alleen maar na steeds weer opnieuw opstarten als de videokaart was afgekoeld)en soms op de gok, voordat er meer belangrijke dingen kwijtraakten. Er was geen mogelijkheid meer om in zonnealarm iets te kiezen, er waren geen teksten meer leesbaar! Ga nu proberen wat is voorgesteld en in ieder geval bedankt voor de reactie. Groeten, Cees.
  • heb de lege verwijzingen weggehaald. Firefox gedeïnstalleerd, opnieuw opgestart, Firefox weer geïnstalleerd (nieuwe versie gedownload); maar alleen in Firefox veilige modus te gebruiken! Wat nu? groeten, Cees.
  • Hallo Cees, wat er nu met jouw Windows aan de hand is, is mij niet duidelijk. Doe daarom het volgende: download [url=http://download.bleepingcomputer.com/sUBs/dds.scr][b:8707f5949c][color=darkblue:8707f5949c]DDS.scr[/b:8707f5949c] (klik)[/color:8707f5949c][/url] naar je bureaublad. • dds.scr dubbelklikken - wacht tot de scan klaar is. • Na de scan worden twee tekstdocumnenten geopend - post het DDS-log!
  • hierbij het gevraagde log; UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-12-01.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 3-12-2008 21:21:33 System Uptime: 21-2-2010 9:56:58 (11 hours ago) Motherboard: | | 775Dual-VSTA Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | CPUSocket | 3214/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 98 GiB total, 79,065 GiB free. D: is FIXED (NTFS) - 10 GiB total, 2,813 GiB free. E: is FIXED (NTFS) - 28 GiB total, 8,83 GiB free. H: is FIXED (NTFS) - 98 GiB total, 86,762 GiB free. I: is FIXED (NTFS) - 98 GiB total, 97,558 GiB free. J: is FIXED (NTFS) - 173 GiB total, 172,7 GiB free. K: is CDROM () L: is CDROM (UDF) M: is CDROM () N: is Removable ==== Disabled Device Manager Items ============= Class GUID: Description: Unibrain 1394 PC Device ID: UB1394\UNIBRAIN&1394_PC\00023C002102D0A2 Manufacturer: Name: Unibrain 1394 PC PNP Device ID: UB1394\UNIBRAIN&1394_PC\00023C002102D0A2 Service: Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Multimediacontroller Device ID: PCI\VEN_1131&DEV_7134&SUBSYS_712617DE&REV_01\3&267A616A&0&60 Manufacturer: Name: Multimediacontroller PNP Device ID: PCI\VEN_1131&DEV_7134&SUBSYS_712617DE&REV_01\3&267A616A&0&60 Service: Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Unibrain 1394 FireNet Adapter Device ID: ROOT\NET\0000 Manufacturer: Unibrain Name: Unibrain 1394 FireNet Adapter PNP Device ID: ROOT\NET\0000 Service: UBFWNet ==== System Restore Points =================== RP526: 24-11-2009 12:23:54 - Controlepunt van systeem RP527: 25-11-2009 13:42:54 - Controlepunt van systeem RP528: 26-11-2009 9:47:03 - Software Distribution Service 3.0 RP529: 27-11-2009 18:28:25 - Controlepunt van systeem RP530: 28-11-2009 19:44:10 - Controlepunt van systeem RP531: 28-11-2009 21:29:15 - Herstelbewerking RP532: 30-11-2009 12:31:42 - Removed Opera 10.00. RP533: 30-11-2009 12:32:01 - Installed Opera 10.10. RP534: 1-12-2009 16:01:32 - Controlepunt van systeem RP535: 2-12-2009 18:04:44 - Controlepunt van systeem RP536: 3-12-2009 18:36:30 - Controlepunt van systeem RP537: 3-12-2009 16:12:54 - Controlepunt van systeem RP538: 5-12-2009 17:28:49 - Paint.NET v3.5.1 RP539: 6-12-2009 18:54:19 - Controlepunt van systeem RP540: 6-12-2009 20:52:41 - Revo Uninstaller's restore point - Kyodai Mahjongg 2006 v1.42 RP541: 6-12-2009 20:53:23 - Revo Uninstaller's restore point - Kyodai Mahjongg 2006 v1.42 RP542: 6-12-2009 20:53:56 - Revo Uninstaller's restore point - Kyodai Mahjongg 2006 v1.42 RP543: 6-12-2009 20:54:31 - Revo Uninstaller's restore point - Kyodai Mahjongg 2006 v1.42 RP544: 8-12-2009 14:26:06 - Controlepunt van systeem RP545: 8-12-2009 19:39:15 - Software Distribution Service 3.0 RP546: 8-12-2009 18:25:55 - Software Distribution Service 3.0 RP547: 9-12-2009 20:06:26 - Controlepunt van systeem RP548: 9-12-2009 20:22:50 - Herstelbewerking RP549: 9-12-2009 20:27:09 - Herstelbewerking RP550: 9-12-2009 21:48:14 - Geïnstalleerd C@shflow V3.3 RP551: 11-12-2009 16:50:41 - Controlepunt van systeem RP552: 12-12-2009 9:53:26 - Avg8 Update RP553: 12-12-2009 9:54:34 - Avg8 Update RP554: 13-12-2009 19:26:25 - Glary Utilities Restore Point RP555: 14-12-2009 10:50:42 - DirectX is geïnstalleerd. RP556: 14-12-2009 15:47:22 - Software Distribution Service 3.0 RP557: 14-12-2009 17:32:20 - Revo Uninstaller's restore point - Orbit Downloader RP558: 14-12-2009 17:33:29 - Revo Uninstaller's restore point - Orbit Downloader RP559: 14-12-2009 17:35:02 - Revo Uninstaller's restore point - Orbit Downloader RP560: 14-12-2009 19:10:58 - Herstelbewerking RP561: 14-12-2009 19:20:02 - Herstelbewerking RP562: 15-12-2009 8:16:00 - Herstelbewerking RP563: 16-12-2009 12:47:25 - Herstelbewerking RP564: 17-12-2009 11:38:53 - Herstelbewerking RP565: 20-12-2009 21:31:17 - Avg8 Update RP566: 19-1-2010 22:11:52 - Software Distribution Service 3.0 RP567: 21-1-2010 13:50:32 - Software Distribution Service 3.0 RP568: 22-1-2010 14:01:03 - Controlepunt van systeem RP569: 22-1-2010 15:37:09 - Software Distribution Service 3.0 RP570: 23-1-2010 21:07:07 - Controlepunt van systeem RP571: 25-1-2010 17:12:46 - Controlepunt van systeem RP572: 4-2-2010 17:09:55 - Avg8 Update RP573: 4-2-2010 17:57:58 - Revo Uninstaller's restore point - ZoneAlarm RP574: 5-2-2010 19:36:40 - Controlepunt van systeem RP575: 6-2-2010 22:26:12 - Controlepunt van systeem RP576: 8-2-2010 15:29:22 - Controlepunt van systeem RP577: 9-2-2010 15:35:18 - Controlepunt van systeem RP578: 10-2-2010 15:10:17 - Software Distribution Service 3.0 RP579: 11-2-2010 16:32:39 - Controlepunt van systeem RP580: 11-2-2010 22:02:55 - Installed Microsoft WorldWide Telescope RP581: 12-2-2010 22:28:46 - Installed Driver Whiz. RP582: 13-2-2010 15:24:17 - Installed Java(TM) 6 Update 18 RP583: 13-2-2010 16:30:43 - Verwijderd: OpenOffice.org 3.0 RP584: 13-2-2010 16:32:39 - Geïnstalleerd: OpenOffice.org 3.2 RP585: 14-2-2010 20:15:26 - Controlepunt van systeem RP586: 15-2-2010 14:31:21 - Installed Microsoft Bootvis RP587: 15-2-2010 16:12:37 - Geïnstalleerd Utility RP588: 15-2-2010 16:36:04 - Revo Uninstaller's restore point - Microsoft Bootvis RP589: 15-2-2010 16:36:37 - Removed Microsoft Bootvis RP590: 15-2-2010 17:08:41 - Geïnstalleerd Brother MFL Pro RP591: 15-2-2010 17:09:26 - Printerstuurprogramma Brother PC-FAX is geïnstalleerd RP592: 16-2-2010 19:12:20 - Controlepunt van systeem RP593: 17-2-2010 19:21:18 - Controlepunt van systeem RP594: 18-2-2010 19:30:52 - ccleaner18-02-10 RP595: 19-2-2010 19:42:13 - powerdvd9 RP596: 19-2-2010 19:43:03 - Installed PowerDVD RP597: 20-2-2010 15:29:04 - hijack RP598: 20-2-2010 19:12:37 - Geïnstalleerd: NVIDIA PhysX RP599: 20-2-2010 19:13:20 - Verwijderd: NVIDIA PhysX RP600: 21-2-2010 19:38:59 - Controlepunt van systeem ==== Installed Programs ====================== 7-Zip 4.65 Aangifte inkomstenbelasting 2008 Ad-Aware Ad-Aware Email Scanner for Outlook Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Media Player Adobe Shockwave Player 11.5 Advanced SystemCare 3 Apple Application Support Apple Software Update Ashampoo Magical Defrag 2 Ashampoo PowerUP XP Platinum 2.20 Ask Toolbar ASUS Gamer OSD ASUS Smart Doctor ASUS VideoSecurity Online AVG Free 9.0 Avira AntiVir Personal - Free Antivirus Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127-v2) Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390) Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215) Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714) Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260) Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027) Beveiligingsupdate voor Windows Internet Explorer 8 (KB969897) Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961) Beveiligingsupdate voor Windows Internet Explorer 8 (KB972260) Beveiligingsupdate voor Windows Internet Explorer 8 (KB974455) Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325) Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207) Beveiligingsupdate voor Windows XP (KB923789) Beveiligingsupdate voor Windows XP (KB956390) Beveiligingsupdate voor Windows XP (KB970430) Beveiligingsupdate voor Windows XP (KB971468) Beveiligingsupdate voor Windows XP (KB972270) Beveiligingsupdate voor Windows XP (KB973904) Beveiligingsupdate voor Windows XP (KB974318) Beveiligingsupdate voor Windows XP (KB974392) Beveiligingsupdate voor Windows XP (KB975560) Beveiligingsupdate voor Windows XP (KB975713) Beveiligingsupdate voor Windows XP (KB977165) Beveiligingsupdate voor Windows XP (KB977914) Beveiligingsupdate voor Windows XP (KB978037) Beveiligingsupdate voor Windows XP (KB978251) Beveiligingsupdate voor Windows XP (KB978262) Beveiligingsupdate voor Windows XP (KB978706) Brother MFL-Pro Suite C@shflow V3.1 C@shflow V3.3 CCleaner CDBurnerXP CDDRV_Installer Celestia 1.6.0 Corel WordPerfect Suite 8 Cover Expert 1.9 Build 282 CPUID CPU-Z 1.53.1 Creative Audio-console CrystalDiskInfo 3.1.1 CrystalDiskMark 2.2.0 CursorXP CyberLink PowerDVD 9 DFX for Windows Media Player DirectX for Managed Code Update (December 2004) DivX Codec DivX Converter DivX Player DivX Plus DirectShow Filters DivX Web Player Download Guard for Internet Explorer Driver Whiz DriverAgent by eSupport.com DriverMax 4 DriverMax 5 Eusing Free Registry Cleaner EVEREST Ultimate Edition v5.00 FireNet Folderico 3.7.2 Foxit PDF Editor Foxit PDF IFilter Foxit Reader Gadwin PrintScreen Gekko Mahjongg GIMP 2.6.7 Glary Utilities 2.17.0.776 HDD Health v3.2 Beta HijackThis 2.0.2 Hitman Pro 3.5 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) iCF Skin Pack iColorFolder Icy Tower v1.4 Java 2 Runtime Environment Standard Edition v1.3 Java Auto Updater Java(TM) 6 Update 18 Joost (tm) 0.12.0 KhalInstallWrapper Logitech Communications Manager Logitech SetPoint MagicDisc 2.7.105 MahJong Suite 2009 v6.1 MailStore Home 3.0.2.2448 Malwarebytes' Anti-Malware Malwarebytes' RogueRemover McAfee SiteAdvisor Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Dutch Language Pack Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft National Language Support Downlevel APIs Microsoft Rekenmachine Plus Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft WorldWide Telescope MiNode Miro MixMeister MovieSaver 2.0 MozBackup 1.4.10 Mozilla Firefox (3.6) Mozilla Sunbird (0.9) Mozilla Thunderbird (3.0.1) MSVCRT My Folder v1.0 MyMahj v4.1b NASA World Wind 1.4 NIPO CAPI@HOME NirSoft IPNetInfo Norton Security Scan NotesHolder Lite 1.41 NoteTab Light 6 (Remove only) NTREGOPT 1.1j NVIDIA Display Control Panel NVIDIA Drivers NVIDIA nView Desktop Manager NVIDIA PhysX OpenOffice.org 3.2 Opera 10.10 Paint.NET v3.5.1 Pakket voor de provider van Microsoft Base-smartcardcryptografieservice PaperPort PC SECURITY TEST 2007 PC SECURITY TEST 2009 PC Wizard 2010.1.93 Platform PowerDVD QuickTime RealPlayer Recuva (remove only) Revo Uninstaller 1.85 Segoe UI Software Informer 1.0 BETA Softwarenetz Agenda2 Sophos Anti-Rootkit 1.3.1 Sound Blaster Audigy SpeedFan (remove only) SpywareBlaster 4.2 StemPunt StillLife Demo SUPERAntiSpyware Free Edition System Requirements Lab Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Teletekstbrowser versie 3.4 Total Commander (Remove or Repair) TuneUp Utilities 2009 UltraExplorer 2.0.3.1 UnderCoverXP 1.20 Uniblue RegistryBooster 2009 Unreal Commander v0.95 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update voor Windows Internet Explorer 8 (KB969497) Update voor Windows Internet Explorer 8 (KB971180) Update voor Windows Internet Explorer 8 (KB972636) Update voor Windows Internet Explorer 8 (KB973874) Update voor Windows Internet Explorer 8 (KB975364) Update voor Windows Internet Explorer 8 (KB976749) Update voor Windows XP (KB951978) Update voor Windows XP (KB955759) Update voor Windows XP (KB971737) UpdateStar Utility VC 9.0 Runtime VC80CRTRedist - 8.0.50727.762 VIA Platform apparaatbeheer VIA Rhine-Family Fast-Ethernet Adapter Vista Start Menu 3.55 Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 Vuze Launcher WebFldrs XP Winamp Winamp Toolbar Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Communications Platform Windows Live Essentials Windows Live Photo Gallery Windows Live Sync Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player Firefox Plugin WinPatrol 2009 XML Paper Specification Shared Components Language Pack 1.0 XviD MPEG-4 Video Codec Yankee Clipper III ==== End Of File =========================== Groeten,
  • Hallo Cees, je hebt je best gedaan, maar je hebt de inhoud van het verkeerde log gepost. Dus gaarne het andere DDS log, met een x-analyse van jouw Windows, posten!
  • we proberen het nog een keer: DDS (Ver_09-12-01.01) - NTFSx86 Run by C. I.J.Smits at 10:45:50,10 on ma 22-02-2010 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1280 [GMT 1:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe E:\AVG\avgchsvx.exe E:\AVG\avgrsx.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe E:\AVG\avgcsrvx.exe E:\Avira\Avira\AntiVir Desktop\sched.exe E:\Avira\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\Explorer.EXE svchost.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe E:\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe C:\Program Files\Creative\ShareDLL\CtNotify.exe E:\Ashampoo Magical Defrag 2\bin\aDefragService.exe C:\Program Files\Brother\ControlCenter2\brctrcen.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Creative\ShareDLL\MediaDet.Exe C:\WINDOWS\ATKKBService.exe E:\WinPatrol\winpatrol.exe E:\AVG\avgwdsvc.exe E:\Avira\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\Brmfrmps.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Mouse Driver\KMWDSrv.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe E:\CDBurnerXP\NMSAccessU.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe E:\AVG\avgtray.exe E:\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe C:\Program Files\ASUS\GamerOSD\GamerOSD.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\SearchIndexer.exe E:\AVG\avgnsx.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\WINDOWS\system32\ctfmon.exe E:\Vista Start Menu\VistaStartMenu.exe E:\CursorXP\CursorXP.exe E:\Creative\SBAudigy\Taskbar\CTLTray.exe E:\Creative\SBAudigy\Taskbar\CTLTask.exe E:\PrintScreen\PrintScreen.exe C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe E:\Advanced SystemCare 3\AWC.exe E:\Advanced SystemCare 3\Sup_SmartRAM.exe E:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE E:\DriverMax\devices.exe E:\StemPunt\StemPunt.exe E:\Corel\Suite8\Programs\DAD8.EXE E:\AVG\avgemc.exe E:\Logitech\SetPoint\SetPoint.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe E:\AVG\avgcsrvx.exe E:\MagicDisc\MagicDisc.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE E:\NotesHolder\NotesHolder.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Mozilla Firefox\firefox.exe E:\Mozilla Thunderbird\thunderbird.exe C:\Documents and Settings\C. I.J.Smits\Bureaublad\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://search.orbitdownloader.com uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll mURLSearchHooks: H - No File BHO: Download Guard for Internet Explorer: {20c1a7f0-528e-444f-bac5-5804a61cca7f} - e:\download guard for internet explorer\DownloadGuardBHO.dll BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - e:\real\rpbrowserrecordplugin.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - e:\avg\avgssie.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [VistaStartMenu] e:\vista start menu\VistaStartMenu.exe uRun: [CursorXP] e:\cursorxp\CursorXP.exe uRun: [TaskTray] e:\creative\sbaudigy\taskbar\CTLTray.exe uRun: [Taskbar] e:\creative\sbaudigy\taskbar\CTLTask.exe uRun: [Gadwin PrintScreen] e:\printscreen\PrintScreen.exe /nosplash uRun: [UpdateStar] c:\documents and settings\c. i.j.smits\application data\updatestar\UpdateStar.exe -A uRun: [Advanced SystemCare 3] "e:\advanced systemcare 3\AWC.exe" /startup uRun: [SmartRAM] "e:\advanced systemcare 3\Sup_SmartRAM.exe" /m uRun: [SUPERAntiSpyware] e:\superantispyware\SUPERANTISPYWARE.EXE uRun: [DriverMax] "e:\drivermax\devices.exe" -agent uRun: [StemPunt] e:\stempunt\StemPunt.exe uRun: [ASUS SmartDoctor] c:\program files\asus\smartdoctor\SmartDoctor.exe /start mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe" mRun: [LVCOMSX] "c:\program files\common files\logishrd\lcommgr\LVComSX.exe" mRun: [mspwr] c:\windows\system32\PuXpMan2.exe mRun: [PwrUpTweakMe] c:\windows\system32\PuXpTwks.exe /TWEAK mRun: [DefragTaskBar] "e:\ashampoo magical defrag 2\bin\defragTaskBar.exe" mRun: [Disc Detector] c:\program files\creative\sharedll\CtNotify.exe mRun: [UpdReg] c:\windows\Updreg.exe mRun: [CTStartup] e:\creative\sbaudigy\program\CTEaxSpl.EXE /run mRun: [Jet Detection] e:\creative\sbaudigy\program\ADGJDet.exe mRun: [CTxfiHlp] CTXFIHLP.EXE mRun: [ControlCenter2.0] c:\program files\brother\controlcenter2\brctrcen.exe /autorun mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe mRun: [CTHelper] CTHELPER.EXE mRun: [WinPatrol] e:\winpatrol\winpatrol.exe -expressboot mRun: [avgnt] "e:\avira\avira\antivir desktop\avgnt.exe" /min mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [AVG9_TRAY] e:\avg\avgtray.exe mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [QuickTime Task] "e:\quicktime\qttask.exe" -atboottime mRun: [ASUSGamerOSD] c:\program files\asus\gamerosd\GamerOSD.exe mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe" mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\cij~1.smi\menust~1\progra~1\opstar~1\magicd~1.lnk - e:\magicdisc\MagicDisc.exe StartupFolder: c:\docume~1\cij~1.smi\menust~1\progra~1\opstar~1\notesh~1.lnk - e:\notesholder\NotesHolder.exe StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\coreld~1.lnk - e:\corel\suite8\programs\DAD8.EXE StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\logite~1.lnk - e:\logitech\setpoint\SetPoint.exe StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\status~1.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe uPolicies-explorer: <NO NAME> = mPolicies-explorer: ShowDriveLettersFirst = 4 (0x4) IE: &Winamp Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html IE: Download met LeechGet - file://e:\leechget 2009\\AddUrl.html IE: Download met LeechGet Wizard - file://e:\leechget 2009\\Wizard.html IE: Translate this web page with Babylon - e:\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - e:\babylon\babylon-pro\utils\BabylonIEPI.dll/Action.htm IE: Verwerk met LeechGet (Parse) - file://e:\leechget 2009\\Parser.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228503343015 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} - hxxp://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5461/mcfscan.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - e:\avg\avgpp.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Notify: avgrsstarter - avgrsstx.dll Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - e:\superantispyware\SASSEH.DLL Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\cij~1.smi\applic~1\mozilla\firefox\profiles\podmy70d.default\ FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl) FF - prefs.js: browser.startup.homepage - hxxp://startpagina.nl|gids.omroep.nl/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - plugin: c:\divx\divx player\npDivxPlayerPlugin.dll FF - plugin: c:\divx\divx web player\npdivx32.dll FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\mozilla firefox\plugins\npJoostPlugin.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: e:\opera\program\plugins\np_gp.dll FF - plugin: e:\opera\program\plugins\np_gp.dll FF - plugin: e:\opera\program\plugins\npdsplay.dll FF - plugin: e:\opera\program\plugins\npqtplugin.dll FF - plugin: e:\opera\program\plugins\npqtplugin2.dll FF - plugin: e:\opera\program\plugins\npqtplugin3.dll FF - plugin: e:\opera\program\plugins\npqtplugin4.dll FF - plugin: e:\opera\program\plugins\npqtplugin5.dll FF - plugin: e:\opera\program\plugins\npqtplugin6.dll FF - plugin: e:\opera\program\plugins\npqtplugin7.dll FF - plugin: e:\opera\program\plugins\NPSWF32.dll FF - plugin: e:\opera\program\plugins\npwmsdrm.dll FF - plugin: e:\quicktime\plugins\npqtplugin.dll FF - plugin: e:\quicktime\plugins\npqtplugin2.dll FF - plugin: e:\quicktime\plugins\npqtplugin3.dll FF - plugin: e:\quicktime\plugins\npqtplugin4.dll FF - plugin: e:\quicktime\plugins\npqtplugin5.dll FF - plugin: e:\quicktime\plugins\npqtplugin6.dll FF - plugin: e:\quicktime\plugins\npqtplugin7.dll FF - plugin: e:\real\netscape6\nppl3260.dll FF - plugin: e:\real\netscape6\nprjplug.dll FF - plugin: e:\real\netscape6\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.sessionstore.resume_from_crash - false FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-11-10 64288] R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-6-11 130936] R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2008-12-19 16896] R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2008-12-19 53248] R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2008-12-19 17920] R1 avgio;avgio;e:\avira\avira\antivir desktop\avgio.sys [2009-3-19 11608] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-15 333192] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-12-15 28424] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-25 360584] R1 SASDIFSV;SASDIFSV;e:\superantispyware\SASDIFSV.SYS [2006-10-10 12872] R1 SASKUTIL;SASKUTIL;e:\superantispyware\SASKUTIL.SYS [2007-2-27 66632] R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/02/19 19:45:07];c:\program files\cyberlink\powerdvd9\000.fcl [2009-5-7 87536] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\avira\avira\antivir desktop\sched.exe [2009-3-19 108289] R2 AntiVirService;Avira AntiVir Guard;e:\avira\avira\antivir desktop\avguard.exe [2009-3-19 185089] R2 avg9emc;AVG Free E-mail Scanner;e:\avg\avgemc.exe [2009-11-11 906520] R2 avg9wd;AVG Free WatchDog;e:\avg\avgwdsvc.exe [2009-11-11 285392] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-3-19 56816] R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\mouse driver\KMWDSrv.exe [2008-6-23 208896] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1229232] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-12-20 93320] R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [2009-1-17 17408] R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [2009-1-17 46592] R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352] R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032] R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296] R3 SASENUM;SASENUM;e:\superantispyware\SASENUM.SYS [2008-9-3 12872] R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [2009-1-17 116224] S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352] S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032] S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888] S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888] S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296] S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-2-6 23456] S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?] S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648] S3 UBFWNet;Unibrain 1394 FireNet Adapter NT Driver;c:\windows\system32\drivers\ubfwnet.sys [2008-12-4 32016] S4 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-6-11 348752] =============== Created Last 30 ================ 2010-02-20 21:48:25 4958588 ----a-w- c:\windows\{00000000-00000000-0000000A-00001102-00000004-00511102}.BAK 2010-02-20 17:44:19 0 d-sh--w- c:\documents and settings\c. i.j.smits\Onlangs geopend 2010-02-19 18:44:54 0 d-----w- c:\program files\common files\CyberLink 2010-02-19 18:43:20 29480 ----a-w- c:\windows\system32\msxml3a.dll 2010-02-19 17:02:34 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} 2010-02-19 17:02:09 0 d-----w- c:\program files\Lavasoft 2010-02-15 16:40:56 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2010-02-15 16:40:20 0 d-----w- c:\program files\Hitman Pro 3.5 2010-02-15 16:05:04 3897 ----a-w- c:\documents and settings\c. i.j.smits\.recently-used.xbel 2010-02-15 15:19:25 14336 ----a-w- c:\windows\system32\drivers\EIO_XP.sys 2010-02-15 15:16:36 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys 2010-02-15 15:16:19 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys 2010-02-15 15:16:04 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys 2010-02-15 15:16:03 16384 ----a-w- c:\windows\system32\ipsink.ax 2010-02-15 15:15:50 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys 2010-02-15 15:15:35 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS 2010-02-15 15:15:20 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys 2010-02-15 15:15:14 0 d-----w- c:\program files\My Company Name 2010-02-15 15:14:53 14336 ----a-w- c:\windows\system32\drivers\EIO64_xp.sys 2010-02-15 15:14:37 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys 2010-02-15 15:14:05 54272 ----a-w- c:\windows\system32\vfwwdm32.dll 2010-02-15 15:14:04 91648 ----a-w- c:\windows\system32\kswdmcap.ax 2010-02-15 15:14:04 43008 ----a-w- c:\windows\system32\ksxbar.ax 2010-02-15 15:14:03 61952 ----a-w- c:\windows\system32\kstvtune.ax 2010-02-15 15:13:21 0 d-----w- c:\program files\ASUS 2010-02-12 21:29:45 0 d-----w- c:\docume~1\alluse~1\applic~1\UAB 2010-02-12 21:29:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Driver Whiz 2010-02-12 21:15:33 327168 ----a-w- c:\windows\system32\cutil32.dll 2010-02-12 21:15:33 285696 ----a-w- c:\windows\system32\cudart.dll 2010-02-12 21:15:33 27136 ----a-w- c:\windows\system32\PCWizard.cpl 2010-02-12 21:08:44 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys 2010-02-09 21:00:35 0 d-----w- c:\documents and settings\c. i.j.smits\.fontconfig 2010-02-07 15:46:59 0 d-----w- c:\docume~1\cij~1.smi\applic~1\Cover Expert 2010-02-07 12:10:37 0 d-----w- c:\docume~1\cij~1.smi\applic~1\MahJong Suite 2010-02-07 12:10:37 0 d-----w- c:\docume~1\alluse~1\applic~1\TreeCardGames 2010-02-07 11:45:26 0 d-----w- c:\docume~1\cij~1.smi\applic~1\MyMahj 2010-02-07 10:37:35 0 d-----w- c:\program files\DFX 2010-02-06 18:31:47 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys 2010-02-04 17:23:47 0 d-sh--w- C:\found.002 2010-02-04 16:12:57 0 d-----w- c:\docume~1\alluse~1\applic~1\NVIDIA Corporation ==================== Find3M ==================== 2010-02-21 21:58:57 196608 ----a-w- c:\windows\system32\drivers\nVivid.bin 2010-02-19 18:42:55 505128 ----a-w- c:\windows\system32\msvcp71.dll 2010-02-19 18:42:55 353576 ----a-w- c:\windows\system32\msvcr71.dll 2010-02-19 17:04:05 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-02-15 15:15:49 534356 ----a-w- c:\windows\system32\perfh013.dat 2010-02-15 15:15:49 100220 ----a-w- c:\windows\system32\perfc013.dat 2010-02-04 15:53:02 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-01-12 11:03:34 61440 ----a-w- c:\windows\system32\OpenCL.dll 2010-01-12 11:03:34 11632640 ----a-w- c:\windows\system32\nvcompiler.dll 2010-01-07 15:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-31 16:50:03 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-21 19:10:30 916480 ----a-w- c:\windows\system32\wininet.dll 2009-12-17 16:14:00 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-17 07:42:53 345600 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:10:21 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-09 10:11:52 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-12-09 10:11:52 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-11-27 17:14:13 1295872 ----a-w- c:\windows\system32\quartz.dll 2009-11-27 17:14:12 17920 ----a-w- c:\windows\system32\msyuv.dll 2009-11-27 16:10:19 8704 ----a-w- c:\windows\system32\tsbyuv.dll 2009-11-27 16:10:19 85504 ----a-w- c:\windows\system32\avifil32.dll 2009-11-27 16:10:19 48128 ----a-w- c:\windows\system32\iyuv_32.dll 2009-11-27 16:10:19 28672 ----a-w- c:\windows\system32\msvidc32.dll 2009-11-27 16:10:19 11264 ----a-w- c:\windows\system32\msrle32.dll 2009-06-07 15:37:26 144 ----a-w- c:\program files\ohyfu.txt ============= FINISH: 10:46:35,53 =============== groet, Cees
  • Hallo Cees, voordat ik een volgend DDS-log ga analyseren, eerst dit: je hebt twee aktieve antivirusprogramma's in jouw Windows zitten! Dat is niet goed en compromitteert ook de totale veiligheid in je Windows! Je moet dus kiezen: of AVG of Avira als antivirus! Laat weten wat je nu wil, want voor beiden zijn spefieke verwijdertools nodig!
  • dat zal dan de AVG moeten zijn, hoewel een scan met Avira precies 3 uur duurde! Wil ik het eerst verwijderen en dan een nieuwe log sturen? groet, Cees
  • Hallo Cees - gebruik de [b:4574de01d3]AVG Remover[/b:4574de01d3] om AVG volledig uit je Windows te verwijderren: http://www.avg.com/nl-nl/download-tools Dat Avira lang over de scan deed zal mede aan tegenwerking door AVG hebben gelegen! Want Avira heeft echt een snelle engine! Post hierna een nieuw DDS-log!
  • nieuwe log na verwijdering AVG: DDS (Ver_09-12-01.01) - NTFSx86 Run by C. I.J.Smits at 19:31:21,68 on ma 22-02-2010 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1257 [GMT 1:00] AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe E:\Avira\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE E:\Avira\Avira\AntiVir Desktop\avguard.exe svchost.exe E:\Ashampoo Magical Defrag 2\bin\aDefragService.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\Brmfrmps.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Mouse Driver\KMWDSrv.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe E:\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe E:\CDBurnerXP\NMSAccessU.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe E:\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe C:\Program Files\Creative\ShareDLL\CtNotify.exe C:\Program Files\Creative\ShareDLL\MediaDet.Exe C:\Program Files\Brother\ControlCenter2\brctrcen.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\WINDOWS\system32\CTHELPER.EXE E:\WinPatrol\winpatrol.exe E:\Avira\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\WINDOWS\system32\ctfmon.exe E:\Vista Start Menu\VistaStartMenu.exe E:\CursorXP\CursorXP.exe E:\Creative\SBAudigy\Taskbar\CTLTray.exe E:\Creative\SBAudigy\Taskbar\CTLTask.exe E:\PrintScreen\PrintScreen.exe C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe E:\Advanced SystemCare 3\AWC.exe E:\Advanced SystemCare 3\Sup_SmartRAM.exe E:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE E:\DriverMax\devices.exe E:\StemPunt\StemPunt.exe E:\Corel\Suite8\Programs\DAD8.EXE E:\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe E:\MagicDisc\MagicDisc.exe E:\NotesHolder\NotesHolder.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\C. I.J.Smits\Bureaublad\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://search.orbitdownloader.com uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll mURLSearchHooks: H - No File BHO: Download Guard for Internet Explorer: {20c1a7f0-528e-444f-bac5-5804a61cca7f} - e:\download guard for internet explorer\DownloadGuardBHO.dll BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - e:\real\rpbrowserrecordplugin.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [VistaStartMenu] e:\vista start menu\VistaStartMenu.exe uRun: [CursorXP] e:\cursorxp\CursorXP.exe uRun: [TaskTray] e:\creative\sbaudigy\taskbar\CTLTray.exe uRun: [Taskbar] e:\creative\sbaudigy\taskbar\CTLTask.exe uRun: [Gadwin PrintScreen] e:\printscreen\PrintScreen.exe /nosplash uRun: [UpdateStar] c:\documents and settings\c. i.j.smits\application data\updatestar\UpdateStar.exe -A uRun: [Advanced SystemCare 3] "e:\advanced systemcare 3\AWC.exe" /startup uRun: [SmartRAM] "e:\advanced systemcare 3\Sup_SmartRAM.exe" /m uRun: [SUPERAntiSpyware] e:\superantispyware\SUPERANTISPYWARE.EXE uRun: [DriverMax] "e:\drivermax\devices.exe" -agent uRun: [StemPunt] e:\stempunt\StemPunt.exe uRun: [ASUS SmartDoctor] c:\program files\asus\smartdoctor\SmartDoctor.exe /start mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe" mRun: [LVCOMSX] "c:\program files\common files\logishrd\lcommgr\LVComSX.exe" mRun: [mspwr] c:\windows\system32\PuXpMan2.exe mRun: [PwrUpTweakMe] c:\windows\system32\PuXpTwks.exe /TWEAK mRun: [DefragTaskBar] "e:\ashampoo magical defrag 2\bin\defragTaskBar.exe" mRun: [Disc Detector] c:\program files\creative\sharedll\CtNotify.exe mRun: [UpdReg] c:\windows\Updreg.exe mRun: [CTStartup] e:\creative\sbaudigy\program\CTEaxSpl.EXE /run mRun: [Jet Detection] e:\creative\sbaudigy\program\ADGJDet.exe mRun: [CTxfiHlp] CTXFIHLP.EXE mRun: [ControlCenter2.0] c:\program files\brother\controlcenter2\brctrcen.exe /autorun mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe mRun: [CTHelper] CTHELPER.EXE mRun: [WinPatrol] e:\winpatrol\winpatrol.exe -expressboot mRun: [avgnt] "e:\avira\avira\antivir desktop\avgnt.exe" /min mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [QuickTime Task] "e:\quicktime\qttask.exe" -atboottime mRun: [ASUSGamerOSD] c:\program files\asus\gamerosd\GamerOSD.exe mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe" mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\cij~1.smi\menust~1\progra~1\opstar~1\magicd~1.lnk - e:\magicdisc\MagicDisc.exe StartupFolder: c:\docume~1\cij~1.smi\menust~1\progra~1\opstar~1\notesh~1.lnk - e:\notesholder\NotesHolder.exe StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\coreld~1.lnk - e:\corel\suite8\programs\DAD8.EXE StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\logite~1.lnk - e:\logitech\setpoint\SetPoint.exe StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\status~1.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe uPolicies-explorer: <NO NAME> = mPolicies-explorer: ShowDriveLettersFirst = 4 (0x4) IE: &Winamp Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html IE: Download met LeechGet - file://e:\leechget 2009\\AddUrl.html IE: Download met LeechGet Wizard - file://e:\leechget 2009\\Wizard.html IE: Translate this web page with Babylon - e:\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - e:\babylon\babylon-pro\utils\BabylonIEPI.dll/Action.htm IE: Verwerk met LeechGet (Parse) - file://e:\leechget 2009\\Parser.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228503343015 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} - hxxp://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5461/mcfscan.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Notify: avgrsstarter - avgrsstx.dll Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - e:\superantispyware\SASSEH.DLL Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\cij~1.smi\applic~1\mozilla\firefox\profiles\podmy70d.default\ FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl) FF - prefs.js: browser.startup.homepage - hxxp://startpagina.nl|gids.omroep.nl/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - plugin: c:\divx\divx player\npDivxPlayerPlugin.dll FF - plugin: c:\divx\divx web player\npdivx32.dll FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\mozilla firefox\plugins\npJoostPlugin.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: e:\opera\program\plugins\np_gp.dll FF - plugin: e:\opera\program\plugins\np_gp.dll FF - plugin: e:\opera\program\plugins\npdsplay.dll FF - plugin: e:\opera\program\plugins\npqtplugin.dll FF - plugin: e:\opera\program\plugins\npqtplugin2.dll FF - plugin: e:\opera\program\plugins\npqtplugin3.dll FF - plugin: e:\opera\program\plugins\npqtplugin4.dll FF - plugin: e:\opera\program\plugins\npqtplugin5.dll FF - plugin: e:\opera\program\plugins\npqtplugin6.dll FF - plugin: e:\opera\program\plugins\npqtplugin7.dll FF - plugin: e:\opera\program\plugins\NPSWF32.dll FF - plugin: e:\opera\program\plugins\npwmsdrm.dll FF - plugin: e:\quicktime\plugins\npqtplugin.dll FF - plugin: e:\quicktime\plugins\npqtplugin2.dll FF - plugin: e:\quicktime\plugins\npqtplugin3.dll FF - plugin: e:\quicktime\plugins\npqtplugin4.dll FF - plugin: e:\quicktime\plugins\npqtplugin5.dll FF - plugin: e:\quicktime\plugins\npqtplugin6.dll FF - plugin: e:\quicktime\plugins\npqtplugin7.dll FF - plugin: e:\real\netscape6\nppl3260.dll FF - plugin: e:\real\netscape6\nprjplug.dll FF - plugin: e:\real\netscape6\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.sessionstore.resume_from_crash - false FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-11-10 64288] R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-6-11 130936] R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2008-12-19 16896] R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2008-12-19 53248] R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2008-12-19 17920] R1 avgio;avgio;e:\avira\avira\antivir desktop\avgio.sys [2009-3-19 11608] R1 SASDIFSV;SASDIFSV;e:\superantispyware\SASDIFSV.SYS [2006-10-10 12872] R1 SASKUTIL;SASKUTIL;e:\superantispyware\SASKUTIL.SYS [2007-2-27 66632] R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/02/19 19:45:07];c:\program files\cyberlink\powerdvd9\000.fcl [2009-5-7 87536] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\avira\avira\antivir desktop\sched.exe [2009-3-19 108289] R2 AntiVirService;Avira AntiVir Guard;e:\avira\avira\antivir desktop\avguard.exe [2009-3-19 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-3-19 56816] R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\mouse driver\KMWDSrv.exe [2008-6-23 208896] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1229232] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-12-20 93320] R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [2009-1-17 17408] R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [2009-1-17 46592] R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352] R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032] R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296] R3 SASENUM;SASENUM;e:\superantispyware\SASENUM.SYS [2008-9-3 12872] R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [2009-1-17 116224] S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352] S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032] S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888] S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888] S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296] S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-2-6 23456] S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?] S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648] S3 UBFWNet;Unibrain 1394 FireNet Adapter NT Driver;c:\windows\system32\drivers\ubfwnet.sys [2008-12-4 32016] S4 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-6-11 348752] =============== Created Last 30 ================ 2010-02-22 17:04:21 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll 2010-02-22 17:04:21 528216 ----a-w- c:\windows\system32\XAudio2_6.dll 2010-02-22 17:04:20 238936 ----a-w- c:\windows\system32\xactengine3_6.dll 2010-02-22 17:04:19 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll 2010-02-20 21:48:25 4958588 ----a-w- c:\windows\{00000000-00000000-0000000A-00001102-00000004-00511102}.BAK 2010-02-20 17:44:19 0 d-sh--w- c:\documents and settings\c. i.j.smits\Onlangs geopend 2010-02-19 18:44:54 0 d-----w- c:\program files\common files\CyberLink 2010-02-19 18:43:20 29480 ----a-w- c:\windows\system32\msxml3a.dll 2010-02-19 17:02:34 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} 2010-02-19 17:02:09 0 d-----w- c:\program files\Lavasoft 2010-02-15 16:40:56 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2010-02-15 16:40:20 0 d-----w- c:\program files\Hitman Pro 3.5 2010-02-15 16:05:04 3897 ----a-w- c:\documents and settings\c. i.j.smits\.recently-used.xbel 2010-02-15 15:19:25 14336 ----a-w- c:\windows\system32\drivers\EIO_XP.sys 2010-02-15 15:16:36 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys 2010-02-15 15:16:19 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys 2010-02-15 15:16:04 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys 2010-02-15 15:16:03 16384 ----a-w- c:\windows\system32\ipsink.ax 2010-02-15 15:15:50 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys 2010-02-15 15:15:35 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS 2010-02-15 15:15:20 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys 2010-02-15 15:15:14 0 d-----w- c:\program files\My Company Name 2010-02-15 15:14:53 14336 ----a-w- c:\windows\system32\drivers\EIO64_xp.sys 2010-02-15 15:14:37 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys 2010-02-15 15:14:05 54272 ----a-w- c:\windows\system32\vfwwdm32.dll 2010-02-15 15:14:04 91648 ----a-w- c:\windows\system32\kswdmcap.ax 2010-02-15 15:14:04 43008 ----a-w- c:\windows\system32\ksxbar.ax 2010-02-15 15:14:03 61952 ----a-w- c:\windows\system32\kstvtune.ax 2010-02-15 15:13:21 0 d-----w- c:\program files\ASUS 2010-02-12 21:29:45 0 d-----w- c:\docume~1\alluse~1\applic~1\UAB 2010-02-12 21:29:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Driver Whiz 2010-02-12 21:15:33 327168 ----a-w- c:\windows\system32\cutil32.dll 2010-02-12 21:15:33 285696 ----a-w- c:\windows\system32\cudart.dll 2010-02-12 21:15:33 27136 ----a-w- c:\windows\system32\PCWizard.cpl 2010-02-12 21:08:44 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys 2010-02-09 21:00:35 0 d-----w- c:\documents and settings\c. i.j.smits\.fontconfig 2010-02-07 15:46:59 0 d-----w- c:\docume~1\cij~1.smi\applic~1\Cover Expert 2010-02-07 12:10:37 0 d-----w- c:\docume~1\cij~1.smi\applic~1\MahJong Suite 2010-02-07 12:10:37 0 d-----w- c:\docume~1\alluse~1\applic~1\TreeCardGames 2010-02-07 11:45:26 0 d-----w- c:\docume~1\cij~1.smi\applic~1\MyMahj 2010-02-07 10:37:35 0 d-----w- c:\program files\DFX 2010-02-06 18:31:47 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys 2010-02-04 17:23:47 0 d-sh--w- C:\found.002 2010-02-04 16:12:57 0 d-----w- c:\docume~1\alluse~1\applic~1\NVIDIA Corporation ==================== Find3M ==================== 2010-02-21 21:58:57 196608 ----a-w- c:\windows\system32\drivers\nVivid.bin 2010-02-19 18:42:55 505128 ----a-w- c:\windows\system32\msvcp71.dll 2010-02-19 18:42:55 353576 ----a-w- c:\windows\system32\msvcr71.dll 2010-02-19 17:04:05 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-02-15 15:15:49 534356 ----a-w- c:\windows\system32\perfh013.dat 2010-02-15 15:15:49 100220 ----a-w- c:\windows\system32\perfc013.dat 2010-02-04 15:53:02 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-01-12 11:03:34 61440 ----a-w- c:\windows\system32\OpenCL.dll 2010-01-12 11:03:34 11632640 ----a-w- c:\windows\system32\nvcompiler.dll 2010-01-07 15:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-31 16:50:03 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-21 19:10:30 916480 ----a-w- c:\windows\system32\wininet.dll 2009-12-17 16:14:00 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-17 07:42:53 345600 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:10:21 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-09 10:11:52 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-12-09 10:11:52 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-11-27 17:14:13 1295872 ----a-w- c:\windows\system32\quartz.dll 2009-11-27 17:14:12 17920 ----a-w- c:\windows\system32\msyuv.dll 2009-11-27 16:10:19 8704 ----a-w- c:\windows\system32\tsbyuv.dll 2009-11-27 16:10:19 85504 ----a-w- c:\windows\system32\avifil32.dll 2009-11-27 16:10:19 48128 ----a-w- c:\windows\system32\iyuv_32.dll 2009-11-27 16:10:19 28672 ----a-w- c:\windows\system32\msvidc32.dll 2009-11-27 16:10:19 11264 ----a-w- c:\windows\system32\msrle32.dll 2009-06-07 15:37:26 144 ----a-w- c:\program files\ohyfu.txt ============= FINISH: 19:31:54,82 =========== wederom groeten, Cees.
  • Hallo Cees, analyze van jouw DDS-log doet mij besluiten om alsnog Combofix te gaan gebruiken! [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:b91b252ce0]Laat Combofix dus jouw Windows scannen[/b:b91b252ce0] (klik)[/url]. [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:b91b252ce0]Hoe Combofix goed te gebruiken[/b:b91b252ce0] (klik)[/url] [b:b91b252ce0]Aanvulling: om Combofix te kunnen gebruiken geldt het volgende: [color=red:b91b252ce0]- er mogen geen webbrowsers openstaan - antivirus moet geheel gedeaktiveerd zijn - actieve mal- en spywarescanners moeten gedeaktiveerd zijn.[/b:b91b252ce0][/color:b91b252ce0] Niet in het actieve Combofixvnster klikken – dit zal Combofix doen bevriezen! Combofix sluit de internet verbinding – probeer deze tussentijds niet te herstellen! [b:b91b252ce0]Vistagebruikers starten Combofix op met Administratorrechten! En vergeten niet Windows Defender tijdelijk uit te schakelen: zie daarvoor [url]http://windowshelp.microsoft.com/Windows/nl-NL/help/31d797aa-091d-4d67-a556-dbfaf21bf0dc1043.mspx[/url].[/b:b91b252ce0] [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:b91b252ce0]Hier vindt je gegevens hoe antivirus te deaktiveren[/b:b91b252ce0][/url]
  • zweten, maar is dit het gezochte? ComboFix 10-02-21.02 - C. I.J.Smits 22-02-2010 22:03:42.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1457 [GMT 1:00] Gestart vanuit: E:\installers&setup's\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\C. I.J.Smits\Menu Start\Programma's\Opstarten\MagicDisc.lnk C:\RECYCLER\S-1-5-21-1482476501-1767777339-725345543-1004 . (((((((((((((((((((( Bestanden Gemaakt van 2010-01-22 to 2010-02-22 )))))))))))))))))))))))))))))) . 2010-02-22 17:04:21 . 2010-02-04 09:01:14 74072 ----a-w- C:\WINDOWS\system32\XAPOFX1_4.dll 2010-02-22 17:04:21 . 2010-02-04 09:01:14 528216 ----a-w- C:\WINDOWS\system32\XAudio2_6.dll 2010-02-22 17:04:20 . 2010-02-04 09:01:14 238936 ----a-w- C:\WINDOWS\system32\xactengine3_6.dll 2010-02-22 17:04:19 . 2010-02-04 09:01:14 22360 ----a-w- C:\WINDOWS\system32\X3DAudio1_7.dll 2010-02-20 17:44:19 . 2010-02-20 17:44:19 -------- d-sh--w- C:\Documents and Settings\C. I.J.Smits\Onlangs geopend 2010-02-19 18:49:34 . 2010-02-19 20:41:45 -------- d-----w- C:\Documents and Settings\C. I.J.Smits\Local Settings\Application Data\Cyberlink 2010-02-19 18:47:36 . 2010-02-19 18:49:34 -------- d-----w- C:\Documents and Settings\C. I.J.Smits\Application Data\CyberLink 2010-02-19 18:45:09 . 2010-02-19 18:49:34 -------- d-----w- C:\Documents and Settings\All Users\Application Data\CyberLink 2010-02-19 18:44:54 . 2010-02-19 18:44:54 -------- d-----w- C:\Program Files\Common Files\CyberLink 2010-02-19 18:43:49 . 2010-02-19 18:45:07 -------- d-----w- C:\Program Files\CyberLink 2010-02-19 18:43:20 . 2010-02-19 18:42:56 29480 ----a-w- C:\WINDOWS\system32\msxml3a.dll 2010-02-19 18:43:03 . 2010-02-19 18:42:55 53319 ----a-w- C:\Documents and Settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe 2010-02-19 17:04:03 . 2010-02-19 17:04:05 598368 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\EmailScanner.dll 2010-02-19 17:03:35 . 2010-02-19 17:03:36 17480 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\EmailScannerBridge.dll 2010-02-19 17:02:34 . 2010-02-19 17:02:37 -------- dc-h--w- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} 2010-02-19 17:02:34 . 2010-02-04 15:53:47 2954656 -c--a-w- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe 2010-02-19 17:02:09 . 2010-02-19 17:02:40 -------- d-----w- C:\Program Files\Lavasoft 2010-02-15 16:40:56 . 2010-02-17 08:26:30 15944 ----a-w- C:\WINDOWS\system32\drivers\hitmanpro35.sys 2010-02-15 16:40:20 . 2010-02-15 16:40:20 -------- d-----w- C:\Program Files\Hitman Pro 3.5 2010-02-15 15:49:53 . 2010-02-20 18:13:25 -------- d-----w- C:\Program Files\AGEIA Technologies 2010-02-15 15:19:25 . 2009-07-30 10:15:54 14336 ----a-w- C:\WINDOWS\system32\drivers\EIO_XP.sys 2010-02-15 15:16:36 . 2008-04-13 18:39:50 5504 ----a-w- C:\WINDOWS\system32\drivers\MSTEE.sys 2010-02-15 15:16:19 . 2008-04-13 18:46:22 10880 ----a-w- C:\WINDOWS\system32\drivers\NdisIP.sys 2010-02-15 15:16:04 . 2008-04-13 18:46:22 15232 ----a-w- C:\WINDOWS\system32\drivers\StreamIP.sys 2010-02-15 15:15:50 . 2008-04-13 18:46:24 11136 ----a-w- C:\WINDOWS\system32\drivers\SLIP.sys 2010-02-15 15:15:35 . 2008-04-13 18:46:24 19200 ----a-w- C:\WINDOWS\system32\drivers\WSTCODEC.SYS 2010-02-15 15:15:20 . 2008-04-13 18:46:26 85248 ----a-w- C:\WINDOWS\system32\drivers\NABTSFEC.sys 2010-02-15 15:15:14 . 2010-02-15 15:15:14 -------- d-----w- C:\Program Files\My Company Name 2010-02-15 15:14:53 . 2010-02-15 15:14:49 14336 ----a-w- C:\WINDOWS\system32\drivers\EIO64_xp.sys 2010-02-15 15:14:37 . 2008-04-13 18:46:24 17024 ----a-w- C:\WINDOWS\system32\drivers\CCDECODE.sys 2010-02-15 15:14:05 . 2008-04-14 17:02:44 54272 ----a-w- C:\WINDOWS\system32\vfwwdm32.dll 2010-02-13 14:25:13 . 2010-02-13 14:25:13 61440 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-388340eb-n\decora-sse.dll 2010-02-13 14:25:13 . 2010-02-13 14:25:13 503808 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5904cf00-n\msvcp71.dll 2010-02-13 14:25:13 . 2010-02-13 14:25:13 499712 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5904cf00-n\jmc.dll 2010-02-13 14:25:13 . 2010-02-13 14:25:13 348160 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5904cf00-n\msvcr71.dll 2010-02-13 14:25:12 . 2010-02-13 14:25:12 12800 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-388340eb-n\decora-d3d.dll 2010-02-12 21:29:45 . 2010-02-12 21:29:45 -------- d-----w- C:\Documents and Settings\All Users\Application Data\UAB 2010-02-12 21:29:44 . 2010-02-12 21:29:44 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Driver Whiz 2010-02-12 21:15:33 . 2009-10-06 17:32:16 327168 ----a-w- C:\WINDOWS\system32\cutil32.dll 2010-02-12 21:15:33 . 2009-08-03 19:25:42 285696 ----a-w- C:\WINDOWS\system32\cudart.dll 2010-02-12 21:08:44 . 2009-03-27 00:16:28 12672 ----a-w- C:\WINDOWS\system32\drivers\cpuz132_x32.sys 2010-02-09 21:00:35 . 2010-02-09 21:00:35 -------- d-----w- C:\Documents and Settings\C. I.J.Smits\.fontconfig 2010-02-07 17:16:29 . 2010-02-07 17:16:29 52224 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll 2010-02-07 15:46:59 . 2010-02-07 15:46:59 -------- d-----w- C:\Documents and Settings\C. I.J.Smits\Application Data\Cover Expert 2010-02-07 12:10:37 . 2010-02-07 12:21:47 -------- d-----w- C:\Documents and Settings\C. I.J.Smits\Application Data\MahJong Suite 2010-02-07 12:10:37 . 2010-02-07 12:10:37 -------- d-----w- C:\Documents and Settings\All Users\Application Data\TreeCardGames 2010-02-07 11:45:26 . 2010-02-07 12:06:02 -------- d-----w- C:\Documents and Settings\C. I.J.Smits\Application Data\MyMahj 2010-02-07 10:37:35 . 2010-02-07 10:37:41 -------- d-----w- C:\Program Files\DFX 2010-02-06 18:31:47 . 2010-02-06 18:31:47 23456 ----a-w- C:\WINDOWS\system32\drivers\DrvAgent32.sys 2010-02-04 17:23:47 . 2010-02-04 17:23:47 -------- d-----w- C:\found.002 2010-02-04 16:12:57 . 2010-02-04 16:12:57 -------- d-----w- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation 2010-01-24 21:53:45 . 2009-12-24 18:55:22 606208 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Mozilla\Firefox\Profiles\podmy70d.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe 2010-01-24 21:53:44 . 2009-06-02 15:24:30 67072 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Mozilla\Firefox\Profiles\podmy70d.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\npAFOM.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-22 18:27:17 . 2009-11-11 13:59:58 -------- d-----w- C:\Documents and Settings\All Users\Application Data\avg9 2010-02-21 21:58:57 . 2010-02-15 15:13:21 196608 ----a-w- C:\WINDOWS\system32\drivers\nVivid.bin 2010-02-20 18:18:43 . 2009-02-01 17:00:45 -------- d-----w- C:\Documents and Settings\C. I.J.Smits\Application Data\Software Informer 2010-02-20 18:14:11 . 2008-12-07 16:10:41 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard 2010-02-20 18:12:40 . 2009-12-14 19:00:05 -------- d-----w- C:\Program Files\NVIDIA Corporation 2010-02-20 17:43:50 . 2009-03-18 16:43:31 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-02-20 08:31:49 . 2008-12-05 17:30:06 -------- d-----w- C:\Documents and Settings\C. I.J.Smits\Application Data\Vista Start Menu 2010-02-19 18:44:53 . 2008-12-03 21:36:33 -------- d--h--w- C:\Program Files\InstallShield Installation Information 2010-02-19 18:43:03 . 2008-12-09 11:13:42 -------- d---a-w- C:\Documents and Settings\All Users\Application Data\TEMP 2010-02-19 18:42:55 . 2009-09-06 16:24:41 505128 ----a-w- C:\WINDOWS\system32\msvcp71.dll 2010-02-19 18:42:55 . 2009-09-06 16:24:41 353576 ----a-w- C:\WINDOWS\system32\msvcr71.dll 2010-02-19 17:04:11 . 2009-11-10 18:27:36 154488 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\DownloadGuardBHO.dll 2010-02-19 17:04:08 . 2009-11-10 18:27:35 432008 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\DownloadGuard.exe 2010-02-19 17:04:05 . 2009-11-10 18:27:36 95024 ----a-w- C:\WINDOWS\system32\drivers\SBREDrv.sys 2010-02-19 17:04:05 . 2009-11-10 18:27:11 95024 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys 2010-02-19 17:04:03 . 2009-11-10 18:27:35 884176 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe 2010-02-19 17:04:01 . 2009-11-10 18:27:34 566608 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\sbap.dll 2010-02-19 17:04:00 . 2009-11-10 18:27:34 15880 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe 2010-02-19 14:00:45 . 2009-06-09 21:07:04 -------- d-----w- C:\Program Files\Common Files\Symantec Shared 2010-02-15 17:16:32 . 2008-12-03 20:31:56 37544 ----a-w- C:\Documents and Settings\C. I.J.Smits\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-02-15 16:40:29 . 2008-12-07 13:08:46 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Hitman Pro 2010-02-15 16:15:01 . 2009-02-04 15:43:28 57 ----a-w- C:\Documents and Settings\All Users\Application Data\Brother\BrLog\BrCollectDir\BR_cat.bat 2010-02-15 16:09:26 . 2009-02-04 15:46:28 50 ----a-w- C:\WINDOWS\system32\BRIDF04A.dat 2010-02-15 15:15:49 . 2006-03-02 12:00:00 534356 ----a-w- C:\WINDOWS\system32\perfh013.dat 2010-02-15 15:15:49 . 2006-03-02 12:00:00 100220 ----a-w- C:\WINDOWS\system32\perfc013.dat 2010-02-15 15:15:01 . 2010-02-15 15:13:21 -------- d-----w- C:\Program Files\ASUS 2010-02-13 15:35:22 . 2008-12-11 14:48:39 1 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-02-13 15:32:48 . 2009-05-12 09:17:05 -------- d-----w- C:\Program Files\OpenOffice.org 3 2010-02-13 14:25:11 . 2008-12-11 14:45:33 -------- d-----w- C:\Program Files\Common Files\Java 2010-02-13 14:24:54 . 2008-12-11 14:45:34 -------- d-----w- C:\Program Files\Java 2010-02-07 17:16:23 . 2009-03-13 12:04:25 117760 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2010-02-07 08:53:01 . 2008-12-20 17:21:44 -------- d-----w- C:\Program Files\McAfee 2010-02-06 18:29:42 . 2010-02-06 18:29:42 2316 ----a-w- C:\Documents and Settings\All Users\Application Data\xml2E6.tmp 2010-02-06 18:29:42 . 2010-02-06 18:29:42 13755 ----a-w- C:\Documents and Settings\All Users\Application Data\xml2E5.tmp 2010-02-06 18:29:42 . 2010-02-06 18:29:41 7734 ----a-w- C:\Documents and Settings\All Users\Application Data\xml2E4.tmp 2010-02-04 18:27:44 . 2009-11-10 18:27:18 3803208 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe 2010-02-04 16:07:25 . 2008-12-04 18:20:07 664 ----a-w- C:\WINDOWS\system32\d3d9caps.dat 2010-02-04 15:53:02 . 2009-11-10 18:28:03 64288 ----a-w- C:\WINDOWS\system32\drivers\Lbd.sys 2010-01-25 16:53:53 . 2009-05-24 15:06:25 12885336 ----a-w- C:\WINDOWS\Internet Logs\tvDebug.Zip 2010-01-25 16:17:24 . 2010-01-25 16:26:16 25088 ----a-w- C:\WINDOWS\Internet Logs\xDBF.tmp 2010-01-25 15:52:31 . 2010-01-25 15:53:56 157184 ----a-w- C:\WINDOWS\Internet Logs\xDBE.tmp 2010-01-25 14:46:40 . 2010-01-25 15:33:53 27136 ----a-w- C:\WINDOWS\Internet Logs\xDBD.tmp 2010-01-25 14:22:01 . 2010-01-25 14:39:04 1387520 ----a-w- C:\WINDOWS\Internet Logs\xDBC.tmp 2010-01-25 14:22:01 . 2010-01-25 14:39:04 12800 ----a-w- C:\WINDOWS\Internet Logs\xDBB.tmp 2010-01-25 14:09:15 . 2010-01-25 14:11:54 1386496 ----a-w- C:\WINDOWS\Internet Logs\xDB8.tmp 2010-01-25 14:06:05 . 2010-01-25 14:14:14 99328 ----a-w- C:\WINDOWS\Internet Logs\xDB9.tmp 2010-01-25 14:03:10 . 2010-01-25 14:14:15 1386496 ----a-w- C:\WINDOWS\Internet Logs\xDBA.tmp 2010-01-25 10:46:15 . 2010-01-25 10:46:15 101960 ----a-w- C:\WINDOWS\Internet Logs\vsmon_2nd_2010_01_25_11_05_10_small.dmp.zip 2010-01-25 10:05:07 . 2010-01-25 10:08:09 1318912 ----a-w- C:\WINDOWS\Internet Logs\xDB7.tmp 2010-01-25 09:48:06 . 2010-01-25 10:04:24 1570304 ----a-w- C:\WINDOWS\Internet Logs\xDB6.tmp 2010-01-25 09:48:06 . 2010-01-25 10:04:24 1570304 ----a-w- C:\WINDOWS\Internet Logs\xDB5.tmp 2010-01-21 10:45:33 . 2009-11-10 18:27:32 194104 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Savapibridge.dll 2010-01-20 17:58:10 . 2009-01-21 19:37:19 -------- d-----w- C:\Documents and Settings\C. I.J.Smits\Application Data\NotesHolder 2010-01-20 09:09:17 . 2008-12-05 18:48:53 -------- d-----w- C:\Program Files\Microsoft Silverlight 2010-01-19 22:30:08 . 2009-01-14 18:01:39 5115824 ----a-w- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-01-19 21:12:06 . 2009-06-09 17:31:08 -------- d-----w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar 2010-01-12 11:03:34 . 2009-12-14 18:59:54 61440 ----a-w- C:\WINDOWS\system32\OpenCL.dll 2010-01-12 11:03:34 . 2009-12-14 18:59:54 11632640 ----a-w- C:\WINDOWS\system32\nvcompiler.dll 2010-01-07 15:07:14 . 2008-12-14 16:12:06 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07:04 . 2008-12-14 16:12:08 19160 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys 2009-12-31 16:50:03 . 2006-03-02 12:00:00 353792 ----a-w- C:\WINDOWS\system32\drivers\srv.sys 2009-12-28 15:38:44 . 2009-12-28 15:38:44 860400 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\en\ustarrs.dll 2009-12-28 15:38:42 . 2009-12-28 15:38:42 864496 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\de\ustarrs.dll 2009-12-28 15:38:36 . 2009-12-28 15:38:36 4710640 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe 2009-12-28 15:36:44 . 2009-12-28 15:36:44 269824 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UstarRO64.exe 2009-12-28 15:34:42 . 2009-12-28 15:34:42 192512 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UstarRO32.exe 2009-12-28 15:29:14 . 2009-12-28 15:29:14 847872 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\ko\ustarrs.dll 2009-12-28 15:29:08 . 2009-12-28 15:29:08 876544 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\lt\ustarrs.dll 2009-12-28 15:29:02 . 2009-12-28 15:29:02 847872 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\zh\ustarrs.dll 2009-12-28 15:28:54 . 2009-12-28 15:28:54 872448 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\uk\ustarrs.dll 2009-12-28 15:28:48 . 2009-12-28 15:28:48 872448 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\sv\ustarrs.dll 2009-12-28 15:28:42 . 2009-12-28 15:28:42 868352 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\sk\ustarrs.dll 2009-12-28 15:28:36 . 2009-12-28 15:28:36 872448 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\ru\ustarrs.dll 2009-12-28 15:28:30 . 2009-12-28 15:28:30 876544 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\ro\ustarrs.dll 2009-12-28 15:28:24 . 2009-12-28 15:28:24 839680 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\pt\ustarrs.dll 2009-12-28 15:28:16 . 2009-12-28 15:28:16 872448 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\pl\ustarrs.dll 2009-12-28 15:28:10 . 2009-12-28 15:28:10 876544 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\nl\ustarrs.dll 2009-12-28 15:28:02 . 2009-12-28 15:28:02 851968 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\ja\ustarrs.dll 2009-12-28 15:27:56 . 2009-12-28 15:27:56 872448 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\it\ustarrs.dll 2009-12-28 15:27:50 . 2009-12-28 15:27:50 872448 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\hu\ustarrs.dll 2009-12-28 15:27:44 . 2009-12-28 15:27:44 839680 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\fr\ustarrs.dll 2009-12-28 15:27:38 . 2009-12-28 15:27:38 876544 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\Es\ustarrs.dll 2009-12-28 15:27:20 . 2009-12-28 15:27:20 872448 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\Cs\ustarrs.dll 2009-12-21 19:10:30 . 2006-03-02 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll 2009-12-17 16:14:00 . 2008-12-11 21:13:50 411368 ----a-w- C:\WINDOWS\system32\deploytk.dll 2009-12-17 07:42:53 . 2008-12-03 20:16:24 345600 ----a-w- C:\WINDOWS\system32\mspaint.exe 2009-12-15 13:23:03 . 2009-12-15 13:23:03 106591 ----a-w- C:\WINDOWS\Internet Logs\vsmon_2nd_2009_12_15_13_45_14_small.dmp.zip 2009-12-14 18:32:42 . 2009-12-14 18:32:42 102651 ----a-w- C:\WINDOWS\Internet Logs\vsmon_2nd_2009_12_14_19_13_46_small.dmp.zip 2009-12-14 07:10:21 . 2006-03-02 12:00:00 33280 ----a-w- C:\WINDOWS\system32\csrsrv.dll 2009-12-14 06:57:22 . 2010-01-19 20:29:22 213504 ----a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Thunderbird\Profiles\eyfgd0qw.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}\components\calbscmp.dll 2009-12-09 10:11:52 . 2006-03-02 12:00:00 2149888 ----a-w- C:\WINDOWS\system32\ntoskrnl.exe 2009-12-09 10:11:52 . 2004-08-04 00:58:16 2028544 ----a-w- C:\WINDOWS\system32\ntkrnlpa.exe 2009-12-07 15:42:21 . 2009-03-19 20:49:27 56816 ----a-w- C:\WINDOWS\system32\drivers\avgntflt.sys 2009-12-04 18:22:22 . 2006-03-02 12:00:00 455424 ----a-w- C:\WINDOWS\system32\drivers\mrxsmb.sys 2009-11-27 17:14:13 . 2006-03-02 12:00:00 1295872 ----a-w- C:\WINDOWS\system32\quartz.dll 2009-11-27 17:14:12 . 2004-08-04 01:03:18 17920 ----a-w- C:\WINDOWS\system32\msyuv.dll 2009-11-27 16:10:19 . 2006-03-02 12:00:00 85504 ----a-w- C:\WINDOWS\system32\avifil32.dll 2009-11-27 16:10:19 . 2006-03-02 12:00:00 28672 ----a-w- C:\WINDOWS\system32\msvidc32.dll 2009-11-27 16:10:19 . 2006-03-02 12:00:00 11264 ----a-w- C:\WINDOWS\system32\msrle32.dll 2009-11-27 16:10:19 . 2004-08-04 01:03:14 48128 ----a-w- C:\WINDOWS\system32\iyuv_32.dll 2009-02-24 19:34:32 . 2009-02-24 19:34:32 1044480 ----a-w- C:\Program Files\mozilla firefox\plugins\libdivx.dll 2009-02-24 19:34:32 . 2009-02-24 19:34:32 200704 ----a-w- C:\Program Files\mozilla firefox\plugins\ssldivx.dll . ------- Sigcheck ------- [-] 2009-03-18 21:29:30 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\drivers\TCPIP.SYS [-] 2009-03-18 21:29:30 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\dllcache\TCPIP.SYS [7] 2008-06-20 11:59:02 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys [7] 2008-04-13 19:20:16 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\TCPIP.SYS [-] 2006-10-18 20:47:16 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . C:\WINDOWS\system32\mspmsnsv.dll [-] 2006-10-18 20:47:16 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . C:\WINDOWS\system32\dllcache\mspmsnsv.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VistaStartMenu"="E:\Vista Start Menu\VistaStartMenu.exe" [2010-01-27 16:39:22 2775936] "CursorXP"="E:\CursorXP\CursorXP.exe" [2002-06-18 20:53:38 66560] "TaskTray"="E:\Creative\SBAudigy\Taskbar\CTLTray.exe" [2001-06-29 00:00:00 163840] "Taskbar"="E:\Creative\SBAudigy\Taskbar\CTLTask.exe" [2001-07-26 00:00:00 118784] "Gadwin PrintScreen"="E:\PrintScreen\PrintScreen.exe" [2008-12-09 11:08:38 495616] "UpdateStar"="C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe" [2009-12-28 15:38:36 4710640] "Advanced SystemCare 3"="E:\Advanced SystemCare 3\AWC.exe" [2010-02-08 10:02:10 2343632] "SmartRAM"="E:\Advanced SystemCare 3\Sup_SmartRAM.exe" [2010-01-22 13:12:12 200280] "SUPERAntiSpyware"="E:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" [2010-02-19 08:27:36 2012912] "DriverMax"="E:\DriverMax\devices.exe" [2010-01-11 12:59:48 9068960] "StemPunt"="E:\StemPunt\StemPunt.exe" [2010-01-04 14:33:58 970752] "ASUS SmartDoctor"="C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe" [2009-08-12 21:03:12 1187840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 13:46:26 69632] "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-01-12 02:09:28 488984] "LVCOMSX"="C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe" [2007-01-12 02:12:18 244512] "mspwr"="C:\WINDOWS\system32\PuXpMan2.exe" [2008-06-02 12:22:32 110592] "PwrUpTweakMe"="C:\WINDOWS\system32\PuXpTwks.exe" [2008-06-02 12:22:32 45056] "DefragTaskBar"="E:\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" [2008-10-09 07:18:32 173408] "Disc Detector"="C:\Program Files\Creative\ShareDLL\CtNotify.exe" [2001-04-02 01:00:00 191488] "UpdReg"="C:\WINDOWS\Updreg.exe" [2000-05-11 00:00:00 90112] "CTStartup"="E:\Creative\SBAudigy\Program\CTEaxSpl.EXE" [2001-06-04 00:00:00 28672] "Jet Detection"="E:\Creative\SBAudigy\PROGRAM\ADGJDet.exe" [2001-04-20 13:52:40 28672] "CTxfiHlp"="CTXFIHLP.EXE" [2007-04-09 11:32:32 19968] "ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2004-07-20 08:34:28 851968] "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-09 16:02:24 57393] "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-09 16:24:32 40960] "CTHelper"="CTHELPER.EXE" [2007-04-09 11:32:32 19456] "WinPatrol"="E:\WinPatrol\winpatrol.exe" [2009-10-10 21:07:08 320832] "avgnt"="E:\Avira\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 11:08:47 209153] "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 14:21:52 246504] "QuickTime Task"="E:\QuickTime\qttask.exe" [2009-11-10 22:08:18 417792] "ASUSGamerOSD"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe" [2009-07-30 17:10:04 380928] "nwiz"="C:\Program Files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-05 22:39:00 1657376] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2009-08-06 08:44:34 86016] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2009-08-06 08:44:34 13877248] "RemoteControl9"="C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-04-27 19:41:58 87336] "PDVD9LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 16:50:24 50472] "BDRegion"="C:\Program Files\Cyberlink\Shared Files\brs.exe" [2009-05-07 20:05:44 75048] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 17:02:53 15360] C:\Documents and Settings\C. I.J.Smits\Menu Start\Programma's\Opstarten\ NotesHolder.lnk - E:\NotesHolder\NotesHolder.exe [2006-10-2 555520] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ Corel Desktop Application Director 8.LNK - E:\Corel\Suite8\Programs\DAD8.EXE [2008-12-11 201216] Logitech SetPoint.lnk - E:\Logitech\SetPoint\SetPoint.exe [2008-12-6 809488] Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2009-2-4 819200] Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "ShowDriveLettersFirst"= 4 (0x4) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 20:41:34 304128] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "E:\SUPERAntiSpyware\SASSEH.DLL" [2008-05-22 06:58:14 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2008-11-07 15:41:22 72208 ----a-w- c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\startupfolder\C:^Documents and Settings^C. I.J.Smits^Menu Start^Programma's^Opstarten^Secunia PSI (2).lnk] backup=C:\WINDOWS\pss\Secunia PSI (2).lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^C. I.J.Smits^Menu Start^Programma's^Opstarten^Secunia PSI.lnk] backup=C:\WINDOWS\pss\Secunia PSI.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HitmanPro3 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot "QuickTime Task"="E:\QuickTime\QTTask.exe" -atboottime "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "E:\\SiSoftware Sandra Lite 2009.SP2\\RpcAgentSrv.exe"= "E:\\MailStore Home\\MailStoreLocal.exe"= "E:\\Miro\\Miro_Downloader.exe"= "C:\\WINDOWS\\system32\\java.exe"= "E:\\BankingTools\\C@shflow V3.1\\C@shflowApp.exe"= "E:\\BankingTools\\C@shflow V3.1\\AUTOUPDVR.EXE"= "E:\\SiSoftware Sandra Lite 2009.SP2\\WNt500x86\\RpcSandraSrv.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "E:\\Mozilla Thunderbird\\thunderbird.exe"= "C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "E:\\Opera\\opera.exe"= "E:\\Gekko Mahjongg\\Mahjongg.exe"= "C:\\WINDOWS\\system32\\mmc.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3149:UDP"= 3149:UDP:Windows Media Format SDK (RealPlay.exe) "3148:UDP"= 3148:UDP:Windows Media Format SDK (RealPlay.exe) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 Lbd;Lbd;C:\WINDOWS\system32\drivers\Lbd.sys [10-11-2009 19:28:03 64288] R0 PCTCore;PCTools KDS;C:\WINDOWS\system32\drivers\PCTCore.sys [11-6-2009 16:05:10 130936] R0 ViBus;ViBus;C:\WINDOWS\system32\drivers\ViBus.sys [19-12-2008 19:12:42 16896] R0 ViPrt;VIA SATA IDE Device Driver;C:\WINDOWS\system32\drivers\ViPrt.sys [19-12-2008 19:12:42 53248] R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\drivers\xfilt.sys [19-12-2008 16:12:13 17920] R1 SASDIFSV;SASDIFSV;E:\SUPERAntiSpyware\SASDIFSV.SYS [10-10-2006 13:53:48 12872] R1 SASKUTIL;SASKUTIL;E:\SUPERAntiSpyware\SASKUTIL.SYS [27-2-2007 12:39:26 66632] R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/02/19 19:45:07];C:\Program Files\CyberLink\PowerDVD9\000.fcl [7-5-2009 21:05:22 87536] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;E:\Avira\Avira\AntiVir Desktop\sched.exe [19-3-2009 21:49:27 108289] R2 KMWDSERVICE;Keyboard And Mouse Communication Service;C:\Program Files\Mouse Driver\KMWDSrv.exe [23-6-2008 20:28:08 208896] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [20-12-2008 18:21:51 93320] R2 ubsbm;Unibrain 1394 SBM Driver;C:\WINDOWS\system32\drivers\UBSBM.sys [17-1-2009 18:36:12 17408] R2 ubumapi;Unibrain 1394 FireAPI Driver;C:\WINDOWS\system32\drivers\UBUMAPI.sys [17-1-2009 18:36:12 46592] R3 COMMONFX.SYS;COMMONFX.SYS;C:\WINDOWS\system32\drivers\COMMONFX.sys [27-6-2008 19:21:18 99352] R3 CTAUDFX.SYS;CTAUDFX.SYS;C:\WINDOWS\system32\drivers\CTAUDFX.sys [27-6-2008 19:21:26 555032] R3 CTSBLFX.SYS;CTSBLFX.SYS;C:\WINDOWS\system32\drivers\CTSBLFX.sys [27-6-2008 19:21:38 566296] R3 SASENUM;SASENUM;E:\SUPERAntiSpyware\SASENUM.SYS [3-9-2008 13:07:16 12872] R3 ubohci;Unibrain 1394 OHCI Driver;C:\WINDOWS\system32\drivers\ubohci.sys [17-1-2009 18:36:12 116224] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [4-2-2010 16:52:57 1229232] S3 COMMONFX;COMMONFX;C:\WINDOWS\system32\drivers\COMMONFX.sys [27-6-2008 19:21:18 99352] S3 CTAUDFX;CTAUDFX;C:\WINDOWS\system32\drivers\CTAUDFX.sys [27-6-2008 19:21:26 555032] S3 CTERFXFX.SYS;CTERFXFX.SYS;C:\WINDOWS\system32\drivers\CTERFXFX.sys [27-6-2008 19:21:44 100888] S3 CTERFXFX;CTERFXFX;C:\WINDOWS\system32\drivers\CTERFXFX.sys [27-6-2008 19:21:44 100888] S3 CTSBLFX;CTSBLFX;C:\WINDOWS\system32\drivers\CTSBLFX.sys [27-6-2008 19:21:38 566296] S3 DrvAgent32;DrvAgent32;C:\WINDOWS\system32\drivers\DrvAgent32.sys [6-2-2010 19:31:47 23456] S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\C:\WINDOWS\system32\drivers\hitmanpro3.sys --> C:\WINDOWS\system32\drivers\hitmanpro3.sys [?] S3 PSI;PSI;C:\WINDOWS\system32\drivers\psi_mf.sys [17-6-2009 13:20:34 12648] S3 UBFWNet;Unibrain 1394 FireNet Adapter NT Driver;C:\WINDOWS\system32\drivers\ubfwnet.sys [4-12-2008 22:23:47 32016] S4 sdAuxService;PC Tools Auxiliary Service;C:\Program Files\Spyware Doctor\pctsAuxs.exe [11-6-2009 16:04:46 348752] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map 2010-02-22 C:\WINDOWS\Tasks\1-klik Onderhoud.job - E:\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 10:04:36 . 2009-07-16 10:04:36] 2010-02-22 C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52:58 . 2010-02-19 17:03:28] 2010-02-20 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34:12 . 2008-07-30 11:34:12] 2010-02-22 C:\WINDOWS\Tasks\GlaryInitialize.job - E:\Glary Utilities\initialize.exe [2009-03-15 17:51:32 . 2009-11-03 09:21:06] 2010-02-19 C:\WINDOWS\Tasks\Norton Security Scan for C. I.J.Smits.job - C:\Program Files\Norton Security Scan\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2009-08-21 13:01:01 . 2009-09-15 14:45:48] 2009-08-21 C:\WINDOWS\Tasks\ParetoLogic Update Version2.job - C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59:10 . 2009-01-13 14:59:10] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://search.orbitdownloader.com IE: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: Download met LeechGet - file://E:\LeechGet 2009\\AddUrl.html IE: Download met LeechGet Wizard - file://E:\LeechGet 2009\\Wizard.html IE: Translate this web page with Babylon - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm IE: Verwerk met LeechGet (Parse) - file://E:\LeechGet 2009\\Parser.html FF - ProfilePath - C:\Documents and Settings\C. I.J.Smits\Application Data\Mozilla\Firefox\Profiles\podmy70d.default\ FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl) FF - prefs.js: browser.startup.homepage - hxxp://startpagina.nl|gids.omroep.nl/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - plugin: C:\DivX\DivX Player\npDivxPlayerPlugin.dll FF - plugin: C:\DivX\DivX Web Player\npdivx32.dll FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npJoostPlugin.dll FF - plugin: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: E:\Opera\program\plugins\np_gp.dll FF - plugin: E:\Opera\program\plugins\np_gp.dll FF - plugin: E:\Opera\program\plugins\npdsplay.dll FF - plugin: E:\Opera\program\plugins\npqtplugin.dll FF - plugin: E:\Opera\program\plugins\npqtplugin2.dll FF - plugin: E:\Opera\program\plugins\npqtplugin3.dll FF - plugin: E:\Opera\program\plugins\npqtplugin4.dll FF - plugin: E:\Opera\program\plugins\npqtplugin5.dll FF - plugin: E:\Opera\program\plugins\npqtplugin6.dll FF - plugin: E:\Opera\program\plugins\npqtplugin7.dll FF - plugin: E:\Opera\program\plugins\NPSWF32.dll FF - plugin: E:\Opera\program\plugins\npwmsdrm.dll FF - plugin: E:\QuickTime\Plugins\npqtplugin.dll FF - plugin: E:\QuickTime\Plugins\npqtplugin2.dll FF - plugin: E:\QuickTime\Plugins\npqtplugin3.dll FF - plugin: E:\QuickTime\Plugins\npqtplugin4.dll FF - plugin: E:\QuickTime\Plugins\npqtplugin5.dll FF - plugin: E:\QuickTime\Plugins\npqtplugin6.dll FF - plugin: E:\QuickTime\Plugins\npqtplugin7.dll FF - plugin: E:\real\Netscape6\nppl3260.dll FF - plugin: E:\real\Netscape6\nprjplug.dll FF - plugin: E:\real\Netscape6\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.sessionstore.resume_from_crash - false FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . - - - - ORPHANS VERWIJDERD - - - - Notify-avgrsstarter - avgrsstx.dll ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-22 22:19:30 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Disc Detector = C:\Program Files\Creative\ShareDLL\CtNotify.exe?X???X???????????? C?????Disc Detector?B???A???????A???????B???@?$?@?? C?????U?@?????????@?B???A???????A?P?????B???@?????P???$?@?????????~?:~??????????@?]?????????????????B?????\????????????????????p????????B CTStartup = E:\Creative\SBAudigy\Program\CTEaxSpl.EXE /run?????w???w?&3?????????????x??????s$????\?w? ?w???????w???w4???????.??w4???????4???TA?s4???~????&3?????\???0???0???\???\???\???$???5?:~e?:~\???\???\?????a???????:~\???\??????s~???\??????s\????&3?A??s?&3???:~??? CTxfiHlp = CTXFIHLP.EXE? CTHelper = CTHELPER.EXE? scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet007\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD9\000.fcl" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(996) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll . Voltooingstijd: 2010-02-22 22:21:49 ComboFix-quarantined-files.txt 2010-02-22 21:21:46 ComboFix2.txt 2008-12-14 16:31:20 Pre-Run: 89.458.249.728 bytes beschikbaar Post-Run: 89.471.250.432 bytes beschikbaar Current=7 Default=7 Failed=2 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8 - - End Of File - - F9520B71415955D0BD4C0EB9A0C38264 groet, Cees.
  • Hallo Cees, Combofix heft gedaan wat ik verwachtte. Hoe heeft jouw Windows erop gereageerd? Heeft trouwens de scan door HitmanPro nog iets opgeleverd?
  • lijkt iets sneller, heeft o.a. een dubbele opstartverwijzing er uit gehaald, maar Firefox wil nog steeds niet in de normale modus starten. Er waren geen infecties gevonden. Hoe nu verder? weer groeten,Cees.
  • Hallo Cees, een vraag - heb jij ooit Hitman Pro geïnstalleerd gehad!
  • ja, staat er nog op, maar automatisch starten is uitgeschakeld. Groet, Cees.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.