Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

zonealarm schakelde firefox uit

Abraham54
30 antwoorden
  • Had last van een haperende videokaart (bleek vastlopende ventilator) en onleesbare mededelingen, niet goed doorstarten e.d. Op een gegeven moment gaf zonealarm de melding, dat een programma werd geblokkeerd; kon toen niet zien welk programma. Heb meteen zonnealarm verwijderd voordat het nog meer schade zou aanrichten.
    Na het installeren van een nieuwe videokaart, Nvidea GT 220, bleek firefox alleen nog in de veilige modus te werken! Dat had zonnealarm dus uitgeschakeld.
    Is er iemand die kan vertellen waar ik in het register dit weer ongedaan kan maken? Ik werk met XP.
    Groeten,
    Cees.
  • http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis :roll: Misschien slim om even een logje te maken en te posten dan kan een expert je wellicht verder helpen.
  • heb inmiddels de Ccleaner gebruikt om o.a. de windowupdate uninstallers te verwijderen, dus ik hoop dat een log nog zin heef!

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:50:49, on 19-2-2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    E:\Ad-Aware\AAWService.exe
    E:\AVG\avgchsvx.exe
    E:\AVG\avgrsx.exe
    E:\AVG\avgcsrvx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\brss01a.exe
    E:\Avira\Avira\AntiVir Desktop\sched.exe
    E:\Avira\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    E:\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
    E:\Ashampoo Magical Defrag 2\bin\aDefragService.exe
    C:\Program Files\Creative\ShareDLL\CtNotify.exe
    C:\Program Files\Creative\ShareDLL\MediaDet.Exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\WINDOWS\ATKKBService.exe
    E:\WinPatrol\winpatrol.exe
    E:\AVG\avgwdsvc.exe
    C:\WINDOWS\system32\Brmfrmps.exe
    E:\Avira\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    E:\AVG\avgtray.exe
    C:\Program Files\Mouse Driver\KMWDSrv.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    E:\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\ctfmon.exe
    E:\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
    E:\Vista Start Menu\VistaStartMenu.exe
    E:\CursorXP\CursorXP.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\TUProgSt.exe
    E:\Creative\SBAudigy\Taskbar\CTLTray.exe
    E:\AVG\avgnsx.exe
    E:\Creative\SBAudigy\Taskbar\CTLTask.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    E:\PrintScreen\PrintScreen.exe
    C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    E:\Advanced SystemCare 3\AWC.exe
    E:\Advanced SystemCare 3\Sup_SmartRAM.exe
    E:\DriverMax\devices.exe
    E:\StemPunt\StemPunt.exe
    E:\AVG\avgemc.exe
    E:\Corel\Suite8\Programs\DAD8.EXE
    E:\Logitech\SetPoint\SetPoint.exe
    E:\AVG\avgcsrvx.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    E:\MagicDisc\MagicDisc.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    E:\NotesHolder\NotesHolder.exe
    E:\Ad-Aware\AAWTray.exe
    E:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    E:\Mozilla Thunderbird\thunderbird.exe
    E:\installers&setup's\HijackThis.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: DownloadGuardBHO - {20C1A7F0-528E-444F-BAC5-5804A61CCA7F} - E:\Download Guard for Internet Explorer\DownloadGuardBHO.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\real\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\AVG\avgssie.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
    O4 - HKLM\..\Run: [mspwr] C:\WINDOWS\system32\PuXpMan2.exe
    O4 - HKLM\..\Run: [PwrUpTweakMe] C:\WINDOWS\system32\PuXpTwks.exe /TWEAK
    O4 - HKLM\..\Run: [DefragTaskBar] "E:\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
    O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
    O4 - HKLM\..\Run: [CTStartup] E:\Creative\SBAudigy\Program\CTEaxSpl.EXE
    un
    O4 - HKLM\..\Run: [Jet Detection] E:\Creative\SBAudigy\PROGRAM\ADGJDet.exe
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [WinPatrol] E:\WinPatrol\winpatrol.exe -expressboot
    O4 - HKLM\..\Run: [avgnt] "E:\Avira\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [AVG9_TRAY] E:\AVG\avgtray.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "E:\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation
    View
    wiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [VistaStartMenu] E:\Vista Start Menu\VistaStartMenu.exe
    O4 - HKCU\..\Run: [CursorXP] E:\CursorXP\CursorXP.exe
    O4 - HKCU\..\Run: [TaskTray] E:\Creative\SBAudigy\Taskbar\CTLTray.exe
    O4 - HKCU\..\Run: [Taskbar] E:\Creative\SBAudigy\Taskbar\CTLTask.exe
    O4 - HKCU\..\Run: [Gadwin PrintScreen] E:\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [UpdateStar] C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe -A
    O4 - HKCU\..\Run: [Advanced SystemCare 3] "E:\Advanced SystemCare 3\AWC.exe" /startup
    O4 - HKCU\..\Run: [SmartRAM] "E:\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
    O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    O4 - HKCU\..\Run: [DriverMax] "E:\DriverMax\devices.exe" -agent
    O4 - HKCU\..\Run: [StemPunt] E:\StemPunt\StemPunt.exe
    O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: MagicDisc.lnk = E:\MagicDisc\MagicDisc.exe
    O4 - Startup: NotesHolder.lnk = E:\NotesHolder\NotesHolder.exe
    O4 - Global Startup: Corel Desktop Application Director 8.LNK = E:\Corel\Suite8\Programs\DAD8.EXE
    O4 - Global Startup: Logitech SetPoint.lnk = E:\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Download met LeechGet - file://E:\LeechGet 2009\\AddUrl.html
    O8 - Extra context menu item: Download met LeechGet Wizard - file://E:\LeechGet 2009\\Wizard.html
    O8 - Extra context menu item: Translate this web page with Babylon - res://E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
    O8 - Extra context menu item: Translate with Babylon - res://E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
    O8 - Extra context menu item: Verwerk met LeechGet (Parse) - file://E:\LeechGet 2009\\Parser.html
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
    O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228503343015
    O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5461/mcfscan.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab
    O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\AVG\avgpp.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - E:\Avira\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Avira\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - E:\Ashampoo Magical Defrag 2\bin\aDefragService.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - E:\AVG\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - E:\AVG\avgwdsvc.exe
    O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - E:\Ad-Aware\AAWService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: NMSAccessU - Unknown owner - E:\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe


    End of file - 13741 bytes

    Groet Cees.




  • Hallo Cees, wat betreft je Firefox probleem - gewoon deïnstalleren en de allernieuwste versie installeren!

    Volgens mij heb je overigens weinig van zoneAlarm begrepen; want in het menu ervan bij Programs, heb je de mogelijheid om zelf programma's toetstemming te geven of juist niet te geven om het internet op te gaan!


    Ni je log: er blijken twee antivirusprogramma's aktief, waarbij ik Avira Antivir als jouw hoofd-antivirus heb vastgesteld.
    Maar het is geen goede situatie voor de aktieve veiligheid en ook vanwege de extra resources die hierdoor verbruikt worden.

    Gebruik daarom het AVG Removal Tool, om AVG geheel uit je systeem yekrijgen!

    http://www.avg.com/nl-nl/download-tools


    Nadat je PC opnieuw is opgestart, doe dan het volgende: Start HijackThis opnieuw en kies voor [b:e536723d4d]Scan only[/b:e536723d4d], nadat je een vinkje hebt gezet voor de met de onderstaand corresponderende regels, klik je vervolgens op de knop [b:e536723d4d]Fix checked[/b:e536723d4d]:

    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)

    Post hierna tevens een nieuw HJT-log ter controle!
  • het probleem ontstond dan ook in een uitzonderlijke situatie: doordat mijn videokaart haperde, startte de pc niet normaal door en waren de berichten niet meer allemaal te lezen; toen zonnealarm spontaan iets begon te blokkeren, heb ik dit programma dus maar verwijderd(dat lukte alleen maar na steeds weer opnieuw opstarten als de videokaart was afgekoeld)en soms op de gok, voordat er meer belangrijke dingen kwijtraakten. Er was geen mogelijkheid meer om in zonnealarm iets te kiezen, er waren geen teksten meer leesbaar!
    Ga nu proberen wat is voorgesteld en in ieder geval bedankt voor de reactie.
    Groeten,
    Cees.
  • heb de lege verwijzingen weggehaald.
    Firefox gedeïnstalleerd, opnieuw opgestart, Firefox weer geïnstalleerd (nieuwe versie gedownload); maar alleen in Firefox veilige modus te gebruiken!
    Wat nu?
    groeten,
    Cees.
  • Hallo Cees, wat er nu met jouw Windows aan de hand is, is mij niet duidelijk.

    Doe daarom het volgende: download [b:8707f5949c] naar je bureaublad.

    • dds.scr dubbelklikken - wacht tot de scan klaar is.
    • Na de scan worden twee tekstdocumnenten geopend - post het DDS-log!
  • hierbij het gevraagde log;

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-12-01.01)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 3-12-2008 21:21:33
    System Uptime: 21-2-2010 9:56:58 (11 hours ago)

    Motherboard: | | 775Dual-VSTA
    Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | CPUSocket | 3214/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 98 GiB total, 79,065 GiB free.
    D: is FIXED (NTFS) - 10 GiB total, 2,813 GiB free.
    E: is FIXED (NTFS) - 28 GiB total, 8,83 GiB free.
    H: is FIXED (NTFS) - 98 GiB total, 86,762 GiB free.
    I: is FIXED (NTFS) - 98 GiB total, 97,558 GiB free.
    J: is FIXED (NTFS) - 173 GiB total, 172,7 GiB free.
    K: is CDROM ()
    L: is CDROM (UDF)
    M: is CDROM ()
    N: is Removable

    ==== Disabled Device Manager Items =============

    Class GUID:
    Description: Unibrain 1394 PC
    Device ID: UB1394\UNIBRAIN&1394_PC\00023C002102D0A2
    Manufacturer:
    Name: Unibrain 1394 PC
    PNP Device ID: UB1394\UNIBRAIN&1394_PC\00023C002102D0A2
    Service:

    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description: Multimediacontroller
    Device ID: PCI\VEN_1131&DEV_7134&SUBSYS_712617DE&REV_01\3&267A616A&0&60
    Manufacturer:
    Name: Multimediacontroller
    PNP Device ID: PCI\VEN_1131&DEV_7134&SUBSYS_712617DE&REV_01\3&267A616A&0&60
    Service:

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Unibrain 1394 FireNet Adapter
    Device ID: ROOT\NET\0000
    Manufacturer: Unibrain
    Name: Unibrain 1394 FireNet Adapter
    PNP Device ID: ROOT\NET\0000
    Service: UBFWNet

    ==== System Restore Points ===================

    RP526: 24-11-2009 12:23:54 - Controlepunt van systeem
    RP527: 25-11-2009 13:42:54 - Controlepunt van systeem
    RP528: 26-11-2009 9:47:03 - Software Distribution Service 3.0
    RP529: 27-11-2009 18:28:25 - Controlepunt van systeem
    RP530: 28-11-2009 19:44:10 - Controlepunt van systeem
    RP531: 28-11-2009 21:29:15 - Herstelbewerking
    RP532: 30-11-2009 12:31:42 - Removed Opera 10.00.
    RP533: 30-11-2009 12:32:01 - Installed Opera 10.10.
    RP534: 1-12-2009 16:01:32 - Controlepunt van systeem
    RP535: 2-12-2009 18:04:44 - Controlepunt van systeem
    RP536: 3-12-2009 18:36:30 - Controlepunt van systeem
    RP537: 3-12-2009 16:12:54 - Controlepunt van systeem
    RP538: 5-12-2009 17:28:49 - Paint.NET v3.5.1
    RP539: 6-12-2009 18:54:19 - Controlepunt van systeem
    RP540: 6-12-2009 20:52:41 - Revo Uninstaller's restore point - Kyodai Mahjongg 2006 v1.42
    RP541: 6-12-2009 20:53:23 - Revo Uninstaller's restore point - Kyodai Mahjongg 2006 v1.42
    RP542: 6-12-2009 20:53:56 - Revo Uninstaller's restore point - Kyodai Mahjongg 2006 v1.42
    RP543: 6-12-2009 20:54:31 - Revo Uninstaller's restore point - Kyodai Mahjongg 2006 v1.42
    RP544: 8-12-2009 14:26:06 - Controlepunt van systeem
    RP545: 8-12-2009 19:39:15 - Software Distribution Service 3.0
    RP546: 8-12-2009 18:25:55 - Software Distribution Service 3.0
    RP547: 9-12-2009 20:06:26 - Controlepunt van systeem
    RP548: 9-12-2009 20:22:50 - Herstelbewerking
    RP549: 9-12-2009 20:27:09 - Herstelbewerking
    RP550: 9-12-2009 21:48:14 - Geïnstalleerd C@shflow V3.3
    RP551: 11-12-2009 16:50:41 - Controlepunt van systeem
    RP552: 12-12-2009 9:53:26 - Avg8 Update
    RP553: 12-12-2009 9:54:34 - Avg8 Update
    RP554: 13-12-2009 19:26:25 - Glary Utilities Restore Point
    RP555: 14-12-2009 10:50:42 - DirectX is geïnstalleerd.
    RP556: 14-12-2009 15:47:22 - Software Distribution Service 3.0
    RP557: 14-12-2009 17:32:20 - Revo Uninstaller's restore point - Orbit Downloader
    RP558: 14-12-2009 17:33:29 - Revo Uninstaller's restore point - Orbit Downloader
    RP559: 14-12-2009 17:35:02 - Revo Uninstaller's restore point - Orbit Downloader
    RP560: 14-12-2009 19:10:58 - Herstelbewerking
    RP561: 14-12-2009 19:20:02 - Herstelbewerking
    RP562: 15-12-2009 8:16:00 - Herstelbewerking
    RP563: 16-12-2009 12:47:25 - Herstelbewerking
    RP564: 17-12-2009 11:38:53 - Herstelbewerking
    RP565: 20-12-2009 21:31:17 - Avg8 Update
    RP566: 19-1-2010 22:11:52 - Software Distribution Service 3.0
    RP567: 21-1-2010 13:50:32 - Software Distribution Service 3.0
    RP568: 22-1-2010 14:01:03 - Controlepunt van systeem
    RP569: 22-1-2010 15:37:09 - Software Distribution Service 3.0
    RP570: 23-1-2010 21:07:07 - Controlepunt van systeem
    RP571: 25-1-2010 17:12:46 - Controlepunt van systeem
    RP572: 4-2-2010 17:09:55 - Avg8 Update
    RP573: 4-2-2010 17:57:58 - Revo Uninstaller's restore point - ZoneAlarm
    RP574: 5-2-2010 19:36:40 - Controlepunt van systeem
    RP575: 6-2-2010 22:26:12 - Controlepunt van systeem
    RP576: 8-2-2010 15:29:22 - Controlepunt van systeem
    RP577: 9-2-2010 15:35:18 - Controlepunt van systeem
    RP578: 10-2-2010 15:10:17 - Software Distribution Service 3.0
    RP579: 11-2-2010 16:32:39 - Controlepunt van systeem
    RP580: 11-2-2010 22:02:55 - Installed Microsoft WorldWide Telescope
    RP581: 12-2-2010 22:28:46 - Installed Driver Whiz.
    RP582: 13-2-2010 15:24:17 - Installed Java(TM) 6 Update 18
    RP583: 13-2-2010 16:30:43 - Verwijderd: OpenOffice.org 3.0
    RP584: 13-2-2010 16:32:39 - Geïnstalleerd: OpenOffice.org 3.2
    RP585: 14-2-2010 20:15:26 - Controlepunt van systeem
    RP586: 15-2-2010 14:31:21 - Installed Microsoft Bootvis
    RP587: 15-2-2010 16:12:37 - Geïnstalleerd Utility
    RP588: 15-2-2010 16:36:04 - Revo Uninstaller's restore point - Microsoft Bootvis
    RP589: 15-2-2010 16:36:37 - Removed Microsoft Bootvis
    RP590: 15-2-2010 17:08:41 - Geïnstalleerd Brother MFL Pro
    RP591: 15-2-2010 17:09:26 - Printerstuurprogramma Brother PC-FAX is geïnstalleerd
    RP592: 16-2-2010 19:12:20 - Controlepunt van systeem
    RP593: 17-2-2010 19:21:18 - Controlepunt van systeem
    RP594: 18-2-2010 19:30:52 - ccleaner18-02-10
    RP595: 19-2-2010 19:42:13 - powerdvd9
    RP596: 19-2-2010 19:43:03 - Installed PowerDVD
    RP597: 20-2-2010 15:29:04 - hijack
    RP598: 20-2-2010 19:12:37 - Geïnstalleerd: NVIDIA PhysX
    RP599: 20-2-2010 19:13:20 - Verwijderd: NVIDIA PhysX
    RP600: 21-2-2010 19:38:59 - Controlepunt van systeem

    ==== Installed Programs ======================

    7-Zip 4.65
    Aangifte inkomstenbelasting 2008
    Ad-Aware
    Ad-Aware Email Scanner for Outlook
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Media Player
    Adobe Shockwave Player 11.5
    Advanced SystemCare 3
    Apple Application Support
    Apple Software Update
    Ashampoo Magical Defrag 2
    Ashampoo PowerUP XP Platinum 2.20
    Ask Toolbar
    ASUS Gamer OSD
    ASUS Smart Doctor
    ASUS VideoSecurity Online
    AVG Free 9.0
    Avira AntiVir Personal - Free Antivirus
    Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127-v2)
    Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390)
    Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215)
    Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714)
    Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260)
    Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027)
    Beveiligingsupdate voor Windows Internet Explorer 8 (KB969897)
    Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961)
    Beveiligingsupdate voor Windows Internet Explorer 8 (KB972260)
    Beveiligingsupdate voor Windows Internet Explorer 8 (KB974455)
    Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325)
    Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207)
    Beveiligingsupdate voor Windows XP (KB923789)
    Beveiligingsupdate voor Windows XP (KB956390)
    Beveiligingsupdate voor Windows XP (KB970430)
    Beveiligingsupdate voor Windows XP (KB971468)
    Beveiligingsupdate voor Windows XP (KB972270)
    Beveiligingsupdate voor Windows XP (KB973904)
    Beveiligingsupdate voor Windows XP (KB974318)
    Beveiligingsupdate voor Windows XP (KB974392)
    Beveiligingsupdate voor Windows XP (KB975560)
    Beveiligingsupdate voor Windows XP (KB975713)
    Beveiligingsupdate voor Windows XP (KB977165)
    Beveiligingsupdate voor Windows XP (KB977914)
    Beveiligingsupdate voor Windows XP (KB978037)
    Beveiligingsupdate voor Windows XP (KB978251)
    Beveiligingsupdate voor Windows XP (KB978262)
    Beveiligingsupdate voor Windows XP (KB978706)
    Brother MFL-Pro Suite
    C@shflow V3.1
    C@shflow V3.3
    CCleaner
    CDBurnerXP
    CDDRV_Installer
    Celestia 1.6.0
    Corel WordPerfect Suite 8
    Cover Expert 1.9 Build 282
    CPUID CPU-Z 1.53.1
    Creative Audio-console
    CrystalDiskInfo 3.1.1
    CrystalDiskMark 2.2.0
    CursorXP
    CyberLink PowerDVD 9
    DFX for Windows Media Player
    DirectX for Managed Code Update (December 2004)
    DivX Codec
    DivX Converter
    DivX Player
    DivX Plus DirectShow Filters
    DivX Web Player
    Download Guard for Internet Explorer
    Driver Whiz
    DriverAgent by eSupport.com
    DriverMax 4
    DriverMax 5
    Eusing Free Registry Cleaner
    EVEREST Ultimate Edition v5.00
    FireNet
    Folderico 3.7.2
    Foxit PDF Editor
    Foxit PDF IFilter
    Foxit Reader
    Gadwin PrintScreen
    Gekko Mahjongg
    GIMP 2.6.7
    Glary Utilities 2.17.0.776
    HDD Health v3.2 Beta
    HijackThis 2.0.2
    Hitman Pro 3.5
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    iCF Skin Pack
    iColorFolder
    Icy Tower v1.4
    Java 2 Runtime Environment Standard Edition v1.3
    Java Auto Updater
    Java(TM) 6 Update 18
    Joost ™ 0.12.0
    KhalInstallWrapper
    Logitech Communications Manager
    Logitech SetPoint
    MagicDisc 2.7.105
    MahJong Suite 2009 v6.1
    MailStore Home 3.0.2.2448
    Malwarebytes' Anti-Malware
    Malwarebytes' RogueRemover
    McAfee SiteAdvisor
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Dutch Language Pack
    Microsoft .NET Framework 1.1 Security Update (KB953297)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NLD
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NLD
    Microsoft .NET Framework 3.5 Language Pack SP1 - nld
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft National Language Support Downlevel APIs
    Microsoft Rekenmachine Plus
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft WorldWide Telescope
    MiNode
    Miro
    MixMeister
    MovieSaver 2.0
    MozBackup 1.4.10
    Mozilla Firefox (3.6)
    Mozilla Sunbird (0.9)
    Mozilla Thunderbird (3.0.1)
    MSVCRT
    My Folder v1.0
    MyMahj v4.1b
    NASA World Wind 1.4
    NIPO CAPI@HOME
    NirSoft IPNetInfo
    Norton Security Scan
    NotesHolder Lite 1.41
    NoteTab Light 6 (Remove only)
    NTREGOPT 1.1j
    NVIDIA Display Control Panel
    NVIDIA Drivers
    NVIDIA nView Desktop Manager
    NVIDIA PhysX
    OpenOffice.org 3.2
    Opera 10.10
    Paint.NET v3.5.1
    Pakket voor de provider van Microsoft Base-smartcardcryptografieservice
    PaperPort
    PC SECURITY TEST 2007
    PC SECURITY TEST 2009
    PC Wizard 2010.1.93
    Platform
    PowerDVD
    QuickTime
    RealPlayer
    Recuva (remove only)
    Revo Uninstaller 1.85
    Segoe UI
    Software Informer 1.0 BETA
    Softwarenetz Agenda2
    Sophos Anti-Rootkit 1.3.1
    Sound Blaster Audigy
    SpeedFan (remove only)
    SpywareBlaster 4.2
    StemPunt
    StillLife Demo
    SUPERAntiSpyware Free Edition
    System Requirements Lab
    Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
    Teletekstbrowser versie 3.4
    Total Commander (Remove or Repair)
    TuneUp Utilities 2009
    UltraExplorer 2.0.3.1
    UnderCoverXP 1.20
    Uniblue RegistryBooster 2009
    Unreal Commander v0.95
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update voor Windows Internet Explorer 8 (KB969497)
    Update voor Windows Internet Explorer 8 (KB971180)
    Update voor Windows Internet Explorer 8 (KB972636)
    Update voor Windows Internet Explorer 8 (KB973874)
    Update voor Windows Internet Explorer 8 (KB975364)
    Update voor Windows Internet Explorer 8 (KB976749)
    Update voor Windows XP (KB951978)
    Update voor Windows XP (KB955759)
    Update voor Windows XP (KB971737)
    UpdateStar
    Utility
    VC 9.0 Runtime
    VC80CRTRedist - 8.0.50727.762
    VIA Platform apparaatbeheer
    VIA Rhine-Family Fast-Ethernet Adapter
    Vista Start Menu 3.55
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    Vuze Launcher
    WebFldrs XP
    Winamp
    Winamp Toolbar
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows Live - Hulpprogramma voor uploaden
    Windows Live aanmeldhulp
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player Firefox Plugin
    WinPatrol 2009
    XML Paper Specification Shared Components Language Pack 1.0
    XviD MPEG-4 Video Codec
    Yankee Clipper III

    ==== End Of File ===========================
    Groeten,
  • Hallo Cees, je hebt je best gedaan, maar je hebt de inhoud van het verkeerde log gepost.

    Dus gaarne het andere DDS log, met een x-analyse van jouw Windows, posten!
  • we proberen het nog een keer:

    DDS (Ver_09-12-01.01) - NTFSx86
    Run by C. I.J.Smits at 10:45:50,10 on ma 22-02-2010
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1280 [GMT 1:00]

    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

    ============== Running Processes ===============

    C:\WINDOWS\system32
    vsvc32.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    E:\AVG\avgchsvx.exe
    E:\AVG\avgrsx.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    E:\AVG\avgcsrvx.exe
    E:\Avira\Avira\AntiVir Desktop\sched.exe
    E:\Avira\Avira\AntiVir Desktop\avguard.exe
    C:\WINDOWS\Explorer.EXE
    svchost.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    E:\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
    C:\Program Files\Creative\ShareDLL\CtNotify.exe
    E:\Ashampoo Magical Defrag 2\bin\aDefragService.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\Program Files\Creative\ShareDLL\MediaDet.Exe
    C:\WINDOWS\ATKKBService.exe
    E:\WinPatrol\winpatrol.exe
    E:\AVG\avgwdsvc.exe
    E:\Avira\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\Brmfrmps.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Mouse Driver\KMWDSrv.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    E:\CDBurnerXP\NMSAccessU.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    E:\AVG\avgtray.exe
    E:\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
    C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\System32\TUProgSt.exe
    C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    E:\AVG\avgnsx.exe
    C:\Program Files\Cyberlink\Shared Files\brs.exe
    C:\WINDOWS\system32\ctfmon.exe
    E:\Vista Start Menu\VistaStartMenu.exe
    E:\CursorXP\CursorXP.exe
    E:\Creative\SBAudigy\Taskbar\CTLTray.exe
    E:\Creative\SBAudigy\Taskbar\CTLTask.exe
    E:\PrintScreen\PrintScreen.exe
    C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe
    E:\Advanced SystemCare 3\AWC.exe
    E:\Advanced SystemCare 3\Sup_SmartRAM.exe
    E:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    E:\DriverMax\devices.exe
    E:\StemPunt\StemPunt.exe
    E:\Corel\Suite8\Programs\DAD8.EXE
    E:\AVG\avgemc.exe
    E:\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    E:\AVG\avgcsrvx.exe
    E:\MagicDisc\MagicDisc.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    E:\NotesHolder\NotesHolder.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    E:\Mozilla Thunderbird\thunderbird.exe
    C:\Documents and Settings\C. I.J.Smits\Bureaublad\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://search.orbitdownloader.com
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    mURLSearchHooks: H - No File
    BHO: Download Guard for Internet Explorer: {20c1a7f0-528e-444f-bac5-5804a61cca7f} - e:\download guard for internet explorer\DownloadGuardBHO.dll
    BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - e:\real\rpbrowserrecordplugin.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - e:\avg\avgssie.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
    TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
    TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [VistaStartMenu] e:\vista start menu\VistaStartMenu.exe
    uRun: [CursorXP] e:\cursorxp\CursorXP.exe
    uRun: [TaskTray] e:\creative\sbaudigy\taskbar\CTLTray.exe
    uRun: [Taskbar] e:\creative\sbaudigy\taskbar\CTLTask.exe
    uRun: [Gadwin PrintScreen] e:\printscreen\PrintScreen.exe /nosplash
    uRun: [UpdateStar] c:\documents and settings\c. i.j.smits\application data\updatestar\UpdateStar.exe -A
    uRun: [Advanced SystemCare 3] "e:\advanced systemcare 3\AWC.exe" /startup
    uRun: [SmartRAM] "e:\advanced systemcare 3\Sup_SmartRAM.exe" /m
    uRun: [SUPERAntiSpyware] e:\superantispyware\SUPERANTISPYWARE.EXE
    uRun: [DriverMax] "e:\drivermax\devices.exe" -agent
    uRun: [StemPunt] e:\stempunt\StemPunt.exe
    uRun: [ASUS SmartDoctor] c:\program files\asus\smartdoctor\SmartDoctor.exe /start
    mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
    mRun: [LVCOMSX] "c:\program files\common files\logishrd\lcommgr\LVComSX.exe"
    mRun: [mspwr] c:\windows\system32\PuXpMan2.exe
    mRun: [PwrUpTweakMe] c:\windows\system32\PuXpTwks.exe /TWEAK
    mRun: [DefragTaskBar] "e:\ashampoo magical defrag 2\bin\defragTaskBar.exe"
    mRun: [Disc Detector] c:\program files\creative\sharedll\CtNotify.exe
    mRun: [UpdReg] c:\windows\Updreg.exe
    mRun: [CTStartup] e:\creative\sbaudigy\program\CTEaxSpl.EXE
    un
    mRun: [Jet Detection] e:\creative\sbaudigy\program\ADGJDet.exe
    mRun: [CTxfiHlp] CTXFIHLP.EXE
    mRun: [ControlCenter2.0] c:\program files\brother\controlcenter2\brctrcen.exe /autorun
    mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe
    mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
    mRun: [CTHelper] CTHELPER.EXE
    mRun: [WinPatrol] e:\winpatrol\winpatrol.exe -expressboot
    mRun: [avgnt] "e:\avira\avira\antivir desktop\avgnt.exe" /min
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [AVG9_TRAY] e:\avg\avgtray.exe
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    mRun: [QuickTime Task] "e:\quicktime\qttask.exe" -atboottime
    mRun: [ASUSGamerOSD] c:\program files\asus\gamerosd\GamerOSD.exe
    mRun: [nwiz] c:\program files
    vidia corporation
    view
    wiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe"
    mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe"
    mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\cij~1.smi\menust~1\progra~1\opstar~1\magicd~1.lnk - e:\magicdisc\MagicDisc.exe
    StartupFolder: c:\docume~1\cij~1.smi\menust~1\progra~1\opstar~1
    otesh~1.lnk - e:
    otesholder\NotesHolder.exe
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\coreld~1.lnk - e:\corel\suite8\programs\DAD8.EXE
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\logite~1.lnk - e:\logitech\setpoint\SetPoint.exe
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\status~1.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    uPolicies-explorer: <NO NAME> =
    mPolicies-explorer: ShowDriveLettersFirst = 4 (0x4)
    IE: &Winamp Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
    IE: Download met LeechGet - file://e:\leechget 2009\\AddUrl.html
    IE: Download met LeechGet Wizard - file://e:\leechget 2009\\Wizard.html
    IE: Translate this web page with Babylon - e:\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm
    IE: Translate with Babylon - e:\babylon\babylon-pro\utils\BabylonIEPI.dll/Action.htm
    IE: Verwerk met LeechGet (Parse) - file://e:\leechget 2009\\Parser.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
    DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228503343015
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} - hxxp://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5461/mcfscan.cab
    DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab
    DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - e:\avg\avgpp.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Notify: avgrsstarter - avgrsstx.dll
    Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - e:\superantispyware\SASSEH.DLL
    Hosts: 127.0.0.1 www.spywareinfo.com

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\cij~1.smi\applic~1\mozilla\firefox\profiles\podmy70d.default\
    FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)
    FF - prefs.js: browser.startup.homepage - hxxp://startpagina.nl|gids.omroep.nl/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
    FF - plugin: c:\divx\divx player
    pDivxPlayerPlugin.dll
    FF - plugin: c:\divx\divx web player
    pdivx32.dll
    FF - plugin: c:\program files\mozilla firefox\plugins
    pFoxitReaderPlugin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins
    pJoostPlugin.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: e:\opera\program\plugins
    p_gp.dll
    FF - plugin: e:\opera\program\plugins
    p_gp.dll
    FF - plugin: e:\opera\program\plugins
    pdsplay.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin2.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin3.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin4.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin5.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin6.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin7.dll
    FF - plugin: e:\opera\program\plugins\NPSWF32.dll
    FF - plugin: e:\opera\program\plugins
    pwmsdrm.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin2.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin3.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin4.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin5.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin6.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin7.dll
    FF - plugin: e:\real
    etscape6
    ppl3260.dll
    FF - plugin: e:\real
    etscape6
    prjplug.dll
    FF - plugin: e:\real
    etscape6
    prpjplug.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

    —- FIREFOX POLICIES —-

    FF - user.js: browser.cache.memory.capacity - 65536
    FF - user.js: browser.chrome.favicons - false
    FF - user.js: browser.display.show_image_placeholders - true
    FF - user.js: browser.sessionstore.resume_from_crash - false
    FF - user.js: browser.turbo.enabled - true
    FF - user.js: browser.urlbar.autocomplete.enabled - true
    FF - user.js: browser.urlbar.autofill - true
    FF - user.js: content.interrupt.parsing - true
    FF - user.js: content.max.tokenizing.time - 2250000
    FF - user.js: content.notify.backoffcount - 5
    FF - user.js: content.notify.interval - 750000
    FF - user.js: content.notify.ontimer - true
    FF - user.js: content.switch.threshold - 750000
    FF - user.js: network.http.max-connections - 48
    FF - user.js: network.http.max-connections-per-server - 16
    FF - user.js: network.http.max-persistent-connections-per-proxy - 16
    FF - user.js: network.http.max-persistent-connections-per-server - 8
    FF - user.js: network.http.pipelining - true
    FF - user.js: network.http.pipelining.firstrequest - true
    FF - user.js: network.http.pipelining.maxrequests - 8
    FF - user.js: network.http.proxy.pipelining - true
    FF - user.js: network.http.request.max-start-delay - 0
    FF - user.js: nglayout.initialpaint.delay - 0
    FF - user.js: plugin.expose_full_path - true
    FF - user.js: ui.submenuDelay - 0
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com";);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff";);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties";);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties";);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org";);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com";);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

    ============= SERVICES / DRIVERS ===============

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-11-10 64288]
    R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-6-11 130936]
    R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2008-12-19 16896]
    R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2008-12-19 53248]
    R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2008-12-19 17920]
    R1 avgio;avgio;e:\avira\avira\antivir desktop\avgio.sys [2009-3-19 11608]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-15 333192]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-12-15 28424]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-25 360584]
    R1 SASDIFSV;SASDIFSV;e:\superantispyware\SASDIFSV.SYS [2006-10-10 12872]
    R1 SASKUTIL;SASKUTIL;e:\superantispyware\SASKUTIL.SYS [2007-2-27 66632]
    R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/02/19 19:45:07];c:\program files\cyberlink\powerdvd9\000.fcl [2009-5-7 87536]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\avira\avira\antivir desktop\sched.exe [2009-3-19 108289]
    R2 AntiVirService;Avira AntiVir Guard;e:\avira\avira\antivir desktop\avguard.exe [2009-3-19 185089]
    R2 avg9emc;AVG Free E-mail Scanner;e:\avg\avgemc.exe [2009-11-11 906520]
    R2 avg9wd;AVG Free WatchDog;e:\avg\avgwdsvc.exe [2009-11-11 285392]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-3-19 56816]
    R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\mouse driver\KMWDSrv.exe [2008-6-23 208896]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1229232]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-12-20 93320]
    R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [2009-1-17 17408]
    R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [2009-1-17 46592]
    R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352]
    R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032]
    R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296]
    R3 SASENUM;SASENUM;e:\superantispyware\SASENUM.SYS [2008-9-3 12872]
    R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [2009-1-17 116224]
    S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352]
    S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032]
    S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888]
    S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888]
    S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296]
    S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-2-6 23456]
    S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys –> c:\windows\system32\drivers\hitmanpro3.sys [?]
    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648]
    S3 UBFWNet;Unibrain 1394 FireNet Adapter NT Driver;c:\windows\system32\drivers\ubfwnet.sys [2008-12-4 32016]
    S4 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-6-11 348752]

    =============== Created Last 30 ================

    2010-02-20 21:48:25 4958588 —-a-w- c:\windows\{00000000-00000000-0000000A-00001102-00000004-00511102}.BAK
    2010-02-20 17:44:19 0 d-sh–w- c:\documents and settings\c. i.j.smits\Onlangs geopend
    2010-02-19 18:44:54 0 d—–w- c:\program files\common files\CyberLink
    2010-02-19 18:43:20 29480 —-a-w- c:\windows\system32\msxml3a.dll
    2010-02-19 17:02:34 0 dc-h–w- c:\docume~1\alluse~1\applic~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
    2010-02-19 17:02:09 0 d—–w- c:\program files\Lavasoft
    2010-02-15 16:40:56 15944 —-a-w- c:\windows\system32\drivers\hitmanpro35.sys
    2010-02-15 16:40:20 0 d—–w- c:\program files\Hitman Pro 3.5
    2010-02-15 16:05:04 3897 —-a-w- c:\documents and settings\c. i.j.smits\.recently-used.xbel
    2010-02-15 15:19:25 14336 —-a-w- c:\windows\system32\drivers\EIO_XP.sys
    2010-02-15 15:16:36 5504 —-a-w- c:\windows\system32\drivers\MSTEE.sys
    2010-02-15 15:16:19 10880 —-a-w- c:\windows\system32\drivers\NdisIP.sys
    2010-02-15 15:16:04 15232 —-a-w- c:\windows\system32\drivers\StreamIP.sys
    2010-02-15 15:16:03 16384 —-a-w- c:\windows\system32\ipsink.ax
    2010-02-15 15:15:50 11136 —-a-w- c:\windows\system32\drivers\SLIP.sys
    2010-02-15 15:15:35 19200 —-a-w- c:\windows\system32\drivers\WSTCODEC.SYS
    2010-02-15 15:15:20 85248 —-a-w- c:\windows\system32\drivers\NABTSFEC.sys
    2010-02-15 15:15:14 0 d—–w- c:\program files\My Company Name
    2010-02-15 15:14:53 14336 —-a-w- c:\windows\system32\drivers\EIO64_xp.sys
    2010-02-15 15:14:37 17024 —-a-w- c:\windows\system32\drivers\CCDECODE.sys
    2010-02-15 15:14:05 54272 —-a-w- c:\windows\system32\vfwwdm32.dll
    2010-02-15 15:14:04 91648 —-a-w- c:\windows\system32\kswdmcap.ax
    2010-02-15 15:14:04 43008 —-a-w- c:\windows\system32\ksxbar.ax
    2010-02-15 15:14:03 61952 —-a-w- c:\windows\system32\kstvtune.ax
    2010-02-15 15:13:21 0 d—–w- c:\program files\ASUS
    2010-02-12 21:29:45 0 d—–w- c:\docume~1\alluse~1\applic~1\UAB
    2010-02-12 21:29:44 0 d—–w- c:\docume~1\alluse~1\applic~1\Driver Whiz
    2010-02-12 21:15:33 327168 —-a-w- c:\windows\system32\cutil32.dll
    2010-02-12 21:15:33 285696 —-a-w- c:\windows\system32\cudart.dll
    2010-02-12 21:15:33 27136 —-a-w- c:\windows\system32\PCWizard.cpl
    2010-02-12 21:08:44 12672 —-a-w- c:\windows\system32\drivers\cpuz132_x32.sys
    2010-02-09 21:00:35 0 d—–w- c:\documents and settings\c. i.j.smits\.fontconfig
    2010-02-07 15:46:59 0 d—–w- c:\docume~1\cij~1.smi\applic~1\Cover Expert
    2010-02-07 12:10:37 0 d—–w- c:\docume~1\cij~1.smi\applic~1\MahJong Suite
    2010-02-07 12:10:37 0 d—–w- c:\docume~1\alluse~1\applic~1\TreeCardGames
    2010-02-07 11:45:26 0 d—–w- c:\docume~1\cij~1.smi\applic~1\MyMahj
    2010-02-07 10:37:35 0 d—–w- c:\program files\DFX
    2010-02-06 18:31:47 23456 —-a-w- c:\windows\system32\drivers\DrvAgent32.sys
    2010-02-04 17:23:47 0 d-sh–w- C:\found.002
    2010-02-04 16:12:57 0 d—–w- c:\docume~1\alluse~1\applic~1\NVIDIA Corporation

    ==================== Find3M ====================

    2010-02-21 21:58:57 196608 —-a-w- c:\windows\system32\drivers
    Vivid.bin
    2010-02-19 18:42:55 505128 —-a-w- c:\windows\system32\msvcp71.dll
    2010-02-19 18:42:55 353576 —-a-w- c:\windows\system32\msvcr71.dll
    2010-02-19 17:04:05 95024 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-02-15 15:15:49 534356 —-a-w- c:\windows\system32\perfh013.dat
    2010-02-15 15:15:49 100220 —-a-w- c:\windows\system32\perfc013.dat
    2010-02-04 15:53:02 64288 —-a-w- c:\windows\system32\drivers\Lbd.sys
    2010-01-12 11:03:34 61440 —-a-w- c:\windows\system32\OpenCL.dll
    2010-01-12 11:03:34 11632640 —-a-w- c:\windows\system32
    vcompiler.dll
    2010-01-07 15:07:14 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-01-07 15:07:04 19160 —-a-w- c:\windows\system32\drivers\mbam.sys
    2009-12-31 16:50:03 353792 —-a-w- c:\windows\system32\drivers\srv.sys
    2009-12-21 19:10:30 916480 —-a-w- c:\windows\system32\wininet.dll
    2009-12-17 16:14:00 411368 —-a-w- c:\windows\system32\deploytk.dll
    2009-12-17 07:42:53 345600 —-a-w- c:\windows\system32\mspaint.exe
    2009-12-14 07:10:21 33280 —-a-w- c:\windows\system32\csrsrv.dll
    2009-12-09 10:11:52 2149888 —-a-w- c:\windows\system32
    toskrnl.exe
    2009-12-09 10:11:52 2028544 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2009-11-27 17:14:13 1295872 —-a-w- c:\windows\system32\quartz.dll
    2009-11-27 17:14:12 17920 —-a-w- c:\windows\system32\msyuv.dll
    2009-11-27 16:10:19 8704 —-a-w- c:\windows\system32\tsbyuv.dll
    2009-11-27 16:10:19 85504 —-a-w- c:\windows\system32\avifil32.dll
    2009-11-27 16:10:19 48128 —-a-w- c:\windows\system32\iyuv_32.dll
    2009-11-27 16:10:19 28672 —-a-w- c:\windows\system32\msvidc32.dll
    2009-11-27 16:10:19 11264 —-a-w- c:\windows\system32\msrle32.dll
    2009-06-07 15:37:26 144 —-a-w- c:\program files\ohyfu.txt

    ============= FINISH: 10:46:35,53 ===============
    groet,
    Cees






































  • Hallo Cees, voordat ik een volgend DDS-log ga analyseren, eerst dit:

    je hebt twee aktieve antivirusprogramma's in jouw Windows zitten!
    Dat is niet goed en compromitteert ook de totale veiligheid in je Windows!

    Je moet dus kiezen: of AVG of Avira als antivirus!

    Laat weten wat je nu wil, want voor beiden zijn spefieke verwijdertools nodig!
  • dat zal dan de AVG moeten zijn, hoewel een scan met Avira precies 3 uur duurde!
    Wil ik het eerst verwijderen en dan een nieuwe log sturen?
    groet,
    Cees
  • Hallo Cees - gebruik de [b:4574de01d3]AVG Remover[/b:4574de01d3] om AVG volledig uit je Windows te verwijderren: http://www.avg.com/nl-nl/download-tools

    Dat Avira lang over de scan deed zal mede aan tegenwerking door AVG hebben gelegen!

    Want Avira heeft echt een snelle engine!

    Post hierna een nieuw DDS-log!
  • nieuwe log na verwijdering AVG:


    DDS (Ver_09-12-01.01) - NTFSx86
    Run by C. I.J.Smits at 19:31:21,68 on ma 22-02-2010
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1257 [GMT 1:00]

    AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

    ============== Running Processes ===============

    C:\WINDOWS\system32
    vsvc32.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\brss01a.exe
    E:\Avira\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\Explorer.EXE
    E:\Avira\Avira\AntiVir Desktop\avguard.exe
    svchost.exe
    E:\Ashampoo Magical Defrag 2\bin\aDefragService.exe
    C:\WINDOWS\ATKKBService.exe
    C:\WINDOWS\system32\Brmfrmps.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Mouse Driver\KMWDSrv.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    E:\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
    E:\CDBurnerXP\NMSAccessU.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\TUProgSt.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    E:\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
    C:\Program Files\Creative\ShareDLL\CtNotify.exe
    C:\Program Files\Creative\ShareDLL\MediaDet.Exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    E:\WinPatrol\winpatrol.exe
    E:\Avira\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\Program Files\Cyberlink\Shared Files\brs.exe
    C:\WINDOWS\system32\ctfmon.exe
    E:\Vista Start Menu\VistaStartMenu.exe
    E:\CursorXP\CursorXP.exe
    E:\Creative\SBAudigy\Taskbar\CTLTray.exe
    E:\Creative\SBAudigy\Taskbar\CTLTask.exe
    E:\PrintScreen\PrintScreen.exe
    C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe
    E:\Advanced SystemCare 3\AWC.exe
    E:\Advanced SystemCare 3\Sup_SmartRAM.exe
    E:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    E:\DriverMax\devices.exe
    E:\StemPunt\StemPunt.exe
    E:\Corel\Suite8\Programs\DAD8.EXE
    E:\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    E:\MagicDisc\MagicDisc.exe
    E:\NotesHolder\NotesHolder.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\C. I.J.Smits\Bureaublad\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://search.orbitdownloader.com
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    mURLSearchHooks: H - No File
    BHO: Download Guard for Internet Explorer: {20c1a7f0-528e-444f-bac5-5804a61cca7f} - e:\download guard for internet explorer\DownloadGuardBHO.dll
    BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - e:\real\rpbrowserrecordplugin.dll
    BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
    TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
    TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [VistaStartMenu] e:\vista start menu\VistaStartMenu.exe
    uRun: [CursorXP] e:\cursorxp\CursorXP.exe
    uRun: [TaskTray] e:\creative\sbaudigy\taskbar\CTLTray.exe
    uRun: [Taskbar] e:\creative\sbaudigy\taskbar\CTLTask.exe
    uRun: [Gadwin PrintScreen] e:\printscreen\PrintScreen.exe /nosplash
    uRun: [UpdateStar] c:\documents and settings\c. i.j.smits\application data\updatestar\UpdateStar.exe -A
    uRun: [Advanced SystemCare 3] "e:\advanced systemcare 3\AWC.exe" /startup
    uRun: [SmartRAM] "e:\advanced systemcare 3\Sup_SmartRAM.exe" /m
    uRun: [SUPERAntiSpyware] e:\superantispyware\SUPERANTISPYWARE.EXE
    uRun: [DriverMax] "e:\drivermax\devices.exe" -agent
    uRun: [StemPunt] e:\stempunt\StemPunt.exe
    uRun: [ASUS SmartDoctor] c:\program files\asus\smartdoctor\SmartDoctor.exe /start
    mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
    mRun: [LVCOMSX] "c:\program files\common files\logishrd\lcommgr\LVComSX.exe"
    mRun: [mspwr] c:\windows\system32\PuXpMan2.exe
    mRun: [PwrUpTweakMe] c:\windows\system32\PuXpTwks.exe /TWEAK
    mRun: [DefragTaskBar] "e:\ashampoo magical defrag 2\bin\defragTaskBar.exe"
    mRun: [Disc Detector] c:\program files\creative\sharedll\CtNotify.exe
    mRun: [UpdReg] c:\windows\Updreg.exe
    mRun: [CTStartup] e:\creative\sbaudigy\program\CTEaxSpl.EXE
    un
    mRun: [Jet Detection] e:\creative\sbaudigy\program\ADGJDet.exe
    mRun: [CTxfiHlp] CTXFIHLP.EXE
    mRun: [ControlCenter2.0] c:\program files\brother\controlcenter2\brctrcen.exe /autorun
    mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe
    mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
    mRun: [CTHelper] CTHELPER.EXE
    mRun: [WinPatrol] e:\winpatrol\winpatrol.exe -expressboot
    mRun: [avgnt] "e:\avira\avira\antivir desktop\avgnt.exe" /min
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    mRun: [QuickTime Task] "e:\quicktime\qttask.exe" -atboottime
    mRun: [ASUSGamerOSD] c:\program files\asus\gamerosd\GamerOSD.exe
    mRun: [nwiz] c:\program files
    vidia corporation
    view
    wiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe"
    mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe"
    mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\cij~1.smi\menust~1\progra~1\opstar~1\magicd~1.lnk - e:\magicdisc\MagicDisc.exe
    StartupFolder: c:\docume~1\cij~1.smi\menust~1\progra~1\opstar~1
    otesh~1.lnk - e:
    otesholder\NotesHolder.exe
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\coreld~1.lnk - e:\corel\suite8\programs\DAD8.EXE
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\logite~1.lnk - e:\logitech\setpoint\SetPoint.exe
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\status~1.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    uPolicies-explorer: <NO NAME> =
    mPolicies-explorer: ShowDriveLettersFirst = 4 (0x4)
    IE: &Winamp Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
    IE: Download met LeechGet - file://e:\leechget 2009\\AddUrl.html
    IE: Download met LeechGet Wizard - file://e:\leechget 2009\\Wizard.html
    IE: Translate this web page with Babylon - e:\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm
    IE: Translate with Babylon - e:\babylon\babylon-pro\utils\BabylonIEPI.dll/Action.htm
    IE: Verwerk met LeechGet (Parse) - file://e:\leechget 2009\\Parser.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
    DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228503343015
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} - hxxp://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5461/mcfscan.cab
    DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab
    DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Notify: avgrsstarter - avgrsstx.dll
    Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - e:\superantispyware\SASSEH.DLL
    Hosts: 127.0.0.1 www.spywareinfo.com

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\cij~1.smi\applic~1\mozilla\firefox\profiles\podmy70d.default\
    FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)
    FF - prefs.js: browser.startup.homepage - hxxp://startpagina.nl|gids.omroep.nl/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
    FF - plugin: c:\divx\divx player
    pDivxPlayerPlugin.dll
    FF - plugin: c:\divx\divx web player
    pdivx32.dll
    FF - plugin: c:\program files\mozilla firefox\plugins
    pFoxitReaderPlugin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins
    pJoostPlugin.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: e:\opera\program\plugins
    p_gp.dll
    FF - plugin: e:\opera\program\plugins
    p_gp.dll
    FF - plugin: e:\opera\program\plugins
    pdsplay.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin2.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin3.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin4.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin5.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin6.dll
    FF - plugin: e:\opera\program\plugins
    pqtplugin7.dll
    FF - plugin: e:\opera\program\plugins\NPSWF32.dll
    FF - plugin: e:\opera\program\plugins
    pwmsdrm.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin2.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin3.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin4.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin5.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin6.dll
    FF - plugin: e:\quicktime\plugins
    pqtplugin7.dll
    FF - plugin: e:\real
    etscape6
    ppl3260.dll
    FF - plugin: e:\real
    etscape6
    prjplug.dll
    FF - plugin: e:\real
    etscape6
    prpjplug.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

    —- FIREFOX POLICIES —-

    FF - user.js: browser.cache.memory.capacity - 65536
    FF - user.js: browser.chrome.favicons - false
    FF - user.js: browser.display.show_image_placeholders - true
    FF - user.js: browser.sessionstore.resume_from_crash - false
    FF - user.js: browser.turbo.enabled - true
    FF - user.js: browser.urlbar.autocomplete.enabled - true
    FF - user.js: browser.urlbar.autofill - true
    FF - user.js: content.interrupt.parsing - true
    FF - user.js: content.max.tokenizing.time - 2250000
    FF - user.js: content.notify.backoffcount - 5
    FF - user.js: content.notify.interval - 750000
    FF - user.js: content.notify.ontimer - true
    FF - user.js: content.switch.threshold - 750000
    FF - user.js: network.http.max-connections - 48
    FF - user.js: network.http.max-connections-per-server - 16
    FF - user.js: network.http.max-persistent-connections-per-proxy - 16
    FF - user.js: network.http.max-persistent-connections-per-server - 8
    FF - user.js: network.http.pipelining - true
    FF - user.js: network.http.pipelining.firstrequest - true
    FF - user.js: network.http.pipelining.maxrequests - 8
    FF - user.js: network.http.proxy.pipelining - true
    FF - user.js: network.http.request.max-start-delay - 0
    FF - user.js: nglayout.initialpaint.delay - 0
    FF - user.js: plugin.expose_full_path - true
    FF - user.js: ui.submenuDelay - 0
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com";);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff";);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties";);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties";);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org";);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com";);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

    ============= SERVICES / DRIVERS ===============

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-11-10 64288]
    R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-6-11 130936]
    R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2008-12-19 16896]
    R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2008-12-19 53248]
    R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2008-12-19 17920]
    R1 avgio;avgio;e:\avira\avira\antivir desktop\avgio.sys [2009-3-19 11608]
    R1 SASDIFSV;SASDIFSV;e:\superantispyware\SASDIFSV.SYS [2006-10-10 12872]
    R1 SASKUTIL;SASKUTIL;e:\superantispyware\SASKUTIL.SYS [2007-2-27 66632]
    R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/02/19 19:45:07];c:\program files\cyberlink\powerdvd9\000.fcl [2009-5-7 87536]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\avira\avira\antivir desktop\sched.exe [2009-3-19 108289]
    R2 AntiVirService;Avira AntiVir Guard;e:\avira\avira\antivir desktop\avguard.exe [2009-3-19 185089]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-3-19 56816]
    R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\mouse driver\KMWDSrv.exe [2008-6-23 208896]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1229232]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-12-20 93320]
    R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [2009-1-17 17408]
    R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [2009-1-17 46592]
    R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352]
    R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032]
    R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296]
    R3 SASENUM;SASENUM;e:\superantispyware\SASENUM.SYS [2008-9-3 12872]
    R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [2009-1-17 116224]
    S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352]
    S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032]
    S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888]
    S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888]
    S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296]
    S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-2-6 23456]
    S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys –> c:\windows\system32\drivers\hitmanpro3.sys [?]
    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648]
    S3 UBFWNet;Unibrain 1394 FireNet Adapter NT Driver;c:\windows\system32\drivers\ubfwnet.sys [2008-12-4 32016]
    S4 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-6-11 348752]

    =============== Created Last 30 ================

    2010-02-22 17:04:21 74072 —-a-w- c:\windows\system32\XAPOFX1_4.dll
    2010-02-22 17:04:21 528216 —-a-w- c:\windows\system32\XAudio2_6.dll
    2010-02-22 17:04:20 238936 —-a-w- c:\windows\system32\xactengine3_6.dll
    2010-02-22 17:04:19 22360 —-a-w- c:\windows\system32\X3DAudio1_7.dll
    2010-02-20 21:48:25 4958588 —-a-w- c:\windows\{00000000-00000000-0000000A-00001102-00000004-00511102}.BAK
    2010-02-20 17:44:19 0 d-sh–w- c:\documents and settings\c. i.j.smits\Onlangs geopend
    2010-02-19 18:44:54 0 d—–w- c:\program files\common files\CyberLink
    2010-02-19 18:43:20 29480 —-a-w- c:\windows\system32\msxml3a.dll
    2010-02-19 17:02:34 0 dc-h–w- c:\docume~1\alluse~1\applic~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
    2010-02-19 17:02:09 0 d—–w- c:\program files\Lavasoft
    2010-02-15 16:40:56 15944 —-a-w- c:\windows\system32\drivers\hitmanpro35.sys
    2010-02-15 16:40:20 0 d—–w- c:\program files\Hitman Pro 3.5
    2010-02-15 16:05:04 3897 —-a-w- c:\documents and settings\c. i.j.smits\.recently-used.xbel
    2010-02-15 15:19:25 14336 —-a-w- c:\windows\system32\drivers\EIO_XP.sys
    2010-02-15 15:16:36 5504 —-a-w- c:\windows\system32\drivers\MSTEE.sys
    2010-02-15 15:16:19 10880 —-a-w- c:\windows\system32\drivers\NdisIP.sys
    2010-02-15 15:16:04 15232 —-a-w- c:\windows\system32\drivers\StreamIP.sys
    2010-02-15 15:16:03 16384 —-a-w- c:\windows\system32\ipsink.ax
    2010-02-15 15:15:50 11136 —-a-w- c:\windows\system32\drivers\SLIP.sys
    2010-02-15 15:15:35 19200 —-a-w- c:\windows\system32\drivers\WSTCODEC.SYS
    2010-02-15 15:15:20 85248 —-a-w- c:\windows\system32\drivers\NABTSFEC.sys
    2010-02-15 15:15:14 0 d—–w- c:\program files\My Company Name
    2010-02-15 15:14:53 14336 —-a-w- c:\windows\system32\drivers\EIO64_xp.sys
    2010-02-15 15:14:37 17024 —-a-w- c:\windows\system32\drivers\CCDECODE.sys
    2010-02-15 15:14:05 54272 —-a-w- c:\windows\system32\vfwwdm32.dll
    2010-02-15 15:14:04 91648 —-a-w- c:\windows\system32\kswdmcap.ax
    2010-02-15 15:14:04 43008 —-a-w- c:\windows\system32\ksxbar.ax
    2010-02-15 15:14:03 61952 —-a-w- c:\windows\system32\kstvtune.ax
    2010-02-15 15:13:21 0 d—–w- c:\program files\ASUS
    2010-02-12 21:29:45 0 d—–w- c:\docume~1\alluse~1\applic~1\UAB
    2010-02-12 21:29:44 0 d—–w- c:\docume~1\alluse~1\applic~1\Driver Whiz
    2010-02-12 21:15:33 327168 —-a-w- c:\windows\system32\cutil32.dll
    2010-02-12 21:15:33 285696 —-a-w- c:\windows\system32\cudart.dll
    2010-02-12 21:15:33 27136 —-a-w- c:\windows\system32\PCWizard.cpl
    2010-02-12 21:08:44 12672 —-a-w- c:\windows\system32\drivers\cpuz132_x32.sys
    2010-02-09 21:00:35 0 d—–w- c:\documents and settings\c. i.j.smits\.fontconfig
    2010-02-07 15:46:59 0 d—–w- c:\docume~1\cij~1.smi\applic~1\Cover Expert
    2010-02-07 12:10:37 0 d—–w- c:\docume~1\cij~1.smi\applic~1\MahJong Suite
    2010-02-07 12:10:37 0 d—–w- c:\docume~1\alluse~1\applic~1\TreeCardGames
    2010-02-07 11:45:26 0 d—–w- c:\docume~1\cij~1.smi\applic~1\MyMahj
    2010-02-07 10:37:35 0 d—–w- c:\program files\DFX
    2010-02-06 18:31:47 23456 —-a-w- c:\windows\system32\drivers\DrvAgent32.sys
    2010-02-04 17:23:47 0 d-sh–w- C:\found.002
    2010-02-04 16:12:57 0 d—–w- c:\docume~1\alluse~1\applic~1\NVIDIA Corporation

    ==================== Find3M ====================

    2010-02-21 21:58:57 196608 —-a-w- c:\windows\system32\drivers
    Vivid.bin
    2010-02-19 18:42:55 505128 —-a-w- c:\windows\system32\msvcp71.dll
    2010-02-19 18:42:55 353576 —-a-w- c:\windows\system32\msvcr71.dll
    2010-02-19 17:04:05 95024 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-02-15 15:15:49 534356 —-a-w- c:\windows\system32\perfh013.dat
    2010-02-15 15:15:49 100220 —-a-w- c:\windows\system32\perfc013.dat
    2010-02-04 15:53:02 64288 —-a-w- c:\windows\system32\drivers\Lbd.sys
    2010-01-12 11:03:34 61440 —-a-w- c:\windows\system32\OpenCL.dll
    2010-01-12 11:03:34 11632640 —-a-w- c:\windows\system32
    vcompiler.dll
    2010-01-07 15:07:14 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-01-07 15:07:04 19160 —-a-w- c:\windows\system32\drivers\mbam.sys
    2009-12-31 16:50:03 353792 —-a-w- c:\windows\system32\drivers\srv.sys
    2009-12-21 19:10:30 916480 —-a-w- c:\windows\system32\wininet.dll
    2009-12-17 16:14:00 411368 —-a-w- c:\windows\system32\deploytk.dll
    2009-12-17 07:42:53 345600 —-a-w- c:\windows\system32\mspaint.exe
    2009-12-14 07:10:21 33280 —-a-w- c:\windows\system32\csrsrv.dll
    2009-12-09 10:11:52 2149888 —-a-w- c:\windows\system32
    toskrnl.exe
    2009-12-09 10:11:52 2028544 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2009-11-27 17:14:13 1295872 —-a-w- c:\windows\system32\quartz.dll
    2009-11-27 17:14:12 17920 —-a-w- c:\windows\system32\msyuv.dll
    2009-11-27 16:10:19 8704 —-a-w- c:\windows\system32\tsbyuv.dll
    2009-11-27 16:10:19 85504 —-a-w- c:\windows\system32\avifil32.dll
    2009-11-27 16:10:19 48128 —-a-w- c:\windows\system32\iyuv_32.dll
    2009-11-27 16:10:19 28672 —-a-w- c:\windows\system32\msvidc32.dll
    2009-11-27 16:10:19 11264 —-a-w- c:\windows\system32\msrle32.dll
    2009-06-07 15:37:26 144 —-a-w- c:\program files\ohyfu.txt

    ============= FINISH: 19:31:54,82 ===========
    wederom groeten,
    Cees.






































  • Hallo Cees, analyze van jouw DDS-log doet mij besluiten om alsnog Combofix te gaan gebruiken!

    [b:b91b252ce0]Laat Combofix dus jouw Windows scannen[/b:b91b252ce0] (klik).

    [b:b91b252ce0]Hoe Combofix goed te gebruiken[/b:b91b252ce0] (klik)

    [b:b91b252ce0]Aanvulling: om Combofix te kunnen gebruiken geldt het volgende:
  • zweten, maar is dit het gezochte?

    ComboFix 10-02-21.02 - C. I.J.Smits 22-02-2010 22:03:42.1.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1457 [GMT 1:00]
    Gestart vanuit: E:\installers&setup's\ComboFix.exe
    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\C. I.J.Smits\Menu Start\Programma's\Opstarten\MagicDisc.lnk
    C:\RECYCLER\S-1-5-21-1482476501-1767777339-725345543-1004

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2010-01-22 to 2010-02-22 ))))))))))))))))))))))))))))))
    .

    2010-02-22 17:04:21 . 2010-02-04 09:01:14 74072 —-a-w- C:\WINDOWS\system32\XAPOFX1_4.dll
    2010-02-22 17:04:21 . 2010-02-04 09:01:14 528216 —-a-w- C:\WINDOWS\system32\XAudio2_6.dll
    2010-02-22 17:04:20 . 2010-02-04 09:01:14 238936 —-a-w- C:\WINDOWS\system32\xactengine3_6.dll
    2010-02-22 17:04:19 . 2010-02-04 09:01:14 22360 —-a-w- C:\WINDOWS\system32\X3DAudio1_7.dll
    2010-02-20 17:44:19 . 2010-02-20 17:44:19 ——– d-sh–w- C:\Documents and Settings\C. I.J.Smits\Onlangs geopend
    2010-02-19 18:49:34 . 2010-02-19 20:41:45 ——– d—–w- C:\Documents and Settings\C. I.J.Smits\Local Settings\Application Data\Cyberlink
    2010-02-19 18:47:36 . 2010-02-19 18:49:34 ——– d—–w- C:\Documents and Settings\C. I.J.Smits\Application Data\CyberLink
    2010-02-19 18:45:09 . 2010-02-19 18:49:34 ——– d—–w- C:\Documents and Settings\All Users\Application Data\CyberLink
    2010-02-19 18:44:54 . 2010-02-19 18:44:54 ——– d—–w- C:\Program Files\Common Files\CyberLink
    2010-02-19 18:43:49 . 2010-02-19 18:45:07 ——– d—–w- C:\Program Files\CyberLink
    2010-02-19 18:43:20 . 2010-02-19 18:42:56 29480 —-a-w- C:\WINDOWS\system32\msxml3a.dll
    2010-02-19 18:43:03 . 2010-02-19 18:42:55 53319 —-a-w- C:\Documents and Settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
    2010-02-19 17:04:03 . 2010-02-19 17:04:05 598368 —-a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\EmailScanner.dll
    2010-02-19 17:03:35 . 2010-02-19 17:03:36 17480 —-a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\EmailScannerBridge.dll
    2010-02-19 17:02:34 . 2010-02-19 17:02:37 ——– dc-h–w- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
    2010-02-19 17:02:34 . 2010-02-04 15:53:47 2954656 -c–a-w- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
    2010-02-19 17:02:09 . 2010-02-19 17:02:40 ——– d—–w- C:\Program Files\Lavasoft
    2010-02-15 16:40:56 . 2010-02-17 08:26:30 15944 —-a-w- C:\WINDOWS\system32\drivers\hitmanpro35.sys
    2010-02-15 16:40:20 . 2010-02-15 16:40:20 ——– d—–w- C:\Program Files\Hitman Pro 3.5
    2010-02-15 15:49:53 . 2010-02-20 18:13:25 ——– d—–w- C:\Program Files\AGEIA Technologies
    2010-02-15 15:19:25 . 2009-07-30 10:15:54 14336 —-a-w- C:\WINDOWS\system32\drivers\EIO_XP.sys
    2010-02-15 15:16:36 . 2008-04-13 18:39:50 5504 —-a-w- C:\WINDOWS\system32\drivers\MSTEE.sys
    2010-02-15 15:16:19 . 2008-04-13 18:46:22 10880 —-a-w- C:\WINDOWS\system32\drivers\NdisIP.sys
    2010-02-15 15:16:04 . 2008-04-13 18:46:22 15232 —-a-w- C:\WINDOWS\system32\drivers\StreamIP.sys
    2010-02-15 15:15:50 . 2008-04-13 18:46:24 11136 —-a-w- C:\WINDOWS\system32\drivers\SLIP.sys
    2010-02-15 15:15:35 . 2008-04-13 18:46:24 19200 —-a-w- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
    2010-02-15 15:15:20 . 2008-04-13 18:46:26 85248 —-a-w- C:\WINDOWS\system32\drivers\NABTSFEC.sys
    2010-02-15 15:15:14 . 2010-02-15 15:15:14 ——– d—–w- C:\Program Files\My Company Name
    2010-02-15 15:14:53 . 2010-02-15 15:14:49 14336 —-a-w- C:\WINDOWS\system32\drivers\EIO64_xp.sys
    2010-02-15 15:14:37 . 2008-04-13 18:46:24 17024 —-a-w- C:\WINDOWS\system32\drivers\CCDECODE.sys
    2010-02-15 15:14:05 . 2008-04-14 17:02:44 54272 —-a-w- C:\WINDOWS\system32\vfwwdm32.dll
    2010-02-13 14:25:13 . 2010-02-13 14:25:13 61440 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-388340eb-n\decora-sse.dll
    2010-02-13 14:25:13 . 2010-02-13 14:25:13 503808 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5904cf00-n\msvcp71.dll
    2010-02-13 14:25:13 . 2010-02-13 14:25:13 499712 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5904cf00-n\jmc.dll
    2010-02-13 14:25:13 . 2010-02-13 14:25:13 348160 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5904cf00-n\msvcr71.dll
    2010-02-13 14:25:12 . 2010-02-13 14:25:12 12800 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-388340eb-n\decora-d3d.dll
    2010-02-12 21:29:45 . 2010-02-12 21:29:45 ——– d—–w- C:\Documents and Settings\All Users\Application Data\UAB
    2010-02-12 21:29:44 . 2010-02-12 21:29:44 ——– d—–w- C:\Documents and Settings\All Users\Application Data\Driver Whiz
    2010-02-12 21:15:33 . 2009-10-06 17:32:16 327168 —-a-w- C:\WINDOWS\system32\cutil32.dll
    2010-02-12 21:15:33 . 2009-08-03 19:25:42 285696 —-a-w- C:\WINDOWS\system32\cudart.dll
    2010-02-12 21:08:44 . 2009-03-27 00:16:28 12672 —-a-w- C:\WINDOWS\system32\drivers\cpuz132_x32.sys
    2010-02-09 21:00:35 . 2010-02-09 21:00:35 ——– d—–w- C:\Documents and Settings\C. I.J.Smits\.fontconfig
    2010-02-07 17:16:29 . 2010-02-07 17:16:29 52224 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
    2010-02-07 15:46:59 . 2010-02-07 15:46:59 ——– d—–w- C:\Documents and Settings\C. I.J.Smits\Application Data\Cover Expert
    2010-02-07 12:10:37 . 2010-02-07 12:21:47 ——– d—–w- C:\Documents and Settings\C. I.J.Smits\Application Data\MahJong Suite
    2010-02-07 12:10:37 . 2010-02-07 12:10:37 ——– d—–w- C:\Documents and Settings\All Users\Application Data\TreeCardGames
    2010-02-07 11:45:26 . 2010-02-07 12:06:02 ——– d—–w- C:\Documents and Settings\C. I.J.Smits\Application Data\MyMahj
    2010-02-07 10:37:35 . 2010-02-07 10:37:41 ——– d—–w- C:\Program Files\DFX
    2010-02-06 18:31:47 . 2010-02-06 18:31:47 23456 —-a-w- C:\WINDOWS\system32\drivers\DrvAgent32.sys
    2010-02-04 17:23:47 . 2010-02-04 17:23:47 ——– d—–w- C:\found.002
    2010-02-04 16:12:57 . 2010-02-04 16:12:57 ——– d—–w- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
    2010-01-24 21:53:45 . 2009-12-24 18:55:22 606208 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Mozilla\Firefox\Profiles\podmy70d.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe
    2010-01-24 21:53:44 . 2009-06-02 15:24:30 67072 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Mozilla\Firefox\Profiles\podmy70d.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components
    pAFOM.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-02-22 18:27:17 . 2009-11-11 13:59:58 ——– d—–w- C:\Documents and Settings\All Users\Application Data\avg9
    2010-02-21 21:58:57 . 2010-02-15 15:13:21 196608 —-a-w- C:\WINDOWS\system32\drivers
    Vivid.bin
    2010-02-20 18:18:43 . 2009-02-01 17:00:45 ——– d—–w- C:\Documents and Settings\C. I.J.Smits\Application Data\Software Informer
    2010-02-20 18:14:11 . 2008-12-07 16:10:41 ——– d—–w- C:\Program Files\Common Files\Wise Installation Wizard
    2010-02-20 18:12:40 . 2009-12-14 19:00:05 ——– d—–w- C:\Program Files\NVIDIA Corporation
    2010-02-20 17:43:50 . 2009-03-18 16:43:31 ——– d—–w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2010-02-20 08:31:49 . 2008-12-05 17:30:06 ——– d—–w- C:\Documents and Settings\C. I.J.Smits\Application Data\Vista Start Menu
    2010-02-19 18:44:53 . 2008-12-03 21:36:33 ——– d–h–w- C:\Program Files\InstallShield Installation Information
    2010-02-19 18:43:03 . 2008-12-09 11:13:42 ——– d—a-w- C:\Documents and Settings\All Users\Application Data\TEMP
    2010-02-19 18:42:55 . 2009-09-06 16:24:41 505128 —-a-w- C:\WINDOWS\system32\msvcp71.dll
    2010-02-19 18:42:55 . 2009-09-06 16:24:41 353576 —-a-w- C:\WINDOWS\system32\msvcr71.dll
    2010-02-19 17:04:11 . 2009-11-10 18:27:36 154488 —-a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\DownloadGuardBHO.dll
    2010-02-19 17:04:08 . 2009-11-10 18:27:35 432008 —-a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\DownloadGuard.exe
    2010-02-19 17:04:05 . 2009-11-10 18:27:36 95024 —-a-w- C:\WINDOWS\system32\drivers\SBREDrv.sys
    2010-02-19 17:04:05 . 2009-11-10 18:27:11 95024 —-a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys
    2010-02-19 17:04:03 . 2009-11-10 18:27:35 884176 —-a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
    2010-02-19 17:04:01 . 2009-11-10 18:27:34 566608 —-a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\sbap.dll
    2010-02-19 17:04:00 . 2009-11-10 18:27:34 15880 —-a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
    2010-02-19 14:00:45 . 2009-06-09 21:07:04 ——– d—–w- C:\Program Files\Common Files\Symantec Shared
    2010-02-15 17:16:32 . 2008-12-03 20:31:56 37544 —-a-w- C:\Documents and Settings\C. I.J.Smits\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-02-15 16:40:29 . 2008-12-07 13:08:46 ——– d—–w- C:\Documents and Settings\All Users\Application Data\Hitman Pro
    2010-02-15 16:15:01 . 2009-02-04 15:43:28 57 —-a-w- C:\Documents and Settings\All Users\Application Data\Brother\BrLog\BrCollectDir\BR_cat.bat
    2010-02-15 16:09:26 . 2009-02-04 15:46:28 50 —-a-w- C:\WINDOWS\system32\BRIDF04A.dat
    2010-02-15 15:15:49 . 2006-03-02 12:00:00 534356 —-a-w- C:\WINDOWS\system32\perfh013.dat
    2010-02-15 15:15:49 . 2006-03-02 12:00:00 100220 —-a-w- C:\WINDOWS\system32\perfc013.dat
    2010-02-15 15:15:01 . 2010-02-15 15:13:21 ——– d—–w- C:\Program Files\ASUS
    2010-02-13 15:35:22 . 2008-12-11 14:48:39 1 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
    2010-02-13 15:32:48 . 2009-05-12 09:17:05 ——– d—–w- C:\Program Files\OpenOffice.org 3
    2010-02-13 14:25:11 . 2008-12-11 14:45:33 ——– d—–w- C:\Program Files\Common Files\Java
    2010-02-13 14:24:54 . 2008-12-11 14:45:34 ——– d—–w- C:\Program Files\Java
    2010-02-07 17:16:23 . 2009-03-13 12:04:25 117760 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
    2010-02-07 08:53:01 . 2008-12-20 17:21:44 ——– d—–w- C:\Program Files\McAfee
    2010-02-06 18:29:42 . 2010-02-06 18:29:42 2316 —-a-w- C:\Documents and Settings\All Users\Application Data\xml2E6.tmp
    2010-02-06 18:29:42 . 2010-02-06 18:29:42 13755 —-a-w- C:\Documents and Settings\All Users\Application Data\xml2E5.tmp
    2010-02-06 18:29:42 . 2010-02-06 18:29:41 7734 —-a-w- C:\Documents and Settings\All Users\Application Data\xml2E4.tmp
    2010-02-04 18:27:44 . 2009-11-10 18:27:18 3803208 —-a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
    2010-02-04 16:07:25 . 2008-12-04 18:20:07 664 —-a-w- C:\WINDOWS\system32\d3d9caps.dat
    2010-02-04 15:53:02 . 2009-11-10 18:28:03 64288 —-a-w- C:\WINDOWS\system32\drivers\Lbd.sys
    2010-01-25 16:53:53 . 2009-05-24 15:06:25 12885336 —-a-w- C:\WINDOWS\Internet Logs\tvDebug.Zip
    2010-01-25 16:17:24 . 2010-01-25 16:26:16 25088 —-a-w- C:\WINDOWS\Internet Logs\xDBF.tmp
    2010-01-25 15:52:31 . 2010-01-25 15:53:56 157184 —-a-w- C:\WINDOWS\Internet Logs\xDBE.tmp
    2010-01-25 14:46:40 . 2010-01-25 15:33:53 27136 —-a-w- C:\WINDOWS\Internet Logs\xDBD.tmp
    2010-01-25 14:22:01 . 2010-01-25 14:39:04 1387520 —-a-w- C:\WINDOWS\Internet Logs\xDBC.tmp
    2010-01-25 14:22:01 . 2010-01-25 14:39:04 12800 —-a-w- C:\WINDOWS\Internet Logs\xDBB.tmp
    2010-01-25 14:09:15 . 2010-01-25 14:11:54 1386496 —-a-w- C:\WINDOWS\Internet Logs\xDB8.tmp
    2010-01-25 14:06:05 . 2010-01-25 14:14:14 99328 —-a-w- C:\WINDOWS\Internet Logs\xDB9.tmp
    2010-01-25 14:03:10 . 2010-01-25 14:14:15 1386496 —-a-w- C:\WINDOWS\Internet Logs\xDBA.tmp
    2010-01-25 10:46:15 . 2010-01-25 10:46:15 101960 —-a-w- C:\WINDOWS\Internet Logs\vsmon_2nd_2010_01_25_11_05_10_small.dmp.zip
    2010-01-25 10:05:07 . 2010-01-25 10:08:09 1318912 —-a-w- C:\WINDOWS\Internet Logs\xDB7.tmp
    2010-01-25 09:48:06 . 2010-01-25 10:04:24 1570304 —-a-w- C:\WINDOWS\Internet Logs\xDB6.tmp
    2010-01-25 09:48:06 . 2010-01-25 10:04:24 1570304 —-a-w- C:\WINDOWS\Internet Logs\xDB5.tmp
    2010-01-21 10:45:33 . 2009-11-10 18:27:32 194104 —-a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Savapibridge.dll
    2010-01-20 17:58:10 . 2009-01-21 19:37:19 ——– d—–w- C:\Documents and Settings\C. I.J.Smits\Application Data\NotesHolder
    2010-01-20 09:09:17 . 2008-12-05 18:48:53 ——– d—–w- C:\Program Files\Microsoft Silverlight
    2010-01-19 22:30:08 . 2009-01-14 18:01:39 5115824 —-a-w- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
    2010-01-19 21:12:06 . 2009-06-09 17:31:08 ——– d—–w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar
    2010-01-12 11:03:34 . 2009-12-14 18:59:54 61440 —-a-w- C:\WINDOWS\system32\OpenCL.dll
    2010-01-12 11:03:34 . 2009-12-14 18:59:54 11632640 —-a-w- C:\WINDOWS\system32
    vcompiler.dll
    2010-01-07 15:07:14 . 2008-12-14 16:12:06 38224 —-a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2010-01-07 15:07:04 . 2008-12-14 16:12:08 19160 —-a-w- C:\WINDOWS\system32\drivers\mbam.sys
    2009-12-31 16:50:03 . 2006-03-02 12:00:00 353792 —-a-w- C:\WINDOWS\system32\drivers\srv.sys
    2009-12-28 15:38:44 . 2009-12-28 15:38:44 860400 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\en\ustarrs.dll
    2009-12-28 15:38:42 . 2009-12-28 15:38:42 864496 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\de\ustarrs.dll
    2009-12-28 15:38:36 . 2009-12-28 15:38:36 4710640 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe
    2009-12-28 15:36:44 . 2009-12-28 15:36:44 269824 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UstarRO64.exe
    2009-12-28 15:34:42 . 2009-12-28 15:34:42 192512 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UstarRO32.exe
    2009-12-28 15:29:14 . 2009-12-28 15:29:14 847872 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\ko\ustarrs.dll
    2009-12-28 15:29:08 . 2009-12-28 15:29:08 876544 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\lt\ustarrs.dll
    2009-12-28 15:29:02 . 2009-12-28 15:29:02 847872 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\zh\ustarrs.dll
    2009-12-28 15:28:54 . 2009-12-28 15:28:54 872448 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\uk\ustarrs.dll
    2009-12-28 15:28:48 . 2009-12-28 15:28:48 872448 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\sv\ustarrs.dll
    2009-12-28 15:28:42 . 2009-12-28 15:28:42 868352 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\sk\ustarrs.dll
    2009-12-28 15:28:36 . 2009-12-28 15:28:36 872448 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\ru\ustarrs.dll
    2009-12-28 15:28:30 . 2009-12-28 15:28:30 876544 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\ro\ustarrs.dll
    2009-12-28 15:28:24 . 2009-12-28 15:28:24 839680 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\pt\ustarrs.dll
    2009-12-28 15:28:16 . 2009-12-28 15:28:16 872448 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\pl\ustarrs.dll
    2009-12-28 15:28:10 . 2009-12-28 15:28:10 876544 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang
    l\ustarrs.dll
    2009-12-28 15:28:02 . 2009-12-28 15:28:02 851968 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\ja\ustarrs.dll
    2009-12-28 15:27:56 . 2009-12-28 15:27:56 872448 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\it\ustarrs.dll
    2009-12-28 15:27:50 . 2009-12-28 15:27:50 872448 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\hu\ustarrs.dll
    2009-12-28 15:27:44 . 2009-12-28 15:27:44 839680 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\fr\ustarrs.dll
    2009-12-28 15:27:38 . 2009-12-28 15:27:38 876544 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\Es\ustarrs.dll
    2009-12-28 15:27:20 . 2009-12-28 15:27:20 872448 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\lang\Cs\ustarrs.dll
    2009-12-21 19:10:30 . 2006-03-02 12:00:00 916480 —-a-w- C:\WINDOWS\system32\wininet.dll
    2009-12-17 16:14:00 . 2008-12-11 21:13:50 411368 —-a-w- C:\WINDOWS\system32\deploytk.dll
    2009-12-17 07:42:53 . 2008-12-03 20:16:24 345600 —-a-w- C:\WINDOWS\system32\mspaint.exe
    2009-12-15 13:23:03 . 2009-12-15 13:23:03 106591 —-a-w- C:\WINDOWS\Internet Logs\vsmon_2nd_2009_12_15_13_45_14_small.dmp.zip
    2009-12-14 18:32:42 . 2009-12-14 18:32:42 102651 —-a-w- C:\WINDOWS\Internet Logs\vsmon_2nd_2009_12_14_19_13_46_small.dmp.zip
    2009-12-14 07:10:21 . 2006-03-02 12:00:00 33280 —-a-w- C:\WINDOWS\system32\csrsrv.dll
    2009-12-14 06:57:22 . 2010-01-19 20:29:22 213504 —-a-w- C:\Documents and Settings\C. I.J.Smits\Application Data\Thunderbird\Profiles\eyfgd0qw.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}\components\calbscmp.dll
    2009-12-09 10:11:52 . 2006-03-02 12:00:00 2149888 —-a-w- C:\WINDOWS\system32
    toskrnl.exe
    2009-12-09 10:11:52 . 2004-08-04 00:58:16 2028544 —-a-w- C:\WINDOWS\system32
    tkrnlpa.exe
    2009-12-07 15:42:21 . 2009-03-19 20:49:27 56816 —-a-w- C:\WINDOWS\system32\drivers\avgntflt.sys
    2009-12-04 18:22:22 . 2006-03-02 12:00:00 455424 —-a-w- C:\WINDOWS\system32\drivers\mrxsmb.sys
    2009-11-27 17:14:13 . 2006-03-02 12:00:00 1295872 —-a-w- C:\WINDOWS\system32\quartz.dll
    2009-11-27 17:14:12 . 2004-08-04 01:03:18 17920 —-a-w- C:\WINDOWS\system32\msyuv.dll
    2009-11-27 16:10:19 . 2006-03-02 12:00:00 85504 —-a-w- C:\WINDOWS\system32\avifil32.dll
    2009-11-27 16:10:19 . 2006-03-02 12:00:00 28672 —-a-w- C:\WINDOWS\system32\msvidc32.dll
    2009-11-27 16:10:19 . 2006-03-02 12:00:00 11264 —-a-w- C:\WINDOWS\system32\msrle32.dll
    2009-11-27 16:10:19 . 2004-08-04 01:03:14 48128 —-a-w- C:\WINDOWS\system32\iyuv_32.dll
    2009-02-24 19:34:32 . 2009-02-24 19:34:32 1044480 —-a-w- C:\Program Files\mozilla firefox\plugins\libdivx.dll
    2009-02-24 19:34:32 . 2009-02-24 19:34:32 200704 —-a-w- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
    .

    ——- Sigcheck ——-

    [-] 2009-03-18 21:29:30 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\drivers\TCPIP.SYS
    [-] 2009-03-18 21:29:30 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\dllcache\TCPIP.SYS
    [7] 2008-06-20 11:59:02 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    [7] 2008-04-13 19:20:16 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\TCPIP.SYS

    [-] 2006-10-18 20:47:16 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . C:\WINDOWS\system32\mspmsnsv.dll
    [-] 2006-10-18 20:47:16 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . C:\WINDOWS\system32\dllcache\mspmsnsv.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "VistaStartMenu"="E:\Vista Start Menu\VistaStartMenu.exe" [2010-01-27 16:39:22 2775936]
    "CursorXP"="E:\CursorXP\CursorXP.exe" [2002-06-18 20:53:38 66560]
    "TaskTray"="E:\Creative\SBAudigy\Taskbar\CTLTray.exe" [2001-06-29 00:00:00 163840]
    "Taskbar"="E:\Creative\SBAudigy\Taskbar\CTLTask.exe" [2001-07-26 00:00:00 118784]
    "Gadwin PrintScreen"="E:\PrintScreen\PrintScreen.exe" [2008-12-09 11:08:38 495616]
    "UpdateStar"="C:\Documents and Settings\C. I.J.Smits\Application Data\UpdateStar\UpdateStar.exe" [2009-12-28 15:38:36 4710640]
    "Advanced SystemCare 3"="E:\Advanced SystemCare 3\AWC.exe" [2010-02-08 10:02:10 2343632]
    "SmartRAM"="E:\Advanced SystemCare 3\Sup_SmartRAM.exe" [2010-01-22 13:12:12 200280]
    "SUPERAntiSpyware"="E:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" [2010-02-19 08:27:36 2012912]
    "DriverMax"="E:\DriverMax\devices.exe" [2010-01-11 12:59:48 9068960]
    "StemPunt"="E:\StemPunt\StemPunt.exe" [2010-01-04 14:33:58 970752]
    "ASUS SmartDoctor"="C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe" [2009-08-12 21:03:12 1187840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 13:46:26 69632]
    "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-01-12 02:09:28 488984]
    "LVCOMSX"="C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe" [2007-01-12 02:12:18 244512]
    "mspwr"="C:\WINDOWS\system32\PuXpMan2.exe" [2008-06-02 12:22:32 110592]
    "PwrUpTweakMe"="C:\WINDOWS\system32\PuXpTwks.exe" [2008-06-02 12:22:32 45056]
    "DefragTaskBar"="E:\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" [2008-10-09 07:18:32 173408]
    "Disc Detector"="C:\Program Files\Creative\ShareDLL\CtNotify.exe" [2001-04-02 01:00:00 191488]
    "UpdReg"="C:\WINDOWS\Updreg.exe" [2000-05-11 00:00:00 90112]
    "CTStartup"="E:\Creative\SBAudigy\Program\CTEaxSpl.EXE" [2001-06-04 00:00:00 28672]
    "Jet Detection"="E:\Creative\SBAudigy\PROGRAM\ADGJDet.exe" [2001-04-20 13:52:40 28672]
    "CTxfiHlp"="CTXFIHLP.EXE" [2007-04-09 11:32:32 19968]
    "ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2004-07-20 08:34:28 851968]
    "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-09 16:02:24 57393]
    "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-09 16:24:32 40960]
    "CTHelper"="CTHELPER.EXE" [2007-04-09 11:32:32 19456]
    "WinPatrol"="E:\WinPatrol\winpatrol.exe" [2009-10-10 21:07:08 320832]
    "avgnt"="E:\Avira\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 11:08:47 209153]
    "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 14:21:52 246504]
    "QuickTime Task"="E:\QuickTime\qttask.exe" [2009-11-10 22:08:18 417792]
    "ASUSGamerOSD"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe" [2009-07-30 17:10:04 380928]
    "nwiz"="C:\Program Files\NVIDIA Corporation
    View
    wiz.exe" [2009-08-05 22:39:00 1657376]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2009-08-06 08:44:34 86016]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2009-08-06 08:44:34 13877248]
    "RemoteControl9"="C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-04-27 19:41:58 87336]
    "PDVD9LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 16:50:24 50472]
    "BDRegion"="C:\Program Files\Cyberlink\Shared Files\brs.exe" [2009-05-07 20:05:44 75048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 17:02:53 15360]

    C:\Documents and Settings\C. I.J.Smits\Menu Start\Programma's\Opstarten\
    NotesHolder.lnk - E:\NotesHolder\NotesHolder.exe [2006-10-2 555520]

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    Corel Desktop Application Director 8.LNK - E:\Corel\Suite8\Programs\DAD8.EXE [2008-12-11 201216]
    Logitech SetPoint.lnk - E:\Logitech\SetPoint\SetPoint.exe [2008-12-6 809488]
    Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2009-2-4 819200]
    Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "ShowDriveLettersFirst"= 4 (0x4)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 20:41:34 304128]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "E:\SUPERAntiSpyware\SASSEH.DLL" [2008-05-22 06:58:14 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\LBTWlgn]
    2008-11-07 15:41:22 72208 —-a-w- c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    [HKLM\~\startupfolder\C:^Documents and Settings^C. I.J.Smits^Menu Start^Programma's^Opstarten^Secunia PSI (2).lnk]
    backup=C:\WINDOWS\pss\Secunia PSI (2).lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^C. I.J.Smits^Menu Start^Programma's^Opstarten^Secunia PSI.lnk]
    backup=C:\WINDOWS\pss\Secunia PSI.lnkStartup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HitmanPro3

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
    "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    "QuickTime Task"="E:\QuickTime\QTTask.exe" -atboottime
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "E:\\SiSoftware Sandra Lite 2009.SP2\\RpcAgentSrv.exe"=
    "E:\\MailStore Home\\MailStoreLocal.exe"=
    "E:\\Miro\\Miro_Downloader.exe"=
    "C:\\WINDOWS\\system32\\java.exe"=
    "E:\\BankingTools\\C@shflow V3.1\\C@shflowApp.exe"=
    "E:\\BankingTools\\C@shflow V3.1\\AUTOUPDVR.EXE"=
    "E:\\SiSoftware Sandra Lite 2009.SP2\\WNt500x86\\RpcSandraSrv.exe"=
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "E:\\Mozilla Thunderbird\\thunderbird.exe"=
    "C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "E:\\Opera\\opera.exe"=
    "E:\\Gekko Mahjongg\\Mahjongg.exe"=
    "C:\\WINDOWS\\system32\\mmc.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3149:UDP"= 3149:UDP:Windows Media Format SDK (RealPlay.exe)
    "3148:UDP"= 3148:UDP:Windows Media Format SDK (RealPlay.exe)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
    "AllowInboundEchoRequest"= 1 (0x1)

    R0 Lbd;Lbd;C:\WINDOWS\system32\drivers\Lbd.sys [10-11-2009 19:28:03 64288]
    R0 PCTCore;PCTools KDS;C:\WINDOWS\system32\drivers\PCTCore.sys [11-6-2009 16:05:10 130936]
    R0 ViBus;ViBus;C:\WINDOWS\system32\drivers\ViBus.sys [19-12-2008 19:12:42 16896]
    R0 ViPrt;VIA SATA IDE Device Driver;C:\WINDOWS\system32\drivers\ViPrt.sys [19-12-2008 19:12:42 53248]
    R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\drivers\xfilt.sys [19-12-2008 16:12:13 17920]
    R1 SASDIFSV;SASDIFSV;E:\SUPERAntiSpyware\SASDIFSV.SYS [10-10-2006 13:53:48 12872]
    R1 SASKUTIL;SASKUTIL;E:\SUPERAntiSpyware\SASKUTIL.SYS [27-2-2007 12:39:26 66632]
    R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/02/19 19:45:07];C:\Program Files\CyberLink\PowerDVD9\000.fcl [7-5-2009 21:05:22 87536]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;E:\Avira\Avira\AntiVir Desktop\sched.exe [19-3-2009 21:49:27 108289]
    R2 KMWDSERVICE;Keyboard And Mouse Communication Service;C:\Program Files\Mouse Driver\KMWDSrv.exe [23-6-2008 20:28:08 208896]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [20-12-2008 18:21:51 93320]
    R2 ubsbm;Unibrain 1394 SBM Driver;C:\WINDOWS\system32\drivers\UBSBM.sys [17-1-2009 18:36:12 17408]
    R2 ubumapi;Unibrain 1394 FireAPI Driver;C:\WINDOWS\system32\drivers\UBUMAPI.sys [17-1-2009 18:36:12 46592]
    R3 COMMONFX.SYS;COMMONFX.SYS;C:\WINDOWS\system32\drivers\COMMONFX.sys [27-6-2008 19:21:18 99352]
    R3 CTAUDFX.SYS;CTAUDFX.SYS;C:\WINDOWS\system32\drivers\CTAUDFX.sys [27-6-2008 19:21:26 555032]
    R3 CTSBLFX.SYS;CTSBLFX.SYS;C:\WINDOWS\system32\drivers\CTSBLFX.sys [27-6-2008 19:21:38 566296]
    R3 SASENUM;SASENUM;E:\SUPERAntiSpyware\SASENUM.SYS [3-9-2008 13:07:16 12872]
    R3 ubohci;Unibrain 1394 OHCI Driver;C:\WINDOWS\system32\drivers\ubohci.sys [17-1-2009 18:36:12 116224]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [4-2-2010 16:52:57 1229232]
    S3 COMMONFX;COMMONFX;C:\WINDOWS\system32\drivers\COMMONFX.sys [27-6-2008 19:21:18 99352]
    S3 CTAUDFX;CTAUDFX;C:\WINDOWS\system32\drivers\CTAUDFX.sys [27-6-2008 19:21:26 555032]
    S3 CTERFXFX.SYS;CTERFXFX.SYS;C:\WINDOWS\system32\drivers\CTERFXFX.sys [27-6-2008 19:21:44 100888]
    S3 CTERFXFX;CTERFXFX;C:\WINDOWS\system32\drivers\CTERFXFX.sys [27-6-2008 19:21:44 100888]
    S3 CTSBLFX;CTSBLFX;C:\WINDOWS\system32\drivers\CTSBLFX.sys [27-6-2008 19:21:38 566296]
    S3 DrvAgent32;DrvAgent32;C:\WINDOWS\system32\drivers\DrvAgent32.sys [6-2-2010 19:31:47 23456]
    S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\C:\WINDOWS\system32\drivers\hitmanpro3.sys –> C:\WINDOWS\system32\drivers\hitmanpro3.sys [?]
    S3 PSI;PSI;C:\WINDOWS\system32\drivers\psi_mf.sys [17-6-2009 13:20:34 12648]
    S3 UBFWNet;Unibrain 1394 FireNet Adapter NT Driver;C:\WINDOWS\system32\drivers\ubfwnet.sys [4-12-2008 22:23:47 32016]
    S4 sdAuxService;PC Tools Auxiliary Service;C:\Program Files\Spyware Doctor\pctsAuxs.exe [11-6-2009 16:04:46 348752]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    Inhoud van de 'Gedeelde Taken' map

    2010-02-22 C:\WINDOWS\Tasks\1-klik Onderhoud.job
    - E:\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 10:04:36 . 2009-07-16 10:04:36]

    2010-02-22 C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
    - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52:58 . 2010-02-19 17:03:28]

    2010-02-20 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34:12 . 2008-07-30 11:34:12]

    2010-02-22 C:\WINDOWS\Tasks\GlaryInitialize.job
    - E:\Glary Utilities\initialize.exe [2009-03-15 17:51:32 . 2009-11-03 09:21:06]

    2010-02-19 C:\WINDOWS\Tasks\Norton Security Scan for C. I.J.Smits.job
    - C:\Program Files\Norton Security Scan\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2009-08-21 13:01:01 . 2009-09-15 14:45:48]

    2009-08-21 C:\WINDOWS\Tasks\ParetoLogic Update Version2.job
    - C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59:10 . 2009-01-13 14:59:10]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://search.orbitdownloader.com
    IE: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    IE: Download met LeechGet - file://E:\LeechGet 2009\\AddUrl.html
    IE: Download met LeechGet Wizard - file://E:\LeechGet 2009\\Wizard.html
    IE: Translate this web page with Babylon - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
    IE: Translate with Babylon - E:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
    IE: Verwerk met LeechGet (Parse) - file://E:\LeechGet 2009\\Parser.html
    FF - ProfilePath - C:\Documents and Settings\C. I.J.Smits\Application Data\Mozilla\Firefox\Profiles\podmy70d.default\
    FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)
    FF - prefs.js: browser.startup.homepage - hxxp://startpagina.nl|gids.omroep.nl/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
    FF - plugin: C:\DivX\DivX Player
    pDivxPlayerPlugin.dll
    FF - plugin: C:\DivX\DivX Web Player
    pdivx32.dll
    FF - plugin: C:\Program Files\Mozilla Firefox\plugins
    p-mswmp.dll
    FF - plugin: C:\Program Files\Mozilla Firefox\plugins
    pFoxitReaderPlugin.dll
    FF - plugin: C:\Program Files\Mozilla Firefox\plugins
    pJoostPlugin.dll
    FF - plugin: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: E:\Opera\program\plugins
    p_gp.dll
    FF - plugin: E:\Opera\program\plugins
    p_gp.dll
    FF - plugin: E:\Opera\program\plugins
    pdsplay.dll
    FF - plugin: E:\Opera\program\plugins
    pqtplugin.dll
    FF - plugin: E:\Opera\program\plugins
    pqtplugin2.dll
    FF - plugin: E:\Opera\program\plugins
    pqtplugin3.dll
    FF - plugin: E:\Opera\program\plugins
    pqtplugin4.dll
    FF - plugin: E:\Opera\program\plugins
    pqtplugin5.dll
    FF - plugin: E:\Opera\program\plugins
    pqtplugin6.dll
    FF - plugin: E:\Opera\program\plugins
    pqtplugin7.dll
    FF - plugin: E:\Opera\program\plugins\NPSWF32.dll
    FF - plugin: E:\Opera\program\plugins
    pwmsdrm.dll
    FF - plugin: E:\QuickTime\Plugins
    pqtplugin.dll
    FF - plugin: E:\QuickTime\Plugins
    pqtplugin2.dll
    FF - plugin: E:\QuickTime\Plugins
    pqtplugin3.dll
    FF - plugin: E:\QuickTime\Plugins
    pqtplugin4.dll
    FF - plugin: E:\QuickTime\Plugins
    pqtplugin5.dll
    FF - plugin: E:\QuickTime\Plugins
    pqtplugin6.dll
    FF - plugin: E:\QuickTime\Plugins
    pqtplugin7.dll
    FF - plugin: E:\real\Netscape6
    ppl3260.dll
    FF - plugin: E:\real\Netscape6
    prjplug.dll
    FF - plugin: E:\real\Netscape6
    prpjplug.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    —- FIREFOX POLICIES —-

    FF - user.js: browser.cache.memory.capacity - 65536
    FF - user.js: browser.chrome.favicons - false
    FF - user.js: browser.display.show_image_placeholders - true
    FF - user.js: browser.sessionstore.resume_from_crash - false
    FF - user.js: browser.turbo.enabled - true
    FF - user.js: browser.urlbar.autocomplete.enabled - true
    FF - user.js: browser.urlbar.autofill - true
    FF - user.js: content.interrupt.parsing - true
    FF - user.js: content.max.tokenizing.time - 2250000
    FF - user.js: content.notify.backoffcount - 5
    FF - user.js: content.notify.interval - 750000
    FF - user.js: content.notify.ontimer - true
    FF - user.js: content.switch.threshold - 750000
    FF - user.js: network.http.max-connections - 48
    FF - user.js: network.http.max-connections-per-server - 16
    FF - user.js: network.http.max-persistent-connections-per-proxy - 16
    FF - user.js: network.http.max-persistent-connections-per-server - 8
    FF - user.js: network.http.pipelining - true
    FF - user.js: network.http.pipelining.firstrequest - true
    FF - user.js: network.http.pipelining.maxrequests - 8
    FF - user.js: network.http.proxy.pipelining - true
    FF - user.js: network.http.request.max-start-delay - 0
    FF - user.js: nglayout.initialpaint.delay - 0
    FF - user.js: plugin.expose_full_path - true
    FF - user.js: ui.submenuDelay - 0
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com";);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff";);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties";);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties";);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org";);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com";);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
    .
    - - - - ORPHANS VERWIJDERD - - - -

    Notify-avgrsstarter - avgrsstx.dll



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-02-22 22:19:30
    Windows 5.1.2600 Service Pack 3 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    Disc Detector = C:\Program Files\Creative\ShareDLL\CtNotify.exe?X???X???????????? C?????Disc Detector?B???A???????A???????B???@?$?@?? C?????U?@?????????@?B???A???????A?P?????B???@?????P???$?@?????????~?:~??????????@?]?????????????????B?????\????????????????????p????????B
    CTStartup = E:\Creative\SBAudigy\Program\CTEaxSpl.EXE
    un?????w???w?&3?????????????x??????s$????\?w? ?w???????w???w4???????.??w4???????4???TA?s4???~????&3?????\???0???0???\???\???\???$???5?:~e?:~\???\???\?????a???????:~\???\??????s~???\??????s\????&3?A??s?&3???:~???
    CTxfiHlp = CTXFIHLP.EXE?
    CTHelper = CTHELPER.EXE?

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet007\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
    "ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD9\000.fcl"
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————

    - - - - - - - > 'winlogon.exe'(996)
    c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
    c:\program files\common files\logitech\bluetooth\LBTServ.dll
    .
    Voltooingstijd: 2010-02-22 22:21:49
    ComboFix-quarantined-files.txt 2010-02-22 21:21:46
    ComboFix2.txt 2008-12-14 16:31:20

    Pre-Run: 89.458.249.728 bytes beschikbaar
    Post-Run: 89.471.250.432 bytes beschikbaar

    Current=7 Default=7 Failed=2 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
    - - End Of File - - F9520B71415955D0BD4C0EB9A0C38264

    groet,
    Cees.



































  • Hallo Cees, Combofix heft gedaan wat ik verwachtte.

    Hoe heeft jouw Windows erop gereageerd?

    Heeft trouwens de scan door HitmanPro nog iets opgeleverd?
  • lijkt iets sneller, heeft o.a. een dubbele opstartverwijzing er uit gehaald, maar Firefox wil nog steeds niet in de normale modus starten. Er waren geen infecties gevonden.
    Hoe nu verder?
    weer groeten,Cees.
  • Hallo Cees, een vraag - heb jij ooit Hitman Pro geïnstalleerd gehad!
  • ja, staat er nog op, maar automatisch starten is uitgeschakeld.
    Groet,
    Cees.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.