Ga naar inhoud

Veerle81

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    67

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Veerle81

  1. Veerle81
    Als ik op de melding doorklik, krijg ik te lezen dat het mcafee bestand een binary file is van het adres http://download.mcafee.com dan kan ik kiezen tussen bestand opslaan en annuleren. maar als ik dat adres gewoon intyp op mijn pc krijg ik een witte pagina waarop enkel staat 'file not found'. Op die manier is het toch niet mogelijk om dat bestand te downloaden en het probleem op te lossen?
  2. Veerle81
    De delen 'run' en 'languages' krijg ik niet uitgepakt. Dan krijg ik een foutmelding. Ik zal vanavond eens uittesten of ik bij de buren wel op mijn facebook geraak. Ik denk niet dat het probleem nog bij mijn computer zelf ligt? Zijn er geen trucjes die ik kan proberen om mijn facebook weer paraat te krijgen? Geen idee waarom ik die melding krijg trouwens, ik heb nog nooit last gehad van adware op facebook?
  3. Veerle81
    Dat lukt mij niet om dat bestand uit te pakken. Sommige delen ervan gaan wel, andere niet.
  4. Veerle81
    Slecht, het gaat nog steeds niet. Als ik inlog kom ik onmiddellijk op die melding terecht en kan ik niks doen. Is die melding van adware en het verzoek om mcaffee te downloaden dan misschien een virus?
  5. Veerle81
    ah, nu is het gelukt ComboFix 12-07-11.02 - Administrator 11/07/2012 14:02:04.4.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1033.18.510.161 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\My Documents\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Administrator\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . FILE :: "C:\torrent.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\intellidownload c:\program files\intellidownload\gunzip.exe c:\program files\intellidownload\status c:\program files\intellidownload\TorrentSearch.exe c:\program files\intellidownload\vfd.exe c:\program files\OApps c:\program files\OApps\ChromeAddon.pem c:\program files\OApps\chromeaddon\._included.js c:\program files\OApps\chromeaddon\background.html c:\program files\OApps\chromeaddon\included.js c:\program files\OApps\chromeaddon\manifest.json c:\program files\OApps\conf.ini c:\program files\OApps\config.ini c:\program files\OApps\status.txt c:\program files\OApps\status2.txt c:\program files\OApps\vfd-ob_uninstall.exe c:\program files\TorrentSearch c:\program files\TorrentSearch\client.py c:\program files\TorrentSearch\easydownload.exe c:\program files\TorrentSearch\header.bmp c:\program files\TorrentSearch\libtorrent.pyd c:\program files\TorrentSearch\python25.dll c:\program files\TorrentSearch\results . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-11 to 2012-07-11 )))))))))))))))))))))))))))))) . . 2012-07-05 22:46 . 2012-07-05 22:46 172098 ----a-w- C:\torrent.exe 2012-06-13 13:00 . 2012-05-11 14:42 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-03 16:21 . 2010-12-09 20:17 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-07-03 16:21 . 2011-12-12 18:54 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21 . 2010-12-09 20:17 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-03 16:21 . 2010-12-09 20:17 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-03 16:21 . 2010-12-09 20:17 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-07-03 16:21 . 2010-12-09 20:17 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-07-03 16:21 . 2010-12-09 20:17 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-07-03 16:21 . 2010-12-09 20:17 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-07-03 16:21 . 2011-12-12 18:53 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 16:21 . 2010-12-09 20:17 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-02 13:19 . 2010-02-12 13:58 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2010-02-12 13:58 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2010-02-12 13:36 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2010-02-12 13:36 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2010-02-12 13:36 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2010-02-12 13:58 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2010-02-12 13:58 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2010-02-12 13:36 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2010-02-12 13:36 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2008-04-14 03:41 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2010-02-12 13:58 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2010-02-12 13:36 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2010-02-12 13:36 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:18 . 2010-08-04 09:07 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 13:18 . 2010-08-04 09:07 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2010-08-04 09:07 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22 . 2008-04-14 03:41 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08 . 2008-04-14 03:42 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20 . 2008-04-13 23:00 1863168 ------w- c:\windows\system32\win32k.sys 2012-05-11 14:42 . 2008-04-14 03:42 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 14:42 . 2008-04-14 03:41 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 11:38 . 2008-04-13 22:07 385024 ------w- c:\windows\system32\html.iec 2012-05-04 13:12 . 2008-04-13 22:57 2192640 ------w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32 . 2008-04-14 00:01 2069120 ------w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46 . 2010-02-12 13:35 139656 ------w- c:\windows\system32\drivers\rdpwd.sys 2012-06-17 11:47 . 2012-01-08 10:17 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-10_17.49.35 ))))))))))))))))))))))))))))))))))))))))) . + 2012-07-11 09:49 . 2012-07-11 09:49 16384 c:\windows\Temp\Perflib_Perfdata_560.dat + 2010-08-03 16:38 . 2012-07-10 19:35 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - 2010-08-03 16:38 . 2012-05-11 22:19 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2012-07-10 19:28 . 2012-07-10 19:28 23771136 c:\windows\Installer\ce1df7.msp . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "dcmsvc"="c:\program files\dcmsvc\dcmsvc.exe" [2009-04-07 30440] "ExtraFilmHemmaAgent"="c:\program files\Spector Photo Software\Agent.exe" [2010-10-27 323584] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-10-27 221184] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-08-25 221184] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] . c:\documents and settings\Administrator\Start Menu\Programs\Startup\ Sonic INSTALLit! Setup.lnk - c:\documents and settings\Administrator\Local Settings\temp\VIES35F1\setup.exe [N/A] . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.2 .lnk] path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.2 .lnk backup=c:\windows\pss\OpenOffice.org 3.2 .lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Warner Bros.lnk] path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\Warner Bros.lnk backup=c:\windows\pss\Warner Bros.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LUMIX Simple Viewer.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\LUMIX Simple Viewer.lnk backup=c:\windows\pss\LUMIX Simple Viewer.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2009-12-03 08:12 976320 ----a-w- c:\program files\Epson Software\Event Manager\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2011-03-04 11:45 2741616 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\EpsonNet\\EpsonNet Setup\\tool10\\ENEasyApp.exe"= "c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"= "c:\\Program Files\\K-litePro\\k-litepro.exe"= . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [12/12/2011 20:54 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9/12/2010 22:17 353688] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/12/2010 22:17 21256] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/08/2011 20:38 136176] S2 RoxLiveShare10;LiveShare P2P Server 10;"c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" --> c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9/08/2011 20:38 136176] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [27/04/2012 13:56 113120] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 11:29 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-07-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2012-07-11 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-10 16:21] . 2012-07-01 c:\windows\Tasks\ExpressBurnReminder.job - c:\program files\NCH Software\ExpressBurn\expressburn.exe [2012-06-24 10:56] . 2012-07-09 c:\windows\Tasks\ExpressZipReminder.job - c:\program files\NCH Software\ExpressZip\expresszip.exe [2012-07-09 20:16] . 2012-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-08-09 18:38] . 2012-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-08-09 18:38] . 2012-07-11 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . 2012-07-09 c:\windows\Tasks\switchShakeIcon.job - c:\program files\NCH Swift Sound\Switch\switch.exe [2010-03-31 19:46] . 2012-07-11 c:\windows\Tasks\User_Feed_Synchronization-{298ADB7C-B878-476F-AF5E-1EE716AB63B3}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\documents and settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 195.130.130.5 195.130.131.5 DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: network.proxy.type - 0 FF - user.js: extentions.y2layers.installId - 8cb32198-7f3e-4ac8-8ba1-d25c0b885152 FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader, user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0); . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-vfd-ob - c:\program files\OApps\vfd-ob_uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-11 14:12 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-842925246-1482476501-1417001333-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,94,a4,33,b7,74,3b,52,42,a5,30,d3,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,07,f1,06,7b,ca,bd,47,aa,e4,1f,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,07,f1,06,7b,ca,bd,47,aa,e4,1f,\ . Voltooingstijd: 2012-07-11 14:15:50 ComboFix-quarantined-files.txt 2012-07-11 12:15 ComboFix2.txt 2012-07-11 10:20 ComboFix3.txt 2012-07-10 17:53 ComboFix4.txt 2012-02-03 15:26 . Pre-Run: 27.695.722.496 bytes free Post-Run: 27.679.424.512 bytes free . - - End Of File - - 69DCA818AE4AD2C52E4D24A400480E02
  6. Veerle81
    Ik heb het geprobeerd om dat kladblokbestand naar combofix te verslepen, maar ik denk niet dat dat gelukt is? Ik heb dat geprobeerd terwijl combofix aan het draaien was. Juist?????? Wat doet die combofix in feite? Hier alleszins het gevraagde logje. ComboFix 12-07-11.02 - Administrator 11/07/2012 12:05:39.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1033.18.510.214 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\My Documents\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-11 to 2012-07-11 )))))))))))))))))))))))))))))) . . 2012-07-09 20:04 . 2012-07-10 15:22 -------- d-----w- c:\program files\OApps 2012-07-09 20:04 . 2012-07-09 20:06 -------- d-----w- c:\program files\TorrentSearch 2012-07-09 20:03 . 2012-07-09 20:08 -------- d-----w- c:\program files\intellidownload 2012-07-05 22:46 . 2012-07-05 22:46 172098 ----a-w- C:\torrent.exe 2012-06-13 13:00 . 2012-05-11 14:42 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-03 16:21 . 2010-12-09 20:17 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-07-03 16:21 . 2011-12-12 18:54 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21 . 2010-12-09 20:17 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-03 16:21 . 2010-12-09 20:17 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-03 16:21 . 2010-12-09 20:17 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-07-03 16:21 . 2010-12-09 20:17 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-07-03 16:21 . 2010-12-09 20:17 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-07-03 16:21 . 2010-12-09 20:17 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-07-03 16:21 . 2011-12-12 18:53 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 16:21 . 2010-12-09 20:17 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-02 13:19 . 2010-02-12 13:58 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2010-02-12 13:58 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2010-02-12 13:36 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2010-02-12 13:36 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2010-02-12 13:36 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2010-02-12 13:58 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2010-02-12 13:58 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2010-02-12 13:36 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2010-02-12 13:36 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2008-04-14 03:41 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2010-02-12 13:58 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2010-02-12 13:36 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2010-02-12 13:36 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:18 . 2010-08-04 09:07 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 13:18 . 2010-08-04 09:07 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2010-08-04 09:07 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22 . 2008-04-14 03:41 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08 . 2008-04-14 03:42 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20 . 2008-04-13 23:00 1863168 ------w- c:\windows\system32\win32k.sys 2012-05-11 14:42 . 2008-04-14 03:42 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 14:42 . 2008-04-14 03:41 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 11:38 . 2008-04-13 22:07 385024 ------w- c:\windows\system32\html.iec 2012-05-04 13:12 . 2008-04-13 22:57 2192640 ------w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32 . 2008-04-14 00:01 2069120 ------w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46 . 2010-02-12 13:35 139656 ------w- c:\windows\system32\drivers\rdpwd.sys 2012-06-17 11:47 . 2012-01-08 10:17 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-10_17.49.35 ))))))))))))))))))))))))))))))))))))))))) . + 2012-07-11 09:49 . 2012-07-11 09:49 16384 c:\windows\Temp\Perflib_Perfdata_560.dat + 2010-08-03 16:38 . 2012-07-10 19:35 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - 2010-08-03 16:38 . 2012-05-11 22:19 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2012-07-10 19:28 . 2012-07-10 19:28 23771136 c:\windows\Installer\ce1df7.msp . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "dcmsvc"="c:\program files\dcmsvc\dcmsvc.exe" [2009-04-07 30440] "ExtraFilmHemmaAgent"="c:\program files\Spector Photo Software\Agent.exe" [2010-10-27 323584] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-10-27 221184] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-08-25 221184] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] . c:\documents and settings\Administrator\Start Menu\Programs\Startup\ Sonic INSTALLit! Setup.lnk - c:\documents and settings\Administrator\Local Settings\temp\VIES35F1\setup.exe [N/A] . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.2 .lnk] path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.2 .lnk backup=c:\windows\pss\OpenOffice.org 3.2 .lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Warner Bros.lnk] path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\Warner Bros.lnk backup=c:\windows\pss\Warner Bros.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LUMIX Simple Viewer.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\LUMIX Simple Viewer.lnk backup=c:\windows\pss\LUMIX Simple Viewer.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2009-12-03 08:12 976320 ----a-w- c:\program files\Epson Software\Event Manager\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2011-03-04 11:45 2741616 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\EpsonNet\\EpsonNet Setup\\tool10\\ENEasyApp.exe"= "c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"= "c:\\Program Files\\K-litePro\\k-litepro.exe"= "c:\\Program Files\\TorrentSearch\\easydownload.exe"= . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [12/12/2011 20:54 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9/12/2010 22:17 353688] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/12/2010 22:17 21256] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/08/2011 20:38 136176] S2 RoxLiveShare10;LiveShare P2P Server 10;"c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" --> c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9/08/2011 20:38 136176] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [27/04/2012 13:56 113120] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 11:29 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-07-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2012-07-11 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-10 16:21] . 2012-07-01 c:\windows\Tasks\ExpressBurnReminder.job - c:\program files\NCH Software\ExpressBurn\expressburn.exe [2012-06-24 10:56] . 2012-07-09 c:\windows\Tasks\ExpressZipReminder.job - c:\program files\NCH Software\ExpressZip\expresszip.exe [2012-07-09 20:16] . 2012-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-08-09 18:38] . 2012-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-08-09 18:38] . 2012-07-11 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . 2012-07-09 c:\windows\Tasks\switchShakeIcon.job - c:\program files\NCH Swift Sound\Switch\switch.exe [2010-03-31 19:46] . 2012-07-11 c:\windows\Tasks\User_Feed_Synchronization-{298ADB7C-B878-476F-AF5E-1EE716AB63B3}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\documents and settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 195.130.130.5 195.130.131.5 DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: network.proxy.type - 0 FF - user.js: extentions.y2layers.installId - 8cb32198-7f3e-4ac8-8ba1-d25c0b885152 FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader, user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0); . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-11 12:17 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-842925246-1482476501-1417001333-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,94,a4,33,b7,74,3b,52,42,a5,30,d3,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,07,f1,06,7b,ca,bd,47,aa,e4,1f,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,07,f1,06,7b,ca,bd,47,aa,e4,1f,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(2300) c:\windows\system32\WININET.dll c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-07-11 12:20:18 ComboFix-quarantined-files.txt 2012-07-11 10:20 ComboFix2.txt 2012-07-10 17:53 ComboFix3.txt 2012-02-03 15:26 . Pre-Run: 27.686.379.520 bytes free Post-Run: 27.687.759.872 bytes free . - - End Of File - - C57979B277BFE06EB4DE2C6910ED56F0
  7. Veerle81
    Die twee vragen heeft de computer niet gesteld, maar het is toch gelukt Ik vroeg me trouwens af hoe het komt dat mijn avast antivirusprogramma geen bedreigingen op mijn computer vond terwijl er duidelijk toch het één en ander verkeerd is? ComboFix 12-07-10.01 - Administrator 10/07/2012 19:38:24.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1033.18.510.141 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\My Documents\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Complitly c:\program files\Complitly\chrome\autocompleteprochrome.crx c:\program files\Complitly\FireFoxExtension.exe c:\program files\Complitly\InstTracker.exe c:\program files\Complitly\support@Complitly.com\chrome.manifest c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul c:\program files\Complitly\support@Complitly.com\chrome\content\options.js c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js c:\program files\Complitly\support@Complitly.com\install.rdf c:\program files\Complitly\unins000.dat c:\program files\Complitly\unins000.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-10 to 2012-07-10 )))))))))))))))))))))))))))))) . . 2012-07-09 20:04 . 2012-07-10 15:22 -------- d-----w- c:\program files\OApps 2012-07-09 20:04 . 2012-07-09 20:06 -------- d-----w- c:\program files\TorrentSearch 2012-07-09 20:03 . 2012-07-09 20:08 -------- d-----w- c:\program files\intellidownload 2012-07-05 22:46 . 2012-07-05 22:46 172098 ----a-w- C:\torrent.exe 2012-06-13 13:00 . 2012-05-11 14:42 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-03 16:21 . 2010-12-09 20:17 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-07-03 16:21 . 2011-12-12 18:54 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21 . 2010-12-09 20:17 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-03 16:21 . 2010-12-09 20:17 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-03 16:21 . 2010-12-09 20:17 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-07-03 16:21 . 2010-12-09 20:17 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-07-03 16:21 . 2010-12-09 20:17 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-07-03 16:21 . 2010-12-09 20:17 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-07-03 16:21 . 2011-12-12 18:53 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 16:21 . 2010-12-09 20:17 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-02 13:19 . 2010-02-12 13:58 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2010-02-12 13:58 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2010-02-12 13:36 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2010-02-12 13:36 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2010-02-12 13:36 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2010-02-12 13:58 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2010-02-12 13:58 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2010-02-12 13:36 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2010-02-12 13:36 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2008-04-14 03:41 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2010-02-12 13:58 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2010-02-12 13:36 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2010-02-12 13:36 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:18 . 2010-08-04 09:07 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 13:18 . 2010-08-04 09:07 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2010-08-04 09:07 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22 . 2008-04-14 03:41 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08 . 2008-04-14 03:42 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20 . 2008-04-13 23:00 1863168 ------w- c:\windows\system32\win32k.sys 2012-05-11 14:42 . 2008-04-14 03:42 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 14:42 . 2008-04-14 03:41 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 11:38 . 2008-04-13 22:07 385024 ------w- c:\windows\system32\html.iec 2012-05-04 13:12 . 2008-04-13 22:57 2192640 ------w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32 . 2008-04-14 00:01 2069120 ------w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46 . 2010-02-12 13:35 139656 ------w- c:\windows\system32\drivers\rdpwd.sys 2012-06-17 11:47 . 2012-01-08 10:17 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "dcmsvc"="c:\program files\dcmsvc\dcmsvc.exe" [2009-04-07 30440] "ExtraFilmHemmaAgent"="c:\program files\Spector Photo Software\Agent.exe" [2010-10-27 323584] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-10-27 221184] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-08-25 221184] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] . c:\documents and settings\Administrator\Start Menu\Programs\Startup\ Sonic INSTALLit! Setup.lnk - c:\documents and settings\Administrator\Local Settings\temp\VIES35F1\setup.exe [N/A] . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.2 .lnk] path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.2 .lnk backup=c:\windows\pss\OpenOffice.org 3.2 .lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Warner Bros.lnk] path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\Warner Bros.lnk backup=c:\windows\pss\Warner Bros.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LUMIX Simple Viewer.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\LUMIX Simple Viewer.lnk backup=c:\windows\pss\LUMIX Simple Viewer.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2009-12-03 08:12 976320 ----a-w- c:\program files\Epson Software\Event Manager\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2011-03-04 11:45 2741616 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\EpsonNet\\EpsonNet Setup\\tool10\\ENEasyApp.exe"= "c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"= "c:\\Program Files\\K-litePro\\k-litepro.exe"= "c:\\Program Files\\TorrentSearch\\easydownload.exe"= . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [12/12/2011 20:54 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9/12/2010 22:17 353688] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/12/2010 22:17 21256] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/08/2011 20:38 136176] S2 RoxLiveShare10;LiveShare P2P Server 10;"c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" --> c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9/08/2011 20:38 136176] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [27/04/2012 13:56 113120] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 11:29 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-07-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2012-07-10 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-10 16:21] . 2012-07-01 c:\windows\Tasks\ExpressBurnReminder.job - c:\program files\NCH Software\ExpressBurn\expressburn.exe [2012-06-24 10:56] . 2012-07-09 c:\windows\Tasks\ExpressZipReminder.job - c:\program files\NCH Software\ExpressZip\expresszip.exe [2012-07-09 20:16] . 2012-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-08-09 18:38] . 2012-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-08-09 18:38] . 2012-07-10 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . 2012-07-09 c:\windows\Tasks\switchShakeIcon.job - c:\program files\NCH Swift Sound\Switch\switch.exe [2010-03-31 19:46] . 2012-07-10 c:\windows\Tasks\User_Feed_Synchronization-{298ADB7C-B878-476F-AF5E-1EE716AB63B3}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\documents and settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 195.130.130.5 195.130.131.5 DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: network.proxy.type - 0 FF - user.js: extentions.y2layers.installId - 8cb32198-7f3e-4ac8-8ba1-d25c0b885152 FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader, user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0); . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-Complitly_is1 - c:\program files\Complitly\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-10 19:49 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-842925246-1482476501-1417001333-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,94,a4,33,b7,74,3b,52,42,a5,30,d3,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,07,f1,06,7b,ca,bd,47,aa,e4,1f,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,07,f1,06,7b,ca,bd,47,aa,e4,1f,\ . Voltooingstijd: 2012-07-10 19:53:49 ComboFix-quarantined-files.txt 2012-07-10 17:53 ComboFix2.txt 2012-02-03 15:26 . Pre-Run: 27.137.392.640 bytes free Post-Run: 27.483.029.504 bytes free . - - End Of File - - D93AB932D00F5CCE237F1127596F0BE7
  8. Veerle81
    Malwarebytes Anti-Malware 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.07.10.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Administrator :: PC001 [administrator] 10/07/2012 17:25:55 mbam-log-2012-07-10 (17-25-55).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 200629 Verstreken tijd: 11 minuut/minuten, 16 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 3 HKCR\bho_project.bho_object (Trojan.BHO) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\bho_project.bho_object.1 (Trojan.BHO) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Documents and Settings\Administrator\My Documents\Downloads\installer_roxio_easy_media_creator.exe (PUP.BundleInstaller.BT) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:43:08, on 10/07/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\dcmsvc\dcmsvc.exe C:\Program Files\Spector Photo Software\Agent.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Spector Photo Software\Agent.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe" "C:\Program Files\Alwil Software\Avast5\AhAScr.dll" O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe" "C:\Program Files\Alwil Software\Avast5\asOutExt.dll" O4 - HKLM\..\RunOnce: [aswaswOtl.dll] "C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe" "C:\Program Files\Alwil Software\Avast5\aswOtl.dll" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - Startup: Sonic INSTALLit! Setup.lnk = C:\Documents and Settings\Administrator\Local Settings\temp\VIES35F1\setup.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265983045640 O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.be/ExtraFilmUploader6.cab O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://de-sog12.hoerbiger.com/dwa7W.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (file missing) O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- End of file - 8898 bytes
  9. Veerle81
    Hier het HijackThis logje. Ik had het programma nog staan op de pc. Wat betekent veilige modus? Bedankt! Veerle Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:18:03, on 10/07/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\dcmsvc\dcmsvc.exe C:\Program Files\Spector Photo Software\Agent.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: BHO_PROJECT - {68DD98BF-9DE8-418C-89F0-E37AC61CC2D9} - C:\Program Files\OApps\bho_project.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Spector Photo Software\Agent.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe" "C:\Program Files\Alwil Software\Avast5\AhAScr.dll" O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe" "C:\Program Files\Alwil Software\Avast5\asOutExt.dll" O4 - HKLM\..\RunOnce: [aswaswOtl.dll] "C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe" "C:\Program Files\Alwil Software\Avast5\aswOtl.dll" O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - Startup: Sonic INSTALLit! Setup.lnk = C:\Documents and Settings\Administrator\Local Settings\temp\VIES35F1\setup.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265983045640 O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.be/ExtraFilmUploader6.cab O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://de-sog12.hoerbiger.com/dwa7W.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (file missing) O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- End of file - 8677 bytes
  10. Veerle81
    Ik geraak niet meer op facebook. Mijn man heeft geen probleem, al gebruikt hij dezelfde computer? Wanneer ik aanmeld krijg ik een melding dat er adware op mijn profiel zit en ze geven de mogelijkheid om mijn account verder te beveiligen met een mcafee virusscanner. Als ik daar echter op klik, gebeurt er niks. Ik kan die site ook niet op een andere manier open doen. Ik dacht even mijn avast virusscanner uit te doen omdat die misschien het downloaden van de mcafee zou tegenhouden maar ik vind niet hoe ik dat moet doen. Kan ik dat trouwens niet oplossen met mijn avast virusscanner? Ik zou trouwens niet weten hoe die adware op mijn profiel zou terechtgekomen zijn???? Ik merk trouwens dat ik niks meer gedownload krijg? Ik klik ergens op en er gebeurt niks. Geen pdf bestanden, geen excell bestanden? Alvast bedankt, Veerle
  11. Veerle81
    Ik heb ze verwijderd. Nu lijkt alles goed te werken. Ik denk dat het nu in orde is? Dikke merci!
  12. Veerle81
    Hier het gevraagde logje. Die knights and merchants is iets dat mijn man heeft gedownload van internet. Hij heeft dat opgezocht via google en dan kon hij dat gratis downloaden zei hij. Hij weet wel niet meer welke site het was. Er staat nogal wat rommel op hé blijkbaar? Nog een vraagje, die programma's die ik nu net heb gedownloaded, zijn dat programma's die ik best op mijn pc laat staan of is dat niet nodig? Of zijn die gewoon tijdelijk even opgeslaan? ComboFix 12-02-03.02 - Administrator 03/02/2012 16:12:26.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1033.18.510.157 [GMT 1:00] Gestart vanuit: c:\documents and settings\Administrator\My Documents\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator\Application Data\desktop.ini c:\documents and settings\Administrator\WINDOWS c:\documents and settings\All Users\Application Data\Tarma Installer c:\documents and settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll c:\documents and settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll c:\documents and settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.dat c:\documents and settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe c:\documents and settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.ico c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico c:\documents and settings\All Users\invokesi.exe c:\program files\AutocompletePro c:\program files\AutocompletePro\AcRemoteUpdate.exe c:\program files\AutocompletePro\InstTracker.exe c:\program files\AutocompletePro\support@predictad.com\chrome.manifest c:\program files\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul c:\program files\AutocompletePro\support@predictad.com\chrome\content\options.js c:\program files\AutocompletePro\support@predictad.com\chrome\content\options.xul c:\program files\AutocompletePro\support@predictad.com\chrome\content\utils.js c:\program files\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js c:\program files\AutocompletePro\support@predictad.com\install.rdf c:\program files\AutocompletePro\TaskScheduler.dll c:\program files\AutocompletePro\unins000.dat c:\program files\AutocompletePro\unins000.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-03 to 2012-02-03 )))))))))))))))))))))))))))))) . . 2012-02-01 08:48 . 2012-02-01 08:48 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-01-28 13:40 . 2012-01-28 13:40 -------- d-----w- c:\documents and settings\Administrator\Application Data\DDMSettings 2012-01-28 13:37 . 2012-02-01 12:30 -------- d-----w- c:\documents and settings\Administrator\Application Data\DivX 2012-01-28 13:35 . 2011-11-29 02:28 133616 ------w- c:\windows\system32\pxafs.dll 2012-01-28 13:32 . 2012-01-28 13:35 -------- d-----w- c:\program files\Common Files\DivX Shared 2012-01-28 13:30 . 2012-01-28 13:38 -------- d-----w- c:\program files\DivX 2012-01-28 13:27 . 2012-01-28 13:38 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX 2012-01-27 19:34 . 2012-01-27 19:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\DVDVideoSoft 2012-01-27 19:31 . 2012-01-27 19:32 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2012-01-27 19:30 . 2012-01-27 19:30 -------- d-----w- c:\program files\DVDVideoSoft 2012-01-18 20:18 . 2012-01-18 20:18 -------- d-----w- c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} 2012-01-18 19:55 . 2012-02-01 08:43 -------- d-----w- c:\program files\Yontoo Layers Runtime 2012-01-18 19:30 . 2012-01-18 19:30 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\PackageAware 2012-01-09 19:22 . 1997-01-16 08:11 191248 ------w- c:\windows\system32\TABCTL32.OCX 2012-01-09 19:22 . 1995-07-25 23:00 200704 ------w- c:\windows\system32\THREED32.OCX 2012-01-09 19:22 . 1997-01-16 08:11 195856 ------w- c:\windows\system32\RICHTX32.OCX 2012-01-09 19:22 . 1995-07-25 23:00 89600 ------w- c:\windows\system32\GRID32.OCX 2012-01-09 19:22 . 1995-07-25 23:00 78848 ------w- c:\windows\system32\MSOUTL32.OCX 2012-01-09 19:22 . 1997-01-16 08:11 75536 ------w- c:\windows\system32\PICCLP32.OCX 2012-01-09 19:20 . 2012-01-09 19:21 -------- d-----w- C:\Unreal 2012-01-08 10:16 . 2012-02-01 21:26 16112600 ----a-w- c:\program files\Mozilla Firefox\xul.dll 2012-01-06 21:02 . 2012-01-06 21:02 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ImTOO 2012-01-06 21:02 . 2012-01-06 21:02 -------- d-----w- c:\documents and settings\Administrator\Application Data\ImTOO 2012-01-06 19:52 . 2009-06-07 15:24 180224 ------w- c:\windows\system32\xvidvfw.dll 2012-01-06 19:52 . 2009-06-07 15:16 819200 ------w- c:\windows\system32\xvidcore.dll 2012-01-06 19:51 . 2012-01-06 19:51 -------- d-----w- c:\program files\RealZeal Soft . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-06 19:32 . 2011-12-12 20:58 87608 ----a-w- c:\documents and settings\Administrator\Application Data\inst.exe 2012-01-06 19:32 . 2011-12-12 20:58 47360 ----a-w- c:\documents and settings\Administrator\Application Data\pcouffin.sys 2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2011-12-10 14:24 . 2010-12-13 17:50 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-09 21:10 . 2011-09-02 08:53 414368 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-29 02:28 . 2008-06-16 10:55 126448 ------w- c:\windows\system32\pxinsi64.exe 2011-11-29 02:28 . 2008-06-16 01:00 45648 ------w- c:\windows\system32\drivers\pxhelp20.sys 2011-11-28 18:01 . 2011-12-12 18:53 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2010-12-09 20:17 199816 ------w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-12-12 18:54 435032 ------w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2010-12-09 20:17 314456 ------w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2010-12-09 20:17 34392 ------w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2010-12-09 20:17 52952 ------w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2010-12-09 20:17 111320 ------w- c:\windows\system32\drivers\aswmon2.sys 2011-11-28 17:51 . 2010-12-09 20:17 105176 ------w- c:\windows\system32\drivers\aswmon.sys 2011-11-28 17:51 . 2010-12-09 20:17 20568 ------w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-28 17:48 . 2010-12-09 20:17 30808 ------w- c:\windows\system32\drivers\aavmker4.sys 2011-11-25 21:57 . 2008-04-14 03:42 293376 ------w- c:\windows\system32\winsrv.dll 2011-11-23 13:25 . 2008-04-13 23:00 1859584 ------w- c:\windows\system32\win32k.sys 2011-11-18 12:35 . 2008-04-14 03:42 60416 ------w- c:\windows\system32\packager.exe 2011-11-16 14:21 . 2008-04-14 03:42 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-11-16 14:21 . 2008-04-14 03:42 152064 ----a-w- c:\windows\system32\schannel.dll 2012-02-01 21:26 . 2012-01-08 10:17 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "dcmsvc"="c:\program files\dcmsvc\dcmsvc.exe" [2009-04-07 30440] "ExtraFilmHemmaAgent"="c:\program files\Spector Photo Software\Agent.exe" [2010-10-27 323584] . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.2 .lnk] path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.2 .lnk backup=c:\windows\pss\OpenOffice.org 3.2 .lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Warner Bros.lnk] path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\Warner Bros.lnk backup=c:\windows\pss\Warner Bros.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LUMIX Simple Viewer.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\LUMIX Simple Viewer.lnk backup=c:\windows\pss\LUMIX Simple Viewer.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-01-03 21:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2009-12-03 08:12 976320 ----a-w- c:\program files\Epson Software\Event Manager\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2011-03-04 11:45 2741616 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\EpsonNet\\EpsonNet Setup\\tool10\\ENEasyApp.exe"= "c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"= "c:\\Program Files\\K-litePro\\k-litepro.exe"= . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [12/12/2011 19:54 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9/12/2010 21:17 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/12/2010 21:17 20568] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/08/2011 19:38 136176] S2 RoxLiveShare10;LiveShare P2P Server 10;"c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" --> c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9/08/2011 19:38 136176] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [1/02/2012 9:48 40776] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 11:29 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2011-12-01 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2012-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-08-09 18:38] . 2012-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-08-09 18:38] . 2012-02-03 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . 2012-01-28 c:\windows\Tasks\switchShakeIcon.job - c:\program files\NCH Swift Sound\Switch\switch.exe [2010-03-31 19:46] . 2012-02-03 c:\windows\Tasks\User_Feed_Synchronization-{298ADB7C-B878-476F-AF5E-1EE716AB63B3}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\documents and settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 195.130.130.133 195.130.131.133 DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: network.proxy.type - 0 FF - user.js: extentions.y2layers.installId - 8cb32198-7f3e-4ac8-8ba1-d25c0b885152 FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader, . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) MSConfigStartUp-ares - c:\program files\Ares\Ares.exe MSConfigStartUp-BabylonToolbar - c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe MSConfigStartUp-MP4 Player - c:\program files\MP4 Player\mp4Player.exe MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe AddRemove-AutocompletePro3_is1 - c:\program files\AutocompletePro\unins000.exe AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\docume~1\ALLUSE~1\APPLIC~1\TARMAI~1\{889DF~1\Setup.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-02-03 16:22 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-842925246-1482476501-1417001333-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,94,a4,33,b7,74,3b,52,42,a5,30,d3,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,07,f1,06,7b,ca,bd,47,aa,e4,1f,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,07,f1,06,7b,ca,bd,47,aa,e4,1f,\ . Voltooingstijd: 2012-02-03 16:26:53 ComboFix-quarantined-files.txt 2012-02-03 15:26 . Pre-Run: 43.866.161.152 bytes free Post-Run: 44.204.183.552 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 3853BBB8401283865CBD643125BCD17B
  13. Veerle81
    Derde keer, goeie keer! ;-) Heb ook de vorige logjes teruggevonden van de vorige scans. Ik zal ze ook bij dit bericht steken. Logje 1 Emsisoft Emergency Kit - Versie 1.0 Laatste Update: 1/02/2012 19:30:23 Scaninstellingen: Scantype: Diepe Scan Objecten: Geheugen, Sporen, Cookies, C:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan gestart: 1/02/2012 19:31:50 c:\program files\Ares Ontdekt: Trace.Directory.Ares!A2 c:\program files\Ares\data Ontdekt: Trace.Directory.Ares!A2 c:\program files\Ares\data\GUI Ontdekt: Trace.Directory.Ares!A2 c:\program files\Ares\data\GUI\General Ontdekt: Trace.Directory.Ares!A2 c:\program files\Ares\data\GUI\OsThemes Ontdekt: Trace.Directory.Ares!A2 c:\program files\Ares\lang Ontdekt: Trace.Directory.Ares!A2 c:\documents and settings\administrator\start menu\programs\Ares Ontdekt: Trace.Directory.Ares!A2 c:\program files\GameSpy Arcade Ontdekt: Trace.Directory.GameSpy Arcade!A2 c:\program files\GameSpy Arcade\Profiles Ontdekt: Trace.Directory.GameSpy Arcade!A2 c:\program files\KaM - The Peasants Rebellion Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\defines Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\gfx Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\gfx\fonts Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\gfx\res Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\gfx\video Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\misc Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\mission Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\mission\dmaps Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\mission\mmaps Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\mission\smaps Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\save Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\songs Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech\AXEMAN Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech\BARBARIAN Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech\BOWMAN Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech\BRIEFING Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech\CAVALRY Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech\CROSSBOW Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech\KNIGHTS Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech\LANCEMAN Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech\MILITIA Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech\PIKEMAN Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\speech\SWORDMAN Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\manual Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\documents and settings\administrator\start menu\programs\KaM - The Peasants Rebellion Ontdekt: Trace.Directory.Knights and Merchants!A2 c:\program files\Ares\AsyncEx.ax Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\chatServer.exe Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\Blocked.txt.sample Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\ChanListFilter.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\ChatConf.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\buttonsbitmap.bmp Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\chat.bmp Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\emotic.bmp Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\libbig.bmp Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\logo.bmp Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\mimesmall.bmp Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\mshareset.bmp Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\prefs.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\searchpnl.bmp Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\searchstars.bmp Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\tabssmall.bmp Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\transfer.bmp Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\HomePage.url Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\data\P2PFilter.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\arabic.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\czech.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\dutch.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\french.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\german.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\italian.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\japanese.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\polish.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\slovak.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\spanish.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\swedish.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\lang\turkish.txt Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\libfaad2.dll Ontdekt: Trace.File.Ares!A2 c:\program files\Ares\MP3Source.ax Ontdekt: Trace.File.Ares!A2 c:\documents and settings\administrator\start menu\programs\Ares\Ares.lnk Ontdekt: Trace.File.Ares!A2 c:\documents and settings\administrator\start menu\programs\Ares\Homepage.lnk Ontdekt: Trace.File.Ares!A2 c:\program files\KaM - The Peasants Rebellion\binkw32.dll Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\fmod.dll Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\fsgs.dll Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\KM_TPR.exe Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\setup.cfg Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\defines\houses.dat Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\defines\mapelem.dat Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\defines\pattern.dat Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\misc\setup.lib Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\misc\text.lib Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\save\dummy.txt Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\sounds.dat Ontdekt: Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\manual\manual.pdf Ontdekt: Trace.File.Knights and Merchants!A2 c:\documents and settings\administrator\start menu\programs\KaM - The Peasants Rebellion\KaM - The Peasants Rebellion.lnk Ontdekt: Trace.File.Knights and Merchants!A2 Value: HKEY_CLASSES_ROOT\arlnk --> URL Protocol Ontdekt: Trace.Registry.Ares Galaxy P2P Plus!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\arlnk --> URL Protocol Ontdekt: Trace.Registry.Ares Galaxy P2P Plus!A2 Value: HKEY_CLASSES_ROOT\CLSID\{3E0FA044-926C-42D9-BA12-EF16E980913B}\InprocServer32 --> ThreadingModel Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\bounds --> Main.Height Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\bounds --> Main.Left Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\bounds --> Main.Maximized Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\bounds --> Main.Top Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\bounds --> Main.Width Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Columns\Transfers --> Download Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Columns\Transfers --> Queue Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Columns\Transfers --> Upload Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Data --> JI.AresNet1 Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Positions\Transfers --> Download Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Positions\Transfers --> Queue Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Positions\Transfers --> Upload Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> General.Language Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> General.LastLibraryMode Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> GUI.LastChatRoomBrowse Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> GUI.LastLibrary Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> GUI.LastPMBrowse Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> GUI.LastSearch Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Hashing.Priority Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Network.DHTID Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Personal.GUID Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Playlist.PreviousM3UApp Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Playlist.PreviousWAXApp Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> PrivateMessage.AllowBrowse Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> PrivateMessage.AwayMessage Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.CAvgTime Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.CDnSpeed Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.CFRTime Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.CTtUptime Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.CUpSpeed Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.HasLQCa Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.LstCaQuery Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.LstCaQueryInt Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Torrents.PreviousApp Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Transfer.ServerPort Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3E0FA044-926C-42D9-BA12-EF16E980913B}\InprocServer32 --> ThreadingModel Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> DisplayName Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> DisplayVersion Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> Publisher Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> UninstallString Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> URLInfoAbout Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> URLUpdateInfo Ontdekt: Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Advanced --> Status Ontdekt: Trace.Registry.Kazaa!A2 Key: HKEY_CURRENT_USER\software\kazaa Ontdekt: Trace.Registry.KaZaA!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\JOYMANIA Entertainment\KnightsandMerchants TPR --> CDPATH Ontdekt: Trace.Registry.Knights and Merchants!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\JOYMANIA Entertainment\KnightsandMerchants TPR --> DIR Ontdekt: Trace.Registry.Knights and Merchants!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\JOYMANIA Entertainment\KnightsandMerchants TPR --> Language Ontdekt: Trace.Registry.Knights and Merchants!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\JOYMANIA Entertainment\KnightsandMerchants TPR --> Version Ontdekt: Trace.Registry.Knights and Merchants!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KaM - The Peasants Rebellion --> DisplayName Ontdekt: Trace.Registry.Knights and Merchants!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KaM - The Peasants Rebellion --> UninstallString Ontdekt: Trace.Registry.Knights and Merchants!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:11 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:12 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:113 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:298 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:299 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:816 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:1457 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:1634 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:1635 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:1639 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:1640 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:2760 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:2761 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:2762 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:2932 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:2933 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3208 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3239 Ontdekt: Trace.TrackingCookie.trafficmp.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3240 Ontdekt: Trace.TrackingCookie.trafficmp.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3241 Ontdekt: Trace.TrackingCookie.trafficmp.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3387 Ontdekt: Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3388 Ontdekt: Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:4267 Ontdekt: Trace.TrackingCookie.www.burstnet.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:4437 Ontdekt: Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:4579 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:4956 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:5215 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:6460 Ontdekt: Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:8107 Ontdekt: Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:9893 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:11480 Ontdekt: Trace.TrackingCookie.m.webtrends.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:12096 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:12965 Ontdekt: Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:13076 Ontdekt: Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:13077 Ontdekt: Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:13270 Ontdekt: Trace.TrackingCookie.bimonline.insites.be!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:13783 Ontdekt: Trace.TrackingCookie.www.belstat.be!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:14104 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:14266 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:14267 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:14332 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:16101 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:16504 Ontdekt: Trace.TrackingCookie.www.belstat.be!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:16921 Ontdekt: Trace.TrackingCookie.ads.pubmatic.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:16923 Ontdekt: Trace.TrackingCookie.ads.pubmatic.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:17196 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:17306 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:17975 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:18522 Ontdekt: Trace.TrackingCookie.de.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:18525 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:18692 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:20820 Ontdekt: Trace.TrackingCookie.d1.openx.org!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:20836 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:20955 Ontdekt: Trace.TrackingCookie.www.belstat.be!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:21701 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:21922 Ontdekt: Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:22058 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:22433 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:22501 Ontdekt: Trace.TrackingCookie.this.content.served.by.adshuffle.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:22590 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:22762 Ontdekt: Trace.TrackingCookie.track.adform.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:23535 Ontdekt: Trace.TrackingCookie.tribalfusion.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:23659 Ontdekt: Trace.TrackingCookie.ad.zanox.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:24614 Ontdekt: Trace.TrackingCookie.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:24955 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:25122 Ontdekt: Trace.TrackingCookie.track.adform.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:25234 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:25665 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:25697 Ontdekt: Trace.TrackingCookie.statse.webtrendslive!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:26346 Ontdekt: Trace.TrackingCookie.thefreedictionary.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:26347 Ontdekt: Trace.TrackingCookie.thefreedictionary.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:27108 Ontdekt: Trace.TrackingCookie.www.omniture.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:27981 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:27982 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:28761 Ontdekt: Trace.TrackingCookie.www.etracker.de!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:28762 Ontdekt: Trace.TrackingCookie.www.etracker.de!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:28763 Ontdekt: Trace.TrackingCookie.www.etracker.de!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:29281 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:29581 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30532 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30535 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30538 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30561 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30562 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30563 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30584 Ontdekt: Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32233 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32818 Ontdekt: Trace.TrackingCookie.adserv!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32894 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32911 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32912 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32913 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32914 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32915 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32916 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34487 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34516 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34517 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34526 Ontdekt: Trace.TrackingCookie.adserv!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34795 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34808 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34809 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36308 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36717 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36718 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36719 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36720 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36721 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36724 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2 C:\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Ontdekt: Adware.Win32.Yontoo.AMN!A2 C:\Program Files\Application Updater\ApplicationUpdater.exe Ontdekt: Adware.Win32.Toolbar.Dealio.AMN!A2 C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe Ontdekt: Adware.Win32.Toolbar.Dealio.AMN!A2 C:\Program Files\Trend Micro\HiJackThis\backups\backup-20111023-172414-226.dll Ontdekt: Riskware.Win32.Toolbar.Zugo.AMN!A2 C:\Program Files\Trend Micro\HiJackThis\backups\backup-20111023-172414-748.dll Ontdekt: Adware.Win32.Toolbar.Dealio.AMN!A2 C:\Program Files\Trend Micro\HiJackThis\backups\backup-20120201-094324-298.dll Ontdekt: Adware.Win32.Yontoo.AMN!A2 Gescand Bestanden: 111421 Sporen: 404391 Cookies: 2775 Processen: 31 Gevonden Bestanden: 6 Sporen: 140 Cookies: 122 Processen: 0 Registersleutels: 0 Scan Geëindigd: 1/02/2012 21:21:17 Scantijd: 1:49:27 C:\Program Files\Trend Micro\HiJackThis\backups\backup-20111023-172414-226.dll Verwijderd Riskware.Win32.Toolbar.Zugo.AMN!A2 C:\Program Files\Application Updater\ApplicationUpdater.exe Verwijderd Adware.Win32.Toolbar.Dealio.AMN!A2 C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe Verwijderd Adware.Win32.Toolbar.Dealio.AMN!A2 C:\Program Files\Trend Micro\HiJackThis\backups\backup-20111023-172414-748.dll Verwijderd Adware.Win32.Toolbar.Dealio.AMN!A2 C:\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Verwijderd Adware.Win32.Yontoo.AMN!A2 C:\Program Files\Trend Micro\HiJackThis\backups\backup-20120201-094324-298.dll Verwijderd Adware.Win32.Yontoo.AMN!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32911 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32912 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32913 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32914 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32915 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32916 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32818 Verwijderd Trace.TrackingCookie.adserv!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34526 Verwijderd Trace.TrackingCookie.adserv!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:28761 Verwijderd Trace.TrackingCookie.www.etracker.de!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:28762 Verwijderd Trace.TrackingCookie.www.etracker.de!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:28763 Verwijderd Trace.TrackingCookie.www.etracker.de!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:27108 Verwijderd Trace.TrackingCookie.www.omniture.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:26346 Verwijderd Trace.TrackingCookie.thefreedictionary.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:26347 Verwijderd Trace.TrackingCookie.thefreedictionary.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:25697 Verwijderd Trace.TrackingCookie.statse.webtrendslive!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:24614 Verwijderd Trace.TrackingCookie.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:23659 Verwijderd Trace.TrackingCookie.ad.zanox.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:23535 Verwijderd Trace.TrackingCookie.tribalfusion.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:25122 Verwijderd Trace.TrackingCookie.track.adform.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:22501 Verwijderd Trace.TrackingCookie.this.content.served.by.adshuffle.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:20820 Verwijderd Trace.TrackingCookie.d1.openx.org!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:18522 Verwijderd Trace.TrackingCookie.de.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:16921 Verwijderd Trace.TrackingCookie.ads.pubmatic.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:16923 Verwijderd Trace.TrackingCookie.ads.pubmatic.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:16101 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:22058 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36308 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36717 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36718 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36719 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36720 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36721 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:13783 Verwijderd Trace.TrackingCookie.www.belstat.be!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:16504 Verwijderd Trace.TrackingCookie.www.belstat.be!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:20955 Verwijderd Trace.TrackingCookie.www.belstat.be!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:13270 Verwijderd Trace.TrackingCookie.bimonline.insites.be!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:11480 Verwijderd Trace.TrackingCookie.m.webtrends.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:5215 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:14104 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:14266 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:14267 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:4956 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:9893 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:12096 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:14332 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:17196 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:17306 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:17975 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:18525 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:18692 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:20836 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:21701 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:25234 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:25665 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:29281 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:29581 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34795 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:4267 Verwijderd Trace.TrackingCookie.www.burstnet.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3387 Verwijderd Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3388 Verwijderd Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:4437 Verwijderd Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:6460 Verwijderd Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:8107 Verwijderd Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:12965 Verwijderd Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:13076 Verwijderd Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:13077 Verwijderd Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:21922 Verwijderd Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30584 Verwijderd Trace.TrackingCookie.be.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3239 Verwijderd Trace.TrackingCookie.trafficmp.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3240 Verwijderd Trace.TrackingCookie.trafficmp.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3241 Verwijderd Trace.TrackingCookie.trafficmp.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:1634 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:1635 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:1639 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:1640 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:2760 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:2761 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:2762 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:1457 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:3208 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:4579 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:22433 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:22590 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:24955 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32233 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34487 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:816 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30532 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30535 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30538 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30561 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30562 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:30563 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:32894 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:113 Verwijderd Trace.TrackingCookie.doubleclick.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:36724 Verwijderd Trace.TrackingCookie.doubleclick.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:11 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:12 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:298 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:299 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:2932 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:2933 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:27981 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:27982 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34516 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34517 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34808 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:34809 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\JOYMANIA Entertainment\KnightsandMerchants TPR --> CDPATH Verwijderd Trace.Registry.Knights and Merchants!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\JOYMANIA Entertainment\KnightsandMerchants TPR --> DIR Verwijderd Trace.Registry.Knights and Merchants!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\JOYMANIA Entertainment\KnightsandMerchants TPR --> Language Verwijderd Trace.Registry.Knights and Merchants!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\JOYMANIA Entertainment\KnightsandMerchants TPR --> Version Verwijderd Trace.Registry.Knights and Merchants!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KaM - The Peasants Rebellion --> DisplayName Verwijderd Trace.Registry.Knights and Merchants!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KaM - The Peasants Rebellion --> UninstallString Verwijderd Trace.Registry.Knights and Merchants!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Advanced --> Status Verwijderd Trace.Registry.Kazaa!A2 Key: HKEY_CURRENT_USER\software\kazaa Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_CLASSES_ROOT\CLSID\{3E0FA044-926C-42D9-BA12-EF16E980913B}\InprocServer32 --> ThreadingModel Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\bounds --> Main.Height Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\bounds --> Main.Left Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\bounds --> Main.Maximized Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\bounds --> Main.Top Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\bounds --> Main.Width Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Columns\Transfers --> Download Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Columns\Transfers --> Queue Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Columns\Transfers --> Upload Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Data --> JI.AresNet1 Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Positions\Transfers --> Download Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Positions\Transfers --> Queue Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares\Positions\Transfers --> Upload Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> General.Language Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> General.LastLibraryMode Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> GUI.LastChatRoomBrowse Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> GUI.LastLibrary Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> GUI.LastPMBrowse Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> GUI.LastSearch Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Hashing.Priority Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Network.DHTID Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Personal.GUID Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Playlist.PreviousM3UApp Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Playlist.PreviousWAXApp Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> PrivateMessage.AllowBrowse Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> PrivateMessage.AwayMessage Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.CAvgTime Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.CDnSpeed Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.CFRTime Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.CTtUptime Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.CUpSpeed Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.HasLQCa Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.LstCaQuery Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Stats.LstCaQueryInt Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Torrents.PreviousApp Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CURRENT_USER\Software\Ares --> Transfer.ServerPort Verwijderd Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3E0FA044-926C-42D9-BA12-EF16E980913B}\InprocServer32 --> ThreadingModel Verwijderd Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> DisplayName Verwijderd Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> DisplayVersion Verwijderd Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> Publisher Verwijderd Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> UninstallString Verwijderd Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> URLInfoAbout Verwijderd Trace.Registry.Ares!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ares --> URLUpdateInfo Verwijderd Trace.Registry.Ares!A2 Value: HKEY_CLASSES_ROOT\arlnk --> URL Protocol Verwijderd Trace.Registry.Ares Galaxy P2P Plus!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\arlnk --> URL Protocol Verwijderd Trace.Registry.Ares Galaxy P2P Plus!A2 c:\program files\KaM - The Peasants Rebellion\binkw32.dll Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\fmod.dll Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\fsgs.dll Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\KM_TPR.exe Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\setup.cfg Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\defines\houses.dat Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\defines\mapelem.dat Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\defines\pattern.dat Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\misc\setup.lib Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\misc\text.lib Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\save\dummy.txt Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\data\sfx\sounds.dat Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\KaM - The Peasants Rebellion\manual\manual.pdf Verwijderd Trace.File.Knights and Merchants!A2 c:\documents and settings\administrator\start menu\programs\KaM - The Peasants Rebellion\KaM - The Peasants Rebellion.lnk Verwijderd Trace.File.Knights and Merchants!A2 c:\program files\Ares\AsyncEx.ax Verwijderd Trace.File.Ares!A2 c:\program files\Ares\chatServer.exe Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\Blocked.txt.sample Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\ChanListFilter.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\ChatConf.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\buttonsbitmap.bmp Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\chat.bmp Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\emotic.bmp Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\libbig.bmp Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\logo.bmp Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\mimesmall.bmp Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\mshareset.bmp Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\prefs.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\searchpnl.bmp Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\searchstars.bmp Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\tabssmall.bmp Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\GUI\General\transfer.bmp Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\HomePage.url Verwijderd Trace.File.Ares!A2 c:\program files\Ares\data\P2PFilter.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\arabic.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\czech.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\dutch.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\french.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\german.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\italian.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\japanese.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\polish.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\slovak.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\spanish.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\swedish.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\lang\turkish.txt Verwijderd Trace.File.Ares!A2 c:\program files\Ares\libfaad2.dll Verwijderd Trace.File.Ares!A2 c:\program files\Ares\MP3Source.ax Verwijderd Trace.File.Ares!A2 c:\documents and settings\administrator\start menu\programs\Ares\Ares.lnk Verwijderd Trace.File.Ares!A2 c:\documents and settings\administrator\start menu\programs\Ares\Homepage.lnk Verwijderd Trace.File.Ares!A2 c:\program files\KaM - The Peasants Rebellion Verwijderd Trace.Directory.Knights and Merchants!A2 c:\documents and settings\administrator\start menu\programs\KaM - The Peasants Rebellion Verwijderd Trace.Directory.Knights and Merchants!A2 c:\program files\GameSpy Arcade Verwijderd Trace.Directory.GameSpy Arcade!A2 c:\program files\Ares Verwijderd Trace.Directory.Ares!A2 c:\documents and settings\administrator\start menu\programs\Ares Verwijderd Trace.Directory.Ares!A2 Verwijderd Bestanden: 6 Sporen: 140 Cookies: 109 Logje 2 Emsisoft Emergency Kit - Versie 1.0 Laatste Update: 1/02/2012 19:30:23 Scaninstellingen: Scantype: Diepe Scan Objecten: Geheugen, Sporen, Cookies, C:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan gestart: 1/02/2012 22:33:40 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:22762 Ontdekt: Trace.TrackingCookie.track.adform.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37292 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37313 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2 C:\Program Files\Application Updater\ApplicationUpdater.exe Ontdekt: Adware.Win32.Toolbar.Dealio.AMN!A2 C:\Program Files\Trend Micro\HiJackThis\backups\backup-20111023-172414-226.dll Ontdekt: Riskware.Win32.Toolbar.Zugo.AMN!A2 Gescand Bestanden: 110708 Sporen: 404391 Cookies: 2674 Processen: 21 Gevonden Bestanden: 2 Sporen: 0 Cookies: 3 Processen: 0 Registersleutels: 0 Scan Geëindigd: 2/02/2012 0:08:29 Scantijd: 1:34:49 C:\Program Files\Trend Micro\HiJackThis\backups\backup-20111023-172414-226.dll Verwijderd Riskware.Win32.Toolbar.Zugo.AMN!A2 C:\Program Files\Application Updater\ApplicationUpdater.exe Verwijderd Adware.Win32.Toolbar.Dealio.AMN!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37292 Verwijderd Trace.TrackingCookie.doubleclick.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37313 Verwijderd Trace.TrackingCookie.doubleclick.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:22762 Verwijderd Trace.TrackingCookie.track.adform.net!A2 Verwijderd Bestanden: 2 Sporen: 0 Cookies: 3 Logje 3 Emsisoft Emergency Kit - Versie 1.0 Laatste Update: 1/02/2012 19:30:23 Scaninstellingen: Scantype: Diepe Scan Objecten: Geheugen, Sporen, Cookies, C:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan gestart: 3/02/2012 12:24:37 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37386 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37851 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37874 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37888 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37990 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37992 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37993 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37994 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:37995 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:38159 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3fm64zy8.default\cookies.sqlite:38335 Ontdekt: Trace.TrackingCookie.www.belstat.be!A2 Gescand Bestanden: 110976 Sporen: 404391 Cookies: 2711 Processen: 31 Gevonden Bestanden: 0 Sporen: 0 Cookies: 11 Processen: 0 Registersleutels: 0 Scan Geëindigd: 3/02/2012 14:04:46 Scantijd: 1:40:09
  14. Veerle81
    Nee, niks, helaas. Nog eens proberen?
  15. Veerle81
    Ik heb dat programma kunnen downloaden, heb twee maal de scan laten lopen maar vond nergens waar die logjes zijn opgeslaan? Ik wilde het eventueel nog eens proberen maar nu vindt mijn pc dat programma niet terug?
  16. Veerle81
    Ik heb alles gedaan, voorlopig is hij nog maar één keer vastgelopen, dus dat is al een grote stap vooruit We hebben wel ook last van een programma die zich probeert te installeren wanneer we op de linkermuisknop klikken. Dat lukt blijkbaar niet, dus blijft dat dialoogvenster maar komen. Het gaat om Sonic cine player decoder pack. Geen idee wat het is en wat het op onze computer doet en of het iets te maken heeft met ons internet die vast loopt?
  17. Veerle81
    Jullie zijn geweldig! Alles lijkt nu in orde te zijn. Dank je wel!!!
  18. Veerle81
    Hier ons HijackThis logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:02:56, on 1/02/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\dcmsvc\dcmsvc.exe C:\Program Files\Spector Photo Software\Agent.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\notepad.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Spector Photo Software\Agent.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [EPSON SX420W Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\WINDOWS\TEMP\E_S6E.tmp" /EF "HKCU" O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - Startup: Warner Bros.lnk = C:\Program Files\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265983045640 O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.be/ExtraFilmUploader6.cab O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://de-sog12.hoerbiger.com/dwa7W.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (file missing) -- End of file - 7626 bytes En dat van MBAM: Malwarebytes Anti-Malware 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.02.01.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Administrator :: PC001 [administrator] 1/02/2012 9:49:30 mbam-log-2012-02-01 (09-49-30).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 168596 Verstreken tijd: 11 minuut/minuten, 15 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  19. Veerle81
    Merci voor het antwoord! Hier is het HijackThis logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:40:04, on 31/01/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\dcmsvc\dcmsvc.exe C:\Program Files\Spector Photo Software\Agent.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Spector Photo Software\Agent.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKCU\..\Run: [EPSON SX420W Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\WINDOWS\TEMP\E_S6E.tmp" /EF "HKCU" O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - Startup: Warner Bros.lnk = C:\Program Files\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265983045640 O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.be/ExtraFilmUploader6.cab O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://de-sog12.hoerbiger.com/dwa7W.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (file missing) -- End of file - 7838 bytes
  20. Veerle81
    Ons internet loopt steeds maar vast. Ook de acrobat reader laat het soms afweten. Het is echt vervelend, maar het komt voornamelijk voor bij websites als bijvoorbeeld youtube. Zou het probleem bij de harde schijf kunnen liggen? Onze computer is al redelijk oud. Merci! Veerle
  21. Veerle81
    En helpt dat dan als je een goeie antivirusprogramma hebt? Of heeft dat er ook niks mee te maken? Is een gekocht antivirusprogramma zoals Norton beter dan een gratis antivirusprogramma van internet zoals Avast? Groetjes
  22. Veerle81
    Hallo, Even geleden heb ik mijn pc weer in orde laten zetten met jullie hulp. Dat was omdat er spam werd verzonden vanuit mijn hotmailadres. Ik nam ook een ander paswoord. Nu wordt er alweer spam verstuurd vanop mijn emailadres! Hoe kan dat? Ik heb een antivirusprogramma van avast. Is dat niet voldoende? Hoe kan ik dit in de toekomst voorkomen? Alvast bedankt! Veerle
  23. Veerle81
    Het gaat inderdaad om een hotmailadres. Die hebben ze trouwens ondertussen geblokkeerd wegens teveel verzonden spam, maar met een nieuw paswoord kon ik weer verder. Hieronder de gevraagde logjes. Alvast bedankt! Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Databaseversie: 8005 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 23/10/2011 17:39:29 mbam-log-2011-10-23 (17-39-28).txt Scantype: Snelle scan Objecten gescand: 169162 Verstreken tijd: 9 minuut/minuten, 32 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:48:40, on 23/10/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Spector Photo Software\Agent.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\dcmsvc\dcmsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Spector Photo Software\Agent.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [EPSON SX420W Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\WINDOWS\TEMP\E_S6E.tmp" /EF "HKCU" O4 - Startup: Warner Bros.lnk = C:\Program Files\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265983045640 O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.be/ExtraFilmUploader6.cab O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://de-sog12.hoerbiger.com/dwa7W.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 7540 bytes
  24. Veerle81
    Beste, Blijkbaar wordt er spam verstuurd vanop mijn emailadres. Daarom dacht ik dat het misschien zou helpen om een hijackthis logje naar jullie door te sturen. Of moet je dat op een andere manier oplossen? Alvast bedankt! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:25:51, on 22/10/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Spector Photo Software\Agent.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\dcmsvc\dcmsvc.exe C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll O2 - BHO: AC-Pro - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Administrator\Application Data\Complitly\AutocompletePro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Spector Photo Software\Agent.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKCU\..\Run: [Microsoft Firewall 2.9] C:\Documents and Settings\Administrator\Application Data\WMPRWISE.EXE O4 - HKCU\..\Run: [EPSON SX420W Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\WINDOWS\TEMP\E_S6E.tmp" /EF "HKCU" O4 - Startup: Warner Bros.lnk = C:\Program Files\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265983045640 O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.be/ExtraFilmUploader6.cab O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://de-sog12.hoerbiger.com/dwa7W.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Updater Service for StartNow Toolbar - Unknown owner - C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- End of file - 9002 bytes
  25. Veerle81
    Hoe doe ik dat? Hoe kan je een site herinstalleren?
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.