Mediaplayer blijf in de taakbalk staan

[kape]

Wat Malwarebytes betreft is alles nu OK. Voor het verwijderen van de items met HijackThis kan je nu best de PC opstarten in "veilige modus" en daar de onderstaande items fixen :

O9 - Extra button: (no name) - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)

O9 - Extra button: (no name) - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)

O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)

O9 - Extra button: (no name) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)

Sluit de PC af, start opnieuw op in normale modus en maak een nieuw logje met HijackThis ter controle voor jezelf. Enkel om de bekijken of deze 09-lijnen nu verdwenen zijn.

Is er - nu de malware verwijderd is van je computer - al enige verbetering merkbaar bij je oorspronkelijke probleem ?

[ebro1968]

hoi ik heb gedaan wat je hebt gezegd maar die"09"regels bllijven wer gewoon in staan.

Het probleem met mediaplayer en utorrent zijn (nog)niet opgelost.

Wederom tof van je hulp

[kape]

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Indien je problemen hebt bij het uitvoeren van ComboFix, gelieve dit te melden.

[Kurtt]

Als het na combofix niet lukt, probeer dan de tips van post #5 van mij eens.

[ebro1968]

Hoi hier is de log van combofix

omboFix 10-11-17.03 - Administrator 18-11-2010 16:01:19.1.4 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3070.1707 [GMT 1:00]

Gestart vanuit: C:\Users\Administrator.PC_van_prislove\Documents\werk\ComboFix.exe

SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

* Aanwezig AV is actief

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Windows\system32\system

C:\Windows\TEMP\logishrd\LVPrcInj02.dll

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-10-18 to 2010-11-18 ))))))))))))))))))))))))))))))

.

2010-11-18 15:11:45 . 2010-11-18 15:11:45 -------- d-----w- C:\Users\Default\AppData\Local\temp

2010-11-18 15:01:20 . 2010-11-18 15:01:20 -------- d-----w- C:\QUARANTINE

2010-11-17 21:00:14 . 2010-11-17 21:00:14 -------- d-----w- C:\Users\Administrator.PC_van_prislove\AppData\Roaming\Malwarebytes

2010-11-17 21:00:00 . 2010-11-17 21:00:00 -------- d-----w- C:\ProgramData\Malwarebytes

2010-11-17 20:59:59 . 2010-11-17 21:10:00 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware

2010-11-17 19:36:16 . 2009-06-30 09:37:16 28552 ----a-w- C:\Windows\system32\drivers\pavboot.sys

2010-11-17 17:30:30 . 2010-11-17 17:30:30 388096 ----a-r- C:\Users\Administrator.PC_van_prislove\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-11-17 17:30:29 . 2010-11-17 17:30:29 -------- d-----w- C:\Program Files\Trend Micro

2010-11-17 13:49:46 . 2010-11-17 13:49:46 604488 ----a-w- C:\Windows\system32\TUProgSt.exe

2010-11-17 13:49:43 . 2009-07-15 09:48:28 17224 ----a-w- C:\Windows\system32\authuitu.dll

2010-11-17 13:49:43 . 2009-07-15 09:48:20 29000 ----a-w- C:\Windows\system32\uxtuneup.dll

2010-11-17 13:49:42 . 2010-11-17 13:49:42 361288 ----a-w- C:\Windows\system32\TuneUpDefragService.exe

2010-11-17 13:32:03 . 2010-11-17 13:32:04 -------- d-----w- C:\Program Files\ConduitEngine

2010-11-17 13:31:58 . 2010-11-17 13:31:59 -------- d-----w- C:\extensions

2010-11-17 13:31:54 . 2010-11-17 13:31:54 -------- d-----w- C:\Program Files\uTorrent

2010-11-17 13:25:34 . 2010-11-17 13:25:34 -------- d-----w- C:\Users\Administrator.PC_van_prislove\AppData\Local\Apps

2010-11-16 16:16:36 . 2010-11-16 16:16:36 -------- d-----w- C:\Program Files\LEGO Media

2010-11-13 22:41:08 . 2010-11-13 22:41:08 -------- d-----w- C:\Windows\nl

2010-11-13 22:40:40 . 2010-09-22 23:21:24 39272 ----a-w- C:\Windows\system32\drivers\fssfltr.sys

2010-11-13 22:35:22 . 2010-11-13 22:35:22 469256 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\dffa7371cb83832b\InstallManager_WLE_WLE.exe

2010-11-13 22:35:05 . 2010-11-13 22:35:05 15712 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\47247971cb83831f\MeshBetaRemover.exe

2010-11-13 22:34:49 . 2010-11-13 22:34:49 94040 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\fada87b71cb838218\DSETUP.dll

2010-11-13 22:34:49 . 2010-11-13 22:34:49 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\fada87b71cb838218\DXSETUP.exe

2010-11-13 22:34:49 . 2010-11-13 22:34:49 1691480 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\fada87b71cb838218\dsetup32.dll

2010-11-13 22:34:48 . 2010-11-13 22:34:48 94040 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\f9d54cb71cb838217\DSETUP.dll

2010-11-13 22:34:48 . 2010-11-13 22:34:48 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\f9d54cb71cb838217\DXSETUP.exe

2010-11-13 22:34:48 . 2010-11-13 22:34:48 1691480 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\f9d54cb71cb838217\dsetup32.dll

2010-11-13 22:33:54 . 2010-11-18 12:30:14 -------- d-----w- C:\Users\Administrator.PC_van_prislove\AppData\Local\Windows Live

2010-11-13 22:33:07 . 2009-08-04 08:02:24 754688 ----a-w- C:\Windows\system32\webservices.dll

2010-11-13 20:10:06 . 2010-10-07 11:37:35 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat

2010-11-07 10:12:16 . 2010-11-07 10:12:16 -------- d-----w- C:\Users\Administrator.PC_van_prislove\AppData\Local\WBFSManager

2010-11-07 10:10:47 . 2010-11-07 10:10:47 -------- d-----w- C:\Program Files\WBFS

2010-11-03 08:11:17 . 2010-11-03 08:11:17 -------- d-----w- C:\Program Files\Steveredrum

2010-10-31 09:37:59 . 2010-05-04 19:13:07 231424 ----a-w- C:\Windows\system32\msshsq.dll

2010-10-31 09:37:57 . 2010-08-26 16:34:50 1696256 ----a-w- C:\Windows\system32\gameux.dll

2010-10-31 09:37:55 . 2010-08-26 16:33:12 28672 ----a-w- C:\Windows\system32\Apphlpdm.dll

2010-10-31 09:37:55 . 2010-08-26 14:23:58 4240384 ----a-w- C:\Windows\system32\GameUXLegacyGDFs.dll

2010-10-31 09:37:49 . 2010-08-31 15:46:37 954752 ----a-w- C:\Windows\system32\mfc40.dll

2010-10-31 09:37:49 . 2010-08-31 15:46:37 954288 ----a-w- C:\Windows\system32\mfc40u.dll

2010-10-31 09:37:46 . 2010-08-26 16:37:45 157184 ----a-w- C:\Windows\system32\t2embed.dll

2010-10-31 09:37:45 . 2010-08-20 16:05:07 867328 ----a-w- C:\Windows\system32\wmpmde.dll

2010-10-31 09:31:04 . 2010-08-31 15:44:31 531968 ----a-w- C:\Windows\system32\comctl32.dll

2010-10-30 21:04:02 . 2010-10-30 21:04:04 -------- d-----w- C:\Users\Administrator.PC_van_prislove\AppData\Local\FalloutNV

2010-10-30 10:38:26 . 2010-10-30 10:45:05 -------- d-----w- C:\Users\Administrator.PC_van_prislove\AppData\Roaming\ImgBurn

2010-10-30 10:37:09 . 2010-10-30 10:37:16 -------- d-----w- C:\Program Files\ImgBurn

2010-10-30 10:37:05 . 2010-10-30 10:37:05 -------- d-----w- C:\searchplugins

2010-10-30 10:37:00 . 2010-11-18 12:24:43 -------- d-----w- C:\Program Files\Ask.com

2010-10-30 10:37:00 . 2010-11-18 12:24:15 -------- d-----w- C:\FIND_MOZ_EXT

2010-10-26 20:08:00 . 2010-10-26 20:08:00 -------- d-----w- C:\Program Files\Microsoft Synchronization Services

2010-10-26 20:05:20 . 2010-10-26 20:05:23 -------- d-----w- C:\Program Files\Microsoft Visual Studio 8

2010-10-26 20:04:09 . 2010-10-26 20:04:09 -------- d-----w- C:\Program Files\Microsoft Analysis Services

2010-10-26 20:02:52 . 2010-10-26 20:02:52 -------- d-----r- C:\MSOCache

2010-10-24 18:14:16 . 2010-08-25 18:07:00 66536 ----a-w- C:\Windows\system32\drivers\mferkdet.sys

2010-10-24 18:14:16 . 2010-08-25 18:07:00 43192 ----a-w- C:\Windows\system32\drivers\mfebopk.sys

2010-10-24 18:14:16 . 2010-08-25 18:07:00 23864 ----a-w- C:\Program Files\Mozilla Firefox\components\Scriptff.dll

2010-10-24 18:14:15 . 2010-08-25 18:07:00 91896 ----a-w- C:\Windows\system32\drivers\mfeavfk.sys

2010-10-24 18:14:15 . 2010-08-25 18:07:00 76024 ----a-w- C:\Windows\system32\drivers\mfeapfk.sys

2010-10-24 18:14:15 . 2010-08-25 18:07:00 64208 ----a-w- C:\Windows\system32\drivers\mfetdik.sys

2010-10-24 18:14:14 . 2010-08-25 18:07:00 69192 ----a-w- C:\Windows\system32\mfevtps.exe

2010-10-24 18:14:14 . 2010-08-25 18:07:00 344712 ----a-w- C:\Windows\system32\drivers\mfehidk.sys

2010-10-24 18:13:25 . 2010-10-24 18:13:25 -------- d-----w- C:\Program Files\Common Files\Cisco Systems

2010-10-24 18:13:17 . 2010-10-24 18:13:22 -------- d-----w- C:\Program Files\McAfee

2010-10-24 18:13:17 . 2010-10-24 18:13:17 -------- d-----w- C:\Program Files\Common Files\McAfee

2010-10-24 17:17:16 . 2010-10-07 23:21:31 6146896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4D4908B-0B2D-41D5-94ED-A04585ABC7FC}\mpengine.dll

2010-10-24 14:36:23 . 2010-10-24 14:36:23 -------- d-----w- C:\ProgramData\3DWA_L

2010-10-24 14:35:48 . 2010-10-24 14:36:15 -------- d-----w- C:\Program Files\world atlas

2010-10-24 14:35:34 . 1998-10-29 14:45:06 306688 ----a-w- C:\Windows\IsUninst.exe

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-10-19 09:41:44 . 2009-10-03 00:29:25 222080 ------w- C:\Windows\system32\MpSigStub.exe

2010-10-14 00:36:52 . 2010-10-14 00:36:52 15451288 ----a-w- C:\Windows\system32\xlive.dll

2010-10-14 00:36:50 . 2010-10-14 00:36:50 13642904 ----a-w- C:\Windows\system32\xlivefnt.dll

2010-09-22 23:47:28 . 2010-09-22 23:47:28 49016 ----a-w- C:\Windows\system32\sirenacm.dll

2010-09-22 23:32:56 . 2010-09-22 23:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR

2010-09-18 10:08:46 . 2010-09-18 10:08:46 349 ------w- C:\Windows\system32\KiweeChatbarCleanup.bat

2010-08-26 16:33:06 . 2010-10-31 09:37:55 173056 ----a-w- C:\Windows\apppatch\AcXtrnal.dll

2010-08-26 16:33:04 . 2010-10-31 09:37:56 542720 ----a-w- C:\Windows\apppatch\AcLayers.dll

2010-08-26 16:33:04 . 2010-10-31 09:37:56 458752 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2010-08-26 16:33:04 . 2010-10-31 09:37:56 2159616 ----a-w- C:\Windows\apppatch\AcGenral.dll

2007-11-01 23:49:27 . 2007-11-01 23:49:27 141824 ----a-w- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll

2010-08-25 18:07:00 . 2010-10-24 18:14:16 23864 ----a-w- C:\Program Files\mozilla firefox\components\Scriptff.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 06:28:03 1233920]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 23:47:30 4240760]

"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 03:40:32 218032]

"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 07:33:09 125952]

"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe" [2009-02-06 18:17:38 3325952]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 10:13:20 152872]

"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 03:16:34 203928]

"AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-01-08 07:55:56 98304]

"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 13:08:02 136136]

"Steam"="C:\Program Files\Steam\Steam.exe" [2010-11-16 21:39:50 1242448]

"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2010-11-17 13:31:54 394616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 14:38:48 4390912]

"MSPService"="C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe" [2007-06-12 22:36:04 102400]

"toolbar_eula_launcher"="C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 16:20:56 28672]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32:22 56080]

"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 07:27:08 570664]

"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-11-02 08:38:58 167936]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 16:11:48 565008]

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 16:15:46 2407184]

"MBBalloon"="C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe" [2007-12-21 07:31:20 791392]

"Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-07 09:31:08 524632]

"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2007-08-29 18:30:54 474704]

"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 13:08:02 136136]

"McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\udaterui.exe" [2009-08-25 14:00:00 136512]

"ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2010-08-25 18:07:00 124224]

"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 12:54:26 91520]

C:\Users\Administrator.PC_van_prislove\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

DesktopVideoPlayer.LNK - C:\Program Files\vghd\vghd.exe [2010-3-10 423248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux4"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

R1 oreans32;oreans32;C:\Windows\system32\drivers\oreans32.sys [2009-08-04 06:35:25 33952]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384]

R2 gupdate;Google Updateservice (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-29 05:15:16 135664]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-07 09:31:08 1029456]

R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;C:\Windows\system32\DRIVERS\aabed2.sys [2008-03-20 09:35:54 23040]

R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys [2010-08-25 18:07:00 66536]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 08:25:22 30969208]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 19:37:50 4640000]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 11:16:28 753504]

R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 15:33:04 51040]

S0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys [2009-05-03 08:31:23 64160]

S0 pavboot;pavboot;C:\Windows\system32\drivers\pavboot.sys [2009-06-30 09:37:16 28552]

S0 PzWDM;PzWDM;C:\Windows\system32\Drivers\PzWDM.sys [2009-04-11 15:07:58 15172]

S0 SahdIa32;HDD Filter Driver;C:\Windows\System32\Drivers\SahdIa32.sys [2009-06-01 23:00:00 21488]

S0 SaibIa32;Volume Filter Driver;C:\Windows\System32\Drivers\SaibIa32.sys [2009-06-01 23:00:00 15856]

S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [2009-04-28 08:22:51 721904]

S1 SaibVd32;Virtual Disk Driver;C:\Windows\system32\Drivers\SaibVd32.sys [2009-06-01 23:00:00 25584]

S2 AGCoreService;AG Core Services;C:\Program Files\AGI\core\4.2.0.10753\AGCoreService.exe [2010-06-29 06:04:18 20480]

S2 FsUsbExService;FsUsbExService;C:\Windows\system32\FsUsbExService.Exe [2009-01-08 07:42:54 233472]

S2 McAfeeEngineService;McAfee Engine Service;C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe [2010-08-25 18:07:00 22816]

S2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\system32\mfevtps.exe [2010-08-25 18:07:00 69192]

S3 bbcap;bbcap;C:\Windows\system32\DRIVERS\bbcap.sys [2009-08-16 11:26:28 4096]

S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\system32\FsUsbExDisk.SYS [2009-01-08 07:42:54 36608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Inhoud van de 'Gedeelde Taken' map

2010-11-18 C:\Windows\Tasks\1-klik Onderhoud.job

- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 10:04:36 . 2009-07-16 10:04:36]

2010-11-14 C:\Windows\Tasks\Ad-Aware Update (Weekly).job

- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 19:06:56 . 2010-03-07 09:31:09]

2010-11-18 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-29 05:15:26 . 2010-01-29 05:15:16]

2010-11-18 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-29 05:15:26 . 2010-01-29 05:15:16]

2010-11-18 C:\Windows\Tasks\Recovery DVD Creator.job

- C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-11-01 23:45:34 . 2006-11-21 16:34:38]

2010-11-12 C:\Windows\Tasks\Roxio PhotoShow Updater.job

- C:\Program Files\Roxio\PhotoShow\auto_updater_shim.exe [2010-06-11 04:25:18 . 2010-06-11 04:25:18]

2010-11-18 C:\Windows\Tasks\Uitgebreide garantie.job

- C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-11-01 23:45:34 . 2006-11-21 16:38:02]

2010-11-18 C:\Windows\Tasks\User_Feed_Synchronization-{AC10D6F4-331B-4771-8198-4CACFE4ABA32}.job

- C:\Windows\system32\msfeedssync.exe [2010-10-31 09:38:36 . 2010-09-08 04:25:50]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2786678

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

.

- - - - ORPHANS VERWIJDERD - - - -

WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - (no file)

WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)

[kape]

Verwijder handmatig volgende vetgedrukte bestanden en mappen :

C:\Windows\system32\KiweeChatbarCleanup.bat

C:\Program Files\Ask.com

C:\Program Files\ConduitEngine

En zoek eens naar je startpagina’s : één van de instellingen moet daar nog op dit staan :

hxxp://search.conduit.com?SearchSource=10&ctid=CT2786678 (hxxp = http)

Deze moet je ook manueel verwijderen.