trage pc

[kape]

Dit moet je nog eens uitvoeren :

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop "Application Updater"

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete "Application Updater"

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop tV1bg8

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete tV1bg8

Druk op Enter.

Doe het - voor alle zekerheid - in "veilige modus" ... en hang daarna een nieuw logje van HijackThis in je volgende bericht ter controle.

[agie]

Wat je bedoel je percies -in de 'veilige modus'?

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:44:11, on 17-3-2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19019)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe

C:\Program Files\Fighters\VIRUSfighter\vfproTray.exe

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\System32\mobsync.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\riekie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"

O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"

O4 - HKLM\..\Run: [VFPROguard] C:\Program Files\Fighters\VIRUSfighter\VFPROTray.exe

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldnl-nl.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272387255067

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1293400404301

O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldnl-nl.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Application Updater - Unknown owner - C:\Program Files\Application Updater\ApplicationUpdater.exe

O23 - Service: AV Engine Scanning Service - Preventon Technologies Limited - C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe

O23 - Service: AV Watch Service - Preventon Technologies Limited - C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: SupportSoft Sprocket Service (KPN) (sprtsvc_KPN) - SupportSoft, Inc. - C:\Program Files\KPN\bin\sprtsvc.exe

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe

O23 - Service: tV1bg8 - Unknown owner - F:\PC Wizard 2009\Data\pcwizntl.exe (file missing)

--

End of file - 7251 bytes

[kape]

Bij "veilige modus" start je de PC op door constant op de F8-toets te tokkelen na het induwen van de startknop. Dan kom je uit in een - iets anders uitziende - omgeving, waarin je de opdracht eveneens kan uitvoeren. Want ook nu is het in de "gewone modus" niet gelukt om de items te verwijderen. Probeer het dan even op die andere manier !

18 maart 2011 aangepast door kape

[agie]

Weer wat geleerd!

ogfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:05:55, on 18-3-2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19019)

Boot mode: Safe mode

Running processes:

C:\Windows\Explorer.EXE

C:\Windows\helppane.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\riekie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"

O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"

O4 - HKLM\..\Run: [VFPROguard] C:\Program Files\Fighters\VIRUSfighter\VFPROTray.exe

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldnl-nl.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272387255067

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1293400404301

O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldnl-nl.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Application Updater - Unknown owner - C:\Program Files\Application Updater\ApplicationUpdater.exe

O23 - Service: AV Engine Scanning Service - Preventon Technologies Limited - C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe

O23 - Service: AV Watch Service - Preventon Technologies Limited - C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: SupportSoft Sprocket Service (KPN) (sprtsvc_KPN) - SupportSoft, Inc. - C:\Program Files\KPN\bin\sprtsvc.exe

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe

--

End of file - 6261 bytes

[kape]

Hoe staat het nu met de snelheid van de PC ?

[agie]

De snelheid is een stuk beter.

Het enige wat nog moeizaam gaat is het opstarten van de pc , duurt lang ,en soms een trage verbinding met google.

Heeft misschien te maken met veel activiteit op internet?

[kape]

Gaan we toch nog even verder kijken. Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[agie]

Ik heb een poging gedaan maar ik zie op het scherm een kleine scan-balk en daarnaar gebeurd er niets meer.

Misschien niet lang genoeg gewacht?

Hoelang is de duur van het gehele proces en komt de logbestand automatisch op het scherm wanneer het scannen is voltooid ?

[kape]

Bij een eerste gebruik kan Combofix behoorlijk lang duren. Een tijdsduur bepalen is onmogelijk, want dat is ook afhankelijk van de inhoud en het aantal programma's dat op de PC draait.

Lukt het helemaal niet, probeer het dan eens in "veilige modus" te laten scannen.

[agie]

Uiteindelijk toch gelukt!

ComboFix 11-03-15.02 - riekie 20-03-2011 22:03:54.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1015.281 [GMT 1:00]

Gestart vanuit: c:\users\riekie\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Microsoft

c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer

c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Algemene voorwaarden.url

c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Privacybeleid.url

c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Website.url

c:\users\riekie\AppData\Roaming\inst.exe

c:\users\riekie\AppData\Roaming\Microsoft\Windows\Recent\Windows Live Mail.url

c:\users\riekie\AppData\Roaming\Microsoft\Windows\Recent\Windows Live starten.url

c:\users\riekie\AppData\Roaming\PriceGong

c:\users\riekie\AppData\Roaming\PriceGong\Data\1.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\a.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\b.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\c.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\d.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\e.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\f.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\g.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\h.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\i.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\J.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\k.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\l.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\m.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\mru.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\n.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\o.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\p.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\q.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\r.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\s.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\t.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\u.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\v.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\w.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\x.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\y.xml

c:\users\riekie\AppData\Roaming\PriceGong\Data\z.xml

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-02-20 to 2011-03-20 ))))))))))))))))))))))))))))))

.

.

2011-03-20 21:18 . 2011-03-20 21:18 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-03-18 23:42 . 2011-03-18 23:52 126512 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2011-03-18 23:42 . 2011-03-18 23:53 -------- d-----w- c:\program files\Symantec

2011-03-18 23:40 . 2011-03-19 15:03 -------- d-----w- c:\windows\system32\drivers\NAV

2011-03-18 23:40 . 2011-03-18 23:40 -------- d-----w- c:\program files\Norton AntiVirus

2011-03-18 23:40 . 2011-03-18 23:45 -------- d-----w- c:\programdata\Norton

2011-03-18 23:36 . 2011-03-18 23:36 -------- d-----w- c:\program files\NortonInstaller

2011-03-18 23:31 . 2011-03-18 23:31 -------- d-----w- c:\programdata\AVG Security Toolbar

2011-03-18 23:11 . 2011-03-18 23:11 -------- d-----w- c:\users\riekie\AppData\Roaming\Download Manager

2011-03-18 22:50 . 2011-03-18 22:50 -------- d-----w- c:\programdata\Preventon

2011-03-14 19:10 . 2011-03-14 19:10 388096 ----a-r- c:\users\riekie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-03-14 19:10 . 2011-03-14 19:10 -------- d-----w- c:\program files\Trend Micro

2011-03-09 15:47 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-03-09 15:47 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll

2011-03-09 15:47 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax

2011-03-09 15:47 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll

2011-03-09 15:46 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll

2011-03-09 15:46 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe

2011-03-08 15:17 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23AB8B9B-9C99-49DF-915C-003290BD8B4F}\mpengine.dll

2011-03-08 14:12 . 2011-03-08 14:13 -------- d-----w- c:\users\riekie\AppData\Local\{BC2666C5-9FDF-476B-B7A6-B379B079FA2A}

2011-03-06 11:14 . 2011-03-06 11:15 -------- d-----w- c:\users\riekie\AppData\Local\{64AACFF4-37A8-4945-94B6-36E235092F0C}

2011-03-04 17:02 . 2011-03-04 17:02 -------- d-----w- c:\program files\Belastingdienst

2011-03-04 16:48 . 2011-03-04 16:48 -------- d-----w- c:\users\riekie\AppData\Local\FixItCenter

2011-03-04 16:43 . 2011-03-04 16:43 -------- d-----w- c:\windows\MATS

2011-03-01 15:52 . 2011-03-01 15:52 -------- d-----w- c:\users\riekie\AppData\Local\{4BC0EAE7-E9E2-49CA-9452-6D32A30F35F7}

2011-02-25 21:28 . 2011-03-04 16:43 -------- d-----w- c:\program files\Microsoft Fix it Center

2011-02-25 20:39 . 2011-02-25 20:40 -------- d-----w- c:\users\riekie\AppData\Local\{FF3A4ED5-6F5D-4FA9-9B4C-812F1A43DB54}

2011-02-23 20:37 . 2011-02-23 20:37 -------- d-----w- c:\users\riekie\AppData\Local\Sunbelt Software

2011-02-23 20:06 . 2011-02-23 20:06 -------- dc-h--w- c:\programdata\{E53F90E0-D7CA-4310-8844-F6E688407890}

2011-02-22 07:14 . 2011-02-22 12:31 -------- d-----w- c:\users\riekie\AppData\Roaming\Sammsoft

2011-02-21 23:11 . 2011-02-23 21:27 -------- d-----w- c:\programdata\clp

2011-02-21 20:16 . 2011-03-11 18:17 -------- d-----w- c:\users\riekie\AppData\Local\WinZip

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-03-17 14:55 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-02-02 20:40 . 2010-04-28 17:47 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-02-02 16:11 . 2009-10-03 13:40 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-01-20 16:37 . 2011-02-17 15:35 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2011-01-20 16:08 . 2011-02-17 15:35 478720 ----a-w- c:\windows\system32\dxgi.dll

2011-01-20 16:08 . 2011-02-17 15:35 219648 ----a-w- c:\windows\system32\d3d10_1core.dll

2011-01-20 16:08 . 2011-02-17 15:35 160768 ----a-w- c:\windows\system32\d3d10_1.dll

2011-01-20 16:08 . 2011-02-17 15:35 189952 ----a-w- c:\windows\system32\d3d10core.dll

2011-01-20 16:08 . 2011-02-17 15:35 1029120 ----a-w- c:\windows\system32\d3d10.dll

2011-01-20 16:07 . 2011-02-17 15:35 37376 ----a-w- c:\windows\system32\cdd.dll

2011-01-20 16:07 . 2011-02-17 15:35 258048 ----a-w- c:\windows\system32\winspool.drv

2011-01-20 16:07 . 2011-02-17 15:35 586240 ----a-w- c:\windows\system32\stobject.dll

2011-01-20 16:06 . 2011-02-17 15:35 2873344 ----a-w- c:\windows\system32\mf.dll

2011-01-20 16:06 . 2011-02-17 15:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll

2011-01-20 16:04 . 2011-02-17 15:35 209920 ----a-w- c:\windows\system32\mfplat.dll

2011-01-20 16:04 . 2011-02-17 15:35 98816 ----a-w- c:\windows\system32\mfps.dll

2011-01-20 14:28 . 2011-02-17 15:35 1554432 ----a-w- c:\windows\system32\xpsservices.dll

2011-01-20 14:27 . 2011-02-17 15:35 876032 ----a-w- c:\windows\system32\XpsPrint.dll

2011-01-20 14:26 . 2011-02-17 15:35 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe

2011-01-20 14:25 . 2011-02-17 15:35 847360 ----a-w- c:\windows\system32\OpcServices.dll

2011-01-20 14:24 . 2011-02-17 15:35 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-01-20 14:24 . 2011-02-17 15:35 135680 ----a-w- c:\windows\system32\XpsRasterService.dll

2011-01-20 14:15 . 2011-02-17 15:35 979456 ----a-w- c:\windows\system32\MFH264Dec.dll

2011-01-20 14:14 . 2011-02-17 15:35 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll

2011-01-20 14:14 . 2011-02-17 15:35 261632 ----a-w- c:\windows\system32\mfreadwrite.dll

2011-01-20 14:14 . 2011-02-17 15:35 302592 ----a-w- c:\windows\system32\mfmp4src.dll

2011-01-20 14:12 . 2011-02-17 15:35 1172480 ----a-w- c:\windows\system32\d3d10warp.dll

2011-01-20 14:11 . 2011-02-17 15:35 486400 ----a-w- c:\windows\system32\d3d10level9.dll

2011-01-20 13:47 . 2011-02-17 15:35 683008 ----a-w- c:\windows\system32\d2d1.dll

2011-01-20 13:44 . 2011-02-17 15:35 1068544 ----a-w- c:\windows\system32\DWrite.dll

2011-01-20 13:44 . 2011-02-17 15:35 797184 ----a-w- c:\windows\system32\FntCache.dll

2011-01-08 08:47 . 2011-02-17 15:24 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-01-08 06:28 . 2011-02-17 15:24 292352 ----a-w- c:\windows\system32\atmfd.dll

2010-12-31 13:57 . 2011-02-17 15:50 2039808 ----a-w- c:\windows\system32\win32k.sys

2010-12-28 15:55 . 2011-01-12 16:27 413696 ----a-w- c:\windows\system32\odbc32.dll

2010-12-23 19:55 . 2007-08-30 08:49 319456 ----a-w- c:\windows\DIFxAPI.dll

2010-12-22 14:48 . 2010-12-22 14:48 3527680 ----a-w- c:\windows\system32\M2LU_Server.exe

2010-12-22 14:48 . 2010-12-22 14:48 1120768 ----a-w- c:\windows\system32\M2ElevatedCalls.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-08 68856]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]

"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]

"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]

"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2011-03-01 126976]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0bootdelete\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^$McRebootA5E6DEAA56$.lnk]

backup=c:\windows\pss\$McRebootA5E6DEAA56$.lnk.CommonStartup

backupExtension=.CommonStartup

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

%ProgramFiles%\Windows Defender\MSASCui.exe -hide [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-09-20 22:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]

2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]

2007-04-03 16:00 644696 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeApp]

2011-01-02 11:30 814496 ----a-w- c:\program files\FreeApps\FreeApps.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]

2011-03-01 16:33 126976 ----a-w- c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

2008-06-18 19:01 166424 ----a-w- c:\windows\System32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

2007-05-24 11:13 71176 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2008-12-08 13:50 54576 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

2007-04-18 15:01 65536 ----a-w- c:\hp\support\hpsysdrv.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

2008-06-18 19:01 141848 ----a-w- c:\windows\System32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

2006-12-08 16:16 65536 ----a-w- c:\hp\KBD\KbdStub.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPN]

2008-06-06 15:08 198184 ----a-w- c:\program files\KPN\bin\sprtcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPNAssistentUpdater]

2010-12-22 14:49 1964928 ----a-w- c:\program files\KPN\KPN Update\KPNAssistentUpdater.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]

2010-12-20 17:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

2008-06-18 19:01 133656 ----a-w- c:\windows\System32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateReg]

2008-02-22 02:25 54672 ----a-w- c:\windows\System32\jureg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]

2007-05-31 07:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1753990348-677674000-2389129793-1000]

"EnableNotificationsRef"=dword:00000001

.

R1 ctredrv.sys;ctredrv.sys;c:\windows\system32\drivers\ctredrv.sys [x]

R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 DUMeterSvc;DU Meter Service; [x]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-26 136176]

R2 SPAMfighter Update Service;SPAMfighter Update Service; [x]

R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]

R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]

R3 cpuz134;cpuz134;c:\program files\CPUID\PC Wizard 2010\pcwiz_x32.sys [2010-07-09 20328]

R3 hitmanpro2;Hitman Pro 2 Driver;c:\program files\Hitman Pro\hitmanpro2.sys [x]

R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-11-16 267568]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

R4 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

R4 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

R4 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

R4 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1205000.07D\SYMDS.SYS [2010-10-21 340016]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1205000.07D\SYMEFA.SYS [2010-11-18 652336]

S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-07-12 54112]

S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20110309.001\BHDrvx86.sys [2011-03-09 800376]

S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20110317.002\IDSvix86.sys [2010-11-09 353912]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1205000.07D\Ironx86.SYS [2010-11-16 136312]

S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NAV\1205000.07D\SYMTDIV.SYS [2010-12-01 330360]

S2 iprip;RIP-listener;c:\windows\System32\svchost.exe [2008-01-19 21504]

S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe [2010-11-24 130000]

S2 sprtsvc_KPN;SupportSoft Sprocket Service (KPN);c:\program files\KPN\bin\sprtsvc.exe [2008-06-06 202016]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-03-19 102448]

S3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr61.sys [2007-05-11 357376]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

ipripsvc REG_MULTI_SZ iprip

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

.

Inhoud van de 'Gedeelde Taken' map

.

2011-03-20 c:\windows\Tasks\AWC Startup.job

- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-12-17 15:19]

.

2011-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-26 16:06]

.

2011-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-26 16:06]

.

2011-03-20 c:\windows\Tasks\User_Feed_Synchronization-{522C3C04-2DFD-4007-AE2B-05A1BC1F3F9A}.job

- c:\windows\system32\msfeedssync.exe [2011-02-17 04:47]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/webhp?sourceid=navclient&hl=nl&ie=UTF-8&rlz=1T4HPEA_nlNL315NL315

mStart Page = hxxp://www.msn.com

uSearchAssistant = hxxp://www.google.com/ie

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -

.

- - - - ORPHANS VERWIJDERD - - - -

.

BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll

WebBrowser-{548F6736-8FE4-4680-82F2-170D6C07E1D2} - (no file)

WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-03-20 22:18

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NAV]

"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\18.5.0.125\diMaster.dll\" /prefetch:1"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

Voltooingstijd: 2011-03-20 22:25:56

ComboFix-quarantined-files.txt 2011-03-20 21:25

.

Pre-Run: 98.908.180.480 bytes beschikbaar

Post-Run: 98.833.424.384 bytes beschikbaar

.

- - End Of File - - 2C6D550F313CA56C7A15D91E0B25A4E4