ComboFix 08-11-10.01 - lia 2008-11-11 23:36:22.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1043.18.1321
Gestart vanuit: c:\users\lia\Downloads\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\ppcbooster
c:\program files\ppcbooster\ppcb_32.exe
c:\program files\ppcbooster\ppcbu_32.exe
c:\users\lia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ppcb_32.lnk
c:\windows\system32\MSINET.oca
c:\windows\tjyvb346054.exe
.
(((((((((((((((((((( Bestanden Gemaakt van 2008-10-11 to 2008-11-11 ))))))))))))))))))))))))))))))
.
Geen nieuwe bestanden aangemaakt in deze periode
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-11 22:24 65,450 —-a-w c:\windows\system32\drivers\stwrte.log
2008-11-11 22:21 ——— d—–w c:\program files\MSXML 4.0
2008-11-11 21:41 ——— d—–w c:\programdata\Google Updater
2008-11-09 18:10 ——— d—–w c:\program files\Trend Micro
2008-11-09 17:59 ——— d—–w c:\programdata\Spybot - Search & Destroy
2008-11-09 17:56 ——— d—–w c:\programdata\Malwarebytes
2008-11-09 17:56 ——— d—–w c:\program files\Malwarebytes' Anti-Malware
2008-11-09 15:00 ——— d—–w c:\program files\CleanUp!
2008-11-09 14:56 ——— d—–w c:\program files\Spybot - Search & Destroy
2008-11-08 12:42 ——— d—–w c:\program files\Collage Maker
2008-11-07 20:26 ——— d—–w c:\program files\DivX
2008-11-07 11:07 ——— d—–w c:\program files\Common Files\Adobe
2008-11-07 10:54 ——— d—–w c:\program files\Picasa2
2008-11-01 21:56 ——— d—–w c:\program files\Lavasoft
2008-11-01 21:56 ——— d—–w c:\program files\Hitman Pro
2008-11-01 21:53 ——— d—–w c:\programdata\Avg8
2008-10-31 10:30 ——— d—–w c:\program files\Messenger Plus! Live
2008-10-30 22:47 ——— d—–w c:\program files\Yahoo!
2008-10-30 22:45 ——— d–h–w c:\program files\InstallShield Installation Information
2008-10-30 20:08 717,296 —-a-w c:\windows\system32\drivers\sptd.sys
2008-10-29 16:59 ——— d—–w c:\programdata\Nero
2008-10-29 16:59 ——— d—–w c:\program files\Common Files\Nero
2008-10-29 16:40 ——— d—–w c:\program files\Nero
2008-10-28 22:36 823,296 —-a-w c:\windows\System32\divx_xx0c.dll
2008-10-28 22:36 823,296 —-a-w c:\windows\System32\divx_xx07.dll
2008-10-28 22:35 815,104 —-a-w c:\windows\System32\divx_xx0a.dll
2008-10-28 22:35 802,816 —-a-w c:\windows\System32\divx_xx11.dll
2008-10-28 22:35 684,032 —-a-w c:\windows\System32\DivX.dll
2008-10-26 20:47 ——— d—–w c:\program files\Alwil Software
2008-10-26 14:38 ——— d—a-w c:\programdata\TEMP
2008-10-22 15:10 38,496 —-a-w c:\windows\system32\drivers\mbamswissarmy.sys
2008-10-22 15:10 15,504 —-a-w c:\windows\system32\drivers\mbam.sys
2008-10-22 09:35 ——— d—–w c:\program files\Microsoft Silverlight
2008-10-20 20:14 ——— d—–w c:\programdata\Sunbelt
2008-10-20 20:13 ——— d—–w c:\program files\Sunbelt Software
2008-10-14 19:41 ——— d—–w c:\program files\Windows Mail
2008-10-12 19:54 ——— d—–w c:\program files\Perfect Uninstaller
2008-10-11 19:10 2,560 —-a-w c:\windows\_MSRSTRT.EXE
2008-10-11 19:00 ——— d—–w c:\program files\InCode Solutions
2008-10-09 17:51 ——— d—–w c:\program files\Google
2008-10-07 19:46 ——— d—–w c:\programdata\Lavasoft
2008-10-07 19:43 ——— d—–w c:\program files\Common Files\Wise Installation Wizard
2008-10-06 12:37 164 —-a-w C:\install.dat
2008-10-04 14:39 ——— d—–w c:\programdata\Apple Computer
2008-10-02 21:57 ——— d—–w c:\program files\Defraggler
2008-10-02 03:49 827,392 —-a-w c:\windows\System32\wininet.dll
2008-09-30 18:07 ——— d—–w c:\program files\Direct MIDI to MP3 Converter
2008-09-30 15:43 1,286,152 —-a-w c:\windows\System32\msxml4.dll
2008-09-25 08:03 81,920 —-a-w c:\windows\System32\dpl100.dll
2008-09-25 08:03 593,920 —-a-w c:\windows\System32\dpuGUI11.dll
2008-09-25 08:03 57,344 —-a-w c:\windows\System32\dpv11.dll
2008-09-25 08:03 53,248 —-a-w c:\windows\System32\dpuGUI10.dll
2008-09-25 08:03 524,288 —-a-w c:\windows\System32\DivXsm.exe
2008-09-25 08:03 344,064 —-a-w c:\windows\System32\dpus11.dll
2008-09-25 08:03 294,912 —-a-w c:\windows\System32\dpu11.dll
2008-09-25 08:03 294,912 —-a-w c:\windows\System32\dpu10.dll
2008-09-25 08:03 196,608 —-a-w c:\windows\System32\dtu100.dll
2008-09-25 08:03 161,096 —-a-w c:\windows\System32\DivXCodecVersionChecker.exe
2008-09-23 13:12 ——— d—–w c:\program files\Windows Live
2008-09-21 17:52 ——— d—–w c:\programdata\WLInstaller
2008-09-20 12:52 ——— d—–w c:\program files\Microsoft
2008-09-20 12:45 ——— d—–w c:\program files\Common Files\Windows Live
2008-09-19 21:57 3,596,288 —-a-w c:\windows\System32\qt-dx331.dll
2008-09-19 21:55 200,704 —-a-w c:\windows\System32\ssldivx.dll
2008-09-19 21:55 1,044,480 —-a-w c:\windows\System32\libdivx.dll
2008-09-19 21:54 12,288 —-a-w c:\windows\System32\DivXWMPExtType.dll
2008-09-19 11:52 ——— d—–w c:\program files\LimeWire
2008-09-18 05:09 3,601,464 —-a-w c:\windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 —-a-w c:\windows\System32\ntoskrnl.exe
2008-09-18 04:56 147,456 —-a-w c:\windows\System32\Faultrep.dll
2008-09-18 04:56 125,952 —-a-w c:\windows\System32\wersvc.dll
2008-09-18 02:16 2,032,640 —-a-w c:\windows\System32\win32k.sys
2008-09-16 16:09 30,080 —-a-w c:\windows\system32\drivers\RKHit.sys
2008-09-13 18:10 ——— d—–w c:\program files\QuickTime
2008-09-13 18:10 ——— d—–w c:\program files\Common Files\Apple
2008-09-12 16:33 ——— d—–w c:\program files\Common Files\InstallShield
2008-09-12 16:31 ——— d—–w c:\programdata\UDL
2008-09-12 16:30 ——— d—–w c:\program files\EPSON
2008-09-11 19:11 ——— d—–w c:\program files\RipAvatar
2008-09-10 03:40 1,334,272 —-a-w c:\windows\System32\msxml6.dll
2008-09-05 05:14 1,191,936 —-a-w c:\windows\System32\msxml3.dll
2008-08-12 19:04 81,984 —-a-w c:\windows\System32\bdod.bin
2008-08-12 03:39 443,392 —-a-w c:\windows\System32\win32spl.dll
2008-06-21 21:46 489 —-a-w c:\users\lia\224.bat
2008-04-17 11:21 174 –sha-w c:\program files\desktop.ini
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
“ehTray.exe”=“c:\windows\ehome\ehTray.exe”
“SpybotSD TeaTimer”=“c:\program files\Spybot - Search & Destroy\TeaTimer.exe”
“AppleSyncNotifier”=“c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe”
“avast!”=“c:\progra~1\ALWILS~1\Avast4\ashDisp.exe”
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
“EnableUIADesktopToggle”= 0 (0x0)
“{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}”= “c:\program files\SUPERAntiSpyware\SASSEH.DLL”
2008-08-26 13:34 352256 c:\program files\SUPERAntiSpyware\SASWINLO.DLL
“msacm.dvacm”= c:\progra~1\COMMON~1\ULEADS~1\vio\dvacm.acm
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnk.CommonStartup
backupExtension=.CommonStartup
–a—— 2008-10-15 01:04 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
–a—— 2007-03-14 19:10 116328 c:\program files\Common Files\Symantec Shared\ccApp.exe
–a—— 2007-10-18 10:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe
–a—— 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe
–a—— 2007-04-03 15:52 509496 c:\program files\TOSHIBA\SmoothView\SmoothView.exe
-rahs—- 2008-07-07 09:42 2156368 c:\program files\Spybot - Search & Destroy\TeaTimer.exe
–a—— 2008-06-10 03:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe
–a—— 2008-06-20 06:37 1316136 c:\program files\Synaptics\SynTP\SynTPEnh.exe
–a—— 2008-01-19 08:38 1008184 c:\program files\Windows Defender\MSASCui.exe
–a—— 2007-08-03 06:22 1826816 c:\windows\SkyTel.exe
“UacDisableNotify”=dword:00000001
“InternetSettingsDisableNotify”=dword:00000001
“AutoUpdateDisableNotify”=dword:00000001
“DisableMonitoring”=dword:00000001
“DisableMonitoring”=dword:00000001
“DisableMonitoring”=dword:00000001
“AntiVirusOverride”=dword:00000001
“{491C3DA0-AE15-4DEB-A587-0612709AC44D}”= Disabled:UDP:c:\program files\MySpace\IM\MySpaceIM.exe:MySpaceIM
“{468235AA-FE60-46BF-8768-5175DE9F8DDF}”= TCP:c:\program files\MySpace\IM\MySpaceIM.exe:MySpaceIM
“TCP Query User{0FF376E0-62B5-4034-BF44-10424D16E3D1}c:\\program files\\limewire\\limewire.exe”= UDP:c:\program files\limewire\limewire.exe:LimeWire
“UDP Query User{402E067A-E0EA-434B-A87E-4F152F897AC8}c:\\program files\\limewire\\limewire.exe”= TCP:c:\program files\limewire\limewire.exe:LimeWire
“TCP Query User{22A80F50-72FE-44D8-97EF-53782A6DD582}c:\\users\\lia\\pictures\\mco.exe”= UDP:c:\users\lia\pictures\mco.exe:mco.exe
“UDP Query User{546CAE52-B51E-43C2-9BF5-F5688744658C}c:\\users\\lia\\pictures\\mco.exe”= TCP:c:\users\lia\pictures\mco.exe:mco.exe
“{5FE6A643-5D65-496D-A4E3-E127F5B15F7A}”= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
“{BCFD5709-8A0C-4CA8-81A6-897F192AE3E3}”= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
“TCP Query User{8C68E51F-6791-47B8-8AC5-64433F05F98F}c:\\program files\\incode solutions\\removeit pro v4-trial\\removeit.exe”= UDP:c:\program files\incode solutions\removeit pro v4-trial\removeit.exe:removeit
“UDP Query User{FE98E8C4-01ED-4750-BCE6-187353F74C8C}c:\\program files\\incode solutions\\removeit pro v4-trial\\removeit.exe”= TCP:c:\program files\incode solutions\removeit pro v4-trial\removeit.exe:removeit
“TCP Query User{04E11563-6B77-452C-B5B3-0797DDA9EC67}c:\\users\\lia\\downloads\\mco.exe”= UDP:c:\users\lia\downloads\mco.exe:mco.exe
“UDP Query User{3F72EF1D-A979-494D-B6C7-2083C121CA91}c:\\users\\lia\\downloads\\mco.exe”= TCP:c:\users\lia\downloads\mco.exe:mco.exe
“TCP Query User{1BCA8C05-07A9-4BB2-AE95-15D97BF8F577}c:\\users\\lia\\appdata\\local\\temp\\rar$ex00.430\\mco.exe”= UDP:c:\users\lia\appdata\local\temp\rar$ex00.430\mco.exe:mco.exe
“UDP Query User{8BD874F8-4A4A-47AF-A678-B33FD4912B82}c:\\users\\lia\\appdata\\local\\temp\\rar$ex00.430\\mco.exe”= TCP:c:\users\lia\appdata\local\temp\rar$ex00.430\mco.exe:mco.exe
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys
R1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\DRIVERS\StarPortLite.sys
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys
R2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys
R3 atikmdag;atikmdag;c:\windows\system32\DRIVERS\atikmdag.sys
S3 mcdevice;mcdevice;c:\windows\system32\DRIVERS\mcdevice.sys
S3 RkHit;RkHit;c:\windows\system32\drivers\RKHit.sys
S4 CplIR;Embedded IR Driver;c:\windows\system32\DRIVERS\CplIR.SYS
S4 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\Toshiba TEMPO\TempoSVC.exe
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
\shell\AutoRun\command - G:\LaunchU3.exe -a
\shell\AutoRun\command - G:\LaunchU3.exe -a
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Inhoud van de ‘Gedeelde Taken’ map
2008-11-09 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe
.
- - - - ORPHANS VERWIJDERD - - - -
MSConfigStartUp-Arovax AntiSpyware - c:\program files\Arovax AntiSpyware\arovaxantispyware.exe
MSConfigStartUp-egui - c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
.
——- Bijkomende Scan ——-
.
R0 -: HKCU-Main,Start Page = about:blank
R0 -: HKLM-Main,Start Page = about:blank
O9 -: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?NL
O9 -: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home
O9 -: {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?NL
O9 -: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?NL -
O9 -: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home -
O9 -: {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?NL -
O16 -: {63D6DD13-C913-466D-9444-9357561E4D94} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/mauploader/uploadtoepassing.cab
c:\windows\Downloaded Program Files\uploadtoepassing.inf
c:\windows\System32\unicows.dll
c:\windows\Downloaded Program Files\uploadtoepassing.ocx
O16 -: {CAC677B6-4963-4305-9066-0BD135CD9233} - hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
c:\windows\Downloaded Program Files\IPSUploader4.inf
c:\windows\System32\unicows.dll
c:\windows\Downloaded Program Files\IPSUploader4.ocx
O16 -: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
c:\windows\Downloaded Program Files\GoPetsWeb.inf
c:\windows\Downloaded Program Files\GoPetsWeb.ocx
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-11 23:38:39
Windows 6.0.6001 Service Pack 1 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
Voltooingstijd: 2008-11-11 23:40:14
ComboFix-quarantined-files.txt 2008-11-11 22:40:11
Pre-Run: Kan het bericht voor berichtnummer 0x2379 niet vinden in berichtenbestand voor Application.
Post-Run: 70,454,579,200 bytes beschikbaar
241 — E O F — 2008-11-11 22:22:42
en van Hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:10:49, on 9-11-2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ppcbooster\ppcb_32.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe”
O4 - HKLM\..\Run: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\Run: rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 - Startup: ppcb_32.lnk = C:\Program Files\ppcbooster\ppcb_32.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra ‘Tools’ menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?NL (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing)
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?NL (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/nl-nl/wlscctrl2.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {63D6DD13-C913-466D-9444-9357561E4D94} (upload toepassing Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/mauploader/uploadtoepassing.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1226242303173
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1222020100627
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
–
End of file - 8525 bytes
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
