Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
roosje*
Vav startte er nog spontaan een internet site op,
I
Ik was vav toevallig met Malware aan het scannen, maar heb deze stopgezet om de comcofix uit te voeren.
Morgen scan ik malware.
Heb jij nog iets gezien?
Groetjes Roosje
Hoi Roosje,
Doe het volgende:
Open Kladblok, kopiëer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster:
Folder::
c:\users\Adrie\AppData\Local\kscrqbusw
c:\users\Adrie\AppData\Local\qovvpsqiv
c:\users\Adrie\AppData\Local\hjpcoojdi
c:\users\Adrie\AppData\Local\qhyxapwmy
c:\users\Adrie\AppData\Local\lccexdpxk
c:\users\Adrie\AppData\Local\mknjwswlp
c:\users\Adrie\AppData\Local\ewxykrqgg
File::
c:\windows\System32\1DECE3A496.sys
Sla dit op op je Bureaublad als CFScript.txt
Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :
Dit zal ComboFix doen herstarten.
Start opnieuw op als daarom gevraagd wordt, en post de inhoud van de Combofix.txt in je volgende antwoord samen met een nieuw HijackThislogje.
Succes,
Huib:)
Het lukte toen niet om hem om mijn bureaublad te krijgen, maar het programma startte toen uiteindelijk wel op.
Nu…. na veel gegoogle, is het toch gelukt en ik heb een logje van combofis en hijacthis.
Na de vorige scan met Combofix:
lijkt het of de computer trager is geworden,
internet start niet meer spontaan op,
op mijn bureaublad was opeens een andere achtergrond
bij het opstarten van de computer verschijnt er elke keer een popup met tekst PSSWCORE, wat moet ik daarmee, wil bijna niet weg, al wel gegoogled, iets met HP scanner??
Weet jij ook waar ik dit virus/worm opgelopen heb, bij Vuze??
Alvast weer bedankt,
Groetjes Roosje
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:30:26, on 25-5-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Conceptronic Multimedia\CTVDIGRCU V3.0 Device Utilities\AFRCtl.exe
C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gratis.startpagina.nl/prikbord/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: “C:\Program Files\HomeCinema\PowerDirector\MUITransfer\MUIStartMenu.exe” “C:\Program Files\HomeCinema\PowerDirector” UpdateWithCreateOnce “Software\CyberLink\PowerDirector\7.0”
O4 - HKLM\..\Run: “C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe”
O4 - HKLM\..\Run: “C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe”
O4 - HKLM\..\Run: “C:\Program Files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe” “C:\Program Files\HomeCinema\PowerProducer” update “Software\CyberLink\PowerProducer\5.0”
O4 - HKLM\..\Run: “C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe” “C:\Program Files\HomeCinema\YouCam” UpdateWithCreateOnce “Software\CyberLink\YouCam\2.0”
O4 - HKLM\..\Run: “C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup
O4 - HKLM\..\Run: C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe GE
O4 - HKLM\..\Run: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: “C:\Program Files\McAfee.com\Agent\mcagent.exe” /runkey
O4 - HKLM\..\Run: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: “C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe”
O4 - HKCU\..\Run: “C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”
O4 - HKCU\..\Run: “C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe” -scheduler
O4 - HKUS\S-1-5-18\..\Run: C:\Program Files\Picasa2\PicasaMediaDetector.exe (User ‘SYSTEEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\Program Files\Picasa2\PicasaMediaDetector.exe (User ‘Default user’)
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Remote Control.lnk = C:\Program Files\Conceptronic Multimedia\CTVDIGRCU V3.0 Device Utilities\AFRCtl.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra ‘Tools’ menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra ‘Tools’ menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra ‘Tools’ menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {63D6DD13-C913-466D-9444-9357561E4D94} (Upload-applicatie Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/ma5.8.3/uploadtoepassing.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
–
End of file - 13471 bytes
================================
ComboFix 10-05-25.02 - Adrie 25-05-2010 23:18:26.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.2301.1272
Gestart vanuit: c:\users\Adrie\Documents\Download\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Adrie\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
* Aanwezig AV is actief
FILE ::
“c:\windows\System32\KGyGaAvL.sys”
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Adrie\AppData\Local\ewxykrqgg
c:\users\Adrie\AppData\Local\hjpcoojdi
c:\users\Adrie\AppData\Local\kscrqbusw
c:\users\Adrie\AppData\Local\lccexdpxk
c:\users\Adrie\AppData\Local\mknjwswlp
c:\users\Adrie\AppData\Local\qhyxapwmy
c:\users\Adrie\AppData\Local\qovvpsqiv
c:\windows\System32\KGyGaAvL.sys
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-04-25 to 2010-05-25 ))))))))))))))))))))))))))))))
.
2010-05-25 21:25 . 2010-05-25 21:25 ——– d—–w- c:\users\Public\AppData\Local\temp
2010-05-25 21:25 . 2010-05-25 21:25 ——– d—–w- c:\users\Default\AppData\Local\temp
2010-05-25 12:39 . 2010-05-25 16:34 ——– d—–w- c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\Azureus
2010-05-25 12:39 . 2010-05-25 12:39 ——– d—–w- c:\users\ReleaseEngineer.MACROVISION
2010-05-24 20:09 . 2010-05-25 21:26 ——– d—–w- c:\users\Adrie\AppData\Local\temp
2010-05-22 10:35 . 2010-05-22 10:35 ——– d—–w- c:\windows\Sun
2010-05-21 11:53 . 2010-05-21 11:53 388096 —-a-r- c:\users\Adrie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-05-21 11:23 . 2010-04-12 15:29 411368 —-a-w- c:\windows\system32\deployJava1.dll
2010-05-21 11:12 . 2010-05-21 11:12 ——– d—–w- c:\program files\Trend Micro
2010-05-20 16:22 . 2010-05-20 16:22 ——– d—–w- c:\program files\CCleaner
2010-05-20 16:14 . 2010-05-20 16:14 ——– d—–w- c:\users\Adrie\AppData\Roaming\FIXIO PC Utilities
2010-05-20 16:13 . 2010-05-20 16:13 ——– d—–w- c:\program files\FIXIO PC Utilities
2010-05-20 15:46 . 2010-05-20 15:46 ——– d—–w- c:\users\Adrie\AppData\Roaming\Uniblue
2010-05-20 15:46 . 2010-05-20 15:46 ——– d—–w- c:\program files\Uniblue
2010-05-20 11:37 . 2010-05-20 11:37 ——– d—–w- c:\users\Adrie\AppData\Roaming\InstallShield
2010-05-20 10:47 . 2010-05-23 14:58 ——– d—–w- c:\program files\McAfee Security Scan
2010-05-19 15:30 . 2010-05-19 15:30 ——– d—–w- C:\found.000
2010-05-19 14:42 . 2010-05-19 14:42 ——– d—–w- c:\users\Adrie\AppData\Roaming\20225F387A0315444B46175BFDF15919
2010-05-19 11:21 . 2010-05-19 11:21 8463808 —-a-w- c:\users\Adrie\AppData\Roaming\Azureus\tmp\AZU20482.tmp\Vuze_4.4.0.4_win32.exe
2010-05-17 11:24 . 2010-05-17 11:24 ——– d—–w- C:\EasyActivatorTemp
2010-05-17 10:59 . 2010-05-17 10:59 ——– d—–w- c:\users\Adrie\AppData\Roaming\TomTom
2010-05-17 10:59 . 2010-05-17 10:59 ——– d—–w- c:\users\Adrie\AppData\Local\TomTom
2010-05-17 10:59 . 2010-05-17 10:59 ——– d—–w- c:\program files\TomTom International B.V
2010-05-17 10:58 . 2010-05-17 10:58 ——– d—–w- c:\program files\TomTom HOME 2
2010-05-12 05:10 . 2010-01-29 15:40 738816 —-a-w- c:\windows\system32\inetcomm.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-25 21:18 . 2008-10-23 16:18 667352 —-a-w- c:\windows\system32\perfh013.dat
2010-05-25 21:18 . 2008-10-23 16:18 126854 —-a-w- c:\windows\system32\perfc013.dat
2010-05-24 19:48 . 2008-10-24 06:06 ——– d—–w- c:\program files\Common Files\Adobe
2010-05-21 21:40 . 2010-03-12 23:08 ——– d—–w- c:\program files\Vuze_Remote
2010-05-21 11:26 . 2008-10-24 06:22 ——– d—–w- c:\program files\Common Files\Java
2010-05-21 11:23 . 2008-10-24 06:22 ——– d—–w- c:\program files\Java
2010-05-19 16:36 . 2010-04-04 13:26 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2010-05-19 15:21 . 2010-02-12 13:40 ——– d—–w- c:\users\Adrie\AppData\Roaming\Azureus
2010-05-13 05:24 . 2006-11-02 11:18 ——– d—–w- c:\program files\Windows Mail
2010-04-29 13:39 . 2010-04-04 13:26 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-04-04 13:26 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
2010-04-17 06:10 . 2010-04-17 06:10 ——– d—–w- c:\program files\Windows Portable Devices
2010-04-17 06:10 . 2006-11-02 10:25 665600 —-a-w- c:\windows\inf\drvindex.dat
2010-04-17 06:10 . 2010-04-17 06:10 0 —ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-04-17 06:10 . 2010-04-17 06:10 0 —ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-04-16 20:59 . 2010-04-16 20:59 ——– d—–w- c:\program files\TomTom DesktopSuite
2010-04-15 18:59 . 2006-11-02 12:37 ——– d—–w- c:\program files\Windows Calendar
2010-04-15 18:59 . 2006-11-02 12:37 ——– d—–w- c:\program files\Windows Sidebar
2010-04-15 18:59 . 2006-11-02 12:37 ——– d—–w- c:\program files\Windows Journal
2010-04-15 18:59 . 2006-11-02 12:37 ——– d—–w- c:\program files\Windows Collaboration
2010-04-15 18:59 . 2006-11-02 12:37 ——– d—–w- c:\program files\Windows Photo Gallery
2010-04-15 18:59 . 2006-11-02 12:37 ——– d—–w- c:\program files\Windows Defender
2010-04-08 16:47 . 2010-02-11 16:34 ——– d—–w- c:\program files\McAfee
2010-04-08 12:13 . 2010-04-08 12:12 ——– d—–w- c:\program files\Common Files\McAfee
2010-04-08 12:13 . 2010-04-08 12:12 ——– d—–w- c:\program files\McAfee.com
2010-04-05 05:22 . 2010-02-07 06:23 ——– d—–w- c:\users\Adrie\AppData\Roaming\HP
2010-04-04 13:26 . 2010-04-04 13:26 ——– d—–w- c:\users\Adrie\AppData\Roaming\Malwarebytes
2010-04-02 16:00 . 2010-03-17 17:04 ——– d—–w- c:\program files\Common Files\Symantec Shared
2010-03-12 06:53 . 2010-02-14 11:53 1356 —-a-w- c:\users\Adrie\AppData\Local\d3d9caps.dat
2010-03-11 06:27 . 2010-02-03 12:57 112696 —-a-w- c:\users\Adrie\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-09 16:25 . 2010-03-31 18:56 78336 —-a-w- c:\windows\system32\ieencode.dll
2010-03-09 15:42 . 2010-03-31 18:56 834048 —-a-w- c:\windows\system32\wininet.dll
2010-03-04 17:33 . 2010-04-14 05:10 430080 —-a-w- c:\windows\system32\vbscript.dll
2008-12-03 04:36 . 2008-12-03 04:36 8 –sh–r- c:\windows\System32\1DECE3A496.sys
2008-08-13 11:05 . 2008-08-13 11:05 8192 –sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((( SnapShot@2010-05-24_20.07.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2010-05-25 21:14 57578 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2010-05-25 21:14 70338 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2010-02-03 12:52 . 2010-05-24 20:07 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-03 12:52 . 2010-05-25 21:19 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-03 12:52 . 2010-05-25 21:19 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-02-03 12:52 . 2010-05-24 20:07 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-02-03 12:52 . 2010-05-24 20:07 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-03 12:52 . 2010-05-25 21:19 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-03 12:58 . 2010-05-25 21:14 9388 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1862308218-3603097403-1258085078-1000_UserData.bin
+ 2010-05-25 20:01 . 2010-05-25 20:01 6110 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\FAB6E1F06D907E0EE3CA0B5F77752457622A59C9\FAB6E1F06D907E0EE3CA0B5F77752457622A59C9\Data.dat
- 2010-05-24 18:31 . 2010-05-24 18:31 6110 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\FAB6E1F06D907E0EE3CA0B5F77752457622A59C9\FAB6E1F06D907E0EE3CA0B5F77752457622A59C9\Data.dat
+ 2010-05-25 19:51 . 2010-05-25 19:51 5222 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\F599CECA6ED48C5A9BC8A3C4D0E10A2016A73A19\F599CECA6ED48C5A9BC8A3C4D0E10A2016A73A19\Data.dat
+ 2010-05-25 20:26 . 2010-05-25 20:26 5796 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\E48B6815CCD75C909E5A12C8B6A5C0021D2AFA2F\E48B6815CCD75C909E5A12C8B6A5C0021D2AFA2F\Data.dat
- 2010-05-24 18:01 . 2010-05-24 18:01 5464 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\DB5315A781647BA87DA7A3BD48930C3ED71A2B16\DB5315A781647BA87DA7A3BD48930C3ED71A2B16\Data.dat
+ 2010-05-25 19:43 . 2010-05-25 19:43 5464 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\DB5315A781647BA87DA7A3BD48930C3ED71A2B16\DB5315A781647BA87DA7A3BD48930C3ED71A2B16\Data.dat
- 2010-05-24 18:01 . 2010-05-24 18:01 4814 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\DB5315A781647BA87DA7A3BD48930C3ED71A2B16\AADAE66A3FB7A6FD68E3AA9B91B8A236706D4ED1\Data.dat
+ 2010-05-25 19:43 . 2010-05-25 19:43 4814 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\DB5315A781647BA87DA7A3BD48930C3ED71A2B16\AADAE66A3FB7A6FD68E3AA9B91B8A236706D4ED1\Data.dat
+ 2010-05-25 19:43 . 2010-05-25 19:43 5480 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\DB5315A781647BA87DA7A3BD48930C3ED71A2B16\5E043F682876630268F88E397A9ABB7C2E2AE2D6\Data.dat
- 2010-05-24 18:02 . 2010-05-24 18:02 5480 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\DB5315A781647BA87DA7A3BD48930C3ED71A2B16\5E043F682876630268F88E397A9ABB7C2E2AE2D6\Data.dat
+ 2010-05-25 20:04 . 2010-05-25 20:04 6154 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\DB5315A781647BA87DA7A3BD48930C3ED71A2B16\38FE591960A06F0240F26C4F9409AAFA397B5E42\Data.dat
- 2010-05-24 19:41 . 2010-05-24 19:41 6154 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\DB5315A781647BA87DA7A3BD48930C3ED71A2B16\38FE591960A06F0240F26C4F9409AAFA397B5E42\Data.dat
+ 2010-05-25 20:02 . 2010-05-25 20:02 5196 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\DA171429BFC1920F908A943B2C87B6057EE71E2C\E1EACA40969A15BDC84E744F9E51F5688CB88118\Data.dat
+ 2010-05-25 21:02 . 2010-05-25 21:02 5252 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\B7504AB19203E58970CCBC7D5A5DBA9DA79FCA5B\B7504AB19203E58970CCBC7D5A5DBA9DA79FCA5B\Data.dat
+ 2010-05-25 19:50 . 2010-05-25 19:50 7158 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\AFA0228517D559C72225EDC64521ED7E04459E89\AFA0228517D559C72225EDC64521ED7E04459E89\Data.dat
- 2010-05-24 18:31 . 2010-05-24 18:31 7158 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\AFA0228517D559C72225EDC64521ED7E04459E89\AFA0228517D559C72225EDC64521ED7E04459E89\Data.dat
+ 2010-05-25 19:51 . 2010-05-25 19:51 4874 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\631E57EDF100D55B2C5E6252A26DA4ADA699DF14\631E57EDF100D55B2C5E6252A26DA4ADA699DF14\Data.dat
+ 2010-05-25 21:04 . 2010-05-25 21:04 5264 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\5E921131980812DDEFE1FF42B46AB9ACE8D20068\5E921131980812DDEFE1FF42B46AB9ACE8D20068\Data.dat
+ 2010-05-25 19:54 . 2010-05-25 19:54 4874 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\5D8D8C918CA6999A994CD624D994DA5DA3EA2F73\5D8D8C918CA6999A994CD624D994DA5DA3EA2F73\Data.dat
+ 2010-05-25 19:44 . 2010-05-25 19:44 4526 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\5C36D3E2FB7880400E76A9D671E2784B75F788B4\5C36D3E2FB7880400E76A9D671E2784B75F788B4\Data.dat
+ 2010-05-25 21:02 . 2010-05-25 21:02 5918 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\58F7D66C64D922B1A95BD63068232A716E8D8604\58F7D66C64D922B1A95BD63068232A716E8D8604\Data.dat
+ 2010-05-25 19:48 . 2010-05-25 19:48 3396 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\545972D1B5F94EC79AACCC0E26F6B4864E24C327\545972D1B5F94EC79AACCC0E26F6B4864E24C327\Data.dat
+ 2010-05-25 19:50 . 2010-05-25 19:50 5830 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\4CC305A41FC8F4F664A57B88A36457B82E38CDE4\4CC305A41FC8F4F664A57B88A36457B82E38CDE4\Data.dat
+ 2010-05-25 19:57 . 2010-05-25 19:57 5362 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\3D9EAB96650D5290B983D8A72104F14C4E36CA7E\3D9EAB96650D5290B983D8A72104F14C4E36CA7E\Data.dat
+ 2010-05-25 20:46 . 2010-05-25 20:46 5400 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\3A3C5F7CC9415160B34912634CB95978E99A7DDE\3A3C5F7CC9415160B34912634CB95978E99A7DDE\Data.dat
- 2010-05-24 19:43 . 2010-05-24 19:43 5400 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\3A3C5F7CC9415160B34912634CB95978E99A7DDE\3A3C5F7CC9415160B34912634CB95978E99A7DDE\Data.dat
+ 2010-05-25 20:03 . 2010-05-25 20:03 5250 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\1637495CDFF43A1D6C33BFBDF66CF5F3E048D30E\1637495CDFF43A1D6C33BFBDF66CF5F3E048D30E\Data.dat
+ 2010-05-25 19:55 . 2010-05-25 19:55 4304 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\02E091FFFDE4CAD898A8307E271C0750D78626ED\02E091FFFDE4CAD898A8307E271C0750D78626ED\Data.dat
+ 2010-05-25 21:11 . 2010-05-25 21:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-05-24 19:53 . 2010-05-24 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-05-24 19:53 . 2010-05-24 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-05-25 21:11 . 2010-05-25 21:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2010-05-25 21:18 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-05-24 20:01 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-05-24 20:01 101250 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-05-25 21:18 101250 c:\windows\System32\perfc009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
“WindowsWelcomeCenter”=“oobefldr.dll”
“ehTray.exe”=“c:\windows\ehome\ehTray.exe”
“msnmsgr”=“c:\program files\Windows Live\Messenger\msnmsgr.exe”
“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
“RoboForm”=“c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe”
“TomTomHOME.exe”=“c:\program files\TomTom HOME 2\TomTomHOMERunner.exe”
“ISUSPM”=“c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe”
“Windows Defender”=“c:\program files\Windows Defender\MSASCui.exe”
“RtHDVCpl”=“RtHDVCpl.exe”
“SynTPEnh”=“c:\program files\Synaptics\SynTP\SynTPEnh.exe”
“UpdatePDRShortCut”=“c:\program files\HomeCinema\PowerDirector\MUITransfer\MUIStartMenu.exe”
“RemoteControl”=“c:\program files\HomeCinema\PowerDVD\PDVDServ.exe”
“LanguageShortcut”=“c:\program files\HomeCinema\PowerDVD\Language\Language.exe”
“UpdatePPShortCut”=“c:\program files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe”
“UCam_Menu”=“c:\program files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe”
“Google Desktop Search”=“c:\program files\Google\Google Desktop Search\GoogleDesktop.exe”
“Google EULA Launcher”=“c:\program files\Google\Google EULA\GoogleEULALauncher.exe”
“ArcSoft Connection Service”=“c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe”
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“HP Software Update”=“c:\program files\HP\HP Software Update\HPWuSchd2.exe”
“hpqSRMon”=“c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe”
“mcagent_exe”=“c:\program files\McAfee.com\Agent\mcagent.exe”
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll”
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll”
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
“Picasa Media Detector”=“c:\program files\Picasa2\PicasaMediaDetector.exe”
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe
Remote Control.lnk - c:\program files\Conceptronic Multimedia\CTVDIGRCU V3.0 Device Utilities\AFRCtl.exe
TMMonitor.lnk - c:\program files\ArcSoft\TotalMedia 3.5\TMMonitor.exe
“EnableLUA”= 0 (0x0)
“EnableUIADesktopToggle”= 0 (0x0)
“AppInit_DLLs”=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
@=“”
@=“”
@=“Service”
“VistaSp2”=hex(b):1b,12,46,f7,ce,dc,ca,01
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe
R3 uxddrv;Dynamically loaded UxdDrv;e:\diagnose\WSTENG32\2PART\uxddrv86.sys
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys
S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
NETSVCS VEREIST REPARATIES - huidige waarden worden getoond
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
.
Inhoud van de ‘Gedeelde Taken’ map
2010-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe
2010-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe
2010-04-08 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe
2010-04-08 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://gratis.startpagina.nl/prikbord/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Formulieren opslaan - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Invul Formulieren - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Menu aanpassen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RoboForm Werkbalk - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
DPF: {63D6DD13-C913-466D-9444-9357561E4D94} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/ma5.8.3/uploadtoepassing.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-25 23:26
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
Voltooingstijd: 2010-05-25 23:29:08
ComboFix-quarantined-files.txt 2010-05-25 21:29
ComboFix2.txt 2010-05-24 20:09
Pre-Run: 245.004.034.048 bytes beschikbaar
Post-Run: 245.031.211.008 bytes beschikbaar
- - End Of File - - BAA7E1FBD4CFF989BA3F485AE6A1F56F
Hoi Roosje,
Zet de computer vannacht niet uit!!!!!! voor de zekerheid.
Ik heb een verkeerd bestandje gekopieerd en geplak en jou laten verwijderen.
Mijn ondersteuning slaapt dus morgen vroeg proberen te herstellen.
Misschien denk ik te moeilijk en is het gewoon dat bestandje weer terug te zetten, maar toch voor de zekerheid.
Sorry voor het ongemak.
Huib.
Hoi Roosje,
Zo te zien is jou computer gelukkig gewoon opgestart:)
Het bestandje wat verwijderd is, is voor: Divx video systeem systeem driver bestand.
Ik wacht nog even af op mijn achtergrondje of andere ondersteuning.
Misschien kan het bestandje gewoon terug gezet worden of gerepareerd worden met de Vista CD of downloaden via het net.
Dus nog even geduld graag.
Groetjes Huib:)
