Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
sterretje1979
ComboFix 11-05-30.07 - Danielle 01-06-2011 8:19.2.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.31.1043.18.1916.1136
Gestart vanuit: c:\users\Danielle\Downloads\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Danielle\Desktop\CFScript.txt
AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
“c:\windows\system32\8323.tmp”
“c:\windows\system32\hnhjpdps.exe”
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
—- Voorgaande Run ——-
.
C:\Install.exe
c:\users\Danielle\AppData\Local\Microsoft\Windows\Temporary Internet Files\lsn_6FBA808F-2580-48c3-8C6B-C08BBB800B8E.xml
c:\users\Danielle\AppData\Roaming\.#
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-05-01 to 2011-06-01 ))))))))))))))))))))))))))))))
.
.
2011-06-01 06:28 . 2011-06-01 06:28 ——– d—–w- c:\users\Default\AppData\Local\temp
2011-06-01 05:41 . 2011-06-01 05:41 ——– d—–w- c:\users\Danielle\AppData\Local\{08C2C50B-9D74-415B-B7C3-DA9C30DD5519}
2011-05-31 17:40 . 2011-05-31 17:40 ——– d—–w- c:\users\Danielle\AppData\Local\{E15AB7F8-AE22-4595-BF4B-233F839E28FA}
2011-05-31 11:01 . 2011-06-01 06:16 ——– d—–w- C:\32788R22FWJFW
2011-05-31 10:48 . 2011-05-31 11:53 ——– d—–w- c:\programdata\AVAST Software
2011-05-31 10:48 . 2011-05-31 10:48 ——– d—–w- c:\program files\AVAST Software
2011-05-31 05:39 . 2011-05-31 05:39 ——– d—–w- c:\users\Danielle\AppData\Local\{EE86C806-E635-43AD-B845-A1BB6932D6DB}
2011-05-30 09:50 . 2011-05-30 09:50 ——– d—–w- c:\program files\Sophos
2011-05-30 07:23 . 2011-05-30 07:23 ——– d—–w- c:\users\Danielle\AppData\Roaming\Reviversoft
2011-05-30 07:23 . 2011-05-30 07:23 ——– d—–w- c:\program files\Reviversoft
2011-05-30 07:23 . 2011-05-17 12:51 16704 —-a-w- c:\windows\system32\roboot.exe
2011-05-30 05:42 . 2011-05-30 05:42 ——– d—–w- c:\users\Danielle\AppData\Local\{02FDEBC7-668E-4161-84B9-35305DAE0816}
2011-05-29 16:30 . 2011-05-29 16:30 ——– d—–w- c:\program files\Trend Micro
2011-05-29 15:40 . 2011-05-29 15:40 ——– d—–w- c:\users\Danielle\AppData\Roaming\Malwarebytes
2011-05-29 15:39 . 2011-05-29 15:39 ——– d—–w- c:\programdata\Malwarebytes
2011-05-29 15:39 . 2010-12-20 16:09 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 15:39 . 2011-05-29 15:39 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2011-05-29 15:39 . 2010-12-20 16:08 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
2011-05-29 10:25 . 2011-05-29 10:26 ——– d—–w- c:\users\Danielle\AppData\Local\{F673ED40-B808-4CAD-A116-2B16761C1A76}
2011-05-28 06:45 . 2011-05-28 06:45 ——– d—–w- c:\users\Danielle\AppData\Local\{3F3F52CC-C2EB-41C6-9DC8-DD897B69C264}
2011-05-27 06:44 . 2011-05-27 18:45 ——– d—–w- c:\users\Danielle\AppData\Local\{6021974A-8472-4599-8D1C-FE6CD96DADC2}
2011-05-26 18:04 . 2011-05-26 18:05 ——– d—–w- c:\users\Danielle\AppData\Local\{EAE9AFBB-5502-4BA7-88BA-510A762735C6}
2011-05-26 06:04 . 2011-05-26 06:04 ——– d—–w- c:\users\Danielle\AppData\Local\{162DD58F-7DB2-4BEF-948F-BC411D925843}
2011-05-25 19:10 . 2011-05-25 19:10 ——– d—–w- c:\users\Danielle\AppData\Local\{09C4D603-71FA-42AB-B75A-462390765E25}
2011-05-25 06:54 . 2011-05-25 06:54 ——– d—–w- c:\users\Danielle\AppData\Local\{AC39D514-5912-4A7A-8D8A-7D8FFA23A94D}
2011-05-24 07:05 . 2011-05-24 07:05 ——– d—–w- c:\users\Danielle\AppData\Local\{86C1A8A3-89C8-4197-9D37-8CFBD3D6AF47}
2011-05-23 18:25 . 2011-05-23 18:26 ——– d—–w- c:\users\Danielle\AppData\Local\{8B1044C2-EB04-4F33-AD7A-6C80CE134D44}
2011-05-23 05:29 . 2011-05-23 05:29 ——– d—–w- c:\users\Danielle\AppData\Local\{EA7C57C2-F6BE-441D-87F1-0AC6F87152D0}
2011-05-22 08:38 . 2011-05-22 08:38 ——– d—–w- c:\users\Danielle\AppData\Local\{C91425B3-2413-4980-AF6F-7160834EE32A}
2011-05-21 10:03 . 2011-05-21 10:03 ——– d—–w- c:\users\Danielle\AppData\Local\{FF719DC4-2F9A-4015-ABAE-F597E80D578C}
2011-05-20 09:54 . 2011-05-20 09:55 ——– d—–w- c:\users\Danielle\AppData\Local\{044BEC18-4D7C-4239-AE17-5060C03C8FE5}
2011-05-19 20:08 . 2011-05-19 20:08 ——– d—–w- c:\users\Danielle\AppData\Local\{1477F10D-0E53-4AB3-84E5-E08FC863428D}
2011-05-19 08:07 . 2011-05-19 08:07 ——– d—–w- c:\users\Danielle\AppData\Local\{0524C409-BBAD-4EAE-AFC8-47024494381B}
2011-05-18 18:41 . 2011-05-18 18:41 ——– d—–w- c:\users\Danielle\AppData\Local\{98BC4520-5877-4831-8F42-A165FD62199E}
2011-05-18 06:40 . 2011-05-18 06:41 ——– d—–w- c:\users\Danielle\AppData\Local\{10E6D346-1347-40B7-8745-8B85405F15C9}
2011-05-17 06:39 . 2011-05-17 18:40 ——– d—–w- c:\users\Danielle\AppData\Local\{F8F7D71A-AED2-4283-8270-205BE15400C1}
2011-05-16 06:38 . 2011-05-16 18:39 ——– d—–w- c:\users\Danielle\AppData\Local\{27C30652-7582-4F8B-B7B6-63A89B46BC25}
2011-05-15 18:38 . 2011-05-15 18:38 ——– d—–w- c:\users\Danielle\AppData\Local\{2D2E4EA6-617C-4F7D-AE95-7A5D5005636D}
2011-05-15 06:37 . 2011-05-15 06:37 ——– d—–w- c:\users\Danielle\AppData\Local\{D1A82A37-33DE-422B-BB22-1B6290F00DA7}
2011-05-14 06:24 . 2011-05-14 06:24 ——– d—–w- c:\users\Danielle\AppData\Local\{FE1BEDA7-4531-458E-AFBA-E9D470DEDA07}
2011-05-13 18:00 . 2011-05-13 18:00 ——– d—–w- c:\users\Danielle\AppData\Local\{D5016906-D082-497D-826C-2E1972DB669C}
2011-05-13 05:59 . 2011-05-13 05:59 ——– d—–w- c:\users\Danielle\AppData\Local\{F9A1786E-D595-4CAE-806E-1CE76D59C7F4}
2011-05-12 17:28 . 2011-05-12 17:28 ——– d—–w- c:\users\Danielle\AppData\Local\{A2027D23-FB78-42F7-8DA6-4C2595BF8BE6}
2011-05-12 05:27 . 2011-05-12 05:28 ——– d—–w- c:\users\Danielle\AppData\Local\{E1460455-552E-4925-A144-663123DE5126}
2011-05-12 05:25 . 2011-04-07 12:01 2409784 —-a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-11 05:26 . 2011-05-11 17:27 ——– d—–w- c:\users\Danielle\AppData\Local\{2B7EBEF4-DB2D-4CB3-BC0D-595B5D1E350F}
2011-05-10 14:21 . 2011-05-10 14:21 ——– d—–w- c:\users\Danielle\AppData\Local\{8193E160-472D-43D8-A515-93E9ACFF733D}
2011-05-09 20:13 . 2011-05-09 20:13 ——– d—–w- c:\users\Danielle\AppData\Local\{C8CB7844-C4E8-4003-B8AF-A881FC4D8BE7}
2011-05-09 08:13 . 2011-05-09 08:13 ——– d—–w- c:\users\Danielle\AppData\Local\{8D398243-F1FE-4D5A-86E9-BC648C61DFC0}
2011-05-08 20:12 . 2011-05-08 20:12 ——– d—–w- c:\users\Danielle\AppData\Local\{C9B9D69B-7C37-4643-B399-FE8D37432172}
2011-05-08 08:12 . 2011-05-08 08:12 ——– d—–w- c:\users\Danielle\AppData\Local\{F72AE0E6-F110-410D-BF6B-744E703132CE}
2011-05-07 20:11 . 2011-05-07 20:12 ——– d—–w- c:\users\Danielle\AppData\Local\{B2D6F2BE-C886-4EC2-8E13-E1150A52EC5B}
2011-05-07 20:05 . 2011-05-07 20:05 ——– d—–w- c:\users\Danielle\AppData\Local\{5E3B6B83-26FA-46B4-AE4C-D65B8BAF6964}
2011-05-07 07:16 . 2011-05-07 07:17 ——– d—–w- c:\users\Danielle\AppData\Local\{2C66BEDC-C331-44A9-BE1F-A795142C6D62}
2011-05-06 07:49 . 2011-05-06 07:49 ——– d—–w- c:\users\Danielle\AppData\Local\{31623E8A-26CD-4A50-99F2-945BAD78266C}
2011-05-05 19:49 . 2011-05-05 19:49 ——– d—–w- c:\users\Danielle\AppData\Local\{8EE36AB1-053C-4645-AEC7-9178DAA98DC5}
2011-05-05 06:55 . 2011-05-05 06:55 ——– d—–w- c:\users\Danielle\AppData\Local\{925A49D1-C693-49D6-9A37-99655ECB9B73}
2011-05-04 20:24 . 2011-05-04 20:24 ——– d—–w- c:\users\Danielle\AppData\Local\{2E836B31-4C09-4A31-A146-4DB226DFB349}
2011-05-04 07:10 . 2011-05-04 07:10 ——– d—–w- c:\users\Danielle\AppData\Local\{EBBD2CBC-503F-494C-8F3E-3B58E26F696F}
2011-05-03 18:45 . 2011-05-03 18:45 ——– d—–w- c:\users\Danielle\AppData\Local\{9655AA77-BEEB-4B20-86AC-FEC157FA151D}
2011-05-03 06:44 . 2011-05-03 06:45 ——– d—–w- c:\users\Danielle\AppData\Local\{375B1FCB-1378-4986-90DF-E8419B1E0249}
2011-05-02 18:29 . 2011-05-02 18:29 ——– d—–w- c:\users\Danielle\AppData\Local\{A9DE47AE-7128-46EC-AFB9-3CDBCDBD76AC}
2011-05-02 06:28 . 2011-05-02 06:29 ——– d—–w- c:\users\Danielle\AppData\Local\{60A436E7-416E-42AB-8035-9F13F39D2D9E}
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-12 21:55 . 2011-04-27 09:47 876032 —-a-w- c:\windows\system32\XpsPrint.dll
2011-03-10 17:03 . 2011-04-16 07:30 1162240 —-a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:03 . 2011-04-16 07:30 1136640 —-a-w- c:\windows\system32\mfc42.dll
2011-03-09 07:08 . 2010-06-24 09:33 18328 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-03 15:42 . 2011-04-16 07:29 739328 —-a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:40 . 2011-04-27 09:47 28672 —-a-w- c:\windows\system32\Apphlpdm.dll
2011-03-03 15:40 . 2011-04-27 09:47 173056 —-a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-27 09:47 542720 —-a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-27 09:47 458752 —-a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-27 09:47 2159616 —-a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:35 . 2011-04-27 09:47 4240384 —-a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-03-03 13:25 . 2011-04-16 07:29 2041856 —-a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“SmpcSys”=“c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe”
“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
“msnmsgr”=“c:\program files\Windows Live\Messenger\msnmsgr.exe”
.
“SynTPEnh”=“c:\program files\Synaptics\SynTP\SynTPEnh.exe”
“RtHDVCpl”=“RtHDVCpl.exe”
“SiSTray”=“c:\program files\SiS VGA Utilities\SiSTray.exe”
“Google Desktop Search”=“c:\program files\Google\Google Desktop Search\GoogleDesktop.exe”
“toolbar_eula_launcher”=“c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe”
“fssui”=“c:\program files\Windows Live\Family Safety\fsui.exe”
“Skytel”=“Skytel.exe”
“CanonSolutionMenu”=“c:\program files\Canon\SolutionMenu\CNSLMAIN.exe”
“CanonMyPrinter”=“c:\program files\Canon\MyPrinter\BJMyPrt.exe”
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
.
“AvgUninstallURL”=“start http:”
.
“EnableUIADesktopToggle”= 0 (0x0)
.
“AppInit_DLLs”=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
“DisableMonitoring”=dword:00000001
.
“DisableMonitoring”=dword:00000001
.
“DisableMonitoring”=dword:00000001
.
“AntiVirusOverride”=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\8323.tmp
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys
R4 oocdretvliwruy;oocdretvliwruy;c:\windows\system32\hnhjpdps.exe
S3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys
S3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys
.
.
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de ‘Gedeelde Taken’ map
.
2011-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3233025038-488707028-2052865575-1000Core.job
- c:\users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3233025038-488707028-2052865575-1000UA.job
- c:\users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe
.
2011-06-01 c:\windows\Tasks\Recovery DVD Creator-Danielle.job
- c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe
.
2011-06-01 c:\windows\Tasks\Uitgebreide garantie-Danielle.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.ad.nl/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS VERWIJDERD - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-10 - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-01 08:28
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen …
.
scannen van verborgen autostart items …
.
scannen van verborgen bestanden …
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
“ImagePath”=“\??\c:\windows\system32\8323.tmp”
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (2) (LocalSystem)
“88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977”=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0b,94,c1,60,3b,d0,ee,4d,90,ae,e1,\
“2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81”=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0b,94,c1,60,3b,d0,ee,4d,90,ae,e1,\
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
Voltooingstijd: 2011-06-01 08:30:38
ComboFix-quarantined-files.txt 2011-06-01 06:30
.
Pre-Run: 95.597.166.592 bytes beschikbaar
Post-Run: 95.573.647.360 bytes beschikbaar
.
- - End Of File - - FDCC8898CFABBE098463FD35BEAB3C62
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:36:31, on 1-6-2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19048)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\SiS VGA Utilities\SiSTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Users\Danielle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Danielle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Danielle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ad.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: %ProgramFiles%\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: “C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup
O4 - HKLM\..\Run: C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: “C:\Program Files\Windows Live\Family Safety\fsui.exe” -autorun
O4 - HKLM\..\Run: Skytel.exe
O4 - HKLM\..\Run: C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\RunOnce: cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-app?lic=SU1BRUQtQlQySUwtNE1LMkQtQUNLQUMtTEVETlktQg“&”inst=NzYtODI1MTk0MzIxLVhMKzEtVDEtQkFSOEcrMS1GTCs4LVFJWDErNC1YMjAxMCsyLUxJQysxLUZMMTArMS1TUDErMS1TVVArMi1UVUcrMy1DSVArMi1TUDFTMisx“&”prod=94“&”ver=10.0.1375
O4 - HKCU\..\Run: C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
–
End of file - 6766 bytes
(tu)