Spam en msn bericht [Archief]

Volledige versie bekijken : Spam en msn bericht

intruder

2 June 2010, 18:33

Hoi,

Ik blijf maar spam krijgen over medicijnen en laats stuurde mijn msn berichten, zonder dat ik van iets weet. Heb een hijackThis gemaakt.

Dat van die msn lijkt opgelost door malwarebytes. Deze heeft wat verwijderd. Toen heb ik opnieuw een diepe scan gedaan en die vond niets meer.

Dat van die spam heb ik spybot gebruikt die heeft ook wat verwijderd, maar er blijft binnen komen.

Alvast bedankt voor jullie hulp !!

mvg

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:22:55, on 2/06/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\SMINST\scheduler.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
I:\hijackthis\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symbaloo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=74&bd=smb&pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\s wg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\gebruiker\AppData\Local\Google\Update\Goo gleUpdate.exe" /c
O4 - HKCU\..\Run: [Windows System Guard] C:\Users\Public\msng.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: DeviceNP - C:\Windows\SYSTEM32\DeviceNP.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: wampapache - Apache Software Foundation - Y:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - Y:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe
--
End of file - 12117 bytes

Rosty

5 June 2010, 09:00

Hey,

toevallig een link via MSN toegestuurd gekregen en op geklikt? Zoja, verander je paswoord eens. Doe dan ook eens volgende:

Download MalwareBytes' Anti-Malware (http://www.besttechie.net/tools/mbam-setup.exe) en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg dat er na de installatie een vinkje is geplaatst bij: Update MalwareBytes' Anti-Malware Start MalwareBytes' Anti-MalwareKlik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden. Zodra het programma gestart is, ga dan naar het tabblad "Instellingen". Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware". Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan". Druk vervolgens op "Scannen" om de scan te starten. Het scannen kan een tijdje duren, dus wees geduldig. Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien. Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde". Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Plaats dit logje samen met een nieuw logje van HijackThis

intruder

11 June 2010, 20:01

Hoi,

Ik heb ondertussen service pack 2 en ie 8 geinstalleerd.

Ik zag ook dat mijn update uit stonden ????

msn doet nu normaal, maar in mijn mailbox (dommel) krijg ik nog spam.

Heb een nieuwe hjt gemaakt, misschien zien jullie nog iets wat niet juist is ??

Alvast bedankt

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:00:26, on 11/06/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SMINST\scheduler.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
C:\Program Files\Internet Explorer\iexplore.exe
I:\hijackthis\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symbaloo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=74&bd=smb&pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\s wg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
O4 - HKLM\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\gebruiker\AppData\Local\Google\Update\Goo gleUpdate.exe" /c
O4 - HKCU\..\Run: [Windows System Guard] C:\Users\Public\msng.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: PHOTOfunSTUDIO 5.1 HD Edition.lnk = C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: DeviceNP - C:\Windows\SYSTEM32\DeviceNP.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: wampapache - Apache Software Foundation - Y:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - Y:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe
--
End of file - 13033 bytes

Rosty

11 June 2010, 20:10

Download Combofix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) naar je Bureaublad en gebruik het volgens deze handleiding (http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden).
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen! Dubbelklik op Combofix.exe om het te starten. Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate. Klik op OK in het "NirCmd" venstertje. Klik na afloop terug op Ja om het scannen op malware te starten. Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen. Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.Post dit logje in je volgende antwoord

intruder

11 June 2010, 22:01

Hoi Rosty,

Ik heb die combofix uitgevoerd.

Hier is het resultaat:
ComboFix 10-06-10.06 - gebruiker 11/06/2010 21:36:43.2.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.32.1043.18.2047.1334 [GMT 2:00]
Gestart vanuit: c:\users\gebruiker\Desktop\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Aanwezig AV is actief
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\gebruiker\AppData\Roaming\chrtmp
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-05-11 to 2010-06-11 ))))))))))))))))))))))))))))))
.
2010-06-11 19:47 . 2010-06-11 19:50 -------- d-----w- c:\users\gebruiker\AppData\Local\temp
2010-06-11 19:47 . 2010-06-11 19:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-11 17:49 . 2010-06-11 17:49 -------- d-----w- c:\programdata\Panasonic
2010-06-11 17:49 . 2010-06-11 17:49 -------- d-----w- c:\users\gebruiker\AppData\Local\Panasonic
2010-06-11 17:44 . 2010-06-11 17:44 -------- d-----w- c:\program files\Common Files\Apple
2010-06-11 17:43 . 2010-06-11 17:43 -------- d-----w- c:\users\gebruiker\AppData\Local\Apple
2010-06-11 17:43 . 2010-06-11 17:43 -------- d-----w- c:\program files\Apple Software Update
2010-06-11 17:43 . 2010-06-11 17:43 -------- d-----w- c:\programdata\Apple
2010-06-11 17:24 . 2006-02-20 17:17 33408 ----a-w- c:\windows\system32\drivers\cdrbsdrv.sys
2010-06-11 17:24 . 2007-06-15 10:57 59488 ----a-w- c:\windows\system32\GenSvcInst.exe
2010-06-11 17:24 . 2007-06-15 10:57 145504 ----a-w- c:\windows\system32\bgsvcgen.exe
2010-06-11 17:23 . 2010-06-11 17:24 -------- d-----w- c:\program files\Common Files\Panasonic
2010-06-11 17:23 . 2010-06-11 17:46 -------- d-----w- c:\program files\Panasonic
2010-06-11 17:23 . 2010-06-11 17:23 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-06-11 17:23 . 2010-06-11 17:23 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-06-09 19:34 . 2010-06-10 15:52 16 ----a-w- c:\windows\popcinfo.dat
2010-06-09 15:17 . 2010-04-05 17:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-09 15:17 . 2010-05-26 14:47 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-06-09 15:17 . 2010-05-26 17:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-06-09 15:17 . 2010-05-04 05:59 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-09 15:16 . 2010-05-04 04:31 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-09 15:16 . 2010-05-04 05:55 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-09 15:16 . 2010-05-04 05:55 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-06-09 15:15 . 2010-05-01 14:13 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-06-07 04:27 . 2010-06-07 04:27 -------- d-----w- c:\program files\Windows Portable Devices
2010-06-07 04:24 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-06-07 04:22 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-06-07 04:22 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-07 04:22 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-06 19:06 . 2010-06-06 19:07 -------- d-----w- c:\windows\system32\ca-ES
2010-06-06 19:06 . 2010-06-06 19:07 -------- d-----w- c:\windows\system32\eu-ES
2010-06-06 19:06 . 2010-06-06 19:07 -------- d-----w- c:\windows\system32\vi-VN
2010-06-06 03:25 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-06-06 03:25 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-06-05 09:13 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-06-05 09:13 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2010-06-05 09:13 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2010-06-05 09:13 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2010-06-05 09:13 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2010-06-05 09:13 . 2009-04-11 05:03 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2010-06-05 09:13 . 2009-04-11 06:28 1480704 ----a-w- c:\windows\system32\mssrch.dll
2010-06-05 09:13 . 2009-04-11 02:52 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
2010-06-05 09:13 . 2009-04-11 06:28 1576960 ----a-w- c:\windows\system32\tquery.dll
2010-06-05 09:13 . 2009-02-18 18:39 779136 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2010-06-05 09:11 . 2009-04-11 06:33 986600 ----a-w- c:\windows\system32\winload.exe
2010-06-05 09:10 . 2009-04-11 06:28 1143296 ----a-w- c:\windows\system32\wercon.exe
2010-06-05 09:09 . 2009-04-11 06:28 61440 ----a-w- c:\windows\system32\wscsvc.dll
2010-06-05 09:08 . 2009-04-11 06:28 88576 ----a-w- c:\windows\system32\olepro32.dll
2010-06-05 09:07 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-06-05 09:07 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-06-05 09:07 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-06-05 09:07 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-06-05 09:07 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-06-05 09:07 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-06-05 09:07 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-06-05 09:07 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-06-05 09:07 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-06-05 09:07 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-06-05 09:07 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-06-05 07:32 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-06-05 07:23 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-06-05 07:23 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-06-05 07:23 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-06-05 07:19 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-06-05 07:19 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-06-05 07:19 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-06-05 07:19 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2010-06-05 07:19 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-06-05 07:19 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2010-06-05 07:18 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2010-06-05 07:18 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2010-06-05 07:18 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-06-05 07:16 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-06-05 07:16 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-06-05 07:16 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-06-05 07:16 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-06-05 07:16 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2010-06-05 07:16 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-06-05 07:16 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-06-05 07:16 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-06-05 07:16 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2010-06-05 07:15 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2010-06-05 07:15 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll
2010-06-05 07:15 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2010-06-05 07:15 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-06-05 07:14 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2010-06-05 07:14 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-05 07:14 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-06-05 07:14 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-06-05 07:14 . 2009-12-08 17:26 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-06-05 07:12 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2010-06-05 07:11 . 2009-12-04 18:29 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-06-05 07:11 . 2009-12-04 18:30 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-06-05 07:11 . 2009-12-04 18:28 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-06-05 07:11 . 2009-12-04 18:28 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-06-05 07:11 . 2009-12-04 18:28 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-06-05 07:11 . 2009-12-04 18:28 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-06-05 07:11 . 2009-12-04 18:27 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-06-05 07:11 . 2009-12-04 18:28 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-06-05 07:11 . 2009-12-04 18:28 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-06-05 07:11 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2010-06-05 07:11 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-06-05 07:10 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-06-05 07:10 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll
2010-06-05 07:10 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2010-06-05 07:10 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-06-05 07:10 . 2009-04-11 06:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-06-05 07:10 . 2009-04-11 06:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-06-05 07:10 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-05 07:10 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-06-05 07:04 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-06-04 21:34 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2010-06-04 21:34 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2010-06-04 21:34 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2010-06-04 21:34 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2010-06-04 21:33 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2010-06-04 21:33 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2010-06-04 21:33 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2010-06-04 21:33 . 2009-08-06 17:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2010-06-04 21:33 . 2009-08-06 16:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2010-06-04 16:17 . 2010-06-04 16:17 -------- d-----w- c:\windows\system32\EventProviders
2010-06-04 16:17 . 2010-06-05 03:49 -------- d-----w- C:\57e287eb704b16528e98ff5d7239c29d
2010-05-16 14:42 . 2010-05-16 14:42 -------- d-----w- c:\program files\Readon Technology
2010-05-13 16:17 . 2010-05-15 09:38 -------- d-----w- c:\users\gebruiker\AppData\Roaming\Nero
2010-05-13 15:48 . 2010-05-13 15:54 -------- d-----w- c:\program files\Nero
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-06-11 19:29 . 2006-11-21 16:07 3204 ----a-w- c:\windows\bthservsdp.dat
2010-06-11 19:29 . 2008-06-22 00:47 -------- d-----w- c:\users\gebruiker\AppData\Roaming\Skype
2010-06-11 17:50 . 2006-11-02 16:06 677010 ----a-w- c:\windows\system32\perfh013.dat
2010-06-11 17:50 . 2006-11-02 16:06 131474 ----a-w- c:\windows\system32\perfc013.dat
2010-06-11 17:44 . 2008-10-18 11:19 -------- d-----w- c:\programdata\Apple Computer
2010-06-11 17:41 . 2008-06-17 14:41 104872 ----a-w- c:\users\gebruiker\AppData\Local\GDIPFONTCACHEV1.D AT
2010-06-11 17:23 . 2007-12-14 01:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-11 14:09 . 2008-12-05 19:42 -------- d-----w- c:\users\gebruiker\AppData\Roaming\skypePM
2010-06-09 15:28 . 2007-12-14 01:42 -------- d-----w- c:\programdata\Microsoft Help
2010-06-07 19:29 . 2008-06-22 01:16 -------- d-----w- c:\users\gebruiker\AppData\Roaming\GrabIt
2010-06-07 04:27 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-06-07 04:27 . 2010-06-07 04:27 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_ 00.Wdf
2010-06-06 19:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-06-06 19:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-06-06 19:07 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-06 19:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-06-06 19:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-06-06 19:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-06-06 19:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-06-05 08:13 . 2008-06-24 18:06 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-02 19:46 . 2008-06-22 00:20 -------- d-----w- c:\users\gebruiker\AppData\Roaming\Vso
2010-05-26 13:24 . 2010-06-11 13:11 18488 ----a-w- c:\windows\Help\OEM\scripts\HPHC_BUY_BATTERY.exe
2010-05-20 15:37 . 2009-03-20 22:00 -------- d-----w- c:\users\gebruiker\AppData\Roaming\vlc
2010-05-13 15:39 . 2008-06-22 00:40 -------- d-----w- c:\program files\Common Files\Ahead
2010-05-13 15:38 . 2008-06-21 22:29 -------- d-----w- c:\program files\CCleaner
2010-05-12 20:13 . 2007-12-14 02:14 -------- d-----w- c:\program files\Java
2010-05-12 09:21 . 2009-10-03 16:47 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-07 14:23 . 2009-05-21 10:05 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-05-07 13:00 . 2010-05-07 13:00 -------- d-----w- c:\program files\DVDVideoSoftTB
2010-05-07 13:00 . 2010-05-07 13:00 -------- d-----w- c:\users\gebruiker\AppData\Roaming\DVDVideoSoftIEH elpers
2010-05-07 12:59 . 2009-05-21 10:05 -------- d-----w- c:\program files\DVDVideoSoft
2010-05-02 09:26 . 2008-06-21 21:56 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-05-01 20:48 . 2008-09-06 15:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-29 13:39 . 2008-09-06 15:22 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2008-09-06 15:22 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-23 16:31 . 2010-04-23 16:31 106432 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2010-04-19 09:09 . 2010-04-19 09:09 -------- d-----w- c:\program files\SlySoft
2010-04-19 09:07 . 2010-04-19 09:07 -------- d-----w- c:\programdata\SlySoft
2010-04-15 16:49 . 2010-06-11 13:11 1335048 ----a-w- c:\windows\Help\OEM\scripts\SamsungHDDFW1HC.exe
2010-04-08 14:48 . 2010-06-11 13:11 17160 ----a-w- c:\windows\Help\OEM\scripts\HPHCDisableObject.exe
2010-04-06 15:52 . 2010-06-11 13:11 18184 ----a-w- c:\windows\Help\OEM\scripts\HC_Launch.exe
2010-03-22 18:38 . 2010-03-22 18:38 3600384 ----a-w- c:\windows\system32\GPhotos.scr
2010-03-19 13:31 . 2010-03-19 13:31 89256 ----a-w- c:\windows\system32\ElbyCDIO.dll
2009-05-22 08:58 . 2009-05-22 08:58 39789 ----a-w- c:\program files\uninst-mp3gain.exe
2009-02-26 19:59 . 2009-02-26 19:59 104 ----a-w- c:\program files\barjk.txt
2008-06-21 21:32 . 2008-06-21 21:32 472 ----a-w- c:\program files\rarreg.key
2008-06-21 21:32 . 2008-06-21 21:31 968192 ----a-w- c:\program files\WinRAR.exe
2008-06-08 06:55 . 2008-06-21 21:31 48756 ----a-w- c:\program files\winrar.lng
2008-06-07 15:26 . 2008-06-21 21:31 9755 ----a-w- c:\program files\TechNote.txt
2008-06-07 15:13 . 2008-06-21 21:31 82976 ----a-w- c:\program files\rar.txt
2008-06-01 10:02 . 2008-06-21 21:31 1622 ----a-w- c:\program files\rarext.lng
2008-06-01 10:01 . 2008-06-21 21:31 18503 ----a-w- c:\program files\rar.lng
2008-05-30 12:55 . 2008-06-21 21:31 652 ----a-w- c:\program files\File_Id.diz
2008-05-30 12:54 . 2008-06-21 21:31 3414 ----a-w- c:\program files\uninstall.lng
2008-05-26 14:38 . 2008-06-21 21:31 44032 ----a-w- c:\program files\RarExtLoader.exe
2007-09-21 13:11 . 2008-06-21 21:31 6763 ----a-w- c:\program files\License.txt
2007-09-20 17:35 . 2008-06-21 21:31 639 ----a-w- c:\program files\Uninstall.lst
2007-01-17 17:43 . 2008-06-21 21:31 3735 ----a-w- c:\program files\order.htm
2007-01-17 13:28 . 2008-06-21 21:31 1223 ----a-w- c:\program files\Descript.ion
2006-05-10 10:02 . 2008-06-21 21:31 1123 ----a-w- c:\program files\RarFiles.lst
2005-06-30 11:33 . 2008-06-21 21:31 105 ----a-w- c:\program files\UnrarSrc.txt
2005-01-08 23:58 . 2005-01-08 23:58 131127 ----a-w- c:\program files\mp3gain.exe
2005-01-08 20:45 . 2005-01-08 20:45 630841 ----a-w- c:\program files\MP3GainGUI.exe
2004-11-02 16:05 . 2004-11-02 16:05 330954 ----a-w- c:\program files\MP3Gain.chm
2004-04-06 18:07 . 2004-04-06 18:07 16369 ----a-w- c:\program files\Dutch.mp3gain.ini
2004-04-03 07:36 . 2004-04-03 07:36 472 ----a-w- c:\program files\ReadMe.txt
2009-08-02 18:34 . 2008-12-09 19:17 952 --sha-w- c:\windows\System32\KGyGaAvL.sys
2007-12-14 09:40 . 2007-12-14 09:39 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-03-09 26100520]
"Gadwin PrintScreen 3.5"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2006-07-08 1101824]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-09-20 39408]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVD.exe" [2010-05-04 93120]
"Google Update"="c:\users\gebruiker\AppData\Local\Google\Update\Goo gleUpdate.exe" [2009-03-19 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-05-11 472632]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-02-21 1183744]
"QuickTime Task"="c:\program files\VistaCodecPack\QT\QTTask.exe" [2009-11-10 417792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
"ST Recovery Launcher"="c:\windows\SMINST\launcher.exe" [2007-06-06 44168]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
PHOTOfunSTUDIO 5.1 HD Edition.lnk - c:\program files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [2010-6-11 172544]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2007-06-08 08:04 49152 ----a-r- c:\windows\System32\DeviceNP.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^DVD Check.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DVD Check.lnk
backup=c:\windows\pss\DVD Check.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2010-04-03 14:44 640440 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2010-04-03 20:32 38840 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen 3.5]
2006-07-08 08:57 1101824 ----a-w- c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-03-19 21:17 133104 ----atw- c:\users\gebruiker\AppData\Local\Google\Update\Goo gleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2007-06-05 08:12 71176 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2009-06-17 10:13 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxczbmgr.exe]
2007-04-19 14:44 74672 ----a-w- c:\program files\Lexmark 1200 Series\LXCZbmgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-11-06 14:34 177456 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
2002-04-17 09:42 69632 ----a-w- c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-09-20 07:44 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WatchDog]
2007-05-23 09:00 192512 ----a-w- c:\program files\InterVideo\DVD Check\DVDCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):08,65,9b,40,ac,05,cb,01
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-699653130-2659718187-2340764334-1006]
"EnableNotificationsRef"=dword:00000001
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-04 691696]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.s ys [2007-06-08 30008]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2007-06-08 172131]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbE xDisk.SYS [2009-03-31 36608]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S0 AFS;AFS; [x]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
2010-06-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-699653130-2659718187-2340764334-1006Core.job
- c:\users\gebruiker\AppData\Local\Google\Update\Goo gleUpdate.exe [2009-03-19 21:17]
2010-06-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-699653130-2659718187-2340764334-1006UA.job
- c:\users\gebruiker\AppData\Local\Google\Update\Goo gleUpdate.exe [2009-03-19 21:17]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.symbaloo.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=74&bd=smb&pf=laptop
uInternet Settings,ProxyOverride = local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
FF - ProfilePath - c:\users\gebruiker\AppData\Roaming\Mozilla\Firefox \Profiles\sp6c5hmf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.symbaloo.com/
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.d ll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug. dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS VERWIJDERD - - - -
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-Windows System Guard - c:\users\Public\msng.exe
MSConfigStartUp-AutoStartNPSAgent - c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
AddRemove-HijackThis - i:\hijackthis\HijackThis.exe
AddRemove-PassportPhoto - c:\program files\PassportPhoto\Uninstall.exe

************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-11 21:50
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
************************************************** ************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.032"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.abr"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ani"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bay"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bmp"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bw"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.cr2\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cs1"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cur"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.dcr\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcx"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dib"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djv"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djvu"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.emf"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.eps"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.erf"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fff"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fpx"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.gif"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.hdr"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icl"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icn"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iff"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ilbm"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.int"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.inta"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iw4"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2c"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2k"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jbr"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jfif"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jif"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jp2"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpc"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpe"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpeg"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpg"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpk"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpx"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.lbm"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mef"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mos"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pbm"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pbr"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcd"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pct"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcx"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pgm"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pic"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pict"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pix"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.png"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ppm"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psd"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psp"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pspbrush"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pspimage"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ras"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgb"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgba"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rle"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rsb"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sgi"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tga"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.thm"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tif"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-699653130-2659718187-2340764334-1006)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tiff"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttc"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttf"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.v10o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10o"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.v10p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10p"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.v10pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10pf"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbm"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbmp"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wmf"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xbm"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xif"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xmp"
[HKEY_USERS\S-1-5-21-699653130-2659718187-2340764334-1006\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xpm"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2010-06-11 21:53:55
ComboFix-quarantined-files.txt 2010-06-11 19:53
ComboFix2.txt 2009-02-28 12:30
Pre-Run: 65.512.775.680 bytes beschikbaar
Post-Run: 67.495.661.568 bytes beschikbaar
- - End Of File - - 900749E01B171E8775EA27934C72544D

intruder

11 June 2010, 22:01

Rosty

12 June 2010, 07:26

Kun je je mail niet instellen dat je kan kiezen wat er spam isen wat niet?Zodat ongevraagde mail in je spambox terecht komt!
In dit log zie ik alvast niets verkeerd hoor!

intruder

12 June 2010, 09:31

Hoi Rosty,

Bedankt voor je hulp !!! Ik heb sinds gisterenavond niets meer ontvangen.

Ik hou het in de gaten !!!

nogmaals bedankt

mvg

intruder