Ga naar inhoud

geetn

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    164

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door geetn

  1. geetn
    Heel erg bedankt. Ik denk dat het gelukt is.
  2. geetn
    Als de batterij van mijn computer bijna leeg is krijg ik een schermpje dat hij bijna leeg is. Maar ik net iets te laat ben met hem aan de stroom te koppelen slaat de computer helemaal af. Vroeger ging de computer dan gewoon in slaapstand zodat ik nog alle programma's die ik had openstaan er nog stonden. Nu dus niet meer. Kan er mij iemand helpen? mvg Geetn
  3. geetn
    Ik heb het eens gevraagd aan onze leerkracht en zij zegt dat dit hetzelfde is. Hierbij denk ik dat het probleem is opgelost. bedankt Geetn
  4. geetn
    ik heb geprobeerd het bestandje te installeren maar ik krijg de melding dat de updates al werden geinstalleerd.
  5. geetn
    Als ik het bestand open krijg ik de melding: de installatie van dit pakket is mislukt. De windows is zeker legaal want deze was voorgeprogrammeerd bij aankoop. De microsoft is normaal ook legaal ( ik heb hem zelf niet geinstalleerd). Maar we waren met een 5 tal personen die elk onze laptop mee hadden en niemand kon deze functie gebruiken. mvg Geetn
  6. geetn
    Sorry vergeten bij te schrijven. In school en zowel thuis is het de microsoft 2010
  7. geetn
    Bedankt om te reageren. Ik heb geprobeerd om dat bestandje te installeren maar ik krijg telkens de melding dat het is mislukt. mvg Geetn
  8. geetn
    Voor school moeten wij veel de functie DHAAL gebruiken maar dit verschijnt niet in mijn excel. Op de computers van school verschijnt het wel. weet iemand hier soms raad mee? mvg Geetn
  9. geetn
    Bedankt, ik heb de asus besteld.
  10. geetn
    Ik heb nog wat rondgekeken en heb er nog een paar gevonden. http://webshop.eurosys.be/nl/computers-accessoires/notebooks-laptops/hp-630-p6200-15.6-04gb-320-pwt-lh368ea-uug/p353211.aspx http://nl.hardware.info/productinfo/125188/asus-x53u-sx029v#tab:overzicht Deze laatste raden ze mij eigenlijk al op school aan. Maar deze is dan voor alle afdelingen. Zouden een van deze twee soms iets zijn?
  11. geetn
    Ik had hem al eens gedaan en heb hem nu nog eens gedaan. Maar ik weet niet zeker of autocad hierop ook zou kunnen draaien. En bestaat er soms nog iets in een lagere prijsklasse? Bedankt
  12. geetn
    Ik zou graag een nieuwe laptop kopen voor school maar ik ben niet echt zeker welke ik zou kopen. De laptop zou op zijn minst autocad 2010 moeten kunnen draaien ( en nog een paar andere kleinere programma's ). Het beeldscherm zou rond de 15 inch moeten zijn zodat hij in mijn boekentas past. De computer zou niet echt veel geld mogen kosten omdat ik hem ook niet echt dagelijks zal gebruiken. Heeft er iemand soms een idee welk eentje ik zou moeten kopen? al heel erg bedankt. Geetn
  13. geetn
    Ik heb de computer eens in een computerwinkel binnengebracht. Hij zei dat er niets mis mee was. Hij kon direct op het internet maar hij had er wel een virus afgehaald. Het probleem lijkt opgelost. Bedankt allemaal voor jullie hulp.
  14. geetn
    Ik ben eigenlijk nog geen stap verder. Het is zelfs nog verslechterd. Aan een herinstallatie heb ik ook al gedacht. maar ik ben niet echt zeker dat dit zal werken. Het is daarom dat ik het nog niet echt heb proberen te doen. Zou er soms nog iets anders bestaan dat ik zou kunnen proberen voordat ik de computer formateer?
  15. geetn
    Na verschillende netwerken te hebben geprobeerd kreeg ik nog steeds diezelfde melding.
  16. geetn
    Ik zal dat eens proberen.
  17. geetn
    nog steeds hetzelfde probleem.
  18. geetn
    2011/09/08 21:42:46.0074 5664 TDSS rootkit removing tool 2.5.20.0 Sep 7 2011 16:44:34 2011/09/08 21:42:46.0198 5664 ================================================================================ 2011/09/08 21:42:46.0198 5664 SystemInfo: 2011/09/08 21:42:46.0198 5664 2011/09/08 21:42:46.0198 5664 OS Version: 6.1.7600 ServicePack: 0.0 2011/09/08 21:42:46.0198 5664 Product type: Workstation 2011/09/08 21:42:46.0198 5664 ComputerName: PCGAUTHIER 2011/09/08 21:42:46.0199 5664 UserName: gauthier 2011/09/08 21:42:46.0199 5664 Windows directory: C:\Windows 2011/09/08 21:42:46.0199 5664 System windows directory: C:\Windows 2011/09/08 21:42:46.0199 5664 Running under WOW64 2011/09/08 21:42:46.0199 5664 Processor architecture: Intel x64 2011/09/08 21:42:46.0199 5664 Number of processors: 2 2011/09/08 21:42:46.0199 5664 Page size: 0x1000 2011/09/08 21:42:46.0199 5664 Boot type: Normal boot 2011/09/08 21:42:46.0199 5664 ================================================================================ 2011/09/08 21:42:46.0621 5664 Initialize success 2011/09/08 21:42:59.0750 4632 ================================================================================ 2011/09/08 21:42:59.0750 4632 Scan started 2011/09/08 21:42:59.0750 4632 Mode: Manual; 2011/09/08 21:42:59.0750 4632 ================================================================================ 2011/09/08 21:43:00.0778 4632 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/09/08 21:43:00.0892 4632 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2011/09/08 21:43:00.0996 4632 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/09/08 21:43:01.0128 4632 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/09/08 21:43:01.0238 4632 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/09/08 21:43:01.0349 4632 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/09/08 21:43:01.0486 4632 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys 2011/09/08 21:43:01.0594 4632 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2011/09/08 21:43:01.0735 4632 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2011/09/08 21:43:01.0840 4632 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2011/09/08 21:43:01.0955 4632 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/09/08 21:43:02.0057 4632 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/09/08 21:43:02.0164 4632 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 2011/09/08 21:43:02.0291 4632 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/09/08 21:43:02.0404 4632 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 2011/09/08 21:43:02.0506 4632 ApfiltrService (c79c86a0395689045710e24d64e5e086) C:\Windows\system32\DRIVERS\Apfiltr.sys 2011/09/08 21:43:02.0614 4632 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/09/08 21:43:02.0751 4632 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/09/08 21:43:02.0889 4632 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/09/08 21:43:03.0456 4632 aswFsBlk (55353cd0da287b2c3782485740965b54) C:\Windows\system32\drivers\aswFsBlk.sys 2011/09/08 21:43:03.0557 4632 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys 2011/09/08 21:43:03.0679 4632 aswRdr (91e7aca95933633b2557f47cdfdb74c3) C:\Windows\system32\drivers\aswRdr.sys 2011/09/08 21:43:03.0785 4632 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys 2011/09/08 21:43:03.0902 4632 aswSP (4d939ecb19dc930056593390d1c87c43) C:\Windows\system32\drivers\aswSP.sys 2011/09/08 21:43:03.0976 4632 aswTdi (d633426c5a207ce21767569aa4946891) C:\Windows\system32\drivers\aswTdi.sys 2011/09/08 21:43:04.0075 4632 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/09/08 21:43:04.0179 4632 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2011/09/08 21:43:04.0307 4632 athr (88a02b6046356e6be4e387faa7451439) C:\Windows\system32\DRIVERS\athrx.sys 2011/09/08 21:43:04.0548 4632 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/09/08 21:43:04.0681 4632 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/09/08 21:43:04.0849 4632 BCM43XX (b44879610f2dc4a046b14befa3ae72de) C:\Windows\system32\DRIVERS\bcmwl664.sys 2011/09/08 21:43:05.0065 4632 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/09/08 21:43:05.0219 4632 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/09/08 21:43:05.0333 4632 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 2011/09/08 21:43:05.0378 4632 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/09/08 21:43:05.0473 4632 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/09/08 21:43:05.0615 4632 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/09/08 21:43:05.0727 4632 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/09/08 21:43:05.0858 4632 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/09/08 21:43:05.0947 4632 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/09/08 21:43:05.0998 4632 BthAvrcp (832b121e4532919cc49f2438f1dcaa21) C:\Windows\system32\DRIVERS\BthAvrcp.sys 2011/09/08 21:43:06.0120 4632 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 2011/09/08 21:43:06.0177 4632 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/09/08 21:43:06.0280 4632 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 2011/09/08 21:43:06.0424 4632 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys 2011/09/08 21:43:06.0581 4632 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys 2011/09/08 21:43:06.0720 4632 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/09/08 21:43:06.0838 4632 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/09/08 21:43:06.0941 4632 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/09/08 21:43:06.0985 4632 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/09/08 21:43:07.0126 4632 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/09/08 21:43:07.0162 4632 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2011/09/08 21:43:07.0271 4632 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/09/08 21:43:07.0403 4632 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/09/08 21:43:07.0515 4632 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/09/08 21:43:07.0613 4632 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/09/08 21:43:07.0782 4632 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 2011/09/08 21:43:07.0839 4632 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/09/08 21:43:07.0945 4632 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/09/08 21:43:08.0127 4632 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/09/08 21:43:08.0280 4632 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 2011/09/08 21:43:08.0516 4632 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/09/08 21:43:08.0783 4632 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/09/08 21:43:08.0910 4632 epfw (f9d0d6a7a6d48391be1f314ef7669ce2) C:\Windows\system32\DRIVERS\epfw.sys 2011/09/08 21:43:08.0944 4632 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2011/09/08 21:43:09.0125 4632 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/09/08 21:43:09.0228 4632 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/09/08 21:43:09.0355 4632 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/09/08 21:43:09.0504 4632 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/09/08 21:43:09.0605 4632 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/09/08 21:43:09.0751 4632 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/09/08 21:43:09.0877 4632 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/09/08 21:43:09.0992 4632 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/09/08 21:43:10.0099 4632 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 2011/09/08 21:43:10.0153 4632 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/09/08 21:43:10.0267 4632 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 2011/09/08 21:43:10.0317 4632 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/09/08 21:43:10.0500 4632 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/09/08 21:43:10.0593 4632 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 2011/09/08 21:43:10.0641 4632 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/09/08 21:43:10.0692 4632 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/09/08 21:43:10.0740 4632 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/09/08 21:43:10.0859 4632 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/09/08 21:43:10.0975 4632 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2011/09/08 21:43:11.0129 4632 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/09/08 21:43:11.0272 4632 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/09/08 21:43:11.0400 4632 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/09/08 21:43:11.0525 4632 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/09/08 21:43:11.0660 4632 iaStor (be7d72fcf442c26975942007e0831241) C:\Windows\system32\DRIVERS\iaStor.sys 2011/09/08 21:43:11.0769 4632 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 2011/09/08 21:43:12.0151 4632 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys 2011/09/08 21:43:12.0544 4632 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/09/08 21:43:12.0698 4632 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys 2011/09/08 21:43:12.0837 4632 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2011/09/08 21:43:12.0939 4632 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/09/08 21:43:12.0992 4632 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/09/08 21:43:13.0116 4632 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/09/08 21:43:13.0151 4632 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/09/08 21:43:13.0250 4632 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/09/08 21:43:13.0291 4632 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2011/09/08 21:43:13.0345 4632 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/09/08 21:43:13.0461 4632 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/09/08 21:43:13.0557 4632 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/09/08 21:43:13.0709 4632 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/09/08 21:43:13.0806 4632 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 2011/09/08 21:43:13.0917 4632 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/09/08 21:43:14.0053 4632 L1C (2377ec4cc3e356655b996f39b43486b6) C:\Windows\system32\DRIVERS\L1C62x64.sys 2011/09/08 21:43:14.0191 4632 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/09/08 21:43:14.0325 4632 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/09/08 21:43:14.0443 4632 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/09/08 21:43:14.0573 4632 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/09/08 21:43:14.0704 4632 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/09/08 21:43:14.0827 4632 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/09/08 21:43:14.0931 4632 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/09/08 21:43:15.0054 4632 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/09/08 21:43:15.0201 4632 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/09/08 21:43:15.0241 4632 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/09/08 21:43:15.0364 4632 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/09/08 21:43:15.0483 4632 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/09/08 21:43:15.0519 4632 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/09/08 21:43:15.0567 4632 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2011/09/08 21:43:15.0603 4632 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/09/08 21:43:15.0644 4632 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/09/08 21:43:15.0700 4632 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/09/08 21:43:15.0821 4632 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/09/08 21:43:15.0849 4632 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/09/08 21:43:15.0957 4632 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2011/09/08 21:43:16.0026 4632 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2011/09/08 21:43:16.0088 4632 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/09/08 21:43:16.0128 4632 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/09/08 21:43:16.0154 4632 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/09/08 21:43:16.0271 4632 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/09/08 21:43:16.0296 4632 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/09/08 21:43:16.0323 4632 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/09/08 21:43:16.0363 4632 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/09/08 21:43:16.0394 4632 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/09/08 21:43:16.0427 4632 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/09/08 21:43:16.0454 4632 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/09/08 21:43:16.0517 4632 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/09/08 21:43:16.0718 4632 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 2011/09/08 21:43:16.0847 4632 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 2011/09/08 21:43:16.0870 4632 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 2011/09/08 21:43:17.0036 4632 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/09/08 21:43:17.0155 4632 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/09/08 21:43:17.0280 4632 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/09/08 21:43:17.0385 4632 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/09/08 21:43:17.0556 4632 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/09/08 21:43:17.0648 4632 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/09/08 21:43:17.0754 4632 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/09/08 21:43:17.0873 4632 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/09/08 21:43:17.0981 4632 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/09/08 21:43:18.0151 4632 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/09/08 21:43:18.0305 4632 nmwcd (88f2f2cb9faee2e14bccf384f4c88061) C:\Windows\system32\drivers\ccdcmbx64.sys 2011/09/08 21:43:18.0424 4632 nmwcdc (31c1fac4ae14fb2f8771c59ba3f90bad) C:\Windows\system32\drivers\ccdcmbox64.sys 2011/09/08 21:43:18.0520 4632 nmwcdnsucx64 (863aa6c58ac85a22355ae943c605e44b) C:\Windows\system32\drivers\nmwcdnsucx64.sys 2011/09/08 21:43:18.0582 4632 nmwcdnsux64 (7983d9201788407c4d1fc4d0baa04e32) C:\Windows\system32\drivers\nmwcdnsux64.sys 2011/09/08 21:43:18.0624 4632 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/09/08 21:43:18.0761 4632 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/09/08 21:43:18.0905 4632 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 2011/09/08 21:43:19.0103 4632 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys 2011/09/08 21:43:19.0221 4632 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/09/08 21:43:19.0327 4632 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 2011/09/08 21:43:19.0446 4632 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 2011/09/08 21:43:19.0552 4632 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/09/08 21:43:19.0658 4632 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/09/08 21:43:19.0829 4632 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/09/08 21:43:19.0947 4632 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/09/08 21:43:20.0053 4632 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 2011/09/08 21:43:20.0093 4632 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2011/09/08 21:43:20.0207 4632 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2011/09/08 21:43:20.0310 4632 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/09/08 21:43:20.0449 4632 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys 2011/09/08 21:43:20.0573 4632 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/09/08 21:43:20.0693 4632 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/09/08 21:43:20.0899 4632 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/09/08 21:43:20.0945 4632 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/09/08 21:43:21.0077 4632 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/09/08 21:43:21.0226 4632 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/09/08 21:43:21.0401 4632 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/09/08 21:43:21.0483 4632 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/09/08 21:43:21.0532 4632 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/09/08 21:43:21.0633 4632 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/09/08 21:43:21.0779 4632 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/09/08 21:43:21.0942 4632 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/09/08 21:43:22.0077 4632 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/09/08 21:43:22.0131 4632 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/09/08 21:43:22.0198 4632 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/09/08 21:43:22.0272 4632 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/09/08 21:43:22.0324 4632 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/09/08 21:43:22.0379 4632 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/09/08 21:43:22.0423 4632 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/09/08 21:43:22.0543 4632 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2011/09/08 21:43:22.0714 4632 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/09/08 21:43:22.0827 4632 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/09/08 21:43:22.0886 4632 RSUSBSTOR (db30aa4daa0d492fa5d7717d8181ffa1) C:\Windows\system32\Drivers\RtsUStor.sys 2011/09/08 21:43:22.0969 4632 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/09/08 21:43:23.0010 4632 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/09/08 21:43:23.0062 4632 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/09/08 21:43:23.0128 4632 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/09/08 21:43:23.0306 4632 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/09/08 21:43:23.0410 4632 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/09/08 21:43:23.0499 4632 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 2011/09/08 21:43:23.0521 4632 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 2011/09/08 21:43:23.0547 4632 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys 2011/09/08 21:43:23.0622 4632 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/09/08 21:43:23.0726 4632 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/09/08 21:43:23.0759 4632 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/09/08 21:43:23.0874 4632 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/09/08 21:43:23.0930 4632 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/09/08 21:43:24.0073 4632 sptd (4b3f898dc1378ced2f35d04e5b0ce0df) C:\Windows\System32\Drivers\sptd.sys 2011/09/08 21:43:24.0073 4632 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 4b3f898dc1378ced2f35d04e5b0ce0df 2011/09/08 21:43:24.0082 4632 sptd - detected LockedFile.Multi.Generic (1) 2011/09/08 21:43:24.0140 4632 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 2011/09/08 21:43:24.0227 4632 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 2011/09/08 21:43:24.0296 4632 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 2011/09/08 21:43:24.0439 4632 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/09/08 21:43:24.0482 4632 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2011/09/08 21:43:24.0631 4632 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys 2011/09/08 21:43:24.0832 4632 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys 2011/09/08 21:43:24.0894 4632 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/09/08 21:43:24.0937 4632 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/09/08 21:43:24.0978 4632 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/09/08 21:43:25.0025 4632 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/09/08 21:43:25.0059 4632 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2011/09/08 21:43:25.0147 4632 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/09/08 21:43:25.0239 4632 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/09/08 21:43:25.0289 4632 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/09/08 21:43:25.0345 4632 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys 2011/09/08 21:43:25.0400 4632 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/09/08 21:43:25.0520 4632 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/09/08 21:43:25.0570 4632 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/09/08 21:43:25.0628 4632 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/09/08 21:43:25.0794 4632 upperdev (fbd861e69e1f583bec906fcd04e4f84e) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 2011/09/08 21:43:25.0845 4632 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/09/08 21:43:25.0889 4632 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2011/09/08 21:43:25.0943 4632 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys 2011/09/08 21:43:26.0006 4632 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 2011/09/08 21:43:26.0049 4632 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys 2011/09/08 21:43:26.0092 4632 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/09/08 21:43:26.0167 4632 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 2011/09/08 21:43:26.0259 4632 usbser (0f0c72a657c622286013788b886968ad) C:\Windows\system32\drivers\usbser.sys 2011/09/08 21:43:26.0291 4632 UsbserFilt (0fbb0080b287bbcbf5c7076e3d74a35c) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 2011/09/08 21:43:26.0418 4632 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/09/08 21:43:26.0501 4632 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/09/08 21:43:26.0575 4632 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 2011/09/08 21:43:26.0713 4632 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/09/08 21:43:26.0825 4632 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/09/08 21:43:26.0921 4632 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/09/08 21:43:27.0049 4632 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/09/08 21:43:27.0142 4632 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2011/09/08 21:43:27.0244 4632 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/09/08 21:43:27.0351 4632 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/09/08 21:43:27.0465 4632 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2011/09/08 21:43:27.0567 4632 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/09/08 21:43:27.0672 4632 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/09/08 21:43:27.0773 4632 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/09/08 21:43:27.0889 4632 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/09/08 21:43:27.0989 4632 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/09/08 21:43:28.0013 4632 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/09/08 21:43:28.0203 4632 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/09/08 21:43:28.0308 4632 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/09/08 21:43:28.0473 4632 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/09/08 21:43:28.0582 4632 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/09/08 21:43:28.0810 4632 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/09/08 21:43:28.0950 4632 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/09/08 21:43:29.0167 4632 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/09/08 21:43:29.0235 4632 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/09/08 21:43:29.0278 4632 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/09/08 21:43:29.0397 4632 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/09/08 21:43:29.0427 4632 Boot (0x1200) (c72c59b87bdba308b7822437867bdd0c) \Device\Harddisk0\DR0\Partition0 2011/09/08 21:43:29.0476 4632 Boot (0x1200) (f01ec962c16f513427e28e15711acff8) \Device\Harddisk0\DR0\Partition1 2011/09/08 21:43:29.0483 4632 ================================================================================ 2011/09/08 21:43:29.0483 4632 Scan finished 2011/09/08 21:43:29.0483 4632 ================================================================================ 2011/09/08 21:43:29.0514 4240 Detected object count: 1 2011/09/08 21:43:29.0514 4240 Actual detected object count: 1 2011/09/08 21:43:36.0048 4240 LockedFile.Multi.Generic(sptd) - User select action: Skip
  19. geetn
    ComboFix 11-09-08.03 - gauthier 08/09/2011 20:56:41.3.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.4026.2331 [GMT 2:00] Gestart vanuit: c:\users\gauthier\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-08-08 to 2011-09-08 )))))))))))))))))))))))))))))) . . 2011-09-08 19:18 . 2011-09-08 19:18 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-04 10:02 . 2011-09-04 10:02 388096 ----a-r- c:\users\gauthier\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-09-02 21:52 . 2011-09-02 21:52 -------- d-----w- c:\program files\Speccy 2011-08-28 19:23 . 2011-08-28 19:23 -------- d-----w- c:\users\gauthier\AppData\Roaming\Nokia Ovi Suite 2011-08-28 19:23 . 2011-08-28 19:23 -------- d-----w- c:\users\gauthier\AppData\Roaming\Nokia 2011-08-28 19:01 . 2011-08-28 19:02 -------- d-----w- c:\program files (x86)\Common Files\Nokia 2011-08-20 11:02 . 2011-08-20 11:02 -------- d-----w- c:\windows\nl 2011-08-20 10:58 . 2011-08-20 10:58 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-08-20 10:52 . 2011-08-20 10:52 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\460fed941cc5f2703\MeshBetaRemover.exe 2011-08-13 14:41 . 2011-08-13 14:41 -------- d-----w- c:\programdata\Hewlett-Packard 2011-08-13 14:41 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll 2011-08-10 13:36 . 2011-07-16 05:17 338432 ----a-w- c:\windows\system32\conhost.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-17 21:41 . 2011-02-27 14:48 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-08-17 21:41 . 2011-02-27 14:47 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-08-17 21:38 . 2011-05-24 09:52 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-07-25 20:12 . 2011-07-25 20:12 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2011-07-25 20:11 . 2011-07-25 20:11 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-07-16 04:32 . 2011-08-10 13:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2011-07-04 11:43 . 2011-05-21 07:30 40112 ----a-w- c:\windows\avastSS.scr 2011-07-04 11:43 . 2011-05-21 07:30 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-07-04 11:43 . 2011-05-21 07:31 253888 ----a-w- c:\windows\system32\aswBoot.exe 2011-07-04 11:36 . 2011-05-21 07:31 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-07-04 11:36 . 2011-05-21 07:31 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-07-04 11:35 . 2011-05-21 07:31 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-07-04 11:32 . 2011-05-21 07:31 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-07-04 11:32 . 2011-05-21 07:31 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-07-04 11:32 . 2011-05-21 07:31 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-06-11 02:56 . 2011-07-22 21:13 3134464 ----a-w- c:\windows\system32\win32k.sys 2006-05-03 10:06 163328 --sh--r- c:\windows\SysWOW64\flvDX.dll 2007-02-21 11:47 31232 --sh--r- c:\windows\SysWOW64\msfDX.dll 2008-03-16 13:30 216064 --sh--r- c:\windows\SysWOW64\nbDX.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2009-09-10 13:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] "TorrentEasy"="c:\program files (x86)\TorrentEasy\TorrentEasy.exe" [2011-05-20 2557440] "NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-08-04 966712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720] . c:\users\gauthier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft SharePoint Workspace.lnk - c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664] R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-10 1436424] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448] R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x] R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432] R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-01-28 341296] S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] . . Inhoud van de 'Gedeelde Taken' map . 2011-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 15:39] . 2011-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 15:39] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2009-09-10 13:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-06-11 301056] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304] "fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2011-05-13 884584] . ------- Bijkomende Scan ------- . uStart Page = hxxp://home.zbani.com/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to Mp3 Converter - c:\users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm TCP: DhcpNameServer = 195.130.131.5 195.130.130.133 FF - ProfilePath - c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\ FF - prefs.js: browser.startup.homepage - home.Zbani.com FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - %profile%\extensions\quickstores@quickstores.de FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files (x86)\AVG\AVG10\Firefox4 FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension . . ------- Bestandsassociaties ------- . .txt=Echosub.Txt . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-OggDS - c:\windows\system32\OggDSuninst.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2038657912-3609206695-1329041838-1001\Software\SecuROM\License information*] "datasecu"=hex:db,0e,85,f2,16,21,3a,f5,09,17,ac,57,13,e2,12,f7,09,b1,22,2f,13, 62,bf,36,12,b0,cd,36,f1,1d,eb,ce,5e,1e,98,eb,b9,00,d4,d3,c1,61,8f,ec,a4,f3,\ "rkeysecu"=hex:4d,64,ae,91,58,a0,21,03,dd,c0,f3,33,9d,d0,16,19 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-09-08 21:24:17 ComboFix-quarantined-files.txt 2011-09-08 19:24 ComboFix2.txt 2011-09-05 08:26 . Pre-Run: 5.014.142.976 bytes beschikbaar Post-Run: 4.314.435.584 bytes beschikbaar . - - End Of File - - DB081D507C009ACDE584AE3FB426B669 Bedankt dat je dit voor mij wil doen.
  20. geetn
    Ik zit terug met hetzelfde probleem. Maar nu duurt het iets langer totdat ik deze melding krijg na een half uurtje of zo.
  21. geetn
    Voorlopig heb ik nog geen probleem. heel erg bedankt:top:
  22. geetn
    Dit heb ik gekregen als resultaat. ComboFix 11-09-04.03 - gauthier 05/09/2011 9:00.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.4026.2510 [GMT 2:00] Gestart vanuit: c:\users\gauthier\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\gauthier\Desktop\CFScript.txt..txt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\chrome.manifest c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\chrome\softonic-eng7.jar c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\ConduitAutoCompleteSearch.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\ConduitAutoCompleteSearch.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\ConduitToolbar.idl c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\ConduitToolbar.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\ConduitToolbar.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\defaults\default_radio_skin.xml c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\defaults\fbAlert.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\install.rdf c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\lib\xpcom.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\META-INF\manifest.mf c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\META-INF\zigbert.rsa c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\META-INF\zigbert.sf c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin\conduit.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin\conduit.ico c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin\conduit.PNG c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin\conduit.src c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin\conduit.xml c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\version.txt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome.manifest c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome\dvdvideosofttb.jar c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitAutoCompleteSearch.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitAutoCompleteSearch.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitToolbar.idl c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitToolbar.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitToolbar.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\default_radio_skin.xml c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\install.rdf c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\lib\xpcom.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\manifest.mf c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\zigbert.rsa c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\zigbert.sf c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.ico c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.PNG c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.src c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.xml c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\setup.ini c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\version.txt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad} c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\chrome.manifest c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\chrome\babylon-english.jar c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitAutoCompleteSearch.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitAutoCompleteSearch.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitToolbar.idl c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitToolbar.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitToolbar.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\FFExternalAlert.dll c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\FFExternalAlert.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCore.dll c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCore.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\defaults\default_radio_skin.xml c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\defaults\fbAlert.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\install.rdf c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\lib\xpcom.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\META-INF\manifest.mf c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\META-INF\zigbert.rsa c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\META-INF\zigbert.sf c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\searchplugin\conduit.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\searchplugin\conduit.ico c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\searchplugin\conduit.PNG c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\searchplugin\conduit.src c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\searchplugin\conduit.xml c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\setup.ini c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\version.txt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\chrome.manifest c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\components\FFHst.dll c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\components\FFHst.xpt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\facemoods.css c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\facemoods.png c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\facemoods.xul c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\fcmdDef.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\facebook_But.png c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\facebook_But2.png c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\facemoods.png c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fb.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbhome.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbmsgs.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbphotos.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbprofile.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbsettings.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbshare.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbuploads.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\help_16.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\home.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\ibario_ball.png c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\logo.png c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\moodsIcon.png c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\pref.jpg c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\privecy_16_hot.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\stripicons.png c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\tellafriend.gif c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\Thumbs.db c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\vssver.scc c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\instlgc.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\JSonButtons.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\Loader.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\mtrprt.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\newTabLgc.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\PPCB.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\preferences\preferences.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\preferences\preferences.xul c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\prefman.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\script-compiler.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\Thumbs.db c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\utils.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\vssver.scc c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\xmlhttprequester.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\xpiInstallLgc.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\defaults\preferences\instlPref.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\defaults\preferences\vssver.scc c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\install.rdf c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\vssver.scc c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\build.sh c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\chrome.manifest c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\config_build.sh c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\content\about.xul c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\content\firefoxOverlay.xul c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\content\options.xul c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\content\overlay.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\content\y2layers.jpg c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\defaults\preferences\y2layers.js c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\install.rdf c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\locale\en-US\about.dtd c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\locale\en-US\prefwindow.dtd c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\locale\en-US\y2layers.dtd c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\locale\en-US\y2layers.properties c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\readme.txt c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\skin\overlay.css c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\skin\toolbar-button.png . . (((((((((((((((((((( Bestanden Gemaakt van 2011-08-05 to 2011-09-05 )))))))))))))))))))))))))))))) . . 2011-09-05 07:28 . 2011-09-05 07:28 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-04 10:02 . 2011-09-04 10:02 388096 ----a-r- c:\users\gauthier\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-09-02 21:52 . 2011-09-02 21:52 -------- d-----w- c:\program files\Speccy 2011-08-28 19:23 . 2011-08-28 19:23 -------- d-----w- c:\users\gauthier\AppData\Roaming\Nokia Ovi Suite 2011-08-28 19:23 . 2011-08-28 19:23 -------- d-----w- c:\users\gauthier\AppData\Roaming\Nokia 2011-08-28 19:01 . 2011-08-28 19:02 -------- d-----w- c:\program files (x86)\Common Files\Nokia 2011-08-20 11:02 . 2011-08-20 11:02 -------- d-----w- c:\windows\nl 2011-08-20 10:58 . 2011-08-20 10:58 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-08-20 10:52 . 2011-08-20 10:52 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\460fed941cc5f2703\MeshBetaRemover.exe 2011-08-13 14:41 . 2011-08-13 14:41 -------- d-----w- c:\programdata\Hewlett-Packard 2011-08-13 14:41 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll 2011-08-10 13:36 . 2011-07-16 05:17 338432 ----a-w- c:\windows\system32\conhost.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-17 21:41 . 2011-02-27 14:48 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-08-17 21:41 . 2011-02-27 14:47 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-08-17 21:38 . 2011-05-24 09:52 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-07-25 20:12 . 2011-07-25 20:12 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2011-07-25 20:11 . 2011-07-25 20:11 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-07-16 04:32 . 2011-08-10 13:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2011-07-04 11:43 . 2011-05-21 07:30 40112 ----a-w- c:\windows\avastSS.scr 2011-07-04 11:43 . 2011-05-21 07:30 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-07-04 11:43 . 2011-05-21 07:31 253888 ----a-w- c:\windows\system32\aswBoot.exe 2011-07-04 11:36 . 2011-05-21 07:31 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-07-04 11:36 . 2011-05-21 07:31 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-07-04 11:35 . 2011-05-21 07:31 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-07-04 11:32 . 2011-05-21 07:31 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-07-04 11:32 . 2011-05-21 07:31 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-07-04 11:32 . 2011-05-21 07:31 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-06-11 02:56 . 2011-07-22 21:13 3134464 ----a-w- c:\windows\system32\win32k.sys 2006-05-03 10:06 163328 --sh--r- c:\windows\SysWOW64\flvDX.dll 2007-02-21 11:47 31232 --sh--r- c:\windows\SysWOW64\msfDX.dll 2008-03-16 13:30 216064 --sh--r- c:\windows\SysWOW64\nbDX.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-09-04_20.59.15 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-14 04:54 . 2011-09-05 06:10 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-09-04 19:58 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-09-04 19:58 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-09-05 06:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-09-05 06:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2011-09-04 19:58 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-06-18 16:44 . 2011-09-05 06:48 657440 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2009-07-14 02:34 . 2011-09-05 06:58 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat - 2009-07-14 02:34 . 2011-09-04 09:57 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2009-09-10 13:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] "TorrentEasy"="c:\program files (x86)\TorrentEasy\TorrentEasy.exe" [2011-05-20 2557440] "NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-08-04 966712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720] . c:\users\gauthier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft SharePoint Workspace.lnk - c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664] R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-10 1436424] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448] R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x] R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432] R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-01-28 341296] S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - CPUZ135 *Deregistered* - cpuz135 . Inhoud van de 'Gedeelde Taken' map . 2011-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 15:39] . 2011-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 15:39] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2009-09-10 13:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-06-11 301056] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304] "fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2011-05-13 884584] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to Mp3 Converter - c:\users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm TCP: DhcpNameServer = 195.130.131.5 195.130.130.133 FF - ProfilePath - c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - %profile%\extensions\quickstores@quickstores.de FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files (x86)\AVG\AVG10\Firefox4 FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2038657912-3609206695-1329041838-1001\Software\SecuROM\License information*] "datasecu"=hex:db,0e,85,f2,16,21,3a,f5,09,17,ac,57,13,e2,12,f7,09,b1,22,2f,13, 62,bf,36,12,b0,cd,36,f1,1d,eb,ce,5e,1e,98,eb,b9,00,d4,d3,c1,61,8f,ec,a4,f3,\ "rkeysecu"=hex:4d,64,ae,91,58,a0,21,03,dd,c0,f3,33,9d,d0,16,19 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-09-05 10:26:17 ComboFix-quarantined-files.txt 2011-09-05 08:26 ComboFix2.txt 2011-09-04 21:32 . Pre-Run: 18.981.482.496 bytes beschikbaar Post-Run: 18.614.808.576 bytes beschikbaar . - - End Of File - - 94E4B7A4937A5A47E50CE1C24C559A9D al bedankt op voorhand.
  23. geetn
    ComboFix 11-09-04.03 - gauthier 04/09/2011 22:37:45.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.4026.1162 [GMT 2:00] Gestart vanuit: c:\users\gauthier\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\facemoods.com c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\facemoods.crx c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\facemoods.png c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsApp.dll c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsEng.dll c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\faCEmoodstlbr.dll c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\uninstall.exe c:\program files (x86)\Search Settings c:\program files (x86)\Search Settings\FF\chrome.manifest c:\program files (x86)\Search Settings\FF\chrome\content\plugin.js c:\program files (x86)\Search Settings\FF\chrome\content\plugin.xul c:\program files (x86)\Search Settings\FF\chrome\content\protection.js c:\program files (x86)\Search Settings\FF\chrome\content\utils.js c:\program files (x86)\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.dtd c:\program files (x86)\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.properties c:\program files (x86)\Search Settings\FF\components\IFBHOSearch.xpt c:\program files (x86)\Search Settings\FF\components\IFBHOSearchHelperEngine.xpt c:\program files (x86)\Search Settings\FF\components\IFHelperPreferences.xpt c:\program files (x86)\Search Settings\FF\install.rdf c:\programdata\24U c:\programdata\Tarma Installer c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico c:\users\gauthier\AppData\Local\Windows Server c:\users\gauthier\AppData\Local\Windows Server\server.dat c:\users\gauthier\AppData\Roaming\.# c:\users\gauthier\AppData\Roaming\24U c:\users\gauthier\AppData\Roaming\Adobe\plugs c:\users\gauthier\AppData\Roaming\completescan c:\users\gauthier\AppData\Roaming\DoBs c:\users\gauthier\AppData\Roaming\DoBs\DoBs.ini c:\users\gauthier\AppData\Roaming\DoBs\DoBs.mdb c:\users\gauthier\AppData\Roaming\inst.exe c:\users\gauthier\AppData\Roaming\install c:\windows\iun6002.exe c:\windows\ST6UNST.000 c:\windows\SysWow64\comct332.ocx . . (((((((((((((((((((( Bestanden Gemaakt van 2011-08-04 to 2011-09-04 )))))))))))))))))))))))))))))) . . 2011-09-04 20:58 . 2011-09-04 20:58 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-04 10:02 . 2011-09-04 10:02 388096 ----a-r- c:\users\gauthier\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-09-02 21:52 . 2011-09-02 21:52 -------- d-----w- c:\program files\Speccy 2011-08-28 19:23 . 2011-08-28 19:23 -------- d-----w- c:\users\gauthier\AppData\Roaming\Nokia Ovi Suite 2011-08-28 19:23 . 2011-08-28 19:23 -------- d-----w- c:\users\gauthier\AppData\Roaming\Nokia 2011-08-28 19:01 . 2011-08-28 19:02 -------- d-----w- c:\program files (x86)\Common Files\Nokia 2011-08-20 11:02 . 2011-08-20 11:02 -------- d-----w- c:\windows\nl 2011-08-20 10:58 . 2011-08-20 10:58 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-08-20 10:52 . 2011-08-20 10:52 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\460fed941cc5f2703\MeshBetaRemover.exe 2011-08-13 14:41 . 2011-08-13 14:41 -------- d-----w- c:\programdata\Hewlett-Packard 2011-08-13 14:41 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll 2011-08-10 13:36 . 2011-07-16 05:17 338432 ----a-w- c:\windows\system32\conhost.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-17 21:41 . 2011-02-27 14:48 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-08-17 21:41 . 2011-02-27 14:47 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-08-17 21:38 . 2011-05-24 09:52 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-07-25 20:12 . 2011-07-25 20:12 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2011-07-25 20:11 . 2011-07-25 20:11 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-07-16 04:32 . 2011-08-10 13:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2011-07-04 11:43 . 2011-05-21 07:30 40112 ----a-w- c:\windows\avastSS.scr 2011-07-04 11:43 . 2011-05-21 07:30 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-07-04 11:43 . 2011-05-21 07:31 253888 ----a-w- c:\windows\system32\aswBoot.exe 2011-07-04 11:36 . 2011-05-21 07:31 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-07-04 11:36 . 2011-05-21 07:31 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-07-04 11:35 . 2011-05-21 07:31 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-07-04 11:32 . 2011-05-21 07:31 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-07-04 11:32 . 2011-05-21 07:31 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-07-04 11:32 . 2011-05-21 07:31 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-06-11 02:56 . 2011-07-22 21:13 3134464 ----a-w- c:\windows\system32\win32k.sys 2006-05-03 10:06 163328 --sh--r- c:\windows\SysWOW64\flvDX.dll 2007-02-21 11:47 31232 --sh--r- c:\windows\SysWOW64\msfDX.dll 2008-03-16 13:30 216064 --sh--r- c:\windows\SysWOW64\nbDX.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2009-09-10 13:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] "TorrentEasy"="c:\program files (x86)\TorrentEasy\TorrentEasy.exe" [2011-05-20 2557440] "NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-08-04 966712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720] . c:\users\gauthier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft SharePoint Workspace.lnk - c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664] R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-10 1436424] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448] R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x] R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432] R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-01-28 341296] S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - CPUZ135 *Deregistered* - cpuz135 . Inhoud van de 'Gedeelde Taken' map . 2011-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 15:39] . 2011-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 15:39] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2009-09-10 13:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-06-11 301056] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304] "fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2011-05-13 884584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to Mp3 Converter - c:\users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm TCP: DhcpNameServer = 195.130.131.5 195.130.130.133 FF - ProfilePath - c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542 FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=adbartrp&AF=14542&q= FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - %profile%\extensions\quickstores@quickstores.de FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} FF - Ext: Babylon-English Toolbar: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - %profile%\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad} FF - Ext: Yontoo Layers: plugin@yontoo.com - %profile%\extensions\plugin@yontoo.com FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files (x86)\AVG\AVG10\Firefox4 FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension . . ------- Bestandsassociaties ------- . .txt=Echosub.Txt . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) SafeBoot-mcmscsvc SafeBoot-MCODS Toolbar-Locked - (no file) WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\uninstall.exe AddRemove-OggDS - c:\windows\system32\OggDSuninst.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2038657912-3609206695-1329041838-1001\Software\SecuROM\License information*] "datasecu"=hex:db,0e,85,f2,16,21,3a,f5,09,17,ac,57,13,e2,12,f7,09,b1,22,2f,13, 62,bf,36,12,b0,cd,36,f1,1d,eb,ce,5e,1e,98,eb,b9,00,d4,d3,c1,61,8f,ec,a4,f3,\ "rkeysecu"=hex:4d,64,ae,91,58,a0,21,03,dd,c0,f3,33,9d,d0,16,19 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-09-04 23:32:30 ComboFix-quarantined-files.txt 2011-09-04 21:32 . Pre-Run: 4.239.912.960 bytes beschikbaar Post-Run: 19.691.794.432 bytes beschikbaar . - - End Of File - - 9A3D857119123B97B8867B5193DDEDBC Ik weet niet of je hier veel mee bent. Ik heb de log wel niet van C:\ComboFix.txt want deze vond ik niet terug. Ik heb het gewoon allemaal gekoppierd van de kladblok.
  24. geetn
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:39:45, on 4/09/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers\YontooIEClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [TorrentEasy] "C:\Program Files (x86)\TorrentEasy\TorrentEasy.exe -autorun" O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12584 bytes
  25. geetn
    sorry dat ik niet vroeger kon reageren maar ik had geen tijd door het werk. Ik heb het eigenlijk ontdekt doordat ik steeds werd doorverbonden naar de pagina die zei dat de verbinding werd geherintaleerd. <br><br>Ik heb speccy laten draaien en dit is de site: http://speccy.piriform.com/results/ynqj6iFwCJPkwGdFJlrgqAq Ook heb ik hijackthis laten draaien en dit is het resultaat: Logfile of Trend Micro HijackThis v2.0.4<br>Scan saved at 12:43:39, on 4/09/2011<br>Platform: Windows 7 (WinNT 6.00.3504)<br>MSIE: Internet Explorer v9.00 (9.00.8112.16421)<br>Boot mode: Normal<br><br>Running processes:<br>C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe<br>C:\Windows\PLFSetI.exe<br>C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe<br>C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE<br>C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe<br>C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe<br>C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE<br>C:\Program Files (x86)\Launch Manager\LManager.exe<br>C:\Program Files\AVAST Software\Avast\AvastUI.exe<br>C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe<br>C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe<br>C:\Program Files (x86)\Mozilla Firefox\firefox.exe<br>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe<br>C:\Program Files (x86)\Windows Media Player\wmplayer.exe<br>C:\Program Files (x86)\Windows Live\Mail\wlmail.exe<br>C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe<br>C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe<br><br>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&m=aspire_7715z&r=27360610p545l04c4z115t44n2e870<br>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896<br>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?G=1<br>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&m=aspire_7715z&r=27360610p545l04c4z115t44n2e870<br>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896<br>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm<br>O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll<br>O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL<br>O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll<br>O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll<br>O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll<br>O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll<br>O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL<br>O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll<br>O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll<br>O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers\YontooIEClient.dll<br>O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll<br>O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll<br>O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe<br>O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui<br>O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup<br>O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"<br>O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun<br>O4 - HKCU\..\Run: [TorrentEasy] "C:\Program Files (x86)\TorrentEasy\TorrentEasy.exe -autorun"<br>O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray<br>O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')<br>O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')<br>O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')<br>O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')<br>O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE<br>O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105<br>O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html<br>O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html<br>O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html<br>O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html<br>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000<br>O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000<br>O8 - Extra context menu item: Free YouTube Download - C:\Users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm<br>O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm<br>O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html<br>O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm<br>O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm<br>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll<br>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll<br>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll<br>O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll<br>O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll<br>O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll<br>O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll<br>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll<br>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll<br>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics<br>O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll<br>O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL<br>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)<br>O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe<br>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)<br>O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe<br>O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe<br>O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe<br>O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe<br>O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe<br>O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe<br>O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe<br>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)<br>O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe<br>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)<br>O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe<br>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)<br>O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe<br>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)<br>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)<br>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)<br>O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe<br>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)<br>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)<br>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)<br>O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe<br>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)<br>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)<br>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)<br>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)<br>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)<br>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)<br>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)<br>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)<br><br>--<br>End of file - 12829 bytes<br>
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.