Ga naar inhoud

Valcorb

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    63

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Valcorb

  1. Valcorb
    Hallo, ik heb problemen met Windows 7. Soms blijft hij direct hangen bij het opstarten van Win7. Hij reageert gewoon niet meer; opent niets meer, typt niets meer, maximaliseert niets meer, ... Speccy link: http://speccy.piriform.com/results/bYGdAuZhLPSJTm0DPw0mBkY HJT-log: HiJackThis - Pastebin.com Thanks!
  2. Valcorb
    Oh oke sorry daarvoor dacht dat het moest vanwege 2 verschillende onderwerpen
  3. Valcorb
    Hallo, ik heb reeds ontdekt waarom ik iTunes niet kan installeren, ik heb blijkbaar geen access tot die key. Hier is de error van regedit: Weet iemand hoe ik dit kan veranderen? Ik ben administrator met UAC disabled :/ Windows 7 64-bit Hier een HJT-log: http://pastebin.com/U1x80tB4 Thanks
  4. Valcorb
    Iemand? :/
  5. Valcorb
    Lol nu heb ik ook Win7 64-bit .. Anyways, die download heb ik
  6. Valcorb
    Die eerste link is voor Mac OS X En die tweede heb ik al geprobeerd, helaas zonder resultaat :/
  7. Valcorb
    Hallo, ik heb een probleem met mijn iTunes installatie. Ik heb hem net gedownload van de Apple website maar geeft een error aan. Enig idee hoe ik dit kan oplossen? Ik heb Windows 7 Ultimate 64-Bit.
  8. Valcorb
    Oh ik dacht dat het wel gewoon met Windows te maken had Bedankt! Het is blijkbaar een hardware issue, ik kan er niet meer inkomen, krijg nu als ik hem opstart 'a disk error occured press ctrl+alt+del to restart' als je dan restart krijg je weer dezelfde error ..
  9. Valcorb
    Hallo, Ik krijg hier dagelijks 1-2 BSOD's. Ik heb geen idee hoe of wat, heb al systeemherstel gedaan en ook een volledig nieuwe installatie van Windows maar het blijft terugkomen. Hier het HJT logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:39:34, on 4/10/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Yolan\AppData\Roaming\Spotify\spotify.exe C:\Users\Yolan\AppData\Local\AOL\AIM\aim.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Steam\Steam.exe C:\Users\Yolan\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe C:\Users\Yolan\AppData\Local\Akamai\netsession_win.exe C:\Users\Yolan\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Yolan\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [spotify] "C:\Users\Yolan\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [AIM] "C:\Users\Yolan\AppData\Local\AOL\AIM\aim.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Yolan\AppData\Local\Akamai\netsession_win.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1706623851-1604161800-1464466445-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1706623851-1604161800-1464466445-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: CurseClientStartup.ccip O4 - Startup: Dropbox.lnk = Yolan\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Logitech . Productregistratie.lnk = C:\Program Files\Logitech Gaming Software\EReg\eReg.exe O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10025 bytes Thanks!
  10. Valcorb
    Nope, alles staat op 100% :/
  11. Valcorb
    Mijn speakers werken deels niet meer, als ik bijvoorbeeld een USB-apparaat in mijn PC steek, maakt hij nog wel het geluidje dat er een apparaat is gevonden, maar bv een liedje op YouTube niet. Staat op standaard.
  12. Valcorb
    Thx, opstarttijd is serieus vertraagd nu
  13. Valcorb
    Hierbij het ComboFix log: ComboFix 12-05-30.02 - Administrator 30/05/2012 13:02:00.1.6 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4094.2215 [GMT 2:00] Gestart vanuit: c:\users\Administrator\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\1331726695.bdinstall.bin c:\users\Administrator\AppData\Local\assembly\tmp c:\users\Administrator\AppData\Roaming\inst.exe c:\users\Administrator\AppData\Roaming\vso_ts_preview.xml c:\windows\iun6002.exe c:\windows\shutdown.dll c:\windows\SysWow64\avisynth.dll c:\windows\SysWow64\devil.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-04-28 to 2012-05-30 )))))))))))))))))))))))))))))) . . 2012-05-30 11:13 . 2012-05-30 11:13 -------- d-----w- c:\users\Yolan\AppData\Local\temp 2012-05-30 11:13 . 2012-05-30 11:13 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-05-30 11:13 . 2012-05-30 11:13 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-05-30 11:13 . 2012-05-30 11:13 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-29 14:47 . 2012-05-29 14:47 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F591A97-C28B-46D6-9A83-AE57CDCDEF17}\gapaengine.dll 2012-05-29 14:47 . 2012-05-08 08:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E0D82EAF-8307-4AD5-B9C9-0BE6BE9C0C43}\mpengine.dll 2012-05-28 12:01 . 2012-05-28 12:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-05-28 12:01 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-28 11:39 . 2012-05-08 08:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-05-28 11:37 . 2012-05-28 11:37 -------- d-----w- c:\program files (x86)\Microsoft Security Client 2012-05-28 11:37 . 2012-05-28 11:37 -------- d-----w- c:\program files\Microsoft Security Client 2012-05-28 11:25 . 2012-05-28 11:25 388096 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-05-27 23:52 . 2012-05-27 23:52 -------- d-----w- c:\users\Administrator\AppData\Roaming\GitHub 2012-05-27 23:52 . 2012-05-28 00:04 -------- d-----w- c:\users\Administrator\AppData\Local\GitHub 2012-05-27 23:50 . 2012-05-28 01:04 -------- d-----w- c:\users\Administrator\AppData\Local\Apps 2012-05-27 23:50 . 2012-05-28 01:03 -------- d-----w- c:\users\Administrator\AppData\Local\Deployment 2012-05-27 19:39 . 2012-05-27 19:39 -------- d-----w- c:\users\Administrator\AppData\Local\SplitMediaLabs 2012-05-27 18:06 . 2012-05-16 10:07 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys 2012-05-27 15:44 . 2012-05-27 18:06 -------- d-----w- c:\program files\Soluto 2012-05-27 15:43 . 2012-05-28 11:31 -------- d-----w- c:\programdata\Soluto 2012-05-26 19:15 . 2012-05-26 19:15 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework 2012-05-26 19:12 . 2012-05-26 19:12 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2012-05-26 19:11 . 2012-05-26 19:11 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2012-05-26 19:10 . 2012-05-26 19:10 -------- d-----r- C:\MSOCache 2012-05-26 17:30 . 2012-05-26 17:30 -------- d-----w- c:\users\Administrator\AppData\Local\Microsoft Help 2012-05-25 14:20 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4218DDC1-FC31-4F03-86E3-39ACE7F3E628}\mpengine.dll 2012-05-17 19:33 . 2012-05-17 19:33 -------- d-----w- c:\users\Administrator\.astah 2012-05-17 19:33 . 2012-05-17 19:34 -------- d-----w- c:\program files\astah-professional 2012-05-16 16:12 . 2012-05-20 20:30 -------- d-----w- c:\users\Administrator\AppData\Roaming\AVI ReComp 2012-05-16 16:11 . 2011-05-30 13:42 255488 ----a-w- c:\windows\system32\xvidvfw.dll 2012-05-16 16:11 . 2011-05-23 07:49 173568 ----a-w- c:\windows\system32\xvid.ax 2012-05-16 16:11 . 2011-05-23 07:45 696832 ----a-w- c:\windows\system32\xvidcore.dll 2012-05-16 16:11 . 2011-05-23 09:52 153088 ----a-w- c:\windows\SysWow64\xvid.ax 2012-05-16 16:10 . 2012-05-16 16:11 -------- d-----w- c:\program files (x86)\AVI ReComp 2012-05-14 16:17 . 2012-05-14 16:17 -------- d-----w- c:\program files\Oracle 2012-05-14 16:16 . 2012-04-04 16:33 955800 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-05-13 20:05 . 2012-05-13 20:05 -------- d-----w- c:\program files\TeamSpeak 3 Client 2012-05-12 17:59 . 2012-05-12 17:59 -------- d-----w- c:\users\Administrator\.sessionstealer 2012-05-12 15:39 . 2012-05-12 15:39 -------- d-----w- c:\users\Administrator\AppData\Local\IsolatedStorage 2012-05-12 15:39 . 2012-05-12 15:39 -------- d-----w- c:\users\Administrator\AppData\Local\Red Gate 2012-05-12 14:52 . 2012-05-12 14:52 -------- d-----w- c:\program files (x86)\GSAutoClicker3 2012-05-12 14:51 . 2012-05-12 14:51 -------- d-----w- c:\program files (x86)\AutoClick3 2012-05-11 23:51 . 2012-05-11 23:51 -------- d-----w- c:\users\Administrator\AppData\Roaming\AnvSoft 2012-05-11 14:31 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-11 14:31 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-11 14:31 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-11 14:31 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:31 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-11 14:31 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-11 14:30 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-11 14:30 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-11 14:30 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-11 14:30 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-11 14:30 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 14:30 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-11 14:30 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-10 17:08 . 2012-05-10 17:08 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-05-10 17:08 . 2012-05-10 17:08 -------- d-----w- c:\program files (x86)\Oracle 2012-05-10 17:08 . 2012-04-04 16:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-05-09 14:40 . 2010-11-03 20:08 83456 ----a-w- c:\windows\SysWow64\yv12vfw.dll 2012-05-09 14:40 . 2010-11-03 20:08 83456 ----a-w- c:\windows\SysWow64\i420vfw.dll 2012-05-09 14:40 . 2007-05-16 22:57 86016 ----a-w- c:\windows\SysWow64\MediaBridgeSourceFilter.ax 2012-05-09 14:40 . 2007-04-07 19:22 241664 ----a-w- c:\windows\SysWow64\PmpSplitter.ax 2012-05-09 14:40 . 2010-06-21 08:12 1527650 ----a-w- c:\windows\SysWow64\libfftw3f-3.dll 2012-05-09 14:40 . 2009-07-18 09:08 1527650 ----a-w- c:\windows\SysWow64\fftw3.dll 2012-05-09 14:40 . 2008-04-05 22:53 140288 ----a-w- c:\windows\SysWow64\avsfilter.dll 2012-05-09 14:40 . 2005-09-13 04:09 4608 ----a-w- c:\windows\SysWow64\AvsRecursion.dll 2012-05-09 14:40 . 2004-01-24 03:35 57344 ----a-w- c:\windows\SysWow64\avisynth_c.dll 2012-05-09 14:38 . 2012-05-09 14:38 -------- d-----w- c:\program files (x86)\XviD4PSP 5 2012-05-09 14:22 . 2012-05-09 14:22 -------- d-----w- c:\program files (x86)\MP3 Encoder 2012-05-09 14:07 . 2012-05-09 14:07 -------- d-----w- C:\VirtualDub 2012-04-30 23:05 . 2012-04-30 23:05 -------- d-----w- c:\program files (x86)\SpotifyRemotelessHelper . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-05 17:42 . 2012-04-01 13:57 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-05 17:42 . 2011-09-07 15:25 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 17:42 . 2012-04-01 14:42 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-04-04 16:47 . 2011-02-21 12:16 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-04-04 16:33 . 2011-02-21 12:14 839056 ----a-w- c:\windows\system32\deployJava1.dll 2012-04-04 14:43 . 2011-08-18 21:18 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-04-04 14:43 . 2011-08-18 19:19 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-04-01 22:11 . 2011-08-18 19:19 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-03-20 18:44 . 2012-03-20 18:44 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44 . 2012-03-20 18:44 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-03-15 21:08 . 2011-08-19 10:33 2480064 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2012-03-12 18:56 . 2012-03-12 18:56 947472 ----a-w- c:\windows\SysWow64\msjava.dll 2012-03-06 23:15 . 2011-09-25 19:01 258520 ----a-w- c:\windows\system32\aswBoot.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files (x86)\Steam\steam.exe" [2011-11-11 1242448] "ISPMonitor"="c:\program files (x86)\ISP Monitor\isp.exe" [2012-01-16 418304] "Akamai NetSession Interface"="c:\users\Administrator\AppData\Local\Akamai\netsession_win.exe" [2012-05-07 3331872] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552] "RemotelessHelper"="c:\program files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe" [2012-04-26 2315264] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-05-21 880496] "Xvid"="c:\program files (x86)\XviD\CheckUpdate.exe" [2011-01-17 8192] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048] "CamserviceHD"="c:\program files (x86)\Hercules\Hercules DualPix HD Webcam\Camservice.exe" [bU] "LinuxTSC_startup"="c:\program files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe" [2003-11-09 3664384] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-11-28 296056] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "ST Recovery Launcher"="c:\windows\SMINST\VistaLauncher.exe" [2008-09-11 46416] . c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x] R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] R2 Apache2.2;Apache2.2;c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [2011-09-09 20549] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 136176] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856] R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2012-05-16 584768] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-09-09 79360] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-09-09 79360] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-30 26752] R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Classic\safedrv.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 136176] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-26 129976] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SteComposite;Acer Composite USB Service;c:\windows\system32\DRIVERS\ste_compo_x64.sys [x] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2011-01-18 68440] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816] S2 ISPMonitorSrv;ISP Monitor;c:\program files (x86)\ISP Monitor\ISPMonitorSrv.exe [2008-06-09 36864] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528] S3 AKDWC20ET;Hercules Dualpix HD Webcam;c:\windows\system32\Drivers\HDVidvx.sys [x] S3 camfilt2;camfilt2;c:\windows\system32\DRIVERS\camfilt2.sys [x] S3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [x] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 11:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-05-29 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 17:42] . 2011-11-15 c:\windows\Tasks\AutoKMS.job - c:\windows\AutoKMS\AutoKMS.exe [2011-11-14 16:51] . 2012-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 19:49] . 2012-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 19:49] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816] "Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> IE: &Verzenden naar OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\7qbrsq5a.default\ . - - - - ORPHANS VERWIJDERD - - - - . Wow6432Node-HKCU-Run-AdobeBridge - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver] "ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (Administrator) "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,ca, 05,9c,b2,eb,0b,bb,9d,bf,17,8f,69,f9,db "{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,3b,1b,f9,df,5c, 2d,50,ee,ad,02,96,7b,09,49,17,26,d6,d2 "{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,3b,1b,9d,6a,7b, 2f,b3,1b,95,0f,82,1d,51,09,a7,d0,d1,ec "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,3b,1b,71,2d,90, 6f,f4,6a,4a,04,a9,f2,4e,fc,1e,7f,e7,66 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c8,25, 8d,33,16,d7,03,90,c7,14,24,75,4f,27,de "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,3b,1b,25,b4,e6, a9,10,54,31,00,a4,29,07,f3,03,c9,46,e7 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1c,dd, c6,74,fe,33,0a,a2,7f,d9,65,c2,82,cc,b1 "{DDA57003-0068-4ED2-9D32-4D1EC707D94D}"=hex:51,66,7a,6c,4c,1d,3b,1b,13,6c,b0, c0,59,5a,ba,07,83,39,08,5e,c4,40,9d,55 "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,3b,1b,f1,06,41, 37,c7,01,0d,0f,b6,a8,8a,e9,64,69,06,89 "{5802D092-1784-4908-8CDB-99B6842D353D}"=hex:51,66,7a,6c,4c,1d,3b,1b,82,cc,17, 45,b5,4d,60,00,92,d0,dc,f6,87,6a,71,25 . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (Administrator) "Timestamp"=hex:2d,c1,47,9e,69,96,cc,01 . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,24,f1,d8,82,9f,7e,52,47,b8,45,b7,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,24,f1,d8,82,9f,7e,52,47,b8,45,b7,\ . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.3G2" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.3GP" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.3G2" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.3GP" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.669\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.669" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ADTS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ADTS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ADTS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AIFF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AIFF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AIFF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amf\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.amf" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASX" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AU" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AVI" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avr\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.avr" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.B4S\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.PlayList" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.caf\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.caf" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.CDA" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (Administrator) "Progid"="ThunderbirdEML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.far\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.far" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FLAC\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.FLAC" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.FLV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htk\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.htk" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.iff" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.it\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.it" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.itz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.itz" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.KAR\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.KAR" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.M2TS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.M2TS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.m3u" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u8\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.PlayList" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.M4A" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MP4" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mat\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.mat" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mdz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.mdz" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MIDI" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MIDI" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MIZ\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.MIZ" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.MKV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MOV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP1\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.MP1" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MP3" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MP3" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MP4" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MP4" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mtm\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.mtm" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.M2TS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSA\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.NSA" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nst\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.nst" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSV\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.NSV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.OGG\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.OGG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.okt\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.okt" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.paf\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.paf" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.PlayList" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ptm\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.ptm" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pvf\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.pvf" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.raw" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rf64\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.rf64" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MIDI" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.s3m\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.s3m" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.s3z\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.s3z" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sd2\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.sd2" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sds\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.sds" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sf\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.sf" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AU" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.stm\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.stm" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.stz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.stz" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.SWF\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.SWF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.TTS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.TTS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ult\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.ult" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.VLB\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.VLB" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.voc\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.voc" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.w64\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.w64" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wal\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.SkinZip" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WAV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WAX" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdseml\UserChoice] @Denied: (2) (Administrator) "Progid"="ThunderbirdEML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webm\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.webm" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wlz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.LangZip" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMA" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMD" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASX" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMZ" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WPL" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wsz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.SkinZip" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wve\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.wve" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WVX" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xi\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.xi" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xm\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.xm" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.xmz" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\windows\SysWOW64\PnkBstrA.exe . ************************************************************************** . Voltooingstijd: 2012-05-30 13:34:12 - machine werd herstart ComboFix-quarantined-files.txt 2012-05-30 11:34 ComboFix2.txt 2012-03-14 17:11 ComboFix3.txt 2012-03-12 16:49 . Pre-Run: 169.014.591.488 bytes beschikbaar Post-Run: 168.442.957.824 bytes beschikbaar . - - End Of File - - 262CC70077BA1BE5469892261146A81A
  14. Valcorb
    MBAM: Malwarebytes Anti-Malware (PRO) 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.05.29.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Administrator :: YOLAN-PC [administrator] Realtime bescherming: Ingeschakeld 29/05/2012 17:14:30 mbam-log-2012-05-29 (17-14-30).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 248956 Verstreken tijd: 5 minuut/minuten, 7 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 2 HKCR\CLSID\{87TX58CT-738X-0W0O-5TNA-Q23K32O70YQ0} (Trojan.Backdoor) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{87TX58CT-738X-0W0O-5TNA-Q23K32O70YQ0} (Trojan.Backdoor) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|HKLM (Trojan.Backdoor) -> Data: C:\Windows\system32\Winbooterr\Svchost.exe -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Policies (Trojan.Backdoor) -> Data: C:\Windows\system32\Winbooterr\Svchost.exe -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|HKCU (Trojan.Backdoor) -> Data: C:\Windows\system32\Winbooterr\Svchost.exe -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Policies (Trojan.Backdoor) -> Data: C:\Windows\system32\Winbooterr\Svchost.exe -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 3 C:\Users\Administrator\AppData\Roaming\Winbooterr (Backdoor.SpyNet.M) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\System32\Winbooterr (Trojan.Backdoor) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\SysWOW64\Winbooterr (Trojan.Backdoor) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 3 C:\Windows\System32\Winbooterr\Svchost.exe (Trojan.Backdoor) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\SysWOW64\Winbooterr\Svchost.exe (Trojan.Backdoor) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Administrator\AppData\Roaming\Winbooterr\Svchost.exe (Backdoor.SpyNet.M) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) ---------- Post toegevoegd om 17:21 ---------- Vorige post was om 17:20 ---------- HiJackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:20:40, on 29/05/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\ISP Monitor\isp.exe C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files (x86)\mIRC\mirc.exe C:\Program Files (x86)\KVIrc\kvirc.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [CamserviceHD] C:\Program Files (x86)\Hercules\Hercules DualPix HD Webcam\Camservice.exe /startup O4 - HKLM\..\Run: [LinuxTSC_startup] C:\Program Files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe -multiwindow -clipboard O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files (x86)\ISP Monitor\isp.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [RemotelessHelper] "C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\XviD\CheckUpdate.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14396 bytes
  15. Valcorb
    Sorry voor de bump maar men thread was al onderaan Soluto kon de meeste programma's niet stoppen, er stond 'cannot remove this yet ..' en daar kwamen 6 minuten van :/
  16. Valcorb
    bumpp
  17. Valcorb
    Soluto is nu gelukt, heb het van de officiele website gedownload. HJT logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:26:58, on 28/05/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\ISP Monitor\isp.exe C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com - International R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: 69.65.55.19 logon.crusadegaming.com O1 - Hosts: 69.65.55.20 crusadegaming.com Crusade Gaming :: #1 WoW Private Server O1 - Hosts: 69.65.55.19 logon.crusadegaming.com O1 - Hosts: 69.65.55.20 crusadegaming.com Crusade Gaming :: #1 WoW Private Server O1 - Hosts: 69.65.55.19 logon.crusadegaming.com O1 - Hosts: 69.65.55.20 crusadegaming.com Crusade Gaming :: #1 WoW Private Server O1 - Hosts: 69.65.55.19 logon.crusadegaming.com O1 - Hosts: 69.65.55.20 crusadegaming.com Crusade Gaming :: #1 WoW Private Server O1 - Hosts: 69.65.55.19 logon.crusadegaming.com O1 - Hosts: 69.65.55.20 crusadegaming.com Crusade Gaming :: #1 WoW Private Server O1 - Hosts: 69.65.55.19 logon.crusadegaming.com O1 - Hosts: 69.65.55.20 crusadegaming.com Crusade Gaming :: #1 WoW Private Server O1 - Hosts: 69.65.55.19 logon.crusadegaming.com O1 - Hosts: 69.65.55.20 crusadegaming.com Crusade Gaming :: #1 WoW Private Server O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [CamserviceHD] C:\Program Files (x86)\Hercules\Hercules DualPix HD Webcam\Camservice.exe /startup O4 - HKLM\..\Run: [HKLM] C:\Windows\system32\Winbooterr\Svchost.exe O4 - HKLM\..\Run: [LinuxTSC_startup] C:\Program Files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe -multiwindow -clipboard O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [HKCU] C:\Windows\system32\Winbooterr\Svchost.exe O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files (x86)\ISP Monitor\isp.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [RemotelessHelper] "C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\XviD\CheckUpdate.exe O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Windows\system32\Winbooterr\Svchost.exe O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Windows\system32\Winbooterr\Svchost.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16256 bytes
  18. Valcorb
    Hmm, ik heb mijn PC al drie keer opnieuw opgestart maar hij blijft zeggen dat ik hem opnieuw moet rebooten (Reboot PC Now).
  19. Valcorb
    Hallo, ik zit reeds met een probleem. Mijn PC start supertraag op, kan soms 7 tot 12 minuten duren. Ik heb al vaak Ccleaner gebruikt maar het helpt niets :S Enig idee hoe ik dit kan oplossen? Bedankt
  20. Valcorb
    Dank u wel, Kape. Maar ik werd het beu van die vervelende pop-ups en heb een systeemherstel gedaan Toch bedankt voor al je werk, ik respecteer het
  21. Valcorb
    HJT: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:20:57, on 15/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com - International R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421 R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LinuxTSC_startup] C:\Program Files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe -multiwindow -clipboard O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\XviD\CheckUpdate.exe O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files (x86)\ISP Monitor\isp.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Dyyno Launcher] "C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" 30100 30101 30102 30103 30104 O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Windows\system32\Winbooterr\Svchost.exe O4 - HKLM\..\Policies\Explorer\Run: [36669] C:\PROGRA~3\LOCALS~1\Temp\mscuzjzy.cmd O4 - HKUS\S-1-5-21-2746974207-3414542493-310138508-1010\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2746974207-3414542493-310138508-1010\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: Dyyno Service (Dyyno Launcher) - Unknown owner - C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14770 bytes Combofix: ComboFix 12-03-12.03 - Administrator 15/03/2012 20:03:07.3.6 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4094.2813 [GMT 1:00] Gestart vanuit: C:\Users\Administrator\Desktop\ComboFix.exe gebruikte Opdracht switches :: C:\Users\Administrator\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((( Bestanden Gemaakt van 2012-02-15 to 2012-03-15 )))))))))))))))))))))))))))))) 2012-03-15 19:11:33 . 2012-03-15 19:11:33 -------- d-----w- C:\Users\Yolan\AppData\Local\temp 2012-03-15 19:11:33 . 2012-03-15 19:11:33 -------- d-----w- C:\Users\Default\AppData\Local\temp 2012-03-15 15:40:35 . 2012-02-08 07:13:59 8643640 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CD948D04-F9A2-49C8-98C8-38864203C648}\mpengine.dll 2012-03-14 21:39:31 . 2011-11-19 15:20:37 5559152 ----a-w- C:\Windows\system32\ntoskrnl.exe 2012-03-14 21:39:30 . 2011-11-19 14:50:02 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-14 21:39:30 . 2011-11-19 14:50:02 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-03-14 17:09:36 . 2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\system32\DWrite.dll 2012-03-14 17:09:36 . 2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-03-14 17:09:36 . 2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\system32\win32k.sys 2012-03-14 13:06:56 . 2012-01-25 06:38:39 77312 ----a-w- C:\Windows\system32\rdpwsx.dll 2012-03-14 13:06:56 . 2012-01-25 06:38:38 149504 ----a-w- C:\Windows\system32\rdpcorekmts.dll 2012-03-14 13:06:56 . 2012-01-25 06:33:30 9216 ----a-w- C:\Windows\system32\rdrmemptylst.exe 2012-03-14 13:06:54 . 2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\system32\rdpcore.dll 2012-03-14 13:06:54 . 2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-03-14 13:06:54 . 2012-02-17 04:58:24 210944 ----a-w- C:\Windows\system32\drivers\rdpwd.sys 2012-03-14 13:06:54 . 2012-02-17 04:57:32 23552 ----a-w- C:\Windows\system32\drivers\tdtcp.sys 2012-03-14 12:11:30 . 2011-07-01 14:36:44 767952 ----a-w- C:\Windows\BDTSupport.dll 2012-03-14 12:11:29 . 2011-07-01 14:36:54 149456 ----a-w- C:\Windows\SGDetectionTool.dll 2012-03-14 12:11:28 . 2011-07-01 14:36:52 2029520 ----a-w- C:\Windows\PCTBDCore.dll 2012-03-14 12:11:27 . 2011-07-01 14:36:52 1533904 ----a-w- C:\Windows\PCTBDRes.dll 2012-03-14 12:09:15 . 2012-03-15 19:12:52 -------- d-----w- C:\Program Files (x86)\PC Tools Security 2012-03-14 12:09:15 . 2012-03-15 19:12:52 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools 2012-03-14 12:06:15 . 2012-03-14 12:06:15 99414 ----a-w- C:\ProgramData\1331726695.bdinstall.bin 2012-03-14 12:06:15 . 2012-03-14 12:06:15 -------- d-----w- C:\Program Files\Bitdefender 2012-03-14 12:05:49 . 2012-03-14 12:05:49 -------- d-----w- C:\Users\Administrator\AppData\Roaming\QuickScan 2012-03-14 12:04:35 . 2012-03-14 12:06:12 -------- d-----w- C:\Program Files\Common Files\Bitdefender 2012-03-14 11:49:37 . 2012-03-14 11:49:37 -------- d-----w- C:\Program Files (x86)\Common Files\Skype 2012-03-11 17:28:22 . 2012-03-11 17:28:22 -------- d-----w- C:\Users\Administrator\AppData\Roaming\LolClient 2012-03-11 16:18:53 . 2008-07-12 07:18:52 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll 2012-03-11 16:18:53 . 2008-07-12 07:18:52 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll 2012-03-11 16:18:53 . 2008-07-12 07:18:52 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll 2012-03-11 15:54:35 . 2012-03-12 20:14:22 -------- d-----w- C:\Users\Administrator\AppData\Local\PMB Files 2012-03-11 15:54:34 . 2012-03-12 20:14:21 -------- d-----w- C:\ProgramData\PMB Files 2012-03-11 15:54:24 . 2012-03-11 15:54:25 -------- d-----w- C:\Program Files (x86)\Pando Networks 2012-03-11 14:16:09 . 2012-03-11 14:16:09 -------- d-----w- C:\Users\Administrator\Desktopmvps 2012-03-11 11:53:36 . 2012-03-11 11:53:36 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Malwarebytes 2012-03-11 11:53:31 . 2012-03-11 11:53:31 -------- d-----w- C:\ProgramData\Malwarebytes 2012-03-11 11:49:11 . 2012-03-11 11:49:12 388096 ----a-r- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-11 11:49:11 . 2012-03-11 11:49:11 -------- d-----w- C:\Program Files (x86)\Trend Micro 2012-03-10 22:08:32 . 2012-03-10 22:09:00 -------- d-----w- C:\Users\Administrator\AppData\Roaming\kodak 2012-03-10 22:08:32 . 2012-03-10 22:08:32 -------- d-----w- C:\ProgramData\Local Settings 2012-03-06 18:44:33 . 2012-03-06 18:44:33 -------- d-----w- C:\ProgramData\Media Center Programs 2012-03-02 21:27:23 . 2012-03-02 21:27:23 -------- d-----w- C:\Users\Administrator\AppData\Local\SKIDROW 2012-03-02 21:10:58 . 2012-03-15 19:14:11 -------- d-----w- C:\Users\Administrator\AppData\Local\LogMeIn Hamachi 2012-03-02 21:08:43 . 2012-03-02 21:08:46 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi 2012-02-29 19:26:36 . 2012-02-29 19:26:36 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll 2012-02-29 19:26:36 . 2012-02-29 19:26:36 28056 ----a-w- C:\Windows\system32\xfcodec64.dll 2012-02-28 21:14:56 . 2012-03-15 15:31:25 -------- d-----w- C:\Users\UpdatusUser 2012-02-28 21:14:11 . 2012-02-10 03:05:59 2497985 ----a-w- C:\Windows\system32\nvcoproc.bin 2012-02-22 23:20:46 . 2012-02-22 23:20:46 327432 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSA\9.0\VsaEnv\vsaenv.exe 2012-02-19 00:52:29 . 2012-03-14 11:57:02 -------- d-----w- C:\Program Files (x86)\Garena Classic 2012-02-19 00:42:42 . 2012-02-19 00:43:00 -------- d-----w- C:\Users\Administrator\AppData\Roaming\GarenaPlus 2012-02-19 00:39:19 . 2012-02-19 00:43:00 -------- d-----w- C:\ProgramData\GarenaMessenger 2012-02-18 22:23:06 . 2012-02-18 22:23:06 -------- d-----w- C:\Program Files (x86)\Dyyno 2012-02-18 22:18:23 . 2012-02-18 22:18:23 -------- d-----w- C:\Program Files (x86)\SplitMediaLabs 2012-02-18 22:18:22 . 2012-02-18 22:18:22 -------- d-----w- C:\ProgramData\SplitMediaLabs 2012-02-18 22:17:17 . 2012-02-18 22:17:17 -------- d-----w- C:\Users\Administrator\AppData\Roaming\SplitMediaLabs 2012-02-18 22:14:30 . 2012-02-18 22:15:13 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Xfire 2012-02-18 22:14:27 . 2012-03-13 20:01:29 -------- d-----w- C:\ProgramData\Xfire 2012-02-18 22:14:26 . 2012-03-13 19:45:25 -------- d-----w- C:\Program Files (x86)\Xfire 2012-02-18 22:01:13 . 2012-02-18 22:01:13 -------- d-----w- C:\Users\Administrator\AppData\Roaming\fltk.org 2012-02-18 22:01:13 . 2012-02-18 22:01:13 -------- d-----w- C:\ProgramData\fltk.org 2012-02-17 06:20:50 . 2012-02-08 07:13:59 8643640 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-02-16 19:37:07 . 2012-02-16 19:37:07 -------- d-----w- C:\Users\Administrator\AppData\Local\MaNGOS 2012-02-15 18:34:40 . 2012-02-15 18:34:40 -------- d-----w- C:\ProgramData\PreEmptive Solutions 2012-02-15 18:15:34 . 2012-02-15 18:15:34 -------- d-----w- C:\ProgramData\VS 2012-02-15 18:15:11 . 2012-02-09 12:17:24 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0F06861B-EC70-44EB-92FB-6D901FB778B4}\gapaengine.dll 2012-02-15 18:10:31 . 2012-02-15 18:10:50 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2012-02-15 18:10:21 . 2012-02-15 18:10:51 -------- d-----w- C:\Program Files\Microsoft Security Client 2012-02-15 17:57:00 . 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\system32\mshtml.tlb 2012-02-15 17:57:00 . 2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-15 12:46:09 . 2012-01-04 10:44:20 509952 ----a-w- C:\Windows\system32\ntshrui.dll 2012-02-15 12:46:09 . 2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-15 12:46:02 . 2011-12-30 06:26:08 515584 ----a-w- C:\Windows\system32\timedate.cpl 2012-02-15 12:46:02 . 2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-15 12:45:47 . 2011-12-28 03:59:24 498688 ----a-w- C:\Windows\system32\drivers\afd.sys 2012-02-15 12:45:36 . 2011-12-16 08:46:06 634880 ----a-w- C:\Windows\system32\msvcrt.dll 2012-02-15 12:45:36 . 2011-12-16 07:52:58 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2012-03-14 21:36:15 . 2011-08-19 10:33:40 2480064 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2012-03-10 13:10:35 . 2011-08-18 21:18:13 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-03-10 13:10:35 . 2011-08-18 19:19:06 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-03-09 21:33:49 . 2011-08-18 19:19:06 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2012-02-18 12:56:25 . 2011-09-07 15:25:39 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-10 04:13:00 . 2011-10-08 22:06:02 9717568 ----a-w- C:\Windows\system32\nvwgf2umx.dll 2012-02-10 04:13:00 . 2011-10-08 22:06:02 7713088 ----a-w- C:\Windows\SysWow64\nvwgf2um.dll 2012-02-10 04:13:00 . 2011-10-08 22:06:02 2660160 ----a-w- C:\Windows\system32\nvapi64.dll 2012-02-10 04:13:00 . 2011-10-08 22:06:02 2301248 ----a-w- C:\Windows\SysWow64\nvapi.dll 2012-02-10 04:13:00 . 2011-10-08 22:06:02 1737536 ----a-w- C:\Windows\system32\nvdispco64.dll 2012-02-10 04:13:00 . 2011-10-08 22:06:02 15009600 ----a-w- C:\Windows\SysWow64\nvd3dum.dll 2012-02-10 04:13:00 . 2011-10-08 22:06:02 1466176 ----a-w- C:\Windows\system32\nvgenco64.dll 2012-02-10 03:14:04 . 2011-10-08 22:11:07 6074176 ----a-w- C:\Windows\system32\nvcpl.dll 2012-02-10 03:14:01 . 2011-10-08 22:11:07 3089728 ----a-w- C:\Windows\system32\nvsvc64.dll 2012-02-10 03:07:03 . 2011-04-07 21:19:16 2561856 ----a-w- C:\Windows\system32\nvsvcr.dll 2012-02-10 03:07:00 . 2011-10-08 22:11:07 889664 ----a-w- C:\Windows\system32\nvvsvc.exe 2012-02-10 03:07:00 . 2011-10-08 22:11:07 63296 ----a-w- C:\Windows\system32\nvshext.dll 2012-02-10 03:07:00 . 2011-10-08 22:11:07 118080 ----a-w- C:\Windows\system32\nvmctray.dll 2012-02-09 19:05:44 . 2012-02-09 19:05:44 416064 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-02-08 15:35:18 . 2012-02-08 15:35:18 158208 ----a-w- C:\Windows\SysWow64\RemoteControl.dll 2012-01-31 12:44:20 . 2010-11-21 03:27:21 279656 ------w- C:\Windows\system32\MpSigStub.exe 2012-01-09 18:17:12 . 2011-02-21 12:16:05 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-01-06 05:15:20 . 2012-02-15 12:47:44 8602168 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{76CB9491-DBA3-498B-9175-9ADB2DAA26A7}\mpengine.dll 2012-01-04 23:01:54 . 2012-01-04 23:01:54 37888 ----a-w- C:\Windows\system32\drivers\taphss.sys 2011-12-19 16:33:40 . 2011-12-19 16:33:40 82816 ----a-w- C:\Users\Administrator\AppData\Roaming\pcouffin.sys ((((((((((((((((((((((((((((( SnapShot@2012-03-12_16.42.40 ))))))))))))))))))))))))))))))))))))))))) - 2009-07-14 04:54:17 . 2012-02-01 13:44:10 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54:17 . 2012-03-15 15:28:59 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54:17 . 2012-03-15 15:28:59 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54:17 . 2012-02-01 13:44:10 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54:17 . 2012-02-01 13:44:10 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54:17 . 2012-03-15 15:28:59 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-21 03:09:11 . 2012-03-15 19:15:12 77628 C:\Windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10:35 . 2012-03-15 19:15:08 45934 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-10-29 18:11:17 . 2012-03-15 19:15:09 14068 C:\Windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2746974207-3414542493-310138508-500_UserData.bin + 2009-07-14 04:46:26 . 2012-03-15 15:32:00 96448 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2011-09-14 13:19:45 . 2012-03-14 21:36:48 34144 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\oisicon.exe - 2011-09-14 13:19:45 . 2012-02-15 18:07:26 34144 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\oisicon.exe + 2011-09-14 13:19:45 . 2012-03-14 21:36:48 42848 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\msouc.exe - 2011-09-14 13:19:45 . 2012-02-15 18:07:26 42848 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\msouc.exe + 2011-09-14 13:19:45 . 2012-03-14 21:36:48 19296 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\cagicon.exe - 2011-09-14 13:19:45 . 2012-02-15 18:07:26 19296 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\cagicon.exe + 2011-08-20 00:52:37 . 2012-03-12 22:04:18 3354 C:\Windows\system32\wdi\ERCQueuedResolutions.dat - 2011-08-20 00:52:37 . 2012-03-11 21:16:55 3354 C:\Windows\system32\wdi\ERCQueuedResolutions.dat + 2012-03-15 19:13:05 . 2012-03-15 19:13:05 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-03-12 16:41:31 . 2012-03-12 16:41:31 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-03-15 19:13:05 . 2012-03-15 19:13:05 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-03-12 16:41:31 . 2012-03-12 16:41:31 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-09-01 14:31:43 . 2012-03-15 15:28:59 262144 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2011-09-01 14:31:43 . 2011-09-26 04:05:13 262144 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2009-07-14 05:01:48 . 2012-03-12 16:40:14 474132 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01:48 . 2012-03-15 19:11:54 474132 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-03-14 11:49:37 . 2012-03-14 11:49:37 371272 C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe + 2011-09-14 13:19:44 . 2012-03-14 21:36:48 415584 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\pubs.exe - 2011-09-14 13:19:44 . 2012-02-15 18:07:26 415584 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\pubs.exe + 2011-09-14 13:19:45 . 2012-03-14 21:36:48 303456 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe - 2011-09-14 13:19:45 . 2012-02-15 18:07:26 303456 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe - 2011-09-14 13:19:44 . 2012-02-15 18:07:26 571232 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\misc.exe + 2011-09-14 13:19:44 . 2012-03-14 21:36:48 571232 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\misc.exe - 2011-09-14 13:19:45 . 2012-02-15 18:07:26 326496 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\joticon.exe + 2011-09-14 13:19:45 . 2012-03-14 21:36:48 326496 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\joticon.exe - 2011-09-14 13:19:45 . 2012-02-15 18:07:26 469856 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\inficon.exe + 2011-09-14 13:19:45 . 2012-03-14 21:36:48 469856 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\inficon.exe + 2011-09-14 13:19:45 . 2012-03-14 21:36:48 178528 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\grvicons.exe - 2011-09-14 13:19:45 . 2012-02-15 18:07:26 178528 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\grvicons.exe - 2009-07-14 04:45:34 . 2012-03-10 13:06:39 4979216 C:\Windows\system32\FNTCACHE.DAT + 2009-07-14 04:45:34 . 2012-03-15 15:28:19 4979216 C:\Windows\system32\FNTCACHE.DAT + 2009-07-14 04:45:55 . 2012-03-15 15:31:31 7321288 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:45:55 . 2012-02-16 16:05:12 7321288 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2012-02-29 22:54:52 . 2012-02-29 22:54:52 3448320 C:\Windows\Installer\f71c1e.msp + 2011-09-14 13:19:43 . 2012-03-14 21:36:47 1479520 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\xlicons.exe - 2011-09-14 13:19:43 . 2012-02-15 18:07:26 1479520 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\xlicons.exe + 2011-09-14 13:19:45 . 2012-03-14 21:36:48 1858400 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\wordicon.exe - 2011-09-14 13:19:45 . 2012-02-15 18:07:26 1858400 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\wordicon.exe - 2011-09-14 13:19:43 . 2012-02-15 18:07:26 3792736 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\pptico.exe + 2011-09-14 13:19:43 . 2012-03-14 21:36:47 3792736 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\pptico.exe - 2011-09-14 13:19:45 . 2012-02-15 18:07:26 1449312 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\accicons.exe + 2011-09-14 13:19:45 . 2012-03-14 21:36:48 1449312 C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\accicons.exe - 2009-07-14 02:34:08 . 2012-02-15 21:20:18 10223616 C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2009-07-14 02:34:08 . 2012-03-15 15:24:38 10223616 C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2011-06-09 13:32:32 . 2012-03-14 21:36:53 56297240 C:\Windows\system32\MRT.exe + 2011-10-29 18:23:30 . 2012-03-15 19:11:55 21707776 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2746974207-3414542493-310138508-500-12288.dat + 2012-02-23 19:37:56 . 2012-02-23 19:37:56 20503552 C:\Windows\Installer\f71c3c.msp + 2012-01-25 18:15:56 . 2012-01-25 18:15:56 10121216 C:\Windows\Installer\f71c03.msp + 2012-03-14 11:49:07 . 2012-03-14 11:49:07 18984960 C:\Windows\Installer\4fa45.msi -- Snapshot teruggezet naar huidige datum -- ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17:22 94208 ----a-w- C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17:22 94208 ----a-w- C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17:22 94208 ----a-w- C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17:22 94208 ----a-w- C:\Users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Program Files (x86)\uTorrent\uTorrent.exe" [2012-02-23 13:51:13 740216] "Xvid"="C:\Program Files (x86)\XviD\CheckUpdate.exe" [2011-01-17 19:41:43 8192] "Octoshape Streaming Services"="C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 13:44:06 70936] "Sidebar"="C:\Program Files (x86)\Windows Sidebar\sidebar.exe" [2010-11-21 03:25:10 1174016] "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 11:45:28 2741616] "Steam"="C:\Program Files (x86)\Steam\steam.exe" [2011-11-11 14:23:11 1242448] "ISPMonitor"="C:\Program Files (x86)\ISP Monitor\isp.exe" [2012-01-16 16:00:36 418304] "Akamai NetSession Interface"="C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 01:44:30 3329824] "Dyyno Launcher"="C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" [2012-01-19 05:29:26 2146304] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2012-02-29 07:55:08 17148552] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 10:32:34 2472048] "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2011-07-19 16:29:00 421736] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 07:37:53 843712] "AdobeCS5.5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 06:08:56 1523360] "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 12:37:14 517096] "AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 02:57:06 406992] "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" [2011-07-05 16:36:48 421888] "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 23:08:12 1259376] "TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" [2011-11-28 17:14:09 296056] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 12:06:06 254696] "LinuxTSC_startup"="C:\Program Files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe" [2003-11-09 21:19:14 3664384] "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 16:38:56 1987976] "PCTools FGuard"="C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe" [2011-07-01 14:36:48 247760] [HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run] "Policies"="C:\Windows\system32\Winbooterr\Svchost.exe" [bU] "36669"="C:\PROGRA~3\LOCALS~1\Temp\mscuzjzy.cmd" [2009-07-14 01:14:41 31232] C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216] Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe [2012-2-29 3537304] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Monitor Apache Servers.lnk - C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2011-9-9 41051] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" R0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [x] R2 Apache2.2;Apache2.2;C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [2011-09-09 09:26:14 20549] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576] R2 gupdate;Google Update-service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 19:49:36 136176] R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 07:50:48 158856] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-09-09 20:13:44 79360] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-09-09 20:13:52 79360] R3 EagleX64;EagleX64;C:\Windows\system32\drivers\EagleX64.sys [x] R3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-30 22:00:00 26752] R3 GGSAFERDriver;GGSAFER Driver;C:\Program Files (x86)\Garena Classic\safedrv.sys [x] R3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 19:49:36 136176] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 09:43:28 51740536] R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys [x] R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 16:21:18 288272] R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 19:20:56 174440] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 19:34:24 4925184] R3 SteComposite;Acer Composite USB Service;C:\Windows\system32\DRIVERS\ste_compo_x64.sys [x] R3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 12:37:14 517096] R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys [x] R3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2011-01-18 17:49:06 68440] R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [x] R3 XENfiltv;XENfiltv;C:\Windows\system32\drivers\XENfiltv.sys [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 08:17:44 61976] R4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys [x] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 02:01:06 427880] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 13:10:42 63928] S2 aksdf;aksdf;C:\Windows\system32\drivers\aksdf.sys [x] S2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-07-01 14:36:44 337872] S2 Dyyno Launcher;Dyyno Service;C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2012-01-19 05:26:48 409600] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 16:38:54 2343816] S2 ISPMonitorSrv;ISP Monitor;C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe [2008-06-09 22:06:30 36864] S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-09-23 17:37:42 641832] S2 NPF;NetGroup Packet Filter Driver;C:\Windows\system32\drivers\npf.sys [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 04:13:00 2348352] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 19:05:32 382272] S2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 16:18:30 2358656] S2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 10:40:40 2886528] S3 AKDWC20ET;Hercules Dualpix HD Webcam;C:\Windows\system32\Drivers\HDVidvx.sys [x] S3 camfilt2;camfilt2;C:\Windows\system32\DRIVERS\camfilt2.sys [x] S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\system32\DRIVERS\vrtaucbl.sys [x] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys [x] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [x] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys [x] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 11:29:54 451872 ----a-w- C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe Inhoud van de 'Gedeelde Taken' map 2011-11-15 C:\Windows\Tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe [2011-11-14 16:51:34 . 2011-11-14 16:51:34] 2012-03-15 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 19:49:39 . 2011-10-10 19:49:36] 2012-03-15 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 19:49:39 . 2011-10-10 19:49:36] --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [bU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Launch LgDeviceAgent"="C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 08:06:06 415816] "Launch LCDMon"="C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 07:47:08 2412616] "Launch LGDCore"="C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 08:04:10 4725320] "CamserviceDP"="C:\Program Files (x86)\Hercules\Hercules DualPix HD Webcam\x64\Camservice.exe" [2008-02-06 12:22:10 74536] "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 16:42:18 499608] "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 12:54:26 112512] "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe" [2011-06-15 13:35:24 1436736] ------- Bijkomende Scan ------- uLocal Page = C:\Windows\system32\blank.htm uStart Page = hxxp://eu.ask.com/?l=dis&o=14200 mLocal Page = C:\Windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = 127.0.0.1:9421 IE: &Verzenden naar OneNote - C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab FF - ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\7qbrsq5a.default\ ---------- Post toegevoegd om 20:22 ---------- Vorige post was om 20:21 ---------- HJT: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:20:57, on 15/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com - International R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421 R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LinuxTSC_startup] C:\Program Files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe -multiwindow -clipboard O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\XviD\CheckUpdate.exe O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files (x86)\ISP Monitor\isp.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Dyyno Launcher] "C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" 30100 30101 30102 30103 30104 O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Windows\system32\Winbooterr\Svchost.exe O4 - HKLM\..\Policies\Explorer\Run: [36669] C:\PROGRA~3\LOCALS~1\Temp\mscuzjzy.cmd O4 - HKUS\S-1-5-21-2746974207-3414542493-310138508-1010\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2746974207-3414542493-310138508-1010\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: Dyyno Service (Dyyno Launcher) - Unknown owner - C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14770 bytes
  22. Valcorb
    ComboFix 12-03-12.03 - Administrator 14/03/2012 17:52:44.2.6 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4094.2473 [GMT 1:00] Gestart vanuit: c:\users\Administrator\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-14 to 2012-03-14 )))))))))))))))))))))))))))))) . . 2012-03-14 17:00 . 2012-03-14 17:00 -------- d-----w- c:\users\Yolan\AppData\Local\temp 2012-03-14 17:00 . 2012-03-14 17:00 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-14 12:11 . 2011-07-01 14:36 767952 ----a-w- c:\windows\BDTSupport.dll 2012-03-14 12:11 . 2011-07-01 14:36 149456 ----a-w- c:\windows\SGDetectionTool.dll 2012-03-14 12:11 . 2011-07-01 14:36 2029520 ----a-w- c:\windows\PCTBDCore.dll 2012-03-14 12:11 . 2011-07-01 14:36 1533904 ----a-w- c:\windows\PCTBDRes.dll 2012-03-14 12:09 . 2012-03-14 17:02 -------- d-----w- c:\program files (x86)\PC Tools Security 2012-03-14 12:09 . 2012-03-14 17:02 -------- d-----w- c:\program files (x86)\Common Files\PC Tools 2012-03-14 12:06 . 2012-03-14 12:06 99414 ----a-w- c:\programdata\1331726695.bdinstall.bin 2012-03-14 12:06 . 2012-03-14 12:06 -------- d-----w- c:\program files\Bitdefender 2012-03-14 12:05 . 2012-03-14 12:05 -------- d-----w- c:\users\Administrator\AppData\Roaming\QuickScan 2012-03-14 12:04 . 2012-03-14 12:06 -------- d-----w- c:\program files\Common Files\Bitdefender 2012-03-14 11:55 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{606C41F3-16AA-4070-8D2C-23EF7060A205}\mpengine.dll 2012-03-14 11:49 . 2012-03-14 11:49 -------- d-----w- c:\program files (x86)\Common Files\Skype 2012-03-11 17:28 . 2012-03-11 17:28 -------- d-----w- c:\users\Administrator\AppData\Roaming\LolClient 2012-03-11 16:18 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll 2012-03-11 16:18 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll 2012-03-11 16:18 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll 2012-03-11 15:54 . 2012-03-12 20:14 -------- d-----w- c:\users\Administrator\AppData\Local\PMB Files 2012-03-11 15:54 . 2012-03-12 20:14 -------- d-----w- c:\programdata\PMB Files 2012-03-11 15:54 . 2012-03-11 15:54 -------- d-----w- c:\program files (x86)\Pando Networks 2012-03-11 14:16 . 2012-03-11 14:16 -------- d-----w- c:\users\Administrator\Desktopmvps 2012-03-11 11:53 . 2012-03-11 11:53 -------- d-----w- c:\users\Administrator\AppData\Roaming\Malwarebytes 2012-03-11 11:53 . 2012-03-11 11:53 -------- d-----w- c:\programdata\Malwarebytes 2012-03-11 11:49 . 2012-03-11 11:49 388096 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-11 11:49 . 2012-03-11 11:49 -------- d-----w- c:\program files (x86)\Trend Micro 2012-03-10 22:08 . 2012-03-10 22:09 -------- d-----w- c:\users\Administrator\AppData\Roaming\kodak 2012-03-10 22:08 . 2012-03-10 22:08 -------- d-----w- c:\programdata\Local Settings 2012-03-06 18:44 . 2012-03-06 18:44 -------- d-----w- c:\programdata\Media Center Programs 2012-03-02 21:27 . 2012-03-02 21:27 -------- d-----w- c:\users\Administrator\AppData\Local\SKIDROW 2012-03-02 21:10 . 2012-03-14 17:06 -------- d-----w- c:\users\Administrator\AppData\Local\LogMeIn Hamachi 2012-03-02 21:08 . 2012-03-02 21:08 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi 2012-02-29 19:26 . 2012-02-29 19:26 42392 ----a-w- c:\windows\SysWow64\xfcodec.dll 2012-02-29 19:26 . 2012-02-29 19:26 28056 ----a-w- c:\windows\system32\xfcodec64.dll 2012-02-28 21:14 . 2012-02-28 21:15 -------- d-----w- c:\users\UpdatusUser 2012-02-28 21:14 . 2012-02-10 03:05 2497985 ----a-w- c:\windows\system32\nvcoproc.bin 2012-02-19 00:52 . 2012-03-14 11:57 -------- d-----w- c:\program files (x86)\Garena Classic 2012-02-19 00:42 . 2012-02-19 00:43 -------- d-----w- c:\users\Administrator\AppData\Roaming\GarenaPlus 2012-02-19 00:39 . 2012-02-19 00:43 -------- d-----w- c:\programdata\GarenaMessenger 2012-02-18 22:23 . 2012-02-18 22:23 -------- d-----w- c:\program files (x86)\Dyyno 2012-02-18 22:18 . 2012-02-18 22:18 -------- d-----w- c:\program files (x86)\SplitMediaLabs 2012-02-18 22:18 . 2012-02-18 22:18 -------- d-----w- c:\programdata\SplitMediaLabs 2012-02-18 22:17 . 2012-02-18 22:17 -------- d-----w- c:\users\Administrator\AppData\Roaming\SplitMediaLabs 2012-02-18 22:14 . 2012-02-18 22:15 -------- d-----w- c:\users\Administrator\AppData\Roaming\Xfire 2012-02-18 22:14 . 2012-03-13 20:01 -------- d-----w- c:\programdata\Xfire 2012-02-18 22:14 . 2012-03-13 19:45 -------- d-----w- c:\program files (x86)\Xfire 2012-02-18 22:01 . 2012-02-18 22:01 -------- d-----w- c:\users\Administrator\AppData\Roaming\fltk.org 2012-02-18 22:01 . 2012-02-18 22:01 -------- d-----w- c:\programdata\fltk.org 2012-02-17 06:20 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-02-16 19:37 . 2012-02-16 19:37 -------- d-----w- c:\users\Administrator\AppData\Local\MaNGOS 2012-02-15 18:34 . 2012-02-15 18:34 -------- d-----w- c:\programdata\PreEmptive Solutions 2012-02-15 18:15 . 2012-02-15 18:15 -------- d-----w- c:\programdata\VS 2012-02-15 18:15 . 2012-02-09 12:17 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0F06861B-EC70-44EB-92FB-6D901FB778B4}\gapaengine.dll 2012-02-15 18:10 . 2012-02-15 18:10 -------- d-----w- c:\program files (x86)\Microsoft Security Client 2012-02-15 18:10 . 2012-02-15 18:10 -------- d-----w- c:\program files\Microsoft Security Client 2012-02-15 17:57 . 2011-12-14 06:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-15 17:57 . 2011-12-14 02:50 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-02-15 12:47 . 2012-01-06 05:15 8602168 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76CB9491-DBA3-498B-9175-9ADB2DAA26A7}\mpengine.dll 2012-02-15 12:46 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-15 12:46 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-15 12:46 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-15 12:46 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-15 12:45 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-15 12:45 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-15 12:45 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-15 12:45 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-10 13:10 . 2011-08-18 21:18 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-03-10 13:10 . 2011-08-18 19:19 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-03-09 21:33 . 2011-08-18 19:19 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-02-18 12:56 . 2011-09-07 15:25 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-16 21:35 . 2011-08-19 10:33 2480064 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2012-02-10 04:13 . 2011-10-08 22:06 9717568 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-02-10 04:13 . 2011-10-08 22:06 7713088 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-02-10 04:13 . 2011-10-08 22:06 2660160 ----a-w- c:\windows\system32\nvapi64.dll 2012-02-10 04:13 . 2011-10-08 22:06 2301248 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-02-10 04:13 . 2011-10-08 22:06 1737536 ----a-w- c:\windows\system32\nvdispco64.dll 2012-02-10 04:13 . 2011-10-08 22:06 15009600 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-02-10 04:13 . 2011-10-08 22:06 1466176 ----a-w- c:\windows\system32\nvgenco64.dll 2012-02-10 03:14 . 2011-10-08 22:11 6074176 ----a-w- c:\windows\system32\nvcpl.dll 2012-02-10 03:14 . 2011-10-08 22:11 3089728 ----a-w- c:\windows\system32\nvsvc64.dll 2012-02-10 03:07 . 2011-04-07 21:19 2561856 ----a-w- c:\windows\system32\nvsvcr.dll 2012-02-10 03:07 . 2011-10-08 22:11 889664 ----a-w- c:\windows\system32\nvvsvc.exe 2012-02-10 03:07 . 2011-10-08 22:11 63296 ----a-w- c:\windows\system32\nvshext.dll 2012-02-10 03:07 . 2011-10-08 22:11 118080 ----a-w- c:\windows\system32\nvmctray.dll 2012-02-09 19:05 . 2012-02-09 19:05 416064 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-02-08 15:35 . 2012-02-08 15:35 158208 ----a-w- c:\windows\SysWow64\RemoteControl.dll 2012-01-31 12:44 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-01-09 18:17 . 2011-02-21 12:16 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-01-04 23:01 . 2012-01-04 23:01 37888 ----a-w- c:\windows\system32\drivers\taphss.sys 2011-12-19 16:33 . 2011-12-19 16:33 82816 ----a-w- c:\users\Administrator\AppData\Roaming\pcouffin.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-03-12_16.42.40 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-02-01 13:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-03-14 12:21 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-03-14 12:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-02-01 13:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-03-14 12:21 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-02-01 13:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-21 03:09 . 2012-03-14 17:07 77572 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-03-14 17:07 45448 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-10-29 18:11 . 2012-03-14 17:07 13750 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2746974207-3414542493-310138508-500_UserData.bin - 2011-08-20 00:52 . 2012-03-11 21:16 3354 c:\windows\system32\wdi\ERCQueuedResolutions.dat + 2011-08-20 00:52 . 2012-03-12 22:04 3354 c:\windows\system32\wdi\ERCQueuedResolutions.dat + 2012-03-14 17:02 . 2012-03-14 17:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-03-12 16:41 . 2012-03-12 16:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-03-14 17:02 . 2012-03-14 17:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-03-12 16:41 . 2012-03-12 16:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-09-01 14:31 . 2012-03-14 12:11 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2011-09-01 14:31 . 2011-09-26 04:05 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-07-14 05:01 . 2012-03-14 17:01 474132 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2012-03-12 16:40 474132 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-03-14 11:49 . 2012-03-14 11:49 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe + 2011-10-29 18:23 . 2012-03-14 17:01 19809964 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2746974207-3414542493-310138508-500-12288.dat + 2012-03-14 11:49 . 2012-03-14 11:49 18984960 c:\windows\Installer\4fa45.msi . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-02-23 740216] "Xvid"="c:\program files (x86)\XviD\CheckUpdate.exe" [2011-01-17 8192] "Octoshape Streaming Services"="c:\users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936] "Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-21 1174016] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616] "Steam"="c:\program files (x86)\Steam\steam.exe" [2011-11-11 1242448] "ISPMonitor"="c:\program files (x86)\ISP Monitor\isp.exe" [2012-01-16 418304] "Akamai NetSession Interface"="c:\users\Administrator\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 3329824] "Dyyno Launcher"="c:\program files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" [2012-01-19 2146304] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-07-19 421736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-11-28 296056] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "LinuxTSC_startup"="c:\program files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe" [2003-11-09 3664384] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976] "PCTools FGuard"="c:\program files (x86)\PC Tools Security\BDT\FGuard.exe" [2011-07-01 247760] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run] "Policies"="c:\windows\system32\Winbooterr\Svchost.exe" [bU] "36669"="c:\progra~3\LOCALS~1\Temp\mscuzjzy.cmd" [2009-07-14 31232] . c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216] Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2012-2-29 3537304] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Monitor Apache Servers.lnk - c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2011-9-9 41051] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] R2 Apache2.2;Apache2.2;c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [2011-09-09 20549] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 136176] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-09-09 79360] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-09-09 79360] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-30 26752] R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Classic\safedrv.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 136176] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SteComposite;Acer Composite USB Service;c:\windows\system32\DRIVERS\ste_compo_x64.sys [x] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2011-01-18 68440] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x] S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-07-01 337872] S2 Dyyno Launcher;Dyyno Service;c:\program files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2012-01-19 409600] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816] S2 ISPMonitorSrv;ISP Monitor;c:\program files (x86)\ISP Monitor\ISPMonitorSrv.exe [2008-06-09 36864] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528] S3 AKDWC20ET;Hercules Dualpix HD Webcam;c:\windows\system32\Drivers\HDVidvx.sys [x] S3 camfilt2;camfilt2;c:\windows\system32\DRIVERS\camfilt2.sys [x] S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [x] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 11:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2011-11-15 c:\windows\Tasks\AutoKMS.job - c:\windows\AutoKMS\AutoKMS.exe [2011-11-14 16:51] . 2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 19:49] . 2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 19:49] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://eu.ask.com/?l=dis&o=14200 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = 127.0.0.1:9421 IE: &Verzenden naar OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\7qbrsq5a.default\ . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver] "ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (Administrator) "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,ca, 05,9c,b2,eb,0b,bb,9d,bf,17,8f,69,f9,db "{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,3b,1b,f9,df,5c, 2d,50,ee,ad,02,96,7b,09,49,17,26,d6,d2 "{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,3b,1b,9d,6a,7b, 2f,b3,1b,95,0f,82,1d,51,09,a7,d0,d1,ec "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,3b,1b,71,2d,90, 6f,f4,6a,4a,04,a9,f2,4e,fc,1e,7f,e7,66 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c8,25, 8d,33,16,d7,03,90,c7,14,24,75,4f,27,de "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,3b,1b,25,b4,e6, a9,10,54,31,00,a4,29,07,f3,03,c9,46,e7 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1c,dd, c6,74,fe,33,0a,a2,7f,d9,65,c2,82,cc,b1 "{DDA57003-0068-4ED2-9D32-4D1EC707D94D}"=hex:51,66,7a,6c,4c,1d,3b,1b,13,6c,b0, c0,59,5a,ba,07,83,39,08,5e,c4,40,9d,55 "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,3b,1b,f1,06,41, 37,c7,01,0d,0f,b6,a8,8a,e9,64,69,06,89 "{5802D092-1784-4908-8CDB-99B6842D353D}"=hex:51,66,7a,6c,4c,1d,3b,1b,82,cc,17, 45,b5,4d,60,00,92,d0,dc,f6,87,6a,71,25 . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (Administrator) "Timestamp"=hex:2d,c1,47,9e,69,96,cc,01 . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,24,f1,d8,82,9f,7e,52,47,b8,45,b7,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,24,f1,d8,82,9f,7e,52,47,b8,45,b7,\ . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.3G2" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.3GP" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.3G2" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.3GP" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.669\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.669" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ADTS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ADTS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ADTS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AIFF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AIFF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AIFF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amf\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.amf" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASX" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AU" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AVI" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avr\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.avr" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.B4S\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.PlayList" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.caf\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.caf" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.CDA" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (Administrator) "Progid"="ThunderbirdEML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.far\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.far" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FLAC\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.FLAC" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.FLV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htk\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.htk" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.iff" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.it\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.it" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.itz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.itz" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.KAR\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.KAR" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.M2TS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.M2TS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.m3u" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u8\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.PlayList" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.M4A" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MP4" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mat\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.mat" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mdz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.mdz" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MIDI" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MIDI" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MIZ\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.MIZ" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.MKV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MOV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP1\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.MP1" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MP3" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MP3" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MP4" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MP4" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mtm\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.mtm" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.M2TS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSA\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.NSA" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nst\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.nst" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSV\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.NSV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.OGG\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.OGG" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.okt\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.okt" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.paf\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.paf" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.PlayList" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ptm\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.ptm" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pvf\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.pvf" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.raw" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rf64\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.rf64" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MIDI" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.s3m\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.s3m" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.s3z\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.s3z" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sd2\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.sd2" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sds\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.sds" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sf\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.sf" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AU" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.stm\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.stm" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.stz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.stz" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.SWF\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.SWF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\UserChoice] @Denied: (2) (Administrator) "Progid"="uTorrent" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.TTS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.TTS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ult\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.ult" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.VLB\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.VLB" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.voc\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.voc" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.w64\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.w64" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wal\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.SkinZip" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WAV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WAX" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdseml\UserChoice] @Denied: (2) (Administrator) "Progid"="ThunderbirdEML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webm\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.webm" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wlz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.LangZip" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASF" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMA" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMD" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMS" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMV" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASX" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMZ" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WPL" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wsz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.SkinZip" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wve\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.wve" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WVX" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xi\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.xi" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xm\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.xm" . [HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmz\UserChoice] @Denied: (2) (Administrator) "Progid"="Winamp.File.xmz" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\windows\SysWOW64\PnkBstrA.exe . ************************************************************************** . Voltooingstijd: 2012-03-14 18:11:05 - machine werd herstart ComboFix-quarantined-files.txt 2012-03-14 17:11 ComboFix2.txt 2012-03-12 16:49 . Pre-Run: 147.567.742.976 bytes beschikbaar Post-Run: 147.739.332.608 bytes beschikbaar . - - End Of File - - 693A8FB179347D00CFC6BCF2FE8BC364
  23. Valcorb
    Heb het gedaan in veilige modus, maar het blijft maar terugkomen in de lijst :S En admin staat aan
  24. Valcorb
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:24:42, on 12/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\Program Files (x86)\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\ISP Monitor\isp.exe C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Administrator\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe E:\Arena-tournament.com 3.3.5\Wow.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe E:\Arena-tournament.com 3.3.5\Wow.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com - International R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LinuxTSC_startup] C:\Program Files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe -multiwindow -clipboard O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\XviD\CheckUpdate.exe O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files (x86)\ISP Monitor\isp.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Dyyno Launcher] "C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" 30100 30101 30102 30103 30104 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Windows\system32\Winbooterr\Svchost.exe O4 - HKLM\..\Policies\Explorer\Run: [36669] C:\PROGRA~3\LOCALS~1\Temp\msfbabs.com O4 - HKUS\S-1-5-21-2746974207-3414542493-310138508-1010\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2746974207-3414542493-310138508-1010\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: Dyyno Service (Dyyno Launcher) - Unknown owner - C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15020 bytes
  25. Valcorb
    Nieuw HJT logje?
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.