ceeszu

Tot op heden meer dan 150 processen en zeker zo'n, even tellen, 92 rndll32.exe processen.................

hier het log bestand:

ComboFix 11-10-19.03 - Cees 19-10-2011 16:53:11.5.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.4095.2036 [GMT 2:00]

Gestart vanuit: c:\users\Cees\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Cees\Desktop\CFScript.txt

AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}

SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\SysWow64\ConduitEngine.tmp"

"c:\windows\Tasks\!PC Unleashed Registration3.job"

"c:\windows\Tasks\!PCDoctorBackgroundMonitorTask.job"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\SFT_Netherlands

c:\program files (x86)\SFT_Netherlands\GottenAppsContextMenu.xml

c:\program files (x86)\SFT_Netherlands\ldrtbSFT_.dll

c:\program files (x86)\SFT_Netherlands\OtherAppsContextMenu.xml

c:\program files (x86)\SFT_Netherlands\prxtbSFT_.dll

c:\program files (x86)\SFT_Netherlands\SFT_NetherlandsToolbarHelper.exe

c:\program files (x86)\SFT_Netherlands\SharedAppsContextMenu.xml

c:\program files (x86)\SFT_Netherlands\tbSFT_.dll

c:\program files (x86)\SFT_Netherlands\toolbar.cfg

c:\program files (x86)\SFT_Netherlands\ToolbarContextMenu.xml

c:\program files (x86)\SFT_Netherlands\uninstall.exe

c:\programdata\PC Unleashed Online

c:\users\Cees\AppData\Roaming\PC Unleashed Online

c:\users\Cees\AppData\Roaming\PC Unleashed Online\PC Unleashed\Client.txt

c:\users\Cees\AppData\Roaming\PC Unleashed Online\PC Unleashed\Server.txt

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-09-19 to 2011-10-19 ))))))))))))))))))))))))))))))

.

.

2011-10-19 15:37 . 2011-10-19 15:37 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9FDB300A-AA53-46C3-8612-DE5AF5710DC7}\offreg.dll

2011-10-19 15:32 . 2011-10-19 15:32 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2011-10-19 15:32 . 2011-10-19 15:32 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-10-18 07:11 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9FDB300A-AA53-46C3-8612-DE5AF5710DC7}\mpengine.dll

2011-10-17 11:48 . 2011-10-17 16:53 -------- d-----w- C:\Aanvraag activiteiten TOP

2011-10-17 08:20 . 2011-10-17 08:20 0 ----a-w- c:\windows\SysWow64\ConduitEngine.tmp

2011-10-16 10:27 . 2011-10-16 10:27 -------- d-----w- c:\users\Cees\AppData\Roaming\Malwarebytes

2011-10-16 10:26 . 2011-10-16 10:26 -------- d-----w- c:\programdata\Malwarebytes

2011-10-16 10:26 . 2011-10-16 10:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-10-16 10:26 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files\iTunes

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files (x86)\iTunes

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files\iPod

2011-10-15 10:20 . 2011-10-15 10:20 -------- d-----w- c:\program files\Bonjour

2011-10-15 10:20 . 2011-10-15 10:20 -------- d-----w- c:\program files (x86)\Bonjour

2011-10-13 22:03 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys

2011-10-13 22:03 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll

2011-10-13 22:03 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax

2011-10-13 22:03 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll

2011-10-13 22:03 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax

2011-10-13 22:03 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll

2011-10-13 22:03 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll

2011-10-13 22:03 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll

2011-10-13 22:03 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2011-10-13 10:07 . 2011-10-13 10:07 388096 ----a-r- c:\users\Cees\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-10-13 10:07 . 2011-10-13 10:07 -------- d-----w- c:\program files (x86)\Trend Micro

2011-10-13 10:04 . 2011-10-13 10:15 -------- d-----w- C:\HiJack

2011-10-12 19:33 . 2011-10-12 19:33 -------- d-----w- c:\windows\Downloaded Program Files

2011-10-12 19:29 . 2011-10-12 19:30 -------- d-----w- C:\procexp

2011-10-12 13:53 . 2011-10-12 13:53 -------- d-----w- c:\programdata\Uniblue

2011-10-12 13:27 . 2011-10-12 13:27 -------- d-----w- c:\users\Cees\AppData\Roaming\TeamViewer

2011-10-12 13:25 . 2011-10-12 13:25 -------- d-----w- c:\program files (x86)\TeamViewer

2011-10-11 08:44 . 2011-10-19 16:43 -------- d-----w- c:\users\Cees\AppData\Local\Temp

2011-10-09 09:26 . 2011-10-09 09:26 -------- d-----w- c:\users\Cees\AppData\Roaming\OpenOffice.org

2011-10-09 09:24 . 2011-10-09 09:46 -------- d-----w- c:\program files (x86)\OpenOffice.org 3

2011-10-09 09:05 . 2011-10-09 09:05 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-10-07 09:42 . 2011-10-07 09:42 -------- d-----w- c:\windows\system32\Macromed

2011-10-06 14:08 . 2011-10-06 14:08 -------- d-----w- c:\program files\DisplayLink iPad Software

2011-10-06 12:31 . 2011-10-06 12:32 -------- d-----w- c:\program files\DisplayLink Graphics

2011-10-06 12:30 . 2011-10-06 12:31 -------- d-----w- c:\program files\DisplayLink Core Software

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd9.dll

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd11.dll

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd10.dll

2011-10-06 11:33 . 2011-10-06 12:34 -------- d-----w- c:\users\Cees\AppData\Local\IM

2011-10-06 11:32 . 2011-10-06 11:41 -------- d-----w- c:\programdata\IM

2011-10-06 11:32 . 2011-10-06 11:32 -------- d-----w- c:\programdata\IncrediMail

2011-10-06 11:31 . 2011-10-06 11:38 -------- d-----w- c:\program files (x86)\DealPly

2011-10-06 11:31 . 2011-10-06 11:31 -------- d-----w- c:\program files (x86)\FoxTabMusicConverter

2011-10-04 06:47 . 2011-10-04 06:47 -------- d-----w- C:\TOP Algemeen

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\users\Cees\AppData\Roaming\DriverCure

2011-09-30 07:05 . 2011-10-09 09:44 -------- d-----w- C:\TOP A1

2011-09-28 14:57 . 2011-09-28 14:57 -------- d-----w- c:\users\Cees\AppData\Local\G DATA

2011-09-28 14:55 . 2011-09-28 14:55 106488 ----a-w- c:\windows\system32\drivers\GRD.sys

2011-09-28 13:34 . 2011-09-28 13:34 58584 ----a-w- c:\windows\system32\drivers\PktIcpt.sys

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-07 09:42 . 2011-09-07 09:15 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-09-28 13:32 . 2011-06-05 19:31 47320 ----a-w- c:\windows\system32\drivers\GDBehave.sys

2011-09-28 13:32 . 2011-06-05 19:30 102616 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys

2011-09-28 13:32 . 2011-06-05 19:30 63704 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys

2011-08-30 21:05 . 2011-08-30 21:05 96104 ----a-w- c:\windows\system32\dns-sd.exe

2011-08-30 21:05 . 2011-08-30 21:05 85864 ----a-w- c:\windows\system32\dnssd.dll

2011-08-30 21:05 . 2011-08-30 21:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll

2011-08-30 21:05 . 2011-08-30 21:05 212840 ----a-w- c:\windows\system32\dnssdX.dll

2011-08-30 21:05 . 2011-08-30 21:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe

2011-08-30 21:05 . 2011-08-30 21:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll

2011-08-30 21:05 . 2011-08-30 21:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll

2011-08-30 21:05 . 2011-08-30 21:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll

2011-07-23 09:54 . 2011-07-23 09:54 53248 ----a-r- c:\users\Cees\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

.

.

((((((((((((((((((((((((((((( SnapShot@2011-10-18_11.10.12 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2011-10-18 10:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2011-10-18 14:41 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2011-10-18 10:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2011-10-18 14:41 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-09-27 14:29 . 2011-10-18 16:14 84140 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2011-10-19 14:38 33942 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2010-09-27 20:39 . 2011-10-19 14:38 24704 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2398009579-1224830499-2648912689-1000_UserData.bin

+ 2010-09-27 12:23 . 2011-10-18 17:25 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-09-27 12:23 . 2011-10-18 07:10 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-09-27 12:23 . 2011-10-18 17:25 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-09-27 12:23 . 2011-10-18 07:10 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2011-10-18 17:25 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2011-10-18 07:10 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-10-18 10:52 . 2011-10-18 10:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-10-19 15:35 . 2011-10-19 15:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-10-19 15:35 . 2011-10-19 15:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2011-10-18 10:52 . 2011-10-18 10:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 04:54 . 2011-10-18 10:52 163840 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2011-10-18 14:41 163840 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-09-27 19:29 . 2011-10-18 22:34 334272 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin

+ 2009-07-14 09:16 . 2011-10-18 17:14 704504 c:\windows\system32\perfh013.dat

+ 2009-07-14 02:36 . 2011-10-18 17:14 618936 c:\windows\system32\perfh009.dat

+ 2009-07-14 09:16 . 2011-10-18 17:14 134626 c:\windows\system32\perfc013.dat

+ 2009-07-14 02:36 . 2011-10-18 17:14 107256 c:\windows\system32\perfc009.dat

- 2010-09-28 07:08 . 2011-10-18 10:51 890736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2010-09-28 07:08 . 2011-10-19 15:33 890736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2009-07-14 05:01 . 2011-10-19 15:33 432436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2011-10-18 10:51 432436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-11-09 09:45 . 2011-10-19 15:33 15723553 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2398009579-1224830499-2648912689-1000-12288.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"DriverScanner"="c:\progra~2\Uniblue\DRIVER~1\launcher.exe" [2011-09-05 338296]

"SpeedUpMyPC"="c:\program files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" [2011-09-09 67960]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"ISTray"="c:\program files (x86)\Spyware Doctor\pctsTray.exe" [2010-10-25 1287120]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk /r \??\H:\0autocheck autochk *

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 GFI_ReportCenter35;GFI ReportCenter 3.5;c:\program files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [2009-06-16 111912]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 135664]

R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 DMRepairService;Performance Toolkit Disk Repair Service;c:\program files (x86)\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [2011-02-16 1034208]

R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2010-11-24 21712]

R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]

R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 135664]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [x]

R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 27136]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-05-12 25072]

R3 PCTDMDefrag;PCTDMDefrag;c:\windows\system32\drivers\PCTDMDefrag.sys [2011-02-04 162328]

R3 PCTDSMon;PCTDSMon;c:\windows\system32\drivers\PCTDSMon.sys [x]

R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]

R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]

R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 Common Toolkit Tools;Common Toolkit Tools;c:\program files (x86)\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2011-02-02 121480]

R4 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files (x86)\Fighters\SPAMfighter\sfus.exe service [x]

R4 Suite Service;Suite Service;c:\program files (x86)\Fighters\FighterSuiteService.exe [2011-09-16 1302152]

R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-24 140672]

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2011-04-10 9663848]

S2 DMDefragService;Performance Toolkit Disk Defrag Service;c:\program files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [2011-02-16 1050592]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]

S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]

S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-02-16 632800]

S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]

S2 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]

S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

Inhoud van de 'Gedeelde Taken' map

.

2011-10-17 c:\windows\Tasks\!PC Unleashed Registration3.job

- c:\windows\system32\rundll32.exe [2009-07-13 01:14]

.

2011-10-16 c:\windows\Tasks\!PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09]

.

2011-10-19 c:\windows\Tasks\DriverScanner.job

- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-10-12 14:20]

.

2011-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 20:33]

.

2011-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 20:33]

.

2011-10-18 c:\windows\Tasks\PTSchedule.job

- c:\program files (x86)\PC Tools Utilities\pt.exe [2011-06-06 07:02]

.

2011-10-19 c:\windows\Tasks\RegistryBooster.job

- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 13:29]

.

2011-10-19 c:\windows\Tasks\SpeedUpMyPC.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-10-12 07:23]

.

2011-10-19 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-20 8306208]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.kpnvandaag.nl/

uInternet Settings,ProxyOverride = *.local

IE: &Verzenden naar OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki...

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Cees\AppData\Roaming\Mozilla\Firefox\Profiles\qbpvl446.default\

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=IMH&o=2420&locale=nl_NL&apn_uid=45c5971b-ca01-439c-8931-de6650852d1b&apn_ptnrs=^A31&apn_sauid=B2FE4502-421E-4AB8-BF1A-1D77593E86B4&apn_dtid=^YYYYYY^YY^NL&atb=sysid%3D1%3Aappid%3D315%3Auc76012506&q=

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

AddRemove-SFT_Netherlands Toolbar - c:\program files (x86)\SFT_Netherlands\uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrvProxy.exe

c:\progra~2\Uniblue\DRIVER~1\driverscanner.exe

c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

c:\program files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

.

**************************************************************************

.

Voltooingstijd: 2011-10-19 18:46:01 - machine werd herstart

ComboFix-quarantined-files.txt 2011-10-19 16:46

ComboFix2.txt 2011-10-18 16:15

ComboFix3.txt 2011-10-18 11:12

ComboFix4.txt 2011-10-17 15:26

ComboFix5.txt 2011-10-19 14:52

.

Pre-Run: 673.828.417.536 bytes beschikbaar

Post-Run: 673.471.614.976 bytes beschikbaar

.

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4

- - End Of File - - 79E6ED36CB8410C8090C6B1139AA3BA3

inmiddels alweer 140 processen met daaronder weer veeeel rundll32.exe. PC underleashed verwijderd van het systeem en zoveel mogelijk andere programma's niet laten starten, maar wellicht moet ik alle non microsoft pakketten verwijderen????

Hier weer het bestand:

ComboFix 11-10-18.02 - Cees 18-10-2011 17:22:42.4.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.4095.2175 [GMT 2:00]

Gestart vanuit: c:\users\Cees\Desktop\ComboFix.exe

AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}

SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-09-18 to 2011-10-18 ))))))))))))))))))))))))))))))

.

.

2011-10-18 15:56 . 2011-10-18 15:56 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9FDB300A-AA53-46C3-8612-DE5AF5710DC7}\offreg.dll

2011-10-18 15:52 . 2011-10-18 15:52 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2011-10-18 15:52 . 2011-10-18 15:52 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-10-18 07:11 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9FDB300A-AA53-46C3-8612-DE5AF5710DC7}\mpengine.dll

2011-10-17 11:48 . 2011-10-17 16:53 -------- d-----w- C:\Aanvraag activiteiten TOP

2011-10-17 08:20 . 2011-10-17 08:20 0 ----a-w- c:\windows\SysWow64\ConduitEngine.tmp

2011-10-17 08:20 . 2011-10-17 08:20 -------- d-----w- c:\program files (x86)\SFT_Netherlands

2011-10-16 10:27 . 2011-10-16 10:27 -------- d-----w- c:\users\Cees\AppData\Roaming\Malwarebytes

2011-10-16 10:26 . 2011-10-16 10:26 -------- d-----w- c:\programdata\Malwarebytes

2011-10-16 10:26 . 2011-10-16 10:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-10-16 10:26 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files\iTunes

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files (x86)\iTunes

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files\iPod

2011-10-15 10:20 . 2011-10-15 10:20 -------- d-----w- c:\program files\Bonjour

2011-10-15 10:20 . 2011-10-15 10:20 -------- d-----w- c:\program files (x86)\Bonjour

2011-10-13 22:03 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys

2011-10-13 22:03 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll

2011-10-13 22:03 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax

2011-10-13 22:03 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll

2011-10-13 22:03 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax

2011-10-13 22:03 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll

2011-10-13 22:03 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll

2011-10-13 22:03 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll

2011-10-13 22:03 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2011-10-13 10:07 . 2011-10-13 10:07 388096 ----a-r- c:\users\Cees\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-10-13 10:07 . 2011-10-13 10:07 -------- d-----w- c:\program files (x86)\Trend Micro

2011-10-13 10:04 . 2011-10-13 10:15 -------- d-----w- C:\HiJack

2011-10-12 19:33 . 2011-10-12 19:33 -------- d-----w- c:\windows\Downloaded Program Files

2011-10-12 19:29 . 2011-10-12 19:30 -------- d-----w- C:\procexp

2011-10-12 13:53 . 2011-10-12 13:53 -------- d-----w- c:\programdata\Uniblue

2011-10-12 13:27 . 2011-10-12 13:27 -------- d-----w- c:\users\Cees\AppData\Roaming\TeamViewer

2011-10-12 13:25 . 2011-10-12 13:25 -------- d-----w- c:\program files (x86)\TeamViewer

2011-10-11 08:44 . 2011-10-18 16:13 -------- d-----w- c:\users\Cees\AppData\Local\Temp

2011-10-09 09:26 . 2011-10-09 09:26 -------- d-----w- c:\users\Cees\AppData\Roaming\OpenOffice.org

2011-10-09 09:24 . 2011-10-09 09:46 -------- d-----w- c:\program files (x86)\OpenOffice.org 3

2011-10-09 09:05 . 2011-10-09 09:05 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-10-07 09:42 . 2011-10-07 09:42 -------- d-----w- c:\windows\system32\Macromed

2011-10-06 14:08 . 2011-10-06 14:08 -------- d-----w- c:\program files\DisplayLink iPad Software

2011-10-06 12:31 . 2011-10-06 12:32 -------- d-----w- c:\program files\DisplayLink Graphics

2011-10-06 12:30 . 2011-10-06 12:31 -------- d-----w- c:\program files\DisplayLink Core Software

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd9.dll

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd11.dll

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd10.dll

2011-10-06 11:33 . 2011-10-06 12:34 -------- d-----w- c:\users\Cees\AppData\Local\IM

2011-10-06 11:32 . 2011-10-06 11:41 -------- d-----w- c:\programdata\IM

2011-10-06 11:32 . 2011-10-06 11:32 -------- d-----w- c:\programdata\IncrediMail

2011-10-06 11:31 . 2011-10-06 11:38 -------- d-----w- c:\program files (x86)\DealPly

2011-10-06 11:31 . 2011-10-06 11:31 -------- d-----w- c:\program files (x86)\FoxTabMusicConverter

2011-10-04 06:47 . 2011-10-04 06:47 -------- d-----w- C:\TOP Algemeen

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\users\Cees\AppData\Roaming\DriverCure

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\users\Cees\AppData\Roaming\PC Unleashed Online

2011-10-03 11:47 . 2011-10-18 14:33 -------- d-----w- c:\programdata\PC Unleashed Online

2011-09-30 07:05 . 2011-10-09 09:44 -------- d-----w- C:\TOP A1

2011-09-28 14:57 . 2011-09-28 14:57 -------- d-----w- c:\users\Cees\AppData\Local\G DATA

2011-09-28 14:55 . 2011-09-28 14:55 106488 ----a-w- c:\windows\system32\drivers\GRD.sys

2011-09-28 13:34 . 2011-09-28 13:34 58584 ----a-w- c:\windows\system32\drivers\PktIcpt.sys

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-07 09:42 . 2011-09-07 09:15 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-09-28 13:32 . 2011-06-05 19:31 47320 ----a-w- c:\windows\system32\drivers\GDBehave.sys

2011-09-28 13:32 . 2011-06-05 19:30 102616 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys

2011-09-28 13:32 . 2011-06-05 19:30 63704 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys

2011-08-30 21:05 . 2011-08-30 21:05 96104 ----a-w- c:\windows\system32\dns-sd.exe

2011-08-30 21:05 . 2011-08-30 21:05 85864 ----a-w- c:\windows\system32\dnssd.dll

2011-08-30 21:05 . 2011-08-30 21:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll

2011-08-30 21:05 . 2011-08-30 21:05 212840 ----a-w- c:\windows\system32\dnssdX.dll

2011-08-30 21:05 . 2011-08-30 21:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe

2011-08-30 21:05 . 2011-08-30 21:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll

2011-08-30 21:05 . 2011-08-30 21:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll

2011-08-30 21:05 . 2011-08-30 21:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll

2011-07-23 09:54 . 2011-07-23 09:54 53248 ----a-r- c:\users\Cees\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

.

.

((((((((((((((((((((((((((((( SnapShot@2011-10-18_11.10.12 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2011-10-18 10:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2011-10-18 14:41 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2011-10-18 10:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2011-10-18 14:41 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-09-27 14:29 . 2011-10-18 15:03 83864 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2011-10-18 15:03 33942 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2010-09-27 20:39 . 2011-10-18 15:03 24672 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2398009579-1224830499-2648912689-1000_UserData.bin

+ 2011-10-18 15:54 . 2011-10-18 15:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2011-10-18 10:52 . 2011-10-18 10:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-10-18 15:54 . 2011-10-18 15:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2011-10-18 10:52 . 2011-10-18 10:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-14 04:54 . 2011-10-18 14:41 163840 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2011-10-18 10:52 163840 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-09-28 07:08 . 2011-10-18 15:52 890736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2010-09-28 07:08 . 2011-10-18 10:51 890736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2009-07-14 05:01 . 2011-10-18 15:52 432436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2011-10-18 10:51 432436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-11-09 09:45 . 2011-10-18 15:52 15563960 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2398009579-1224830499-2648912689-1000-12288.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"DriverScanner"="c:\progra~2\Uniblue\DRIVER~1\launcher.exe" [2011-09-05 338296]

"SpeedUpMyPC"="c:\program files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" [2011-09-09 67960]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"ISTray"="c:\program files (x86)\Spyware Doctor\pctsTray.exe" [2010-10-25 1287120]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk /r \??\H:\0autocheck autochk *

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 GFI_ReportCenter35;GFI ReportCenter 3.5;c:\program files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [2009-06-16 111912]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 135664]

R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 DMRepairService;Performance Toolkit Disk Repair Service;c:\program files (x86)\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [2011-02-16 1034208]

R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2010-11-24 21712]

R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]

R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 135664]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [x]

R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 27136]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-05-12 25072]

R3 PCTDMDefrag;PCTDMDefrag;c:\windows\system32\drivers\PCTDMDefrag.sys [2011-02-04 162328]

R3 PCTDSMon;PCTDSMon;c:\windows\system32\drivers\PCTDSMon.sys [x]

R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]

R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]

R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 Common Toolkit Tools;Common Toolkit Tools;c:\program files (x86)\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2011-02-02 121480]

R4 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files (x86)\Fighters\SPAMfighter\sfus.exe service [x]

R4 Suite Service;Suite Service;c:\program files (x86)\Fighters\FighterSuiteService.exe [2011-09-16 1302152]

R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-24 140672]

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2011-04-10 9663848]

S2 DMDefragService;Performance Toolkit Disk Defrag Service;c:\program files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [2011-02-16 1050592]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]

S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]

S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-02-16 632800]

S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]

S2 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]

S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

Inhoud van de 'Gedeelde Taken' map

.

2011-10-17 c:\windows\Tasks\!PC Unleashed Registration3.job

- c:\windows\system32\rundll32.exe [2009-07-13 01:14]

.

2011-10-16 c:\windows\Tasks\!PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09]

.

2011-10-18 c:\windows\Tasks\DriverScanner.job

- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-10-12 14:20]

.

2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 20:33]

.

2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 20:33]

.

2011-10-17 c:\windows\Tasks\PTSchedule.job

- c:\program files (x86)\PC Tools Utilities\pt.exe [2011-06-06 07:02]

.

2011-10-18 c:\windows\Tasks\RegistryBooster.job

- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 13:29]

.

2011-10-18 c:\windows\Tasks\SpeedUpMyPC.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-10-12 07:23]

.

2011-10-18 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-20 8306208]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.kpnvandaag.nl/

uInternet Settings,ProxyOverride = *.local

IE: &Verzenden naar OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki...

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Cees\AppData\Roaming\Mozilla\Firefox\Profiles\qbpvl446.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3031769&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - SFT_Netherlands Customized Web Search

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3031769&SearchSource=13

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=IMH&o=2420&locale=nl_NL&apn_uid=45c5971b-ca01-439c-8931-de6650852d1b&apn_ptnrs=^A31&apn_sauid=B2FE4502-421E-4AB8-BF1A-1D77593E86B4&apn_dtid=^YYYYYY^YY^NL&atb=sysid%3D1%3Aappid%3D315%3Auc76012506&q=

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrvProxy.exe

c:\progra~2\Uniblue\DRIVER~1\driverscanner.exe

c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

c:\program files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

.

**************************************************************************

.

Voltooingstijd: 2011-10-18 18:15:49 - machine werd herstart

ComboFix-quarantined-files.txt 2011-10-18 16:15

ComboFix2.txt 2011-10-18 11:12

ComboFix3.txt 2011-10-17 15:26

ComboFix4.txt 2011-10-17 09:02

.

Pre-Run: 672.947.888.128 bytes beschikbaar

Post-Run: 672.773.271.552 bytes beschikbaar

.

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4

- - End Of File - - E0B2FAF39A49866F7524F0AD32BF5524

Hier weer de Combofix van vanmorgen, zit toc ook nu weer aan 190 x Rundll32.exe.

ComboFix 11-10-18.01 - Cees 18-10-2011 12:19:53.3.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.4095.2072 [GMT 2:00]

Gestart vanuit: c:\users\Cees\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Cees\Desktop\CFScript.txt

AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}

SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\programfiles\BEARSHARE\MediaBar\Datamngr\x64\IEBHO.dll"

"c:\windows\system32\dlumd10.dll"

"c:\windows\system32\dlumd11.dll"

"c:\windows\system32\dlumd9.dll"

"c:\windows\SysWow64\ConduitEngine.tmp"

"c:\windows\Tasks\PC Unleashed Registration3.job"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\ConduitEngine

c:\program files (x86)\ConduitEngine\appContextMenu.xml

c:\program files (x86)\ConduitEngine\ConduitEngin.dll

c:\program files (x86)\ConduitEngine\ConduitEngineHelper.exe

c:\program files (x86)\ConduitEngine\ConduitEngineUninstall.exe

c:\program files (x86)\ConduitEngine\engineContextMenu.xml

c:\program files (x86)\ConduitEngine\EngineSettings.json

c:\program files (x86)\ConduitEngine\ldrConduitEngin.dll

c:\program files (x86)\ConduitEngine\prxConduitEngin.dll

c:\program files (x86)\ConduitEngine\toolbar.cfg

c:\programdata\PCDr\5830\Downloads\0fc909b5-f105-4459-82f3-583c6ea5d734.dll

c:\programdata\PCDr\5830\Downloads\482517d4-aaa6-47f8-a7ad-de5cf6021ac2.dll

c:\programdata\PCDr\5830\Downloads\ca1d3e50-4692-4c3f-877c-4f9917ab37a5.dll

c:\programdata\PCDr\5830\Downloads\f9dc840b-c6f7-42a5-acec-50cc7a2827fd.dll

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-09-18 to 2011-10-18 ))))))))))))))))))))))))))))))

.

.

2011-10-18 10:55 . 2011-10-18 10:55 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9FDB300A-AA53-46C3-8612-DE5AF5710DC7}\offreg.dll

2011-10-18 10:51 . 2011-10-18 10:51 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2011-10-18 10:51 . 2011-10-18 10:51 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-10-18 07:11 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9FDB300A-AA53-46C3-8612-DE5AF5710DC7}\mpengine.dll

2011-10-17 11:48 . 2011-10-17 16:53 -------- d-----w- C:\Aanvraag activiteiten TOP

2011-10-17 08:20 . 2011-10-17 08:20 0 ----a-w- c:\windows\SysWow64\ConduitEngine.tmp

2011-10-17 08:20 . 2011-10-17 08:20 -------- d-----w- c:\program files (x86)\SFT_Netherlands

2011-10-16 10:27 . 2011-10-16 10:27 -------- d-----w- c:\users\Cees\AppData\Roaming\Malwarebytes

2011-10-16 10:26 . 2011-10-16 10:26 -------- d-----w- c:\programdata\Malwarebytes

2011-10-16 10:26 . 2011-10-16 10:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-10-16 10:26 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files\iTunes

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files (x86)\iTunes

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files\iPod

2011-10-15 10:20 . 2011-10-15 10:20 -------- d-----w- c:\program files\Bonjour

2011-10-15 10:20 . 2011-10-15 10:20 -------- d-----w- c:\program files (x86)\Bonjour

2011-10-13 22:03 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys

2011-10-13 22:03 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll

2011-10-13 22:03 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax

2011-10-13 22:03 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll

2011-10-13 22:03 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax

2011-10-13 22:03 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll

2011-10-13 22:03 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll

2011-10-13 22:03 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll

2011-10-13 22:03 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2011-10-13 10:07 . 2011-10-13 10:07 388096 ----a-r- c:\users\Cees\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-10-13 10:07 . 2011-10-13 10:07 -------- d-----w- c:\program files (x86)\Trend Micro

2011-10-13 10:04 . 2011-10-13 10:15 -------- d-----w- C:\HiJack

2011-10-12 19:33 . 2011-10-12 19:33 -------- d-----w- c:\windows\Downloaded Program Files

2011-10-12 19:29 . 2011-10-12 19:30 -------- d-----w- C:\procexp

2011-10-12 13:53 . 2011-10-12 13:53 -------- d-----w- c:\programdata\Uniblue

2011-10-12 13:27 . 2011-10-12 13:27 -------- d-----w- c:\users\Cees\AppData\Roaming\TeamViewer

2011-10-12 13:25 . 2011-10-12 13:25 -------- d-----w- c:\program files (x86)\TeamViewer

2011-10-11 08:44 . 2011-10-18 11:10 -------- d-----w- c:\users\Cees\AppData\Local\Temp

2011-10-09 09:26 . 2011-10-09 09:26 -------- d-----w- c:\users\Cees\AppData\Roaming\OpenOffice.org

2011-10-09 09:24 . 2011-10-09 09:46 -------- d-----w- c:\program files (x86)\OpenOffice.org 3

2011-10-09 09:05 . 2011-10-09 09:05 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-10-07 09:42 . 2011-10-07 09:42 -------- d-----w- c:\windows\system32\Macromed

2011-10-06 14:08 . 2011-10-06 14:08 -------- d-----w- c:\program files\DisplayLink iPad Software

2011-10-06 12:31 . 2011-10-06 12:32 -------- d-----w- c:\program files\DisplayLink Graphics

2011-10-06 12:30 . 2011-10-06 12:31 -------- d-----w- c:\program files\DisplayLink Core Software

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd9.dll

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd11.dll

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd10.dll

2011-10-06 11:33 . 2011-10-06 12:34 -------- d-----w- c:\users\Cees\AppData\Local\IM

2011-10-06 11:32 . 2011-10-06 11:41 -------- d-----w- c:\programdata\IM

2011-10-06 11:32 . 2011-10-06 11:32 -------- d-----w- c:\programdata\IncrediMail

2011-10-06 11:31 . 2011-10-06 11:38 -------- d-----w- c:\program files (x86)\DealPly

2011-10-06 11:31 . 2011-10-06 11:31 -------- d-----w- c:\program files (x86)\FoxTabMusicConverter

2011-10-04 06:47 . 2011-10-04 06:47 -------- d-----w- C:\TOP Algemeen

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\users\Cees\AppData\Roaming\DriverCure

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\users\Cees\AppData\Roaming\PC Unleashed Online

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\program files (x86)\Common Files\PC Unleashed Online

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\programdata\PC Unleashed Online

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\program files (x86)\PC Unleashed Online

2011-09-30 07:05 . 2011-10-09 09:44 -------- d-----w- C:\TOP A1

2011-09-28 14:57 . 2011-09-28 14:57 -------- d-----w- c:\users\Cees\AppData\Local\G DATA

2011-09-28 14:55 . 2011-09-28 14:55 106488 ----a-w- c:\windows\system32\drivers\GRD.sys

2011-09-28 13:34 . 2011-09-28 13:34 58584 ----a-w- c:\windows\system32\drivers\PktIcpt.sys

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-07 09:42 . 2011-09-07 09:15 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-09-28 13:32 . 2011-06-05 19:31 47320 ----a-w- c:\windows\system32\drivers\GDBehave.sys

2011-09-28 13:32 . 2011-06-05 19:30 102616 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys

2011-09-28 13:32 . 2011-06-05 19:30 63704 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys

2011-08-30 21:05 . 2011-08-30 21:05 96104 ----a-w- c:\windows\system32\dns-sd.exe

2011-08-30 21:05 . 2011-08-30 21:05 85864 ----a-w- c:\windows\system32\dnssd.dll

2011-08-30 21:05 . 2011-08-30 21:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll

2011-08-30 21:05 . 2011-08-30 21:05 212840 ----a-w- c:\windows\system32\dnssdX.dll

2011-08-30 21:05 . 2011-08-30 21:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe

2011-08-30 21:05 . 2011-08-30 21:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll

2011-08-30 21:05 . 2011-08-30 21:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll

2011-08-30 21:05 . 2011-08-30 21:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll

2011-07-23 09:54 . 2011-07-23 09:54 53248 ----a-r- c:\users\Cees\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"DriverScanner"="c:\progra~2\Uniblue\DRIVER~1\launcher.exe" [2011-09-05 338296]

"SpeedUpMyPC"="c:\program files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" [2011-09-09 67960]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-02-16 112608]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"ISTray"="c:\program files (x86)\Spyware Doctor\pctsTray.exe" [2010-10-25 1287120]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk /r \??\H:\0autocheck autochk *

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 GFI_ReportCenter35;GFI ReportCenter 3.5;c:\program files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [2009-06-16 111912]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 135664]

R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 Common Toolkit Tools;Common Toolkit Tools;c:\program files (x86)\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2011-02-02 121480]

R3 DMRepairService;Performance Toolkit Disk Repair Service;c:\program files (x86)\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [2011-02-16 1034208]

R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2010-11-24 21712]

R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]

R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 135664]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [x]

R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 27136]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-05-12 25072]

R3 PCTDMDefrag;PCTDMDefrag;c:\windows\system32\drivers\PCTDMDefrag.sys [2011-02-04 162328]

R3 PCTDSMon;PCTDSMon;c:\windows\system32\drivers\PCTDSMon.sys [x]

R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]

R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]

R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-24 140672]

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2011-04-10 9663848]

S2 DMDefragService;Performance Toolkit Disk Defrag Service;c:\program files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [2011-02-16 1050592]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]

S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]

S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-02-16 632800]

S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]

S2 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]

S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files (x86)\Fighters\SPAMfighter\sfus.exe service [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]

S2 Suite Service;Suite Service;c:\program files (x86)\Fighters\FighterSuiteService.exe [2011-09-16 1302152]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]

S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

Inhoud van de 'Gedeelde Taken' map

.

2011-10-03 c:\windows\Tasks\!.job

- c:\program files (x86)\Common Files\PC Unleashed Online\UUS3\Update3.exe [2011-09-06 18:27]

.

2011-10-03 c:\windows\Tasks\!PC Unleashed Defrag.job

- c:\program files (x86)\PC Unleashed Online\Suite\pcu.exe [2011-09-06 18:27]

.

2011-10-17 c:\windows\Tasks\!PC Unleashed Registration3.job

- c:\windows\system32\rundll32.exe [2009-07-13 01:14]

.

2011-10-03 c:\windows\Tasks\!PC Unleashed.job

- c:\program files (x86)\PC Unleashed Online\Suite\pcu.exe [2011-09-06 18:27]

.

2011-10-16 c:\windows\Tasks\!PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09]

.

2011-10-18 c:\windows\Tasks\DriverScanner.job

- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-10-12 14:20]

.

2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 20:33]

.

2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 20:33]

.

2011-10-18 c:\windows\Tasks\PC Unleashed Registration3.job

- c:\windows\system32\rundll32.exe [2009-07-13 01:14]

.

2011-10-17 c:\windows\Tasks\PTSchedule.job

- c:\program files (x86)\PC Tools Utilities\pt.exe [2011-06-06 07:02]

.

2011-10-18 c:\windows\Tasks\RegistryBooster.job

- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 13:29]

.

2011-10-18 c:\windows\Tasks\SpeedUpMyPC.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-10-12 07:23]

.

2011-10-18 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-20 8306208]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.kpnvandaag.nl/

uInternet Settings,ProxyOverride = *.local

IE: &Verzenden naar OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki...

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Cees\AppData\Roaming\Mozilla\Firefox\Profiles\qbpvl446.default\

FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/mb68?u=92823106547538112

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

AddRemove-conduitEngine - c:\program files (x86)\ConduitEngine\ConduitEngineUninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Fighters\SPAMfighter\sfus.exe

c:\program files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrvProxy.exe

c:\progra~2\Uniblue\DRIVER~1\driverscanner.exe

c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

c:\program files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

.

**************************************************************************

.

Voltooingstijd: 2011-10-18 13:12:34 - machine werd herstart

ComboFix-quarantined-files.txt 2011-10-18 11:12

ComboFix2.txt 2011-10-17 15:26

ComboFix3.txt 2011-10-17 09:02

.

Pre-Run: 674.216.394.752 bytes beschikbaar

Post-Run: 673.752.104.960 bytes beschikbaar

.

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4

- - End Of File - - EB39DB832310B4B8C8DC7121CF6ACBA5

Hai Kape,

Wellicht is dat de oplossing. Hoe kan ik PC Unleashed en wellicht andere pakketten tijdelijk uitschakelen , dus niet mee laten doen in de opstart, kan het via de Systeemconfiguratie niet vinden.

Cees

Hoi Kape,

denk erover na, maar kan eigelijk niet bepalen. Heb 14 dagen terug wel PC UNleashes Suite aangeschaft, maar dat heb ik gedaan omdat ik toen ook al "last" had van heel veel Rundll32.exe processen. Ook Speedup my pc en wellicht ook nohg wel Performance Toolkit van PC tools.Was, ben een beetje "wanhopig" kan wel vanalles aanschaffen, maar langzaamaan krijg ik de indruk dat al die pakketten TOCH niet doen waar ze zeggen dat ze voor staan.

mvgr Cees

Hai, het blijft teleurstellend, weer zo'n 190-200 processen en het overgrote deel dus rundll32.exe.Ik moet zeggen de strijdlustigheid van u kent geen grenzen, bravo.

Hier dan weer de Combofix.txt, succes......

ComboFix 11-10-16.03 - Cees 17-10-2011 16:20:04.2.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.4095.1484 [GMT 2:00]

Gestart vanuit: c:\users\Cees\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Cees\Desktop\CFScript.txt

AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}

SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\SysWow64\ConduitEngine.tmp"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\8be34f6062bcac1fa9f472b1

c:\8be34f6062bcac1fa9f472b1\$shtdwn$.req

c:\8be34f6062bcac1fa9f472b1\mrt.exe._p

c:\8be34f6062bcac1fa9f472b1\mrtstub.exe

c:\program files (x86)\Conduit

c:\program files (x86)\Conduit\Community Alerts\Alert.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\{1D0AB230-E7BC-41CB-A50C-F282273E897B}

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\48AD9CFF\2550D3FE\sfse_update.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\4C082224\2550D3FE\prep.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\4F68E0B0\2550D3FE\sfabook.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\53A1CE10\2550D3FE\uninstall.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\5866AD46\7F936AD3\FighterSuiteService.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\632C6714\7F936AD3\MsgSys.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\65AF38B5\2550D3FE\SFImport.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\6CBD2928\2550D3FE\lazymail.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\794E02E3\2550D3FE\sfsg.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_BG.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_CS.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_DA.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_DE.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_EL.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_EN.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_ES.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_FI.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_FR.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_HU.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_IT.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_JA.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_NL.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_NO.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_PL.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_PT.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_RU.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_SV.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_TH.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_TR.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_TW.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_VI.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\7D5481A\82E15348\Language_ZH.xml

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\add.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\addgrey.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\change.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\changegrey.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\checked.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\checked_off.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\delete.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\deletegrey.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\filter_blacklist.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\filter_language.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\filter_settings.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\filter_whitelist.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\import.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\importgrey.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\12A8F369\unchecked.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\am.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\br.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\cn.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\cz.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\de.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\dk.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\es.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\et.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\fi.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\fr.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\gb.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\gr.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\hu.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\il.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\it.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\jp.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\kr.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\nl.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\no.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\pl.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\pt.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\ru.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\sa.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\se.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\sy.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\th.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\Thumbs.db

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\tr.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\tw.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1601BAB5\vn.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\178AFE7C\clients_exchange.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\178AFE7C\clients_express.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\178AFE7C\clients_localexchange.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\178AFE7C\clients_move_express.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\178AFE7C\clients_move_mozilla.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\178AFE7C\clients_outlook.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\178AFE7C\clients_thunderbird.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\about.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\arrow.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\arrow_up.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\bg_gradient_stretch.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\bg_stretch.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\check.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\connect_server.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\download.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\error.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\feature.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\help.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\help.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\id_card.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\lightbox_pro.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\lightbox_trial.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\logo.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\pro.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\support.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\support.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_bg.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_ch.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_cs.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_da.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_de.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_el.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_en.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_es.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_fi.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_fr.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_it.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_ja.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_nl.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_no.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_pl.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_pt.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_ru.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_se.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_th.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_tw.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_buy_vi.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_pro_da.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\top_pro_en.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\topshadow.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\trial.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\unipb.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\unipb.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\1CD7C793\update.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\30FB3753\01.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\30FB3753\02.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\30FB3753\03.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\30FB3753\04.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\30FB3753\05.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\30FB3753\06.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\30FB3753\navbg.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\30FB3753\navbg_current.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\30FB3753\navbg_disable.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\38B9805F\settings_connection.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\38B9805F\settings_language.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\38B9805F\settings_tabicon_general.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\38B9805F\settings_tray.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\38B9805F\settings_update.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\38B9805F\Thumbs.db

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\41E213B6\Config.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\41E213B6\EmptyFolder.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\41E213B6\productkey.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\41E213B6\Recheck.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\41E213B6\TellFriend.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\41E213B6\toolbar.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\41E213B6\Unblock.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\5AE03A8D\ext_01.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\5AE03A8D\ext_02.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\5AE03A8D\ext_03.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\5AE03A8D\ext_04.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\5DB9F531\logo.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\80AFFD47\account_community.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\80AFFD47\account_details.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\80AFFD47\account_pro.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\80AFFD47\account_productkey.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\80AFFD47\account_productkeyhistory.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\80AFFD47\account_renew.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\80AFFD47\account_tabicon_licensesettings.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\80AFFD47\buyfullversion.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\btn_buy_now.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\btn_buy_now_down.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\legend_overview_01.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\legend_overview_01_active.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\overview_status.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\statistics_blocked.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\statistics_blocked_by_user.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\statistics_processed.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\statistics_spam_ratio.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\statistics_time_saved.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\tip_overview.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\tip_overview.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\valid_check.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\8A6B6CF1\valid_expired.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\B18E0ACD\arrow.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\B18E0ACD\congrats.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\B18E0ACD\logo.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\B18E0ACD\microsoft.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\about_lightbox.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\account.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\account.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\bwl.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\bwl.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\clients.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\filter.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\filter.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\framework.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\global.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\layout.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\msg_lightbox.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\msg_lightbox_single_btn.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\outlook.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\outlook.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\overview.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\overview.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\settings.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\settings.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\showmsg.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\showmsg.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\splash.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\splash.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\trial_lightbox.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\update_lightbox.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\waiting.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\whitelist.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8277B240\E163B30F\whitelist.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\8851A40E\2550D3FE\core.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\ext_01.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\ext_01s.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\ext_02.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\ext_02s.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\ext_03.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\ext_03s.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\ext_04.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\ext_04s.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\ext_05.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\ext_05s.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\programlist.css

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\programlist.html

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\A868BE47\48E26F98\smallarrow.png

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\B795D5F\2550D3FE\spamcfg.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\BE7ED5EA\7F936AD3\FighterLauncher.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\C9979B15\2550D3FE\sfhtml.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\d_\temp\builds\5\Sources\INSTAL~1\Input\Binaries\sfus.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\D0140EE4\2550D3FE\sfagent.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\D1D102C4\2550D3FE\SPAMfighterCfg.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\DCB7B8D6\2550D3FE\sfaccounts.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\F1FF8008\2550D3FE\sfse.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\common\FEF6F376\7F936AD3\sfhtml.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\3D592B89\1CF56704\license.russian.rtf

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\661D9F4\1CF56704\license.english.rtf

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\accountsettings.dib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\blacklistdomain.dib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\blacklistemail.dib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\block.dib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\config.dib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\emptyfolder.dib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\logosmall.bmp

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\recheck.dib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\tellfriend.dib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\unblock.dib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\whitelistdomain.dib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\7ADC4C4E\whitelistemail.dib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\8F70647E\aim.ico

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\8F70647E\aim_new.ico

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\8F70647E\buy.ico

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\8F70647E\logo.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\8F70647E\name.gif

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\8F70647E\uninstall.ico

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\BG.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\DA.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\DE.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\EL.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\EN.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\ES.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\FI.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\FR.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\IT.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\JA.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\NL.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\NO.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\PL.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\PT.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\RU.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\SV.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\7E17B875\9924EC87\ZH.HTM

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\99A306F\1CF56704\license.danish.rtf

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\B8386780\1CF56704\license.german.rtf

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\mIDEFunc.dll\mEXEFunc.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\customization\mMSI.dll\mMSIExec.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\instance.dat

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\live_mail\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\live_mail\69AF52FB\2550D3FE\LiveMailToolbar.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\live_mail\C2CC5F6B\2550D3FE\LiveKit.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\mia.lib

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\OFFLINE\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\OFFLINE\mIDEFunc.dll\mEXEFunc.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\OFFLINE\mMSI.dll\mMSIExec.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook\20D20DEC\AC2BCC48\sfol0000.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook\5210E975\AE0A5FB5\sfsg.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook\77024C1A\2E56BF77\sfoltool.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook\9C2AE21E\AE0A5FB5\SFImport.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook\A8A75B0B\AE0A5FB5\core.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook\B3898E4F\AE0A5FB5\SFABook.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook\BADB837F\AC2BCC48\sfoltool.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook\BE801A91\AE0A5FB5\sfse_update.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook\C0D228ED\AE0A5FB5\sfse.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook\F8C78E2F\2E56BF77\sfol0000.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook_express\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\outlook_express\A642F876\B123ACF5\sfoe0001.dll

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\SPAMfighter_Client.dat

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\SPAMfighter_Client.exe

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\SPAMfighter_Client.lan

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\SPAMfighter_Client.lnk

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\SPAMfighter_Client.msi

c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\SPAMfighter_Client.res

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\iMesh_V11_en_Setup.dat

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\iMesh_V11_en_Setup.exe

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\iMesh_V11_en_Setup.lnk

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\iMesh_V11_en_Setup.msi

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\iMesh_V11_en_Setup.par

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\iMesh_V11_en_Setup.res

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\instance.dat

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\mia.lib

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\OFFLINE\{71C01C2D-E157-4490-AEA7-088A4E791A2E}

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\OFFLINE\mDown.dll\mDownExec.dll

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\OFFLINE\mIDEFunc.dll\mEXEFunc.dll

c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\OFFLINE\mMSI.dll\mMSIExec.dll

c:\programdata\251FF

c:\programdata\251FF\{7D6FEDE7-56B4-43DF-872D-59E8C7BA4571}.swf

c:\programdata\iMesh

c:\programdata\iMesh\Creatives.xml

c:\programdata\iMesh\CreativesFiles\1.gif

c:\programdata\iMesh\CreativesFiles\10.gif

c:\programdata\iMesh\CreativesFiles\1040.gif

c:\programdata\iMesh\CreativesFiles\1043.gif

c:\programdata\iMesh\CreativesFiles\1044.gif

c:\programdata\iMesh\CreativesFiles\1050.gif

c:\programdata\iMesh\CreativesFiles\1054.gif

c:\programdata\iMesh\CreativesFiles\1055.gif

c:\programdata\iMesh\CreativesFiles\1057.gif

c:\programdata\iMesh\CreativesFiles\1058.gif

c:\programdata\iMesh\CreativesFiles\1060.gif

c:\programdata\iMesh\CreativesFiles\1062.gif

c:\programdata\iMesh\CreativesFiles\1063.gif

c:\programdata\iMesh\CreativesFiles\1070.gif

c:\programdata\iMesh\CreativesFiles\11.gif

c:\programdata\iMesh\CreativesFiles\12.gif

c:\programdata\iMesh\CreativesFiles\13.gif

c:\programdata\iMesh\CreativesFiles\14.gif

c:\programdata\iMesh\CreativesFiles\15.gif

c:\programdata\iMesh\CreativesFiles\16.gif

c:\programdata\iMesh\CreativesFiles\17.gif

c:\programdata\iMesh\CreativesFiles\18.gif

c:\programdata\iMesh\CreativesFiles\19.gif

c:\programdata\iMesh\CreativesFiles\2.gif

c:\programdata\iMesh\CreativesFiles\20.gif

c:\programdata\iMesh\CreativesFiles\21.gif

c:\programdata\iMesh\CreativesFiles\22.gif

c:\programdata\iMesh\CreativesFiles\23.gif

c:\programdata\iMesh\CreativesFiles\24.gif

c:\programdata\iMesh\CreativesFiles\25.gif

c:\programdata\iMesh\CreativesFiles\26.gif

c:\programdata\iMesh\CreativesFiles\27.gif

c:\programdata\iMesh\CreativesFiles\28.gif

c:\programdata\iMesh\CreativesFiles\29.gif

c:\programdata\iMesh\CreativesFiles\3.gif

c:\programdata\iMesh\CreativesFiles\30.gif

c:\programdata\iMesh\CreativesFiles\31.gif

c:\programdata\iMesh\CreativesFiles\32.gif

c:\programdata\iMesh\CreativesFiles\33.gif

c:\programdata\iMesh\CreativesFiles\34.gif

c:\programdata\iMesh\CreativesFiles\35.gif

c:\programdata\iMesh\CreativesFiles\36.gif

c:\programdata\iMesh\CreativesFiles\37.gif

c:\programdata\iMesh\CreativesFiles\38.gif

c:\programdata\iMesh\CreativesFiles\4.gif

c:\programdata\iMesh\CreativesFiles\5.gif

c:\programdata\iMesh\CreativesFiles\6.gif

c:\programdata\iMesh\CreativesFiles\7.gif

c:\programdata\iMesh\CreativesFiles\8.gif

c:\programdata\iMesh\CreativesFiles\9.gif

c:\programdata\iMesh\CreativesFiles\Thumbs.db

c:\programdata\iMesh\Player.swf

c:\users\Cees\AppData\Local\Conduit

c:\users\Cees\AppData\Local\Conduit\CT2724386\IncrediMail_MediaBar_2AutoUpdaterHelper.exe

c:\users\Cees\AppData\Local\Conduit\CT3031769\SFT_NetherlandsAutoUpdateHelper.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-09-17 to 2011-10-17 ))))))))))))))))))))))))))))))

.

.

2011-10-17 14:59 . 2011-10-17 14:59 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{04F7F782-9D4E-4A17-B4B0-047019BFB601}\offreg.dll

2011-10-17 14:54 . 2011-10-17 14:54 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2011-10-17 14:54 . 2011-10-17 14:54 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-10-17 11:48 . 2011-10-17 11:51 -------- d-----w- C:\Aanvraag activiteiten TOP

2011-10-17 08:20 . 2011-10-17 08:20 -------- d-----w- c:\program files (x86)\ConduitEngine

2011-10-17 08:20 . 2011-10-17 08:20 0 ----a-w- c:\windows\SysWow64\ConduitEngine.tmp

2011-10-17 08:20 . 2011-10-17 08:20 -------- d-----w- c:\program files (x86)\SFT_Netherlands

2011-10-16 10:27 . 2011-10-16 10:27 -------- d-----w- c:\users\Cees\AppData\Roaming\Malwarebytes

2011-10-16 10:26 . 2011-10-16 10:26 -------- d-----w- c:\programdata\Malwarebytes

2011-10-16 10:26 . 2011-10-16 10:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-10-16 10:26 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files\iTunes

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files (x86)\iTunes

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files\iPod

2011-10-15 10:20 . 2011-10-15 10:20 -------- d-----w- c:\program files\Bonjour

2011-10-15 10:20 . 2011-10-15 10:20 -------- d-----w- c:\program files (x86)\Bonjour

2011-10-14 09:46 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{04F7F782-9D4E-4A17-B4B0-047019BFB601}\mpengine.dll

2011-10-13 22:03 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys

2011-10-13 22:03 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll

2011-10-13 22:03 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax

2011-10-13 22:03 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll

2011-10-13 22:03 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax

2011-10-13 22:03 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll

2011-10-13 22:03 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll

2011-10-13 22:03 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll

2011-10-13 22:03 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2011-10-13 10:07 . 2011-10-13 10:07 388096 ----a-r- c:\users\Cees\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-10-13 10:07 . 2011-10-13 10:07 -------- d-----w- c:\program files (x86)\Trend Micro

2011-10-13 10:04 . 2011-10-13 10:15 -------- d-----w- C:\HiJack

2011-10-12 19:33 . 2011-10-12 19:33 -------- d-----w- c:\windows\Downloaded Program Files

2011-10-12 19:29 . 2011-10-12 19:30 -------- d-----w- C:\procexp

2011-10-12 13:53 . 2011-10-12 13:53 -------- d-----w- c:\programdata\Uniblue

2011-10-12 13:27 . 2011-10-12 13:27 -------- d-----w- c:\users\Cees\AppData\Roaming\TeamViewer

2011-10-12 13:25 . 2011-10-12 13:25 -------- d-----w- c:\program files (x86)\TeamViewer

2011-10-11 08:44 . 2011-10-17 15:24 -------- d-----w- c:\users\Cees\AppData\Local\Temp

2011-10-09 09:26 . 2011-10-09 09:26 -------- d-----w- c:\users\Cees\AppData\Roaming\OpenOffice.org

2011-10-09 09:24 . 2011-10-09 09:46 -------- d-----w- c:\program files (x86)\OpenOffice.org 3

2011-10-09 09:05 . 2011-10-09 09:05 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-10-07 09:42 . 2011-10-07 09:42 -------- d-----w- c:\windows\system32\Macromed

2011-10-06 14:08 . 2011-10-06 14:08 -------- d-----w- c:\program files\DisplayLink iPad Software

2011-10-06 12:31 . 2011-10-06 12:32 -------- d-----w- c:\program files\DisplayLink Graphics

2011-10-06 12:30 . 2011-10-06 12:31 -------- d-----w- c:\program files\DisplayLink Core Software

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd9.dll

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd11.dll

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd10.dll

2011-10-06 11:33 . 2011-10-06 12:34 -------- d-----w- c:\users\Cees\AppData\Local\IM

2011-10-06 11:32 . 2011-10-06 11:41 -------- d-----w- c:\programdata\IM

2011-10-06 11:32 . 2011-10-06 11:32 -------- d-----w- c:\programdata\IncrediMail

2011-10-06 11:31 . 2011-10-06 11:38 -------- d-----w- c:\program files (x86)\DealPly

2011-10-06 11:31 . 2011-10-06 11:31 -------- d-----w- c:\program files (x86)\FoxTabMusicConverter

2011-10-04 06:47 . 2011-10-04 06:47 -------- d-----w- C:\TOP Algemeen

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\users\Cees\AppData\Roaming\DriverCure

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\users\Cees\AppData\Roaming\PC Unleashed Online

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\program files (x86)\Common Files\PC Unleashed Online

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\programdata\PC Unleashed Online

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\program files (x86)\PC Unleashed Online

2011-09-30 07:05 . 2011-10-09 09:44 -------- d-----w- C:\TOP A1

2011-09-28 14:57 . 2011-09-28 14:57 -------- d-----w- c:\users\Cees\AppData\Local\G DATA

2011-09-28 14:55 . 2011-09-28 14:55 106488 ----a-w- c:\windows\system32\drivers\GRD.sys

2011-09-28 13:34 . 2011-09-28 13:34 58584 ----a-w- c:\windows\system32\drivers\PktIcpt.sys

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-07 09:42 . 2011-09-07 09:15 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-09-28 13:32 . 2011-06-05 19:31 47320 ----a-w- c:\windows\system32\drivers\GDBehave.sys

2011-09-28 13:32 . 2011-06-05 19:30 102616 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys

2011-09-28 13:32 . 2011-06-05 19:30 63704 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys

2011-08-30 21:05 . 2011-08-30 21:05 96104 ----a-w- c:\windows\system32\dns-sd.exe

2011-08-30 21:05 . 2011-08-30 21:05 85864 ----a-w- c:\windows\system32\dnssd.dll

2011-08-30 21:05 . 2011-08-30 21:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll

2011-08-30 21:05 . 2011-08-30 21:05 212840 ----a-w- c:\windows\system32\dnssdX.dll

2011-08-30 21:05 . 2011-08-30 21:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe

2011-08-30 21:05 . 2011-08-30 21:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll

2011-08-30 21:05 . 2011-08-30 21:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll

2011-08-30 21:05 . 2011-08-30 21:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll

2011-07-23 09:54 . 2011-07-23 09:54 53248 ----a-r- c:\users\Cees\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

2011-07-19 16:23 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2011-07-19 16:23 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2011-10-17_08.59.42 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-07-14 04:54 . 2011-10-17 14:57 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2011-10-17 08:42 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2011-10-17 08:42 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2011-10-17 14:57 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-09-27 14:29 . 2011-10-17 11:28 83190 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2011-10-17 11:28 33732 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

- 2009-07-14 05:10 . 2011-10-17 08:08 33732 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2010-09-27 20:39 . 2011-10-17 11:28 24560 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2398009579-1224830499-2648912689-1000_UserData.bin

- 2010-09-27 12:23 . 2011-10-13 15:38 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-09-27 12:23 . 2011-10-17 11:27 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-09-27 12:23 . 2011-10-17 11:27 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-09-27 12:23 . 2011-10-13 15:38 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2011-10-17 11:27 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2011-10-13 15:38 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-10-17 14:57 . 2011-10-17 14:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2011-10-17 08:42 . 2011-10-17 08:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-10-17 14:57 . 2011-10-17 14:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2011-10-17 08:42 . 2011-10-17 08:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 04:54 . 2011-10-17 08:42 163840 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2011-10-17 14:57 163840 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:46 . 2011-10-17 15:00 104672 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

- 2009-07-14 04:46 . 2011-10-14 14:33 104672 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

- 2010-09-28 07:08 . 2011-10-17 08:40 890736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2010-09-28 07:08 . 2011-10-17 14:55 890736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2009-07-14 05:01 . 2011-10-17 08:40 432436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2011-10-17 14:55 432436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-11-09 09:45 . 2011-10-17 14:55 15528956 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2398009579-1224830499-2648912689-1000-12288.dat

- 2010-11-09 09:45 . 2011-10-17 08:40 15528956 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2398009579-1224830499-2648912689-1000-12288.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-10-15 5500800]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"DriverScanner"="c:\progra~2\Uniblue\DRIVER~1\launcher.exe" [2011-09-05 338296]

"SpeedUpMyPC"="c:\program files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" [2011-09-09 67960]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]

"ISTray"="c:\program files (x86)\Spyware Doctor\pctsTray.exe" [2010-10-25 1287120]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-02-16 112608]

"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-06-21 225280]

"sfagent"="c:\program files (x86)\Fighters\SPAMfighter\sfagent.exe" [2011-09-16 1197192]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

.

c:\users\Cees\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

regwiz.lnk - c:\program files (x86)\eSupport.com\RegistryWizard\regwiz.exe [2010-11-24 3422240]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk /r \??\H:\0autocheck autochk *

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 GFI_ReportCenter35;GFI ReportCenter 3.5;c:\program files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [2009-06-16 111912]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 135664]

R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 Common Toolkit Tools;Common Toolkit Tools;c:\program files (x86)\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2011-02-02 121480]

R3 DMRepairService;Performance Toolkit Disk Repair Service;c:\program files (x86)\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [2011-02-16 1034208]

R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2010-11-24 21712]

R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]

R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 135664]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [x]

R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 27136]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-05-12 25072]

R3 PCTDMDefrag;PCTDMDefrag;c:\windows\system32\drivers\PCTDMDefrag.sys [2011-02-04 162328]

R3 PCTDSMon;PCTDSMon;c:\windows\system32\drivers\PCTDSMon.sys [x]

R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]

R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]

R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-24 140672]

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2011-04-10 9663848]

S2 DMDefragService;Performance Toolkit Disk Defrag Service;c:\program files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [2011-02-16 1050592]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]

S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]

S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-02-16 632800]

S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]

S2 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]

S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files (x86)\Fighters\SPAMfighter\sfus.exe service [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]

S2 Suite Service;Suite Service;c:\program files (x86)\Fighters\FighterSuiteService.exe [2011-09-16 1302152]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]

S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

Inhoud van de 'Gedeelde Taken' map

.

2011-10-17 c:\windows\Tasks\DriverScanner.job

- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-10-12 14:20]

.

2011-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 20:33]

.

2011-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 20:33]

.

2011-10-03 c:\windows\Tasks\PC Unleashed Defrag.job

- c:\program files (x86)\PC Unleashed Online\Suite\pcu.exe [2011-09-06 18:27]

.

2011-10-13 c:\windows\Tasks\PC Unleashed Registration3.job

- c:\windows\system32\rundll32.exe [2009-07-13 01:14]

.

2011-10-03 c:\windows\Tasks\PC Unleashed Update Version3.job

- c:\program files (x86)\Common Files\PC Unleashed Online\UUS3\Update3.exe [2011-09-06 18:27]

.

2011-10-03 c:\windows\Tasks\PC Unleashed.job

- c:\program files (x86)\PC Unleashed Online\Suite\pcu.exe [2011-09-06 18:27]

.

2011-10-16 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09]

.

2011-10-13 c:\windows\Tasks\PTSchedule.job

- c:\program files (x86)\PC Tools Utilities\pt.exe [2011-06-06 07:02]

.

2011-10-17 c:\windows\Tasks\RegistryBooster.job

- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 13:29]

.

2011-10-17 c:\windows\Tasks\SpeedUpMyPC.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-10-12 07:23]

.

2011-10-17 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]

2011-02-08 17:22 1057712 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-20 8306208]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.kpnvandaag.nl/

uInternet Settings,ProxyOverride = *.local

IE: &Verzenden naar OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki...

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Cees\AppData\Roaming\Mozilla\Firefox\Profiles\qbpvl446.default\

FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/mb68?u=92823106547538112

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

AddRemove-iMesh - c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\iMesh_V11_en_Setup.exe

AddRemove-SPAMfighter - c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\SPAMfighter_Client.exe

AddRemove-{1D0AB230-E7BC-41CB-A50C-F282273E897B} - c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}\SPAMfighter_Client.exe

AddRemove-{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763} - c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}\iMesh_V11_en_Setup.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Fighters\SPAMfighter\sfus.exe

c:\program files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrvProxy.exe

c:\progra~2\Uniblue\DRIVER~1\driverscanner.exe

c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

c:\program files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

.

**************************************************************************

.

Voltooingstijd: 2011-10-17 17:26:35 - machine werd herstart

ComboFix-quarantined-files.txt 2011-10-17 15:26

ComboFix2.txt 2011-10-17 09:02

.

Pre-Run: 673.602.629.632 bytes beschikbaar

Post-Run: 673.270.345.728 bytes beschikbaar

.

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4

- - End Of File - - EAB8553C60D5A9ABBBC5FD9E82A7BDDA

bijdeze....... excuus

ComboFix 11-10-16.03 - Cees 17-10-2011 10:31:08.1.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.4095.1713 [GMT 2:00]

Gestart vanuit: c:\users\Cees\Desktop\ComboFix.exe

AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}

SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\install.exe

c:\program files (x86)\facemoods.com

c:\program files (x86)\facemoods.com\facemoods\1.4.17.9\facemoods.crx

c:\program files (x86)\facemoods.com\facemoods\1.4.17.9\facemoods.png

c:\program files (x86)\facemoods.com\facemoods\1.4.17.9\facemoodsApp.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.9\facemoodsEng.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.9\facemoodssrv.exe

c:\program files (x86)\facemoods.com\facemoods\1.4.17.9\facemoodsTlbr.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.9\uninstall.exe

c:\program files (x86)\facemoods.com\sqlite3.dll

c:\programdata\PCDr\5830\Downloads\0fc909b5-f105-4459-82f3-583c6ea5d734.dll

c:\programdata\PCDr\5830\Downloads\482517d4-aaa6-47f8-a7ad-de5cf6021ac2.dll

c:\programdata\PCDr\5830\Downloads\ca1d3e50-4692-4c3f-877c-4f9917ab37a5.dll

c:\programdata\PCDr\5830\Downloads\f9dc840b-c6f7-42a5-acec-50cc7a2827fd.dll

c:\users\Public\Firefox Setup 6.0.2.exe

c:\users\Public\IE9-Windows7-x86-nld.exe

c:\windows\assembly\GAC_MSIL\Toolbar

c:\windows\assembly\GAC_MSIL\Toolbar\1.0.0.0__f2e11770db40f5b0\Toolbar.dll

c:\windows\security\Database\tmp.edb

c:\windows\SysWow64\dlumd10.dll

c:\windows\SysWow64\dlumd11.dll

c:\windows\SysWow64\dlumd9.dll

I:\autorun.inf

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-09-17 to 2011-10-17 ))))))))))))))))))))))))))))))

.

.

2011-10-17 08:45 . 2011-10-17 08:45 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{04F7F782-9D4E-4A17-B4B0-047019BFB601}\offreg.dll

2011-10-17 08:20 . 2011-10-17 08:20 -------- d-----w- c:\program files (x86)\Conduit

2011-10-17 08:20 . 2011-10-17 08:20 0 ----a-w- c:\windows\SysWow64\ConduitEngine.tmp

2011-10-17 08:20 . 2011-10-17 08:20 -------- d-----w- c:\program files (x86)\SFT_Netherlands

2011-10-16 10:27 . 2011-10-16 10:27 -------- d-----w- c:\users\Cees\AppData\Roaming\Malwarebytes

2011-10-16 10:26 . 2011-10-16 10:26 -------- d-----w- c:\programdata\Malwarebytes

2011-10-16 10:26 . 2011-10-16 10:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-10-16 10:26 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files\iTunes

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files (x86)\iTunes

2011-10-15 10:22 . 2011-10-15 10:22 -------- d-----w- c:\program files\iPod

2011-10-15 10:20 . 2011-10-15 10:20 -------- d-----w- c:\program files\Bonjour

2011-10-15 10:20 . 2011-10-15 10:20 -------- d-----w- c:\program files (x86)\Bonjour

2011-10-14 09:46 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{04F7F782-9D4E-4A17-B4B0-047019BFB601}\mpengine.dll

2011-10-13 22:03 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys

2011-10-13 22:03 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll

2011-10-13 22:03 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax

2011-10-13 22:03 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll

2011-10-13 22:03 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax

2011-10-13 22:03 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll

2011-10-13 22:03 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll

2011-10-13 22:03 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll

2011-10-13 22:03 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2011-10-13 10:07 . 2011-10-13 10:07 388096 ----a-r- c:\users\Cees\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-10-13 10:07 . 2011-10-13 10:07 -------- d-----w- c:\program files (x86)\Trend Micro

2011-10-13 10:04 . 2011-10-13 10:15 -------- d-----w- C:\HiJack

2011-10-12 19:33 . 2011-10-12 19:33 -------- d-----w- c:\windows\Downloaded Program Files

2011-10-12 19:29 . 2011-10-12 19:30 -------- d-----w- C:\procexp

2011-10-12 13:53 . 2011-10-12 13:53 -------- d-----w- c:\programdata\Uniblue

2011-10-12 13:27 . 2011-10-12 13:27 -------- d-----w- c:\users\Cees\AppData\Roaming\TeamViewer

2011-10-12 13:25 . 2011-10-12 13:25 -------- d-----w- c:\program files (x86)\TeamViewer

2011-10-11 08:44 . 2011-10-17 08:59 -------- d-----w- c:\users\Cees\AppData\Local\Temp

2011-10-09 09:26 . 2011-10-09 09:26 -------- d-----w- c:\users\Cees\AppData\Roaming\OpenOffice.org

2011-10-09 09:24 . 2011-10-09 09:46 -------- d-----w- c:\program files (x86)\OpenOffice.org 3

2011-10-09 09:05 . 2011-10-09 09:05 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-10-07 09:42 . 2011-10-07 09:42 -------- d-----w- c:\windows\system32\Macromed

2011-10-06 14:08 . 2011-10-06 14:08 -------- d-----w- c:\program files\DisplayLink iPad Software

2011-10-06 12:31 . 2011-10-06 12:32 -------- d-----w- c:\program files\DisplayLink Graphics

2011-10-06 12:30 . 2011-10-06 12:31 -------- d-----w- c:\program files\DisplayLink Core Software

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd9.dll

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd11.dll

2011-10-06 12:29 . 2011-10-06 12:29 0 ----a-w- c:\windows\system32\dlumd10.dll

2011-10-06 11:42 . 2011-10-17 08:20 -------- d-----w- c:\users\Cees\AppData\Local\Conduit

2011-10-06 11:33 . 2011-10-06 12:34 -------- d-----w- c:\users\Cees\AppData\Local\IM

2011-10-06 11:32 . 2011-10-06 11:41 -------- d-----w- c:\programdata\IM

2011-10-06 11:32 . 2011-10-06 11:32 -------- d-----w- c:\programdata\IncrediMail

2011-10-06 11:31 . 2011-10-06 11:38 -------- d-----w- c:\program files (x86)\DealPly

2011-10-06 11:31 . 2011-10-06 11:31 -------- d-----w- c:\program files (x86)\FoxTabMusicConverter

2011-10-04 06:47 . 2011-10-04 06:47 -------- d-----w- C:\TOP Algemeen

2011-10-04 06:36 . 2011-10-04 06:38 -------- dc-h--w- c:\programdata\{0CD22FA8-3496-4871-99A9-D17B50F6ACAA}

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\users\Cees\AppData\Roaming\DriverCure

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\users\Cees\AppData\Roaming\PC Unleashed Online

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\program files (x86)\Common Files\PC Unleashed Online

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\programdata\PC Unleashed Online

2011-10-03 11:47 . 2011-10-03 11:47 -------- d-----w- c:\program files (x86)\PC Unleashed Online

2011-09-30 07:05 . 2011-10-09 09:44 -------- d-----w- C:\TOP A1

2011-09-28 14:57 . 2011-09-28 14:57 -------- d-----w- c:\users\Cees\AppData\Local\G DATA

2011-09-28 14:55 . 2011-09-28 14:55 106488 ----a-w- c:\windows\system32\drivers\GRD.sys

2011-09-28 13:34 . 2011-09-28 13:34 58584 ----a-w- c:\windows\system32\drivers\PktIcpt.sys

2011-09-28 11:02 . 2011-09-28 11:02 -------- d-----w- C:\8be34f6062bcac1fa9f472b1

2011-09-21 22:47 . 2011-09-21 22:47 -------- d-----w- c:\programdata\251FF

2011-09-19 13:58 . 2011-09-19 13:58 -------- d-----w- c:\programdata\iMesh

2011-09-19 13:57 . 2011-09-19 14:01 -------- dc-h--w- c:\programdata\{71C01C2D-E157-4490-AEA7-088A4E791A2E}

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-07 09:42 . 2011-09-07 09:15 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-09-28 13:32 . 2011-06-05 19:31 47320 ----a-w- c:\windows\system32\drivers\GDBehave.sys

2011-09-28 13:32 . 2011-06-05 19:30 102616 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys

2011-09-28 13:32 . 2011-06-05 19:30 63704 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys

2011-08-30 21:05 . 2011-08-30 21:05 96104 ----a-w- c:\windows\system32\dns-sd.exe

2011-08-30 21:05 . 2011-08-30 21:05 85864 ----a-w- c:\windows\system32\dnssd.dll

2011-08-30 21:05 . 2011-08-30 21:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll

2011-08-30 21:05 . 2011-08-30 21:05 212840 ----a-w- c:\windows\system32\dnssdX.dll

2011-08-30 21:05 . 2011-08-30 21:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe

2011-08-30 21:05 . 2011-08-30 21:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll

2011-08-30 21:05 . 2011-08-30 21:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll

2011-08-30 21:05 . 2011-08-30 21:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll

2011-07-23 09:54 . 2011-07-23 09:54 53248 ----a-r- c:\users\Cees\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

2011-07-19 16:23 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2011-07-19 16:23 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{1c94aa0d-7416-4289-b2ba-834282060870}"= "c:\program files (x86)\SFT_Netherlands\prxtbSFT_.dll" [2011-03-28 176936]

.

[HKEY_CLASSES_ROOT\clsid\{1c94aa0d-7416-4289-b2ba-834282060870}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1c94aa0d-7416-4289-b2ba-834282060870}]

2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\SFT_Netherlands\prxtbSFT_.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngin.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{1c94aa0d-7416-4289-b2ba-834282060870}"= "c:\program files (x86)\SFT_Netherlands\prxtbSFT_.dll" [2011-03-28 176936]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngin.dll" [2011-03-28 176936]

.

[HKEY_CLASSES_ROOT\clsid\{1c94aa0d-7416-4289-b2ba-834282060870}]

.

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-10-15 5500800]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"DriverScanner"="c:\progra~2\Uniblue\DRIVER~1\launcher.exe" [2011-09-05 338296]

"SpeedUpMyPC"="c:\program files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" [2011-09-09 67960]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]

"ISTray"="c:\program files (x86)\Spyware Doctor\pctsTray.exe" [2010-10-25 1287120]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-02-16 112608]

"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-06-21 225280]

"sfagent"="c:\program files (x86)\Fighters\SPAMfighter\sfagent.exe" [2011-09-16 1197192]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

.

c:\users\Cees\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

regwiz.lnk - c:\program files (x86)\eSupport.com\RegistryWizard\regwiz.exe [2010-11-24 3422240]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk /r \??\H:\0autocheck autochk *

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 GFI_ReportCenter35;GFI ReportCenter 3.5;c:\program files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [2009-06-16 111912]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 135664]

R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 Common Toolkit Tools;Common Toolkit Tools;c:\program files (x86)\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2011-02-02 121480]

R3 DMRepairService;Performance Toolkit Disk Repair Service;c:\program files (x86)\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [2011-02-16 1034208]

R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2010-11-24 21712]

R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]

R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 135664]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [x]

R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 27136]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-05-12 25072]

R3 PCTDMDefrag;PCTDMDefrag;c:\windows\system32\drivers\PCTDMDefrag.sys [2011-02-04 162328]

R3 PCTDSMon;PCTDSMon;c:\windows\system32\drivers\PCTDSMon.sys [x]

R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]

R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]

R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-24 140672]

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2011-04-10 9663848]

S2 DMDefragService;Performance Toolkit Disk Defrag Service;c:\program files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [2011-02-16 1050592]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]

S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]

S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-02-16 632800]

S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]

S2 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]

S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files (x86)\Fighters\SPAMfighter\sfus.exe service [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]

S2 Suite Service;Suite Service;c:\program files (x86)\Fighters\FighterSuiteService.exe [2011-09-16 1302152]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]

S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

Inhoud van de 'Gedeelde Taken' map

.

2011-10-17 c:\windows\Tasks\DriverScanner.job

- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-10-12 14:20]

.

2011-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 20:33]

.

2011-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 20:33]

.

2011-10-03 c:\windows\Tasks\PC Unleashed Defrag.job

- c:\program files (x86)\PC Unleashed Online\Suite\pcu.exe [2011-09-06 18:27]

.

2011-10-13 c:\windows\Tasks\PC Unleashed Registration3.job

- c:\windows\system32\rundll32.exe [2009-07-13 01:14]

.

2011-10-03 c:\windows\Tasks\PC Unleashed Update Version3.job

- c:\program files (x86)\Common Files\PC Unleashed Online\UUS3\Update3.exe [2011-09-06 18:27]

.

2011-10-03 c:\windows\Tasks\PC Unleashed.job

- c:\program files (x86)\PC Unleashed Online\Suite\pcu.exe [2011-09-06 18:27]

.

2011-10-16 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09]

.

2011-10-13 c:\windows\Tasks\PTSchedule.job

- c:\program files (x86)\PC Tools Utilities\pt.exe [2011-06-06 07:02]

.

2011-10-17 c:\windows\Tasks\RegistryBooster.job

- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 13:29]

.

2011-10-17 c:\windows\Tasks\SpeedUpMyPC.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-10-12 07:23]

.

2011-10-17 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]

2011-02-08 17:22 1057712 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Cees\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Cees\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Cees\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Cees\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-20 8306208]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

"AppInit_DLLs"=c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.kpnvandaag.nl/

uInternet Settings,ProxyOverride = *.local

IE: &Verzenden naar OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki...

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Cees\AppData\Roaming\Mozilla\Firefox\Profiles\qbpvl446.default\

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/mb68?u=92823106547538112

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=IMH&o=2420&locale=nl_NL&apn_uid=45c5971b-ca01-439c-8931-de6650852d1b&apn_ptnrs=^A31&apn_sauid=B2FE4502-421E-4AB8-BF1A-1D77593E86B4&apn_dtid=^YYYYYY^YY^NL&atb=sysid%3D1%3Aappid%3D315%3Auc76012506&q=

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)

AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.9\uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Fighters\SPAMfighter\sfus.exe

c:\program files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrvProxy.exe

c:\progra~2\Uniblue\DRIVER~1\driverscanner.exe

c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

c:\program files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

.

**************************************************************************

.

Voltooingstijd: 2011-10-17 11:02:42 - machine werd herstart

ComboFix-quarantined-files.txt 2011-10-17 09:02

.

Pre-Run: 673.851.301.888 bytes beschikbaar

Post-Run: 673.459.593.216 bytes beschikbaar

.

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4

- - End Of File - - 6AEACF9C6869E98A81AD5B2C7BA75BD6

Helaas moet ik mconstateren dat de Rundll32.exe weer welig tieren in Windows Taakbeheer.

Het aantal processen is 188-190

Ceeszu

- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 13:29]

.

2011-10-17 c:\windows\Tasks\SpeedUpMyPC.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-10-12 07:23]

.

2011-10-17 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]

2011-02-08 17:22 1057712 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Cees\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Cees\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Cees\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Cees\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-20 8306208]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

"AppInit_DLLs"=c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.kpnvandaag.nl/

uInternet Settings,ProxyOverride = *.local

IE: &Verzenden naar OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki...

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Cees\AppData\Roaming\Mozilla\Firefox\Profiles\qbpvl446.default\

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/mb68?u=92823106547538112

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=IMH&o=2420&locale=nl_NL&apn_uid=45c5971b-ca01-439c-8931-de6650852d1b&apn_ptnrs=^A31&apn_sauid=B2FE4502-421E-4AB8-BF1A-1D77593E86B4&apn_dtid=^YYYYYY^YY^NL&atb=sysid%3D1%3Aappid%3D315%3Auc76012506&q=

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)

AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.9\uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Fighters\SPAMfighter\sfus.exe

c:\program files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrvProxy.exe

c:\progra~2\Uniblue\DRIVER~1\driverscanner.exe

c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

c:\program files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

.

**************************************************************************

.

Voltooingstijd: 2011-10-17 11:02:42 - machine werd herstart

ComboFix-quarantined-files.txt 2011-10-17 09:02

.

Pre-Run: 673.851.301.888 bytes beschikbaar

Post-Run: 673.459.593.216 bytes beschikbaar

.

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4

- - End Of File - - 6AEACF9C6869E98A81AD5B2C7BA75BD6

Helaas, hjet aantal rundll32.exe processen loopt weer gestaag op het zijn er nu al meer dan 70, Heb alleen de pc opgestart, microsoft office, internet explorer en taskmanager om te zien hoe het gaat zit nu alaan een 160 processsen. Helaas begrijp ik het niet........ wel heel erg bedankt voor de snelle reactie en om te zien of je het kunt oplossen.....

mvgr Ceeszu

Beste Kweezie Wabbit, hier het logbestand van M Bam

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Databaseversie: 7957

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

16-10-2011 12:33:02

mbam-log-2011-10-16 (12-33-02).txt

Scantype: Snelle scan

Objecten gescand: 202537

Verstreken tijd: 4 minuut/minuten, 40 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 0

Registerwaarden geïnfecteerd: 0

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

en het logbestand van HijackThis

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:34:12, on 16-10-2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe

C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe

C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\PROGRA~2\Uniblue\DRIVER~1\driverscanner.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files (x86)\Spyware Doctor\pctsTray.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\PROGRA~2\Uniblue\SPEEDU~1\sump.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

C:\Windows\sysWow64\SearchProtocolHost.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = KPN Vandaag

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe

O4 - HKLM\..\Run: [sfagent] C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [DriverScanner] "C:\PROGRA~2\Uniblue\DRIVER~1\launcher.exe" delay 20000

O4 - HKCU\..\Run: [speedUpMyPC] "C:\PROGRA~2\Uniblue\SPEEDU~1\launcher.exe" -d 20000

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-2398009579-1224830499-2648912689-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2398009579-1224830499-2648912689-1004\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2398009579-1224830499-2648912689-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Startup: regwiz.lnk = C:\Program Files (x86)\eSupport.com\RegistryWizard\regwiz.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.euro.dell.com/systemprofiler/SysProExe.CAB

O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.euro.dell.com/systemprofiler/DellSystemLite.CAB

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: Common Toolkit Tools - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe

O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe

O23 - Service: Performance Toolkit Disk Defrag Service (DMDefragService) - PC Tools - C:\Program Files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe

O23 - Service: Performance Toolkit Disk Repair Service (DMRepairService) - PC Tools - C:\Program Files (x86)\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GFI ReportCenter 3.5 (GFI_ReportCenter35) - GFI Software Ltd. - C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe

O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--

End of file - 16769 bytes

mvgr Ceeszu

Beste ProMind,

bij deze de logfile:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:15:21, on 13-10-2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe

C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe

C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

C:\PROGRA~2\Uniblue\DRIVER~1\driverscanner.exe

C:\Program Files (x86)\Spyware Doctor\pctsTray.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files (x86)\Ask.com\Updater\Updater.exe

C:\PROGRA~2\Uniblue\SPEEDU~1\sump.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

C:\Windows\sysWow64\SearchProtocolHost.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = KPN Vandaag

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Facemoods Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

R3 - URLSearchHook: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll

R3 - URLSearchHook: IncrediMail MediaBar 2 Toolbar - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbInc0.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.9\bh\facemoods.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL

O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll

O2 - BHO: softonic-de3 - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O2 - BHO: IncrediMail MediaBar 2 - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbInc0.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O3 - Toolbar: hooeey webprint - {b5b9461e-6a80-4f94-91aa-b9c1ae2710b3} - mscoree.dll (file missing)

O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.9\facemoodsTlbr.dll

O3 - Toolbar: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

O3 - Toolbar: (no name) - {0DFC36E8-EAE8-484F-A89C-F565849A210F} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: IncrediMail MediaBar 2 Toolbar - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbInc0.dll

O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.9\facemoodssrv.exe" /md I

O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

O4 - HKLM\..\Run: [sfagent] C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [DriverScanner] "C:\PROGRA~2\Uniblue\DRIVER~1\launcher.exe" delay 20000

O4 - HKCU\..\Run: [speedUpMyPC] "C:\PROGRA~2\Uniblue\SPEEDU~1\launcher.exe" -d 20000

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-2398009579-1224830499-2648912689-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2398009579-1224830499-2648912689-1004\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2398009579-1224830499-2648912689-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Startup: regwiz.lnk = C:\Program Files (x86)\eSupport.com\RegistryWizard\regwiz.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Casino Classic - >#ypçÁæ{NÕ÷>òn’þ=ìB½[!#ìù - (no file) (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.euro.dell.com/systemprofiler/SysProExe.CAB

O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.euro.dell.com/systemprofiler/DellSystemLite.CAB

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: Common Toolkit Tools - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe

O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe

O23 - Service: Performance Toolkit Disk Defrag Service (DMDefragService) - PC Tools - C:\Program Files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe

O23 - Service: Performance Toolkit Disk Repair Service (DMRepairService) - PC Tools - C:\Program Files (x86)\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GFI ReportCenter 3.5 (GFI_ReportCenter35) - GFI Software Ltd. - C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe

O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 20621 bytes

Wanneer ik mijn taakbeheer opstart en kijk naar de Processen dan zie tot mijn verbazing dat er 202 processen zijn gestarten meer dan 180 rundll32.exe Imagenamen staan met een hegeugen zo rond de 5000 kb????

Wat is hier aan de hand????

Cees