sofianmaster
-
Items
157 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door sofianmaster
-
-
Werkt zonder enkel probleem
-
Al bedankt voor je reactie, maar als ik op de explorer.exe druk dan komt er ee nieuw scherm naar mijn documenten
-
Goeiendag allemaal
Ik heb al zo'n ongeveer 2 maanden een nieuwe pc. Het enige probleem hierbij is als ik configuratiescherm open staat er dan explorer.exe werkt niet meer. Kunnen jullie mij hierbij helpen?
(Deze error kwam ook al van toen ik de computer net kreeg)
-
Vroeger alleen bij sommige games(pes 2010, Crossfire). Nu altijd. Zelfs als ik een video bekijk op youtube komt er een BSOD. Maar ik wil iets anders vragen. Vandaag krijg ik een nieuwe pc en ik wil graag deze computer(met dell restore manager) terug krijgen naar de fabrieksinstellingen. Zou deze BSOD dan hersteld zijn of niet?
Dank u
-
Na een paar weken testen heb ik ondervonden dat de BSOD nog steeds voorkomt.
-
Ik heb systeemherstel uitgevoerd tot 5 dagen geleden(heb toen veel drivers van Dell gedownload). De 2de BSOD is verdwenen, alleen de 1ste komt nog vaak voor
-
neen, jammer genoeg nog steeds de BSOD. Ik heb het programma ook opnieuw geïnstalleerd maar zonder succes
-
DirectX versie: 11 wat eigenlijk vreemd is. Ik had nl. DirectX 10
-
Merk: Dell
Type: PP29L
Serie nr: 07146
Misschien heb je deze codes ook nodig:
ServiceTag: FR39M3J
Express Code: 342-898-091-83
P/N: HT588 A00
Alvast bedankt
-
Ik heb een intel xD en het probleem is dat ik een laptop heb. M.a.w de videokaart is geïntegreerd op het moederbord.
-
-
Mijn vriend speelt dit spel al heel lang zonder problemen. En zoals je me nu vertelt is het wel degelijk de videokaart. Het kan aan de update liggen. Weet je misschien hoe ik de update van de videokaart kan verwijderen?
-
Ik begrijp niet helemaal hoe je die memtest moet runnen. Ook heb ik sinds vandaag een andere BSOD.
Microsoft ® Windows Debugger Version 6.11.0001.404 X86
Copyright © Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\Mini122409-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*DownstreamStore*Symbol information
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6002.18082.x86fre.vistasp2_gdr.090803-2339
Machine Name:
Kernel base = 0x8244e000 PsLoadedModuleList = 0x82565c70
Debug session time: Thu Dec 24 11:13:55.704 2009 (GMT+1)
System Uptime: 0 days 0:09:29.465
Loading Kernel Symbols
...............................................................
................................................................
................................................................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D1, {8a3e2c50, ff, 0, c4845167}
Unable to load image \??\C:\Windows\system32\XDva317.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for XDva317.sys
*** ERROR: Module load completed but symbols could not be loaded for XDva317.sys
Probably caused by : XDva317.sys ( XDva317+8167 )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 8a3e2c50, memory referenced
Arg2: 000000ff, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: c4845167, address which referenced memory
Debugging Details:
------------------
READ_ADDRESS: GetPointerFromAddress: unable to read from 82585868
Unable to read MiSystemVaType memory at 82565420
8a3e2c50
CURRENT_IRQL: 0
FAULTING_IP:
XDva317+8167
c4845167 ?? ???
ADDITIONAL_DEBUG_TEXT: The trap occurred when interrupts are disabled on the target.
BUGCHECK_STR: DISABLED_INTERRUPT_FAULT
CUSTOMER_CRASH_COUNT: 2
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
PROCESS_NAME: crossfire.exe
TRAP_FRAME: b5692620 -- (.trap 0xffffffffb5692620)
ErrCode = 00000000
eax=85801f50 ebx=c4848790 ecx=8a3e2c50 edx=8a3e2c50 esi=00000050 edi=b5692714
eip=c4845167 esp=b5692694 ebp=b56926d0 iopl=0 nv up di pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010046
XDva317+0x8167:
c4845167 ?? ???
Resetting default scope
LAST_CONTROL_TRANSFER: from c4845167 to 8249bfb9
STACK_TEXT:
b5692620 c4845167 badb0d00 8a3e2c50 00000060 nt!KiTrap0E+0x2e1
WARNING: Stack unwind information not available. Following frames may be wrong.
b5692690 b5692714 c484a00c 9625c000 b5692cf0 XDva317+0x8167
b56926d0 c4843ed1 82585b00 82585b40 c484a00c 0xb5692714
b56926f8 c484564d b5692738 b5692714 d8492e58 XDva317+0x6ed1
b56928e4 c483e075 d8492e58 000001a8 d8492e58 XDva317+0x864d
b5692bd0 c484011a d8076f68 c77e9358 00000001 XDva317+0x1075
b5692c0c 827306be d5846448 d8076f68 c77e9358 XDva317+0x311a
b5692c30 8249292d d8076fd8 d8076f68 d5846448 nt!IovCallDriver+0x23f
b5692c44 826946a1 c77e9358 d8076f68 d8076fd8 nt!IofCallDriver+0x1b
b5692c64 82694e46 d5846448 c77e9358 0012cb00 nt!IopSynchronousServiceTail+0x1d9
b5692d00 82695f10 d5846448 d8076f68 00000000 nt!IopXxxControlFile+0x6b7
b5692d34 82498c7a 000005a0 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
b5692d34 773d5e74 000005a0 00000000 00000000 nt!KiFastCallEntry+0x12a
0012cb7c 00000000 00000000 00000000 00000000 0x773d5e74
STACK_COMMAND: kb
FOLLOWUP_IP:
XDva317+8167
c4845167 ?? ???
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: XDva317+8167
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: XDva317
IMAGE_NAME: XDva317.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4b18ac6d
FAILURE_BUCKET_ID: DISABLED_INTERRUPT_FAULT_VRF_XDva317+8167
BUCKET_ID: DISABLED_INTERRUPT_FAULT_VRF_XDva317+8167
Followup: MachineOwner
---------- Post toegevoegd om 11:26 ---------- Vorige post was om 11:25 ----------
Wat ik nog vergeten te melden ben is dat deze 2 BSOD's maar in één spel voorkomen nl. Crossfire
-
Ik heb een Intel GM965 Express Chipset Family. En de videokaart is up-to-date.
-
Goeiedag allemaal,
Ik heb regelmatig last van BSOD's en dankzij Dell's hulp heb ik iets met Windows Debugger kunnen maken. Na het probleem gezien te hebben(dxgkrnl) zat ik opeens vast. Wat zou ik nu moeten doen?
Hier is nog het dump filetje.
Loading Dump File [C:\Windows\Minidump\Mini122209-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*DownstreamStore*Symbol information
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6002.18082.x86fre.vistasp2_gdr.090803-2339
Machine Name:
Kernel base = 0x82444000 PsLoadedModuleList = 0x8255bc70
Debug session time: Tue Dec 22 19:14:16.658 2009 (GMT+1)
System Uptime: 0 days 9:59:19.617
Loading Kernel Symbols
...............................................................
................................................................
................................................................
.
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D1, {4, 2, 1, 8e66f8ce}
Unable to load image \SystemRoot\System32\drivers\dxgkrnl.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for dxgkrnl.sys
*** ERROR: Module load completed but symbols could not be loaded for dxgkrnl.sys
Probably caused by : dxgkrnl.sys ( dxgkrnl+198ce )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 00000004, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000001, value 0 = read operation, 1 = write operation
Arg4: 8e66f8ce, address which referenced memory
Debugging Details:
------------------
WRITE_ADDRESS: GetPointerFromAddress: unable to read from 8257b868
Unable to read MiSystemVaType memory at 8255b420
00000004
CURRENT_IRQL: 2
FAULTING_IP:
dxgkrnl+198ce
8e66f8ce ?? ???
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: dwm.exe
TRAP_FRAME: 9766a6ec -- (.trap 0xffffffff9766a6ec)
ErrCode = 00000002
eax=00000000 ebx=919c18b8 ecx=b3121850 edx=8553f334 esi=00000000 edi=84d42008
eip=8e66f8ce esp=9766a760 ebp=9766a770 iopl=0 nv up ei ng nz na pe cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010287
dxgkrnl+0x198ce:
8e66f8ce ?? ???
Resetting default scope
LAST_CONTROL_TRANSFER: from 8e66f8ce to 82491fb9
STACK_TEXT:
9766a6ec 8e66f8ce badb0d00 8553f334 919c1800 nt!KiTrap0E+0x2e1
WARNING: Stack unwind information not available. Following frames may be wrong.
9766a75c b31216d0 00000000 919c1c66 919c1b00 dxgkrnl+0x198ce
9766a770 8e6e8a9f 919c1c64 b3121850 b3121858 0xb31216d0
9766a7f0 8e6e629a 919c1c64 00000001 c4725210 dxgkrnl+0x92a9f
9766a818 8e699059 b31216d0 9766aa30 c4725210 dxgkrnl+0x9029a
9766a9b0 8e69b088 00000000 c000ff40 00000000 dxgkrnl+0x43059
9766aba4 8e69bbf9 ac06ec58 00000000 1901efcb dxgkrnl+0x45088
9766ad58 8248ec7a 004d0027 01b3f5d0 775e5e74 dxgkrnl+0x45bf9
9766ad58 775e5e74 004d0027 01b3f5d0 775e5e74 nt!KiFastCallEntry+0x12a
01b3f5d0 00000000 00000000 00000000 00000000 0x775e5e74
STACK_COMMAND: kb
FOLLOWUP_IP:
dxgkrnl+198ce
8e66f8ce ?? ???
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: dxgkrnl+198ce
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: dxgkrnl
IMAGE_NAME: dxgkrnl.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4abc1c72
FAILURE_BUCKET_ID: 0xD1_dxgkrnl+198ce
BUCKET_ID: 0xD1_dxgkrnl+198ce
Followup: MachineOwner
---------
-
Dit is het logje
Results of screen317's Security Check version 0.99.1
Windows Vista Service Pack 2 (UAC is enabled)
``````````````````````````````
Antivirus/Firewall Check:
avast! Antivirus
Antivirus up to date! (On Access scanning disabled!)
``````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Spybot - Search & Destroy
HijackThis 2.0.2
CCleaner
Eusing Free Registry Cleaner
Java 6 Update 17
Adobe Flash Player 10
Adobe Reader 9.2
Adobe Reader 9.2 - Nederlands
``````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
``````````````````````````````
DNS Vulnerability Check:
Unknown. This method cannot test your vulnerability to DNS cache poisoning.
`````````End of Log```````````
-
Combofix
ComboFix 09-11-28.04 - Sofian 29/11/2009 14:39.10.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2037.899 [GMT 1:00]
Gestart vanuit: c:\users\Sofian\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Sofian\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1351 [VPS 091121-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Lavasoft Ad-Watch Live! Anti-virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
SP: avast! antivirus 4.8.1351 [VPS 091121-1] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FILE ::
"c:\windows\SDE9B2FEC(285).tmp"
"c:\windows\SDE9B2FEC(559).tmp"
"c:\windows\SDE9B2FEC.tmp"
"c:\windows\svcadmin.exe"
"c:\windows\System32\658BC72326.sys"
"c:\windows\system32\GameMon.des"
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\LOG.TXT
c:\windows\SDE9B2FEC(285).tmp
c:\windows\SDE9B2FEC(559).tmp
c:\windows\SDE9B2FEC.tmp
c:\windows\svcadmin.exe
c:\windows\System32\658BC72326.sys
c:\windows\system32\GameMon.des
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_npggsvc
-------\Service_Anyplace Control Security
(((((((((((((((((((( Bestanden Gemaakt van 2009-10-28 to 2009-11-29 ))))))))))))))))))))))))))))))
.
2009-11-29 14:01 . 2009-11-29 14:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-11-29 14:01 . 2009-11-29 14:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-28 16:52 . 2009-11-29 14:08 4096 d-----w- c:\users\Sofian\AppData\Local\temp
2009-11-28 12:49 . 2009-11-26 16:41 52224 ----a-w- c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
2009-11-28 12:49 . 2009-11-26 16:41 114688 ----a-w- c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\npmozax.dll
2009-11-27 19:21 . 2009-11-27 19:21 -------- d-----w- c:\users\Sofian\AppData\Roaming\Paquet Builder
2009-11-27 19:21 . 2009-11-27 19:21 4096 d-----w- c:\program files\Paquet Builder
2009-11-27 19:15 . 2009-11-27 19:15 4096 d-----w- c:\program files\7-Zip
2009-11-26 20:56 . 2009-11-26 20:56 4096 d-----w- c:\program files\gBurner
2009-11-25 17:51 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 17:50 . 2009-11-25 17:50 -------- d-----w- c:\program files\MSXML 4.0
2009-11-25 12:31 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 12:31 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_d_ind.dll
2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_c_ind.dll
2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_b_ind.dll
2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_a_ind.dll
2009-11-23 17:45 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2009-11-23 17:45 . 2009-11-23 17:46 4096 d-----w- c:\program files\PDFCreator
2009-11-23 17:45 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2009-11-23 15:13 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-22 20:40 . 2009-11-22 20:40 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-22 20:35 . 2009-11-22 20:35 -------- d-----w- c:\windows\'Full Speed' Internet Booster + Performance Tests
2009-11-22 19:49 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-11-22 19:49 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-11-22 19:49 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-11-22 19:47 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-11-22 19:47 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-11-22 19:47 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\ca-ES
2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\eu-ES
2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\vi-VN
2009-11-22 17:54 . 2009-11-22 17:54 -------- d-----w- c:\windows\system32\EventProviders
2009-11-22 12:56 . 2009-04-11 06:28 289792 ----a-w- c:\windows\system32\spinstall.exe
2009-11-22 12:55 . 2009-04-11 06:28 1143296 ----a-w- c:\windows\system32\wercon.exe
2009-11-22 12:54 . 2009-04-11 06:28 177664 ----a-w- c:\windows\system32\WSDMon.dll
2009-11-22 12:53 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-11-22 12:53 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-11-22 12:52 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-11-22 11:26 . 2009-11-22 21:30 20480 d-----w- c:\program files\Eusing Free Registry Cleaner
2009-11-21 19:05 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-11-21 18:25 . 2009-11-21 18:25 -------- dc----w- C:\PerfLogs
2009-11-21 17:36 . 2008-01-18 22:36 6656 ----a-w- c:\windows\system32\sdspres.dll
2009-11-21 17:36 . 2008-01-18 22:33 193024 ----a-w- c:\windows\system32\recdisc.exe
2009-11-21 17:35 . 2008-01-18 22:36 28160 ----a-w- c:\windows\system32\sxproxy.dll
2009-11-21 17:25 . 2008-01-18 22:42 94776 ----a-w- c:\windows\system32\MigAutoPlay.exe
2009-11-21 17:24 . 2008-01-18 22:38 155704 ----a-w- c:\windows\system32\dssenh.dll
2009-11-21 17:23 . 2008-01-18 22:33 96768 ----a-w- c:\windows\system32\wininit.exe
2009-11-21 16:59 . 2009-11-21 16:59 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-11-21 15:05 . 2009-11-21 15:05 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-11-21 15:05 . 2009-11-21 15:05 272896 ----a-w- c:\windows\system32\polstore.dll
2009-11-21 15:01 . 2009-11-21 15:01 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-11-21 15:01 . 2009-11-21 15:01 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-11-21 15:01 . 2009-11-21 15:01 17920 ----a-w- c:\windows\system32\netevent.dll
2009-11-21 15:01 . 2009-11-21 15:01 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-11-21 15:01 . 2009-11-21 15:01 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-11-21 15:01 . 2009-11-21 15:01 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-11-21 15:01 . 2009-11-21 15:01 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-11-21 15:01 . 2009-11-21 15:01 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-11-21 15:01 . 2009-11-21 15:01 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-11-21 15:01 . 2009-11-21 15:01 10240 ----a-w- c:\windows\system32\finger.exe
2009-11-21 15:01 . 2009-11-21 15:01 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-11-21 14:58 . 2009-11-21 14:58 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-11-21 14:58 . 2009-11-21 14:58 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-11-21 14:58 . 2009-11-21 14:58 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-11-21 14:58 . 2009-11-21 14:58 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-11-21 14:58 . 2009-11-21 14:58 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-11-21 14:58 . 2009-11-21 14:58 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-11-21 14:54 . 2009-11-21 14:54 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-11-21 14:54 . 2009-11-21 14:54 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-11-21 14:54 . 2009-11-21 14:54 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-11-21 14:54 . 2009-11-21 14:54 23552 ----a-w- c:\windows\system32\lpk.dll
2009-11-21 14:54 . 2009-11-21 14:54 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-11-21 14:54 . 2009-11-21 14:54 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-11-21 14:52 . 2009-11-21 14:52 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-21 14:51 . 2009-11-21 14:51 9728 ----a-w- c:\windows\system32\infoctrs.dll
2009-11-21 14:51 . 2009-11-21 14:51 16384 ----a-w- c:\windows\system32\infoadmn.dll
2009-11-21 14:45 . 2009-11-21 14:45 98816 ----a-w- c:\windows\system32\mfps.dll
2009-11-21 14:45 . 2009-11-21 14:45 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-11-21 14:45 . 2009-11-21 14:45 2868224 ----a-w- c:\windows\system32\mf.dll
2009-11-21 14:45 . 2009-11-21 14:45 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-11-21 14:45 . 2009-11-21 14:45 2048 ----a-w- c:\windows\system32\mferror.dll
2009-11-21 14:38 . 2009-11-21 14:38 71680 ----a-w- c:\windows\system32\atl.dll
2009-11-21 14:34 . 2009-11-21 14:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-11-21 14:34 . 2009-11-21 14:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-11-21 14:33 . 2009-11-21 14:33 36864 ----a-w- c:\windows\system32\mqise.dll
2009-11-21 14:33 . 2009-11-21 14:33 126464 ----a-w- c:\windows\system32\drivers\mqac.sys
2009-11-21 14:32 . 2009-11-21 14:32 917504 ----a-w- c:\windows\system32\mqqm.dll
2009-11-21 14:32 . 2009-11-21 14:32 89600 ----a-w- c:\windows\system32\mqlogmgr.dll
2009-11-21 14:32 . 2009-11-21 14:32 8704 ----a-w- c:\windows\system32\mqsvc.exe
2009-11-21 14:32 . 2009-11-21 14:32 37888 ----a-w- c:\windows\system32\mqbkup.exe
2009-11-21 14:32 . 2009-11-21 14:32 154112 ----a-w- c:\windows\system32\mqtrig.dll
2009-11-21 14:32 . 2009-11-21 14:32 125440 ----a-w- c:\windows\system32\mqtgsvc.exe
2009-11-21 14:29 . 2009-11-21 14:29 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-11-21 14:28 . 2009-11-21 14:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-11-21 14:28 . 2009-11-21 14:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-11-21 14:28 . 2009-11-21 14:28 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-11-21 14:27 . 2009-11-21 14:27 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-11-21 14:15 . 2009-11-21 14:15 623616 ----a-w- c:\windows\system32\localspl.dll
2009-11-21 14:14 . 2009-11-21 14:14 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-11-21 14:14 . 2009-11-21 14:14 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-11-21 14:14 . 2009-11-21 14:14 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-11-21 14:14 . 2009-11-21 14:14 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-11-21 14:14 . 2009-11-21 14:14 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-21 14:14 . 2009-11-21 14:14 12800 ----a-w- c:\windows\system32\msrle32.dll
2009-11-21 14:09 . 2009-11-21 14:09 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-11-21 14:09 . 2009-11-21 14:09 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-11-21 14:09 . 2009-11-21 14:09 9728 ----a-w- c:\windows\system32\lsass.exe
2009-11-21 14:09 . 2009-11-21 14:09 72704 ----a-w- c:\windows\system32\secur32.dll
2009-11-21 14:09 . 2009-11-21 14:09 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-11-21 14:09 . 2009-11-21 14:09 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-11-21 14:09 . 2009-11-21 14:09 270848 ----a-w- c:\windows\system32\schannel.dll
2009-11-21 14:05 . 2009-11-21 14:05 9847296 ----a-w- c:\windows\system32\NlsData000a.dll
2009-11-21 14:05 . 2009-11-21 14:05 2643456 ----a-w- c:\windows\system32\NlsData000c.dll
2009-11-21 14:05 . 2009-11-21 14:05 2342912 ----a-w- c:\windows\system32\NlsData000d.dll
2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData000f.dll
2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0416.dll
2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0414.dll
2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0816.dll
2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData081a.dll
2009-11-21 14:05 . 2009-11-21 14:05 6917120 ----a-w- c:\windows\system32\NlsLexicons0c1a.dll
2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData0c1a.dll
2009-11-21 14:03 . 2009-11-21 14:03 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-11-21 13:59 . 2009-11-21 13:59 88576 ----a-w- c:\windows\system32\tlntsess.exe
2009-11-21 13:59 . 2009-11-21 13:59 206848 ----a-w- c:\windows\system32\telnet.exe
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-29 14:02 . 2008-11-30 00:16 8011 ----a-w- c:\windows\bthservsdp.dat
2009-11-28 21:13 . 2008-05-22 20:34 118784 d-----w- c:\users\Sofian\AppData\Roaming\uTorrent
2009-11-27 17:54 . 2009-09-12 16:16 4096 d-----w- c:\users\Sofian\AppData\Roaming\Skype
2009-11-27 17:03 . 2009-02-06 20:48 -------- d-----w- c:\users\Sofian\AppData\Roaming\skypePM
2009-11-25 15:56 . 2006-11-02 16:11 755280 ----a-w- c:\windows\system32\perfh013.dat
2009-11-25 15:56 . 2006-11-02 16:11 162068 ----a-w- c:\windows\system32\perfc013.dat
2009-11-24 18:42 . 2008-12-10 11:32 8192 d-----w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab
2009-11-22 20:40 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-22 20:40 . 2009-11-22 20:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-22 19:40 . 2009-11-22 19:40 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar
2009-11-22 19:20 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-11-22 19:20 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery
2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal
2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration
2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender
2009-11-21 19:33 . 2009-01-17 23:25 16384 d-----w- c:\program files\Paint.NET
2009-11-21 19:00 . 2009-02-11 12:20 4096 d-----w- c:\users\Sofian\AppData\Roaming\FileZilla
2009-11-21 18:12 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-11-21 18:12 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-11-21 17:13 . 2008-11-30 08:40 124064 ----a-w- c:\users\Sofian\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-21 16:59 . 2009-01-23 23:01 24576 d-----w- c:\programdata\Microsoft Help
2009-11-21 14:49 . 2008-04-15 23:40 24576 d-----w- c:\program files\Microsoft Works
2009-11-14 11:47 . 2008-12-14 17:59 -------- d-----w- c:\users\Sofian\AppData\Roaming\Yahoo!
2009-11-13 18:35 . 2008-12-09 21:35 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-11 17:36 . 2008-05-04 09:42 4096 d-----w- c:\users\Sofian\AppData\Roaming\VoipBuster
2009-11-11 14:48 . 2008-04-19 19:38 4096 d-----w- c:\program files\dvdSanta
2009-11-07 17:17 . 2009-03-18 19:12 4096 d-----w- c:\users\Sofian\AppData\Roaming\MessengerDiscovery 2
2009-11-07 17:17 . 2008-06-11 10:58 4096 d-----w- c:\program files\MessengerDiscovery 2
2009-11-07 15:57 . 2008-06-11 11:26 4096 d-----w- c:\program files\Messenger Plus! Live
2009-11-07 15:42 . 2008-04-23 18:53 -------- d-----w- c:\program files\Windows Live
2009-11-06 21:46 . 2009-05-15 18:31 4096 d-----w- c:\program files\Recuva
2009-11-06 21:46 . 2008-07-09 22:13 4096 d-----w- c:\program files\DAEMON Tools Lite
2009-11-06 19:20 . 2008-04-15 23:17 12288 d--h--w- c:\program files\InstallShield Installation Information
2009-11-02 08:48 . 2009-08-21 07:48 314712 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\threatwork.exe
2009-11-02 08:48 . 2009-08-21 07:48 25440 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\savapibridge.dll
2009-11-02 08:48 . 2009-08-21 07:48 168800 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavamessage.dll
2009-11-02 08:48 . 2009-08-21 07:48 15688 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lsdelete.exe
2009-11-02 08:48 . 2009-08-21 07:48 349008 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavalicense.dll
2009-11-02 08:48 . 2009-08-21 07:48 298336 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\UpdateManager.dll
2009-11-02 08:48 . 2009-08-21 07:48 84320 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\ShellExt.dll
2009-11-02 08:48 . 2009-08-21 07:48 1630560 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Resources.dll
2009-11-02 08:48 . 2009-08-21 07:48 246640 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\RPAPI.dll
2009-11-02 08:48 . 2009-08-21 07:48 40288 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\PrivacyClean.dll
2009-11-02 08:48 . 2009-08-21 07:48 664936 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\CEAPI.dll
2009-11-02 08:47 . 2009-08-21 07:48 566632 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe
2009-11-02 08:47 . 2009-08-21 07:48 562552 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe
2009-11-02 08:47 . 2009-08-21 07:48 2353992 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-Aware.exe
2009-11-02 08:47 . 2009-08-21 07:48 640760 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWWSC.exe
2009-11-02 08:47 . 2009-08-21 07:48 520024 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWTray.exe
2009-11-02 08:47 . 2009-08-21 07:48 1028432 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWService.exe
2009-11-02 08:46 . 2008-06-24 14:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-02 08:44 . 2009-02-25 16:35 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-11-01 09:37 . 2009-07-04 17:11 4096 d-----w- c:\program files\Unlocker
2009-10-30 16:07 . 2009-05-24 12:54 4096 d-----w- c:\programdata\TrackMania
2009-10-28 22:17 . 2008-12-27 19:07 1 ----a-w- c:\users\Sofian\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-10-24 17:43 . 2008-04-15 23:36 4096 d-----w- c:\program files\Common Files\Adobe
2009-10-24 13:58 . 2009-10-24 12:26 -------- d-----w- c:\program files\Assassin's Creed
2009-10-24 13:47 . 2009-10-24 13:47 -------- d-----w- c:\users\Sofian\AppData\Roaming\Ubisoft
2009-10-24 13:47 . 2008-11-30 17:10 4096 d-----w- c:\programdata\Ubisoft
2009-10-21 10:43 . 2009-09-28 14:27 -------- d-----w- c:\program files\KONAMI
2009-10-21 09:17 . 2009-10-21 09:17 -------- d-----w- c:\programdata\KONAMI
2009-10-20 17:29 . 2009-05-30 09:59 -------- d-----w- c:\program files\Hamachi
2009-10-20 17:21 . 2008-06-18 14:05 4096 d-----w- c:\users\Sofian\AppData\Roaming\Hamachi
2009-10-20 16:26 . 2008-10-28 20:10 8192 d-----w- c:\program files\PES 2009
2009-10-18 13:08 . 2008-11-22 17:43 4096 d-----w- c:\program files\SystemRequirementsLab
2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2009-10-11 11:50 . 2009-10-11 11:50 -------- d-----w- c:\program files\Loquendo
2009-10-10 11:22 . 2009-10-10 11:20 -------- d-----w- c:\users\Sofian\AppData\Roaming\ISP Monitor
2009-10-10 11:20 . 2009-10-10 11:20 4096 d-----w- c:\program files\ISP Monitor
2009-10-10 11:20 . 2009-10-10 11:20 737280 ----a-w- c:\windows\iun6002.exe
2009-10-06 19:56 . 2008-04-15 23:36 4096 d-----w- c:\program files\Google
2009-10-05 14:32 . 2009-10-05 14:30 -------- d-----w- c:\programdata\DriverScanner
2009-10-05 14:30 . 2009-10-05 14:29 4096 dc-h--w- c:\programdata\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-10-05 14:30 . 2008-11-29 09:39 -------- d-----w- c:\program files\Uniblue
2009-10-05 14:30 . 2008-10-25 07:43 -------- d-----w- c:\users\Sofian\AppData\Roaming\Uniblue
2009-10-04 20:25 . 2008-04-30 13:05 8192 d-----w- c:\users\Sofian\AppData\Roaming\LimeWire
2009-10-04 18:07 . 2009-10-04 18:07 4096 d-----w- c:\program files\Auto Clicker
2009-10-03 21:19 . 2009-10-03 21:11 -------- d-----w- c:\program files\Foxit Software
2009-10-03 11:19 . 2009-03-27 18:44 4096 d-----w- c:\program files\LimeWire
2009-10-01 01:02 . 2009-11-22 19:48 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-22 19:48 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-11-22 19:48 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-22 19:48 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-22 19:48 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-22 19:48 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-22 19:48 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-22 19:48 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-22 19:48 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-22 19:48 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-22 19:48 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-22 19:48 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_d_ind.dll
2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_c_ind.dll
2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_b_ind.dll
2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_a_ind.dll
2008-04-15 23:28 . 2008-04-15 23:28 76 --sha-w- c:\windows\CT4CET.bin
2008-04-19 11:13 . 2008-04-19 11:13 76 --sha-w- c:\windows\CT5PRET.BIN
2008-12-11 21:38 . 2008-12-11 11:43 2048 --sha-w- c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
2008-12-11 21:38 . 2008-12-11 11:43 2048 --sha-w- c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
2009-01-20 20:04 . 2008-11-28 16:46 3036 --sha-w- c:\windows\System32\KGyGaAvL.sys
2007-02-26 18:59 . 2007-02-26 18:59 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
"VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\voipbuster.exe" [2009-11-12 9094448]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-22 39408]
"Google Update"="c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-11-21 135664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DeStatusMon"="c:\program files\Dell\MFP_DELL\deDvcStatus.exe dvcStatusMinimize" [X]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe " [X]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-03-12 79400]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]
"FG_Monitor"="c:\program files\Folder Guard Pro\FGKey.exe" [2007-02-24 132680]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-13 149280]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-01-11 101136]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-4-16 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-9-7 1180952]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(:7e,c7,31,9a,a9,6b,ca,01
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-991331777-2378318461-4560006-1000]
"EnableNotificationsRef"=dword:00000001
R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [21/08/2009 8:49 64160]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [5/07/2006 13:46 63352]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [28/03/2009 9:53 114768]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [16/04/2008 0:08 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [28/03/2009 9:53 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [28/03/2009 9:52 53328]
R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\System32\drivers\CamthWDM.sys [30/11/2008 0:59 941784]
R2 deMntrService;Dell AIO Center Service;c:\program files\Dell\MFP_DELL\deMntrService.exe [28/06/2007 14:05 131072]
R2 FGUARD32;FGUARD32;c:\program files\Folder Guard Pro\FGUARD32.SYS [5/09/2009 15:53 48896]
R2 FsUsbExService;FsUsbExService;c:\windows\System32\FsUsbExService.Exe [22/06/2009 18:56 233472]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29/10/2009 12:27 1074568]
R2 ISPMonitorSrv;ISP Monitor;c:\program files\ISP Monitor\ISPMonitorSrv.exe [22/08/2007 23:55 36864]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 22:34 1028432]
R2 litsgt;litsgt;c:\windows\System32\drivers\litsgt.sys [14/02/2009 17:48 137344]
R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 10:18 202016]
R2 tansgt;tansgt;c:\windows\System32\drivers\tansgt.sys [14/02/2009 17:48 12032]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [22/06/2009 18:56 36608]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [30/11/2008 0:59 111616]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\drivers\ASPI32.SYS [15/04/2009 13:13 84832]
S3 DESVUSB;Dell service driver;c:\windows\System32\drivers\desrvusb.sys [30/11/2008 0:59 17536]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/11/2009 18:23 21504]
S3 WMSvc;Web Management-service;c:\windows\System32\inetsrv\WMSvc.exe [2/11/2006 13:36 10752]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LPDService REG_MULTI_SZ LPDSVC
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
bthsvcs REG_MULTI_SZ BthServ
getPlusHelper REG_MULTI_SZ getPlusHelper
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de 'Gedeelde Taken' map
2009-11-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 08:47]
2009-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-991331777-2378318461-4560006-1000Core.job
- c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-21 11:41]
2009-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-991331777-2378318461-4560006-1000UA.job
- c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-21 11:41]
2009-11-29 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2007-10-16 09:20]
2008-12-12 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2007-10-16 09:20]
2009-11-29 c:\windows\Tasks\User_Feed_Synchronization-{D130A10C-2448-4567-A8B2-044877608ACE}.job
- c:\windows\system32\msfeedssync.exe [2009-11-21 03:41]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
mStart Page = hxxp://www.games-fusion.net/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Formulieren opslaan - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Invul Formulieren - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Menu aanpassen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RoboForm Werkbalk - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} - hxxp://www.fiaa.eu/OPLauncher.cab
FF - ProfilePath - c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - prefs.js: keyword.URL -
FF - component: c:\program files\Siber Systems\AI RoboForm\Firefox\components\rfproxy_31.dll
FF - component: c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - plugin: c:\progra~1\SONYON~1\npsoe.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\programdata\NexonEU\NGM\npNxGameeu.dll
FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\users\Sofian\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.ftp -
FF - user.js: network.proxy.ftp_port - 0
FF - user.js: network.proxy.gopher -
FF - user.js: network.proxy.gopher_port - 0
FF - user.js: network.proxy.socks_version - 5
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
FF - user.js: nglayout.initialpaint.delay - 100
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.interval - 100000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 4
FF - user.js: network.http.max-persistent-connections-per-server - 2
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-11-29 15:08
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
c:\windows\TEMP\TMP000000550DE33B0EDFD09582 524288 bytes executable
Scan succesvol afgerond
verborgen bestanden: 1
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys spwi.sys hal.dll >>UNKNOWN [0x853E7938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x887d1d24
\Driver\ACPI -> acpi.sys @ 0x87fc1d68
\Driver\atapi -> 0x854311f8
\Driver\iaStor -> iastor.sys @ 0x880ce6d0
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'Explorer.exe'(5484)
c:\windows\system32\btncopy.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\windows\system32\WLANExt.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\CISVC.EXE
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PSIService.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\STacSV.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\windows\ehome\ehmsas.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
.
**************************************************************************
.
Voltooingstijd: 2009-11-29 15:23 - machine werd herstart
ComboFix-quarantined-files.txt 2009-11-29 14:23
ComboFix2.txt 2009-11-28 17:16
Pre-Run: 6.983.782.400 bytes beschikbaar
Post-Run: 6.133.956.608 bytes beschikbaar
- - End Of File - - 0880057D05E679314D3B07482D11E6AC
Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:19, on 29/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Folder Guard Pro\FGKey.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\Explorer.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Games Fusion - PC Cheats, Saved Games, Trailers, Demos and Patches
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [DeStatusMon] "C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard Pro\FGKey.exe /Start
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O15 - Trusted IP range: http://192.168.0.1
O15 - ESC Trusted IP range: http://192.168.0.1
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258806103935
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258907798795
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12709 bytes
Ik denk dat het heeft geholpen, mijn computer is nu trug even snel als vroeger
-
ComboFix 09-11-27.07 - Sofian 28/11/2009 17:29.9.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2037.1026 [GMT 1:00]
Gestart vanuit: c:\users\Sofian\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 091121-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Lavasoft Ad-Watch Live! Anti-virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
SP: avast! antivirus 4.8.1351 [VPS 091121-1] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-2815755638-1480285660-2120787009-500
c:\$recycle.bin\S-1-5-21-991331777-2378318461-4560006-500
C:\LOG.TXT
c:\users\Sofian\AppData\Roaming\.#
c:\users\Sofian\AppData\Roaming\Desktopicon
c:\users\Sofian\AppData\Roaming\Desktopicon\eBay.ico
c:\users\Sofian\AppData\Roaming\Desktopicon\eBayShortcuts.exe
c:\users\Sofian\AppData\Roaming\Desktopicon\uninst.exe
c:\users\Sofian\AppData\Roaming\inst.exe
c:\windows\slog.dll
c:\windows\system32\gatherWirelessInfo.vbs
c:\windows\system32\NTSVc.ocx
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_Boonty Games
(((((((((((((((((((( Bestanden Gemaakt van 2009-10-28 to 2009-11-28 ))))))))))))))))))))))))))))))
.
2009-11-28 16:52 . 2009-11-28 16:59 4096 d-----w- c:\users\Sofian\AppData\Local\temp
2009-11-28 16:52 . 2009-11-28 16:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-28 12:49 . 2009-11-26 16:41 52224 ----a-w- c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
2009-11-28 12:49 . 2009-11-26 16:41 114688 ----a-w- c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\npmozax.dll
2009-11-27 19:21 . 2009-11-27 19:21 -------- d-----w- c:\users\Sofian\AppData\Roaming\Paquet Builder
2009-11-27 19:21 . 2009-11-27 19:21 4096 d-----w- c:\program files\Paquet Builder
2009-11-27 19:15 . 2009-11-27 19:15 4096 d-----w- c:\program files\7-Zip
2009-11-26 20:56 . 2009-11-26 20:56 4096 d-----w- c:\program files\gBurner
2009-11-25 17:51 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 17:50 . 2009-11-25 17:50 -------- d-----w- c:\program files\MSXML 4.0
2009-11-25 12:31 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 12:31 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_d_ind.dll
2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_c_ind.dll
2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_b_ind.dll
2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_a_ind.dll
2009-11-23 17:45 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2009-11-23 17:45 . 2009-11-23 17:46 4096 d-----w- c:\program files\PDFCreator
2009-11-23 17:45 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2009-11-23 15:13 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-22 20:40 . 2009-11-22 20:40 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-22 20:35 . 2009-11-22 20:35 -------- d-----w- c:\windows\'Full Speed' Internet Booster + Performance Tests
2009-11-22 19:49 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-11-22 19:49 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-11-22 19:49 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-11-22 19:47 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-11-22 19:47 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-11-22 19:47 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\ca-ES
2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\eu-ES
2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\vi-VN
2009-11-22 17:54 . 2009-11-22 17:54 -------- d-----w- c:\windows\system32\EventProviders
2009-11-22 12:56 . 2009-04-11 06:28 289792 ----a-w- c:\windows\system32\spinstall.exe
2009-11-22 12:55 . 2009-04-11 06:28 1143296 ----a-w- c:\windows\system32\wercon.exe
2009-11-22 12:54 . 2009-04-11 06:28 177664 ----a-w- c:\windows\system32\WSDMon.dll
2009-11-22 12:53 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-11-22 12:53 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-11-22 12:52 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-11-22 11:26 . 2009-11-22 21:30 20480 d-----w- c:\program files\Eusing Free Registry Cleaner
2009-11-21 19:05 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-11-21 18:25 . 2009-11-21 18:25 -------- dc----w- C:\PerfLogs
2009-11-21 17:36 . 2008-01-18 22:36 6656 ----a-w- c:\windows\system32\sdspres.dll
2009-11-21 17:36 . 2008-01-18 22:33 193024 ----a-w- c:\windows\system32\recdisc.exe
2009-11-21 17:35 . 2008-01-18 22:36 28160 ----a-w- c:\windows\system32\sxproxy.dll
2009-11-21 17:25 . 2008-01-18 22:42 94776 ----a-w- c:\windows\system32\MigAutoPlay.exe
2009-11-21 17:24 . 2008-01-18 22:38 155704 ----a-w- c:\windows\system32\dssenh.dll
2009-11-21 17:23 . 2008-01-18 22:33 96768 ----a-w- c:\windows\system32\wininit.exe
2009-11-21 16:59 . 2009-11-21 16:59 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-11-21 15:05 . 2009-11-21 15:05 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-11-21 15:05 . 2009-11-21 15:05 272896 ----a-w- c:\windows\system32\polstore.dll
2009-11-21 15:01 . 2009-11-21 15:01 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-11-21 15:01 . 2009-11-21 15:01 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-11-21 15:01 . 2009-11-21 15:01 17920 ----a-w- c:\windows\system32\netevent.dll
2009-11-21 15:01 . 2009-11-21 15:01 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-11-21 15:01 . 2009-11-21 15:01 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-11-21 15:01 . 2009-11-21 15:01 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-11-21 15:01 . 2009-11-21 15:01 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-11-21 15:01 . 2009-11-21 15:01 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-11-21 15:01 . 2009-11-21 15:01 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-11-21 15:01 . 2009-11-21 15:01 10240 ----a-w- c:\windows\system32\finger.exe
2009-11-21 15:01 . 2009-11-21 15:01 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-11-21 14:58 . 2009-11-21 14:58 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-11-21 14:58 . 2009-11-21 14:58 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-11-21 14:58 . 2009-11-21 14:58 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-11-21 14:58 . 2009-11-21 14:58 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-11-21 14:58 . 2009-11-21 14:58 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-11-21 14:58 . 2009-11-21 14:58 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-11-21 14:54 . 2009-11-21 14:54 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-11-21 14:54 . 2009-11-21 14:54 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-11-21 14:54 . 2009-11-21 14:54 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-11-21 14:54 . 2009-11-21 14:54 23552 ----a-w- c:\windows\system32\lpk.dll
2009-11-21 14:54 . 2009-11-21 14:54 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-11-21 14:54 . 2009-11-21 14:54 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-11-21 14:52 . 2009-11-21 14:52 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-21 14:51 . 2009-11-21 14:51 9728 ----a-w- c:\windows\system32\infoctrs.dll
2009-11-21 14:51 . 2009-11-21 14:51 16384 ----a-w- c:\windows\system32\infoadmn.dll
2009-11-21 14:45 . 2009-11-21 14:45 98816 ----a-w- c:\windows\system32\mfps.dll
2009-11-21 14:45 . 2009-11-21 14:45 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-11-21 14:45 . 2009-11-21 14:45 2868224 ----a-w- c:\windows\system32\mf.dll
2009-11-21 14:45 . 2009-11-21 14:45 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-11-21 14:45 . 2009-11-21 14:45 2048 ----a-w- c:\windows\system32\mferror.dll
2009-11-21 14:38 . 2009-11-21 14:38 71680 ----a-w- c:\windows\system32\atl.dll
2009-11-21 14:34 . 2009-11-21 14:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-11-21 14:34 . 2009-11-21 14:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-11-21 14:33 . 2009-11-21 14:33 36864 ----a-w- c:\windows\system32\mqise.dll
2009-11-21 14:33 . 2009-11-21 14:33 126464 ----a-w- c:\windows\system32\drivers\mqac.sys
2009-11-21 14:32 . 2009-11-21 14:32 917504 ----a-w- c:\windows\system32\mqqm.dll
2009-11-21 14:32 . 2009-11-21 14:32 89600 ----a-w- c:\windows\system32\mqlogmgr.dll
2009-11-21 14:32 . 2009-11-21 14:32 8704 ----a-w- c:\windows\system32\mqsvc.exe
2009-11-21 14:32 . 2009-11-21 14:32 37888 ----a-w- c:\windows\system32\mqbkup.exe
2009-11-21 14:32 . 2009-11-21 14:32 154112 ----a-w- c:\windows\system32\mqtrig.dll
2009-11-21 14:32 . 2009-11-21 14:32 125440 ----a-w- c:\windows\system32\mqtgsvc.exe
2009-11-21 14:29 . 2009-11-21 14:29 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-11-21 14:28 . 2009-11-21 14:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-11-21 14:28 . 2009-11-21 14:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-11-21 14:28 . 2009-11-21 14:28 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-11-21 14:27 . 2009-11-21 14:27 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-11-21 14:15 . 2009-11-21 14:15 623616 ----a-w- c:\windows\system32\localspl.dll
2009-11-21 14:14 . 2009-11-21 14:14 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-11-21 14:14 . 2009-11-21 14:14 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-11-21 14:14 . 2009-11-21 14:14 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-11-21 14:14 . 2009-11-21 14:14 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-11-21 14:14 . 2009-11-21 14:14 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-21 14:14 . 2009-11-21 14:14 12800 ----a-w- c:\windows\system32\msrle32.dll
2009-11-21 14:09 . 2009-11-21 14:09 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-11-21 14:09 . 2009-11-21 14:09 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-11-21 14:09 . 2009-11-21 14:09 9728 ----a-w- c:\windows\system32\lsass.exe
2009-11-21 14:09 . 2009-11-21 14:09 72704 ----a-w- c:\windows\system32\secur32.dll
2009-11-21 14:09 . 2009-11-21 14:09 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-11-21 14:09 . 2009-11-21 14:09 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-11-21 14:09 . 2009-11-21 14:09 270848 ----a-w- c:\windows\system32\schannel.dll
2009-11-21 14:05 . 2009-11-21 14:05 9847296 ----a-w- c:\windows\system32\NlsData000a.dll
2009-11-21 14:05 . 2009-11-21 14:05 2643456 ----a-w- c:\windows\system32\NlsData000c.dll
2009-11-21 14:05 . 2009-11-21 14:05 2342912 ----a-w- c:\windows\system32\NlsData000d.dll
2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData000f.dll
2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0416.dll
2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0414.dll
2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0816.dll
2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData081a.dll
2009-11-21 14:05 . 2009-11-21 14:05 6917120 ----a-w- c:\windows\system32\NlsLexicons0c1a.dll
2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData0c1a.dll
2009-11-21 14:03 . 2009-11-21 14:03 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-11-21 13:59 . 2009-11-21 13:59 88576 ----a-w- c:\windows\system32\tlntsess.exe
2009-11-21 13:59 . 2009-11-21 13:59 206848 ----a-w- c:\windows\system32\telnet.exe
2009-11-21 13:48 . 2009-11-21 13:48 37888 ----a-w- c:\windows\system32\printcom.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-28 16:53 . 2008-11-30 00:16 8011 ----a-w- c:\windows\bthservsdp.dat
2009-11-28 12:18 . 2008-05-22 20:34 118784 d-----w- c:\users\Sofian\AppData\Roaming\uTorrent
2009-11-27 17:54 . 2009-09-12 16:16 4096 d-----w- c:\users\Sofian\AppData\Roaming\Skype
2009-11-27 17:03 . 2009-02-06 20:48 -------- d-----w- c:\users\Sofian\AppData\Roaming\skypePM
2009-11-25 15:56 . 2006-11-02 16:11 755280 ----a-w- c:\windows\system32\perfh013.dat
2009-11-25 15:56 . 2006-11-02 16:11 162068 ----a-w- c:\windows\system32\perfc013.dat
2009-11-24 18:42 . 2008-12-10 11:32 8192 d-----w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab
2009-11-22 20:40 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-22 20:40 . 2009-11-22 20:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-22 19:40 . 2009-11-22 19:40 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar
2009-11-22 19:20 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-11-22 19:20 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery
2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal
2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration
2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender
2009-11-21 19:33 . 2009-01-17 23:25 16384 d-----w- c:\program files\Paint.NET
2009-11-21 19:00 . 2009-02-11 12:20 4096 d-----w- c:\users\Sofian\AppData\Roaming\FileZilla
2009-11-21 18:12 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-11-21 18:12 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-11-21 17:13 . 2008-11-30 08:40 124064 ----a-w- c:\users\Sofian\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-21 16:59 . 2009-01-23 23:01 24576 d-----w- c:\programdata\Microsoft Help
2009-11-21 14:49 . 2008-04-15 23:40 24576 d-----w- c:\program files\Microsoft Works
2009-11-14 11:47 . 2008-12-14 17:59 -------- d-----w- c:\users\Sofian\AppData\Roaming\Yahoo!
2009-11-13 18:35 . 2008-12-09 21:35 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-11 17:36 . 2008-05-04 09:42 4096 d-----w- c:\users\Sofian\AppData\Roaming\VoipBuster
2009-11-11 14:48 . 2008-04-19 19:38 4096 d-----w- c:\program files\dvdSanta
2009-11-07 17:17 . 2009-03-18 19:12 4096 d-----w- c:\users\Sofian\AppData\Roaming\MessengerDiscovery 2
2009-11-07 17:17 . 2008-06-11 10:58 4096 d-----w- c:\program files\MessengerDiscovery 2
2009-11-07 15:57 . 2008-06-11 11:26 4096 d-----w- c:\program files\Messenger Plus! Live
2009-11-07 15:42 . 2008-04-23 18:53 -------- d-----w- c:\program files\Windows Live
2009-11-06 21:46 . 2009-05-15 18:31 4096 d-----w- c:\program files\Recuva
2009-11-06 21:46 . 2008-07-09 22:13 4096 d-----w- c:\program files\DAEMON Tools Lite
2009-11-06 19:20 . 2008-04-15 23:17 12288 d--h--w- c:\program files\InstallShield Installation Information
2009-11-02 08:48 . 2009-08-21 07:48 314712 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\threatwork.exe
2009-11-02 08:48 . 2009-08-21 07:48 25440 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\savapibridge.dll
2009-11-02 08:48 . 2009-08-21 07:48 168800 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavamessage.dll
2009-11-02 08:48 . 2009-08-21 07:48 15688 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lsdelete.exe
2009-11-02 08:48 . 2009-08-21 07:48 349008 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavalicense.dll
2009-11-02 08:48 . 2009-08-21 07:48 298336 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\UpdateManager.dll
2009-11-02 08:48 . 2009-08-21 07:48 84320 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\ShellExt.dll
2009-11-02 08:48 . 2009-08-21 07:48 1630560 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Resources.dll
2009-11-02 08:48 . 2009-08-21 07:48 246640 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\RPAPI.dll
2009-11-02 08:48 . 2009-08-21 07:48 40288 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\PrivacyClean.dll
2009-11-02 08:48 . 2009-08-21 07:48 664936 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\CEAPI.dll
2009-11-02 08:47 . 2009-08-21 07:48 566632 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe
2009-11-02 08:47 . 2009-08-21 07:48 562552 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe
2009-11-02 08:47 . 2009-08-21 07:48 2353992 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-Aware.exe
2009-11-02 08:47 . 2009-08-21 07:48 640760 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWWSC.exe
2009-11-02 08:47 . 2009-08-21 07:48 520024 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWTray.exe
2009-11-02 08:47 . 2009-08-21 07:48 1028432 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWService.exe
2009-11-02 08:46 . 2008-06-24 14:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-02 08:44 . 2009-02-25 16:35 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-11-01 09:37 . 2009-07-04 17:11 4096 d-----w- c:\program files\Unlocker
2009-10-30 16:07 . 2009-05-24 12:54 4096 d-----w- c:\programdata\TrackMania
2009-10-28 22:17 . 2008-12-27 19:07 1 ----a-w- c:\users\Sofian\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-10-24 17:43 . 2008-04-15 23:36 4096 d-----w- c:\program files\Common Files\Adobe
2009-10-24 13:58 . 2009-10-24 12:26 -------- d-----w- c:\program files\Assassin's Creed
2009-10-24 13:47 . 2009-10-24 13:47 -------- d-----w- c:\users\Sofian\AppData\Roaming\Ubisoft
2009-10-24 13:47 . 2008-11-30 17:10 4096 d-----w- c:\programdata\Ubisoft
2009-10-21 10:43 . 2009-09-28 14:27 -------- d-----w- c:\program files\KONAMI
2009-10-21 09:17 . 2009-10-21 09:17 -------- d-----w- c:\programdata\KONAMI
2009-10-20 17:29 . 2009-05-30 09:59 -------- d-----w- c:\program files\Hamachi
2009-10-20 17:21 . 2008-06-18 14:05 4096 d-----w- c:\users\Sofian\AppData\Roaming\Hamachi
2009-10-20 16:26 . 2008-10-28 20:10 8192 d-----w- c:\program files\PES 2009
2009-10-18 13:08 . 2008-11-22 17:43 4096 d-----w- c:\program files\SystemRequirementsLab
2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2009-10-11 11:50 . 2009-10-11 11:50 -------- d-----w- c:\program files\Loquendo
2009-10-10 11:22 . 2009-10-10 11:20 -------- d-----w- c:\users\Sofian\AppData\Roaming\ISP Monitor
2009-10-10 11:20 . 2009-10-10 11:20 4096 d-----w- c:\program files\ISP Monitor
2009-10-10 11:20 . 2009-10-10 11:20 737280 ----a-w- c:\windows\iun6002.exe
2009-10-06 19:56 . 2008-04-15 23:36 4096 d-----w- c:\program files\Google
2009-10-05 14:32 . 2009-10-05 14:30 -------- d-----w- c:\programdata\DriverScanner
2009-10-05 14:30 . 2009-10-05 14:29 4096 dc-h--w- c:\programdata\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-10-05 14:30 . 2008-11-29 09:39 -------- d-----w- c:\program files\Uniblue
2009-10-05 14:30 . 2008-10-25 07:43 -------- d-----w- c:\users\Sofian\AppData\Roaming\Uniblue
2009-10-04 20:25 . 2008-04-30 13:05 8192 d-----w- c:\users\Sofian\AppData\Roaming\LimeWire
2009-10-04 18:07 . 2009-10-04 18:07 4096 d-----w- c:\program files\Auto Clicker
2009-10-03 21:19 . 2009-10-03 21:11 -------- d-----w- c:\program files\Foxit Software
2009-10-03 11:19 . 2009-03-27 18:44 4096 d-----w- c:\program files\LimeWire
2009-10-01 01:02 . 2009-11-22 19:48 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-22 19:48 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-11-22 19:48 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-22 19:48 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-22 19:48 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-22 19:48 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-22 19:48 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-22 19:48 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-22 19:48 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-22 19:48 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-22 19:48 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-22 19:48 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_d_ind.dll
2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_c_ind.dll
2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_b_ind.dll
2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_a_ind.dll
2008-04-15 23:28 . 2008-04-15 23:28 76 --sha-w- c:\windows\CT4CET.bin
2008-04-19 11:13 . 2008-04-19 11:13 76 --sha-w- c:\windows\CT5PRET.BIN
2008-06-18 20:37 . 2008-06-18 20:37 0 --sha-w- c:\windows\SDE9B2FEC(285).tmp
2008-06-18 20:37 . 2008-06-18 20:37 0 --sha-w- c:\windows\SDE9B2FEC(559).tmp
2008-06-18 20:37 . 2008-06-18 20:37 0 --sh--w- c:\windows\SDE9B2FEC.tmp
2008-12-11 21:38 . 2008-12-11 11:43 2048 --sha-w- c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
2008-12-11 21:38 . 2008-12-11 11:43 2048 --sha-w- c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
2009-01-20 20:04 . 2008-11-28 16:46 88 --sha-r- c:\windows\System32\658BC72326.sys
2009-01-20 20:04 . 2008-11-28 16:46 3036 --sha-w- c:\windows\System32\KGyGaAvL.sys
2007-02-26 18:59 . 2007-02-26 18:59 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
"VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\voipbuster.exe" [2009-11-12 9094448]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-22 39408]
"Google Update"="c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-11-21 135664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DeStatusMon"="c:\program files\Dell\MFP_DELL\deDvcStatus.exe dvcStatusMinimize" [X]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe " [X]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-03-12 79400]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]
"FG_Monitor"="c:\program files\Folder Guard Pro\FGKey.exe" [2007-02-24 132680]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-13 149280]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-01-11 101136]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-4-16 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-9-7 1180952]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(:7e,c7,31,9a,a9,6b,ca,01
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-991331777-2378318461-4560006-1000]
"EnableNotificationsRef"=dword:00000001
R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [21/08/2009 8:49 64160]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [5/07/2006 13:46 63352]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [28/03/2009 9:53 114768]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [16/04/2008 0:08 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [28/03/2009 9:53 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [28/03/2009 9:52 53328]
R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\System32\drivers\CamthWDM.sys [30/11/2008 0:59 941784]
R2 deMntrService;Dell AIO Center Service;c:\program files\Dell\MFP_DELL\deMntrService.exe [28/06/2007 14:05 131072]
R2 FGUARD32;FGUARD32;c:\program files\Folder Guard Pro\FGUARD32.SYS [5/09/2009 15:53 48896]
R2 FsUsbExService;FsUsbExService;c:\windows\System32\FsUsbExService.Exe [22/06/2009 18:56 233472]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29/10/2009 12:27 1074568]
R2 ISPMonitorSrv;ISP Monitor;c:\program files\ISP Monitor\ISPMonitorSrv.exe [22/08/2007 23:55 36864]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 22:34 1028432]
R2 litsgt;litsgt;c:\windows\System32\drivers\litsgt.sys [14/02/2009 17:48 137344]
R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 10:18 202016]
R2 tansgt;tansgt;c:\windows\System32\drivers\tansgt.sys [14/02/2009 17:48 12032]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30/03/2009 16:28 1533808]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [22/06/2009 18:56 36608]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [30/11/2008 0:59 111616]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [30/11/2008 0:59 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [30/11/2008 0:59 7424]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\drivers\ASPI32.SYS [15/04/2009 13:13 84832]
S3 DESVUSB;Dell service driver;c:\windows\System32\drivers\desrvusb.sys [30/11/2008 0:59 17536]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/11/2009 18:23 21504]
S3 getPlusHelper;getPlus® Helper;c:\windows\System32\svchost.exe -k getPlusHelper [21/11/2009 18:23 21504]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 WMSvc;Web Management-service;c:\windows\System32\inetsrv\WMSvc.exe [2/11/2006 13:36 10752]
S4 Anyplace Control Security;Anyplace Control Security;c:\windows\svcadmin.exe [24/04/2008 17:44 104960]
--- Andere Services/Drivers In Geheugen ---
*NewlyCreated* - FSUSBEXDISK
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LPDService REG_MULTI_SZ LPDSVC
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
bthsvcs REG_MULTI_SZ BthServ
getPlusHelper REG_MULTI_SZ getPlusHelper
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de 'Gedeelde Taken' map
2009-11-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 08:47]
2009-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-991331777-2378318461-4560006-1000Core.job
- c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-21 11:41]
2009-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-991331777-2378318461-4560006-1000UA.job
- c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-21 11:41]
2009-11-28 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2007-10-16 09:20]
2008-12-12 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2007-10-16 09:20]
2009-11-27 c:\windows\Tasks\User_Feed_Synchronization-{D130A10C-2448-4567-A8B2-044877608ACE}.job
- c:\windows\system32\msfeedssync.exe [2009-11-21 03:41]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
mStart Page = hxxp://www.games-fusion.net/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Formulieren opslaan - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Invul Formulieren - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Menu aanpassen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RoboForm Werkbalk - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} - hxxp://www.fiaa.eu/OPLauncher.cab
FF - ProfilePath - c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - prefs.js: keyword.URL -
FF - component: c:\program files\Siber Systems\AI RoboForm\Firefox\components\rfproxy_31.dll
FF - component: c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - plugin: c:\progra~1\SONYON~1\npsoe.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\programdata\NexonEU\NGM\npNxGameeu.dll
FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\users\Sofian\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.ftp -
FF - user.js: network.proxy.ftp_port - 0
FF - user.js: network.proxy.gopher -
FF - user.js: network.proxy.gopher_port - 0
FF - user.js: network.proxy.socks_version - 5
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
FF - user.js: nglayout.initialpaint.delay - 100
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.interval - 100000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 4
FF - user.js: network.http.max-persistent-connections-per-server - 2
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS VERWIJDERD - - - -
SafeBoot-dmboot.sys
SafeBoot-dmio.sys
SafeBoot-dmload.sys
SafeBoot-dmadmin
SafeBoot-dmserver
SafeBoot-SRService
AddRemove-Ad-Aware - c:\programdata\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe REMOVE=TRUE MODIFY=FALSE
AddRemove-eBay Icon - c:\users\Sofian\AppData\Roaming\Desktopicon\uninst.exe
AddRemove-Uniblue RegistryBooster 2009 - c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe REMOVE=TRUE MODIFY=FALSE
AddRemove-{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} - c:\program files\DellTPad\Uninstap.exe ADDREMOVE
**************************************************************************
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden:
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'Explorer.exe'(5280)
c:\windows\system32\btncopy.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\windows\system32\WLANExt.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\CISVC.EXE
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PSIService.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\STacSV.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Dell\MFP_DELL\deDvcStatus.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\Apntex.exe
c:\program files\DellTPad\HidFind.exe
c:\windows\ehome\ehmsas.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Voltooingstijd: 2009-11-28 18:16 - machine werd herstart
ComboFix-quarantined-files.txt 2009-11-28 17:15
Pre-Run: 6.521.765.888 bytes beschikbaar
Post-Run: 6.281.785.344 bytes beschikbaar
- - End Of File - - E029799205AD1276FDBD79F3C4645D23
Mijn computer is wel een tikkeltje sneller nu, maar het blijft nog altijd een beetje traag
-
Ja het is wel wat sneller, maar niet zo snel als vroeger jammer genoeg.
-
Cool, Avast heeft hierop gereageerd.
-
Het MBAM-logje
Malwarebytes' Anti-Malware 1.41
Database versie: 3250
Windows 6.0.6002 Service Pack 2
28/11/2009 14:11:21
mbam-log-2009-11-28 (14-11-21).txt
Scan type: Snelle Scan
Objecten gescand: 98974
Verstreken tijd: 5 minute(s), 24 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
En nu van Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:16:53, on 28/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Folder Guard Pro\FGKey.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conime.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Users\Sofian\AppData\Local\Temp\newtmp\scvhoq.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Games Fusion - PC Cheats, Saved Games, Trailers, Demos and Patches
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [DeStatusMon] "C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard Pro\FGKey.exe /Start
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted IP range: http://192.168.0.1
O15 - ESC Trusted IP range: http://192.168.0.1
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258806103935
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258907798795
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 13043 bytes
-
Goeiendag,
Mijn computer reageert sinds gisteren wel een beetje traag. Ik heb alvast een HJT-logje gemaakt
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:55:00, on 28/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Folder Guard Pro\FGKey.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conime.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Users\Sofian\AppData\Local\Temp\newtmp\scvhoq.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Games Fusion - PC Cheats, Saved Games, Trailers, Demos and Patches
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [DeStatusMon] "C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard Pro\FGKey.exe /Start
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: scvhoq.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted IP range: http://192.168.0.1
O15 - ESC Trusted IP range: http://192.168.0.1
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258806103935
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258907798795
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 13277 bytes
-
Opgelost. Gewoon Java op een andere computer installeren en de map in Program Files kopieren op een USB-Stick en daarna terug op deze computer in Program Files geplaatst
-
Geen virussen
Explorer.exe
in Archief Windows Algemeen
Geplaatst:
Nou ja, ik ga eens een HJT-Logje maken en misschien lost dat het wel op.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:09:00, on 19/02/2010
Platform: Windows Vista SP3 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Windows\ffpext\ffpsrv.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell / MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [ffpsrv] c:\windows\ffpext\ffpsrv.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [sTToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: LogMeIn Hamachi.lnk = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12480 bytes