sofianmaster
-
Items
157 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door sofianmaster
-
-
Goedendag,
Ik spreek al maanden met mijn vriend op voipbuster. Van PC naar PC
Nu spreek ik met hem en iemand anders tesamen op MSN tegelijk.
Na een week, als ik met hen allebei wil spreken. 1 via voipbuster en 1 via msn.
Blokkeert msn en voipbuster en sluiten ze af.
Waarom zou ik niet meer spreken met hen allebei.
Dank u
-
Bedankt kweezie wabbit. Het werkt.
Slotje
-
Goeiendag,
Ik heb op mijn computer in de map "opstarten" een programma toegevoegd.
Nou als ik bij dat kleine programma op minimaliseren druk, gaat het in tray.
Hoe zou ik Windows configureren dat het programma automatisch opstart en naar tray gaat.
Dank u
-
Weer een dubbel post
-
Hier is het logje dan
ComboFix 09-01-31.01 - Sofian 2009-02-01 14:09:01.4 - NTFSx86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.2037.1469 [GMT 1:00]
Gestart vanuit: c:\users\Sofian\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Sofian\Desktop\CFScript.txt
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-01-01 to 2009-02-01 ))))))))))))))))))))))))))))))
.
2009-01-31 23:56 . 2008-11-26 18:17 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys
2009-01-31 14:42 . 2009-01-31 14:42 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-31 14:42 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-01-31 14:42 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-01-30 23:41 . 2009-01-30 23:41 <DIR> d-------- c:\program files\Gabest
2009-01-28 21:47 . 2009-01-28 21:47 45 --a------ c:\windows\System32\initdebug.nfo
2009-01-28 18:38 . 2009-01-28 18:41 <DIR> d-------- c:\program files\DivX
2009-01-26 19:08 . 2009-01-26 19:08 <DIR> d-------- c:\program files\Xvid(120)
2009-01-26 18:50 . 2009-01-26 18:50 <DIR> d-------- c:\users\Sofian\AppData\Roaming\BSplayer Pro
2009-01-26 18:50 . 2009-01-26 18:54 <DIR> d-------- c:\users\Sofian\AppData\Roaming\BSplayer
2009-01-26 18:50 . 2009-01-26 18:50 <DIR> d-------- c:\program files\Webteh
2009-01-24 16:40 . 2009-01-24 16:54 <DIR> d-------- c:\program files\AC3Filter
2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\users\Sofian\AppData\Roaming\River Past G5
2009-01-24 16:35 . 2009-01-24 16:47 <DIR> d-------- c:\users\All Users\River Past G5
2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\program files\River Past
2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\program files\Common Files\River Past
2009-01-24 16:35 . 2009-01-24 16:47 <DIR> d-------- c:\progra~2\River Past G5
2009-01-24 16:35 . 2009-01-24 16:35 163,250 --a------ c:\windows\Audio Converter Pro Uninstaller.exe
2009-01-24 16:30 . 2009-01-24 16:32 <DIR> d-------- c:\program files\DoremiSoft
2009-01-24 16:25 . 2009-01-24 16:27 150 --a------ c:\windows\videotoaudio.ini
2009-01-24 16:24 . 2009-01-24 16:24 <DIR> d-------- c:\program files\Crystal Software
2009-01-24 16:24 . 2009-01-24 16:27 5 --a------ c:\windows\System32\SySatw.dat
2009-01-24 16:22 . 2004-12-07 10:11 258,352 --a------ c:\windows\System32\Unicows.dll
2009-01-24 15:28 . 2009-01-04 12:35 31,232 --a------ c:\windows\system\vdremote.dll
2009-01-24 15:28 . 2009-01-04 12:35 25,088 --a------ c:\windows\system\vdsvrlnk.dll
2009-01-24 00:14 . 2006-10-26 19:56 32,592 --a------ c:\windows\System32\msonpmon.dll
2009-01-24 00:01 . 2009-01-27 21:53 <DIR> d-------- c:\users\All Users\Microsoft Help
2009-01-24 00:01 . 2009-01-27 21:53 <DIR> d-------- c:\progra~2\Microsoft Help
2009-01-23 23:57 . 2009-01-23 23:57 <DIR> d-------- c:\users\Sofian\AppData\Roaming\DAEMON Tools Lite
2009-01-23 23:36 . 2006-11-02 10:39 15,821,312 --a------ c:\windows\System32\imageres.dll
2009-01-23 22:30 . 2009-01-24 17:55 <DIR> d-------- c:\users\Sofian\AppData\Roaming\vlc
2009-01-23 22:23 . 2009-01-23 22:24 <DIR> d-------- c:\users\Sofian\AppData\Roaming\MozillaControl
2009-01-23 22:23 . 2009-01-23 22:23 <DIR> d-------- c:\users\All Users\Graboid Inc
2009-01-23 22:23 . 2009-01-23 22:23 <DIR> d-------- c:\progra~2\Graboid Inc
2009-01-23 22:22 . 2009-01-23 22:30 <DIR> d-------- c:\program files\Graboid
2009-01-22 19:11 . 2009-01-22 19:11 <DIR> d-------- c:\users\All Users\TechSmith
2009-01-22 19:11 . 2009-01-22 19:11 <DIR> d-------- c:\progra~2\TechSmith
2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\windows\System32\QuickTime
2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\program files\TechSmith
2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\program files\Common Files\TechSmith Shared
2009-01-22 19:08 . 2008-07-10 14:56 107,864 --a------ c:\windows\System32\tsccvid.dll
2009-01-20 19:57 . 2009-01-20 20:46 <DIR> d-------- c:\users\Sofian\AppData\Roaming\SmartDraw
2009-01-19 21:34 . 2009-01-20 19:13 <DIR> d-------- c:\program files\Linguistic Systems
2009-01-18 19:25 . 2009-01-30 23:18 21,840 --a----t- c:\windows\System32\SIntfNT.dll
2009-01-18 19:25 . 2009-01-30 23:18 17,212 --a----t- c:\windows\System32\SIntf32.dll
2009-01-18 19:25 . 2009-01-30 23:18 12,067 --a----t- c:\windows\System32\SIntf16.dll
2009-01-18 17:08 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll
2009-01-18 17:08 . 2006-11-29 13:06 440,080 --a------ c:\windows\System32\d3dx10.dll
2009-01-18 17:08 . 2006-12-08 12:02 251,672 --a------ c:\windows\System32\xactengine2_5.dll
2009-01-18 00:25 . 2009-01-18 00:25 <DIR> d-------- c:\program files\Paint.NET
2009-01-16 18:54 . 2009-01-16 20:42 <DIR> d-------- c:\program files\Counter-Strike Source
2009-01-11 13:47 . 2009-01-11 13:54 <DIR> d-------- c:\users\Sofian\AppData\Roaming\RegTool
2009-01-02 21:42 . 2009-01-02 21:42 <DIR> d-------- c:\program files\GameSpy3D
2009-01-01 15:24 . 2009-01-01 15:24 103,736 --a------ c:\windows\System32\PnkBstrB.exe
2009-01-01 15:24 . 2009-01-01 15:24 22,328 --a------ c:\windows\System32\drivers\PnkBstrK.sys
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-31 10:15 --------- d-----w c:\program files\Midnight Club 2
2009-01-30 22:44 --------- d-----w c:\program files\ffdshow
2009-01-30 19:23 --------- d-----w c:\users\Sofian\AppData\Roaming\Hamachi
2009-01-27 22:47 --------- d-----w c:\users\Sofian\AppData\Roaming\uTorrent
2009-01-27 21:11 --------- d-----w c:\program files\dvdSanta
2009-01-27 20:52 --------- d-----w c:\program files\Microsoft Works
2009-01-27 20:49 --------- d-----w c:\program files\MSBuild
2009-01-27 17:36 --------- d-----w c:\program files\Xvid
2009-01-27 17:36 --------- d-----w c:\program files\WarRock
2009-01-27 17:36 --------- d-----w c:\program files\Sigmatel
2009-01-27 17:25 --------- d-----w c:\users\Sofian\AppData\Roaming\LimeWire
2009-01-27 17:23 --------- d-----w c:\program files\Java
2009-01-27 17:22 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-27 17:07 --------- d-----w c:\program files\Intel
2009-01-27 16:01 --------- d-----w c:\program files\Dell
2009-01-24 19:45 --------- d-----w c:\program files\Pegasys Inc
2009-01-20 20:04 3,036 --sha-w c:\windows\System32\KGyGaAvL.sys
2009-01-20 20:04 --------- d-----w c:\users\Sofian\AppData\Roaming\Corel
2009-01-20 16:14 --------- d-----w c:\users\Sofian\AppData\Roaming\Pegasys Inc
2009-01-18 18:26 --------- d-----w c:\program files\Disney Interactive
2009-01-18 16:27 --------- d-----w c:\program files\Activision
2009-01-18 16:09 --------- d-----w c:\users\Sofian\AppData\Roaming\Activision
2009-01-18 16:09 --------- d-----w c:\progra~2\Activision
2009-01-18 12:49 --------- d-----w c:\program files\Steam
2009-01-18 12:47 --------- d-----w c:\program files\Common Files\Steam
2009-01-16 16:02 --------- d-----w c:\program files\Counter-Strike 1.6
2009-01-09 17:24 --------- d-----w c:\users\Sofian\AppData\Roaming\MailWasherPro
2009-01-07 21:18 --------- d-----w c:\program files\CCleaner
2009-01-07 18:10 --------- d-----w c:\program files\Mozilla Thunderbird
2009-01-04 17:45 --------- d-----w c:\progra~2\Roxio
2009-01-01 14:24 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2008-12-31 18:54 --------- d-----w c:\program files\StuffPlug3
2008-12-28 15:57 --------- d-----w c:\program files\Live For Speed
2008-12-27 19:07 --------- d-----w c:\users\Sofian\AppData\Roaming\OpenOffice.org
2008-12-26 12:57 98,304 ----a-w c:\windows\System32\CmdLineExt.dll
2008-12-26 12:54 --------- d-----w c:\program files\Empire Interactive
2008-12-25 17:20 --------- d-----w c:\program files\AlerteGPS
2008-12-24 17:15 --------- d-----w c:\program files\SWAT 4
2008-12-24 10:30 --------- d-----w c:\program files\OpenOffice.org 3
2008-12-24 10:30 --------- d-----w c:\program files\JRE
2008-12-24 10:14 --------- d-----w c:\program files\Common Files\Java
2008-12-24 10:13 --------- d-----w c:\users\Sofian\AppData\Roaming\OpenOffice.org2
2008-12-18 11:38 --------- d-----w c:\program files\PES 2009
2008-12-17 17:22 444,952 ----a-w c:\windows\System32\wrap_oal.dll
2008-12-17 17:22 109,080 ----a-w c:\windows\System32\OpenAL32.dll
2008-12-17 15:02 --------- d-----w c:\program files\Codemasters
2008-12-17 12:06 --------- d-----w c:\progra~2\Codemasters
2008-12-16 21:14 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-12-16 21:07 --------- d-----w c:\program files\Cool Beans NFO Creator
2008-12-16 21:03 --------- d-----w c:\program files\OpenAL
2008-12-14 18:11 --------- d-----w c:\users\Sofian\AppData\Roaming\Webcammax
2008-12-14 18:00 --------- d-----w c:\progra~2\Yahoo!
2008-12-14 17:59 --------- d-----w c:\users\Sofian\AppData\Roaming\Yahoo!
2008-12-14 17:59 --------- d-----w c:\program files\Yahoo!
2008-12-14 17:59 --------- d-----w c:\progra~2\Yahoo! Companion
2008-12-11 20:54 --------- d-----w c:\program files\LimeWire
2008-12-11 19:52 --------- d-----w c:\program files\RegCure
2008-12-10 21:29 73,216 ----a-w c:\windows\System32\msiexec.exe
2008-12-10 21:29 332,800 ----a-w c:\windows\System32\msihnd.dll
2008-12-10 21:29 2,560 ----a-w c:\windows\System32\msimsg.dll
2008-12-10 21:29 2,252,288 ----a-w c:\windows\System32\msi.dll
2008-12-10 12:36 --------- d-----w c:\program files\Common Files\Futuremark Shared
2008-12-10 11:32 --------- d-----w c:\users\Sofian\AppData\Roaming\SystemRequirementsLab
2008-12-09 21:47 --------- d-----w c:\users\Sofian\AppData\Roaming\Desktopicon
2008-12-09 21:34 410,984 ----a-w c:\windows\System32\deploytk.dll
2008-12-09 21:27 --------- d-----w c:\progra~2\Spybot - Search & Destroy
2008-12-08 19:05 73,216 ----a-w c:\windows\ST6UNST.EXE
2008-12-08 19:05 249,856 ------w c:\windows\Setup1.exe
2008-12-08 19:05 --------- d-----w c:\program files\vbNFSMWMegaTrainer
2008-12-05 16:44 --------- d-----w c:\program files\Electronic Arts
2008-11-30 14:46 22,328 ----a-w c:\users\Sofian\AppData\Roaming\PnkBstrK.sys
2008-11-30 08:39 51,224 ----a-w c:\windows\System32\wuauclt.exe
2008-11-30 08:39 43,544 ----a-w c:\windows\System32\wups2.dll
2008-11-30 08:39 1,809,944 ----a-w c:\windows\System32\wuaueng.dll
2008-11-30 08:39 1,524,736 ----a-w c:\windows\System32\wucltux.dll
2008-11-30 08:38 83,456 ----a-w c:\windows\System32\wudriver.dll
2008-11-30 08:38 561,688 ----a-w c:\windows\System32\wuapi.dll
2008-11-30 08:38 34,328 ----a-w c:\windows\System32\wups.dll
2008-11-30 08:38 31,232 ----a-w c:\windows\System32\wuapp.exe
2008-11-30 08:38 162,064 ----a-w c:\windows\System32\wuwebv.dll
2008-11-06 16:35 200,704 ----a-w c:\windows\System32\ssldivx.dll
2008-11-06 16:35 1,044,480 ----a-w c:\windows\System32\libdivx.dll
2008-11-02 09:11 60,273 ----a-w c:\windows\System32\pthreadGC2.dll
2008-09-02 15:06 24 ----a-w c:\users\Sofian\jagex_runescape_preferences.dat
2008-05-18 09:28 0 ----a-w c:\users\Sofian\AppData\Roaming\wklnhst.dat
2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2008-04-15 23:28 76 --sha-w c:\windows\CT4CET.bin
.
((((((((((((((((((((((((((((( snapshot@2009-01-31_20.53.42.53 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-01-31 17:53:39 2,484 ----a-w c:\windows\bthservsdp.dat
+ 2009-01-31 23:42:15 2,484 ----a-w c:\windows\bthservsdp.dat
- 2009-01-31 18:40:15 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-01 13:07:17 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-01 13:07:17 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2009-01-31 18:40:10 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-01 13:07:12 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-01 13:07:12 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
+ 2008-11-26 17:21:30 1,236,208 ----a-w c:\windows\System32\aswBoot.exe
+ 2008-11-26 17:15:10 97,480 ----a-w c:\windows\System32\AvastSS.scr
- 2009-01-31 18:36:55 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-01 12:52:16 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-01-31 18:36:55 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-01 12:52:16 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-01-31 18:36:55 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-01 12:52:16 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-26 17:17:25 20,560 ----a-w c:\windows\System32\drivers\aswFsBlk.sys
+ 2008-11-26 17:16:29 23,152 ----a-w c:\windows\System32\drivers\aswRdr.sys
+ 2008-11-26 17:17:36 111,184 ----a-w c:\windows\System32\drivers\aswSP.sys
+ 2008-11-26 17:16:38 50,864 ----a-w c:\windows\System32\drivers\aswTdi.sys
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\voipbuster.exe" [2008-11-24 9017648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"DeStatusMon"="c:\program files\Dell\MFP_DELL\deDvcStatus.exe" [2007-06-28 286720]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-03-12 79400]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-09 136600]
"Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2007-03-21 478800]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-11 c:\windows\KHALMNPR.Exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
"aswAhAScr.dll"="c:\progra~1\ALWILS~1\Avast4\ASWREG~1.EXE" [2003-09-16 22016]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-04-16 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-09-07 1180952]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-991331777-2378318461-4560006-1000]
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"UDP Query User{5CC58DDD-6000-4FB3-A854-7241EBE4C5CB}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= TCP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:TP_Win32
"TCP Query User{54834E1A-4F46-47D1-91AA-6AFB388A49A3}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= UDP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:TP_Win32
"UDP Query User{A3111D06-F8A6-4033-9D01-E0865EAEB4D9}c:\\program files\\valve\\counter-strike source\\hl2.exe"= TCP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"TCP Query User{9293FB58-0420-4115-A49E-A2976C1B3564}c:\\program files\\valve\\counter-strike source\\hl2.exe"= UDP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"{D346D765-9524-49F4-BDED-DDB16AE73879}"= TCP:c:\windows\System32\mqsvc.exe:Message Queuing
"{45A90E50-5152-4959-8E7F-7E7EF4F7424A}"= UDP:c:\windows\System32\mqsvc.exe:Message Queuing
"{1D9069E9-375D-44A0-9CC2-400255F8CE78}"= TCP:c:\windows\System32\mqsvc.exe:Message Queuing
"{63477523-E780-4425-82C0-55FFAA497F10}"= UDP:c:\windows\System32\mqsvc.exe:Message Queuing
"UDP Query User{1C7BFDF9-B75E-43EC-B6BB-E8A9D0B7D71D}c:\\program files\\dna\\btdna.exe"= TCP:c:\program files\dna\btdna.exe:DNA
"TCP Query User{3CA1B8DB-15AF-4500-8464-89652E56CCDD}c:\\program files\\dna\\btdna.exe"= UDP:c:\program files\dna\btdna.exe:DNA
"{ED40C921-0241-41BA-9728-57E557C93C9E}"= TCP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{D2FCE9FF-BA9C-4637-81C6-5E482A64F5AE}"= UDP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{6B4496AF-FC00-4791-BFBA-2A8BBB254869}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"UDP Query User{E5B9A067-7D56-4164-962D-4FC016F75802}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{FFE6709D-E020-4886-8070-432D9ADD0FAE}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{3245B40A-F081-4386-8E3A-2289A2C6614F}c:\\program files\\counter-strike 1.6\\hlds.exe"= TCP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
"TCP Query User{C96B2973-710E-48B9-A8F9-B91A6F5DCC36}c:\\program files\\counter-strike 1.6\\hlds.exe"= UDP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
"UDP Query User{E51EBB21-CF5E-4D83-9AA2-2D8C282E9AC6}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"TCP Query User{3656B3D5-B7C1-45B2-998F-56B20C9E9581}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{2879B1FB-70EE-47C4-8654-8A1DC1DF0DFD}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"TCP Query User{9A526FB3-485C-4E94-B333-92CE71217FED}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{514D414F-BEC6-4BEF-9EE9-7E68D1A05CEF}c:\\users\\sofian\\appdata\\roaming\\mozilla\\firefox\\profiles\\yo9qwklf.default\\extensions\\solidstateion@solidstatenetworks.com\\plugins\\solidnm.exe"= TCP:c:\users\sofian\appdata\roaming\mozilla\firefox\profiles\yo9qwklf.default\extensions\solidstateion@solidstatenetworks.com\plugins\solidnm.exe:solidnm.exe
"TCP Query User{55A58C11-6386-4375-88C1-005F988E9E3D}c:\\users\\sofian\\appdata\\roaming\\mozilla\\firefox\\profiles\\yo9qwklf.default\\extensions\\solidstateion@solidstatenetworks.com\\plugins\\solidnm.exe"= UDP:c:\users\sofian\appdata\roaming\mozilla\firefox\profiles\yo9qwklf.default\extensions\solidstateion@solidstatenetworks.com\plugins\solidnm.exe:solidnm.exe
"UDP Query User{8CF5866F-A838-4FB1-A9C1-8938F237C422}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{989B7C13-1290-44EF-9FBC-842CA0D14D81}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{A5EB80E9-95C2-46DA-A037-73A2764FAC35}c:\\program files\\fifa09\\fifa09.exe"= TCP:c:\program files\fifa09\fifa09.exe:FIFA09
"TCP Query User{FD7024AD-BD7F-4F6E-9614-16B288759DAC}c:\\program files\\fifa09\\fifa09.exe"= UDP:c:\program files\fifa09\fifa09.exe:FIFA09
"{238E3750-1BF9-4C39-91C5-2FE52CB02AB9}"= TCP:c:\users\Sofian\AppData\Local\Temp\IXP000.TMP\pes2009.exe:Pro Evolution Soccer 2009
"{2D0DFF56-FE02-46CA-B338-8A03C162B8CD}"= UDP:c:\users\Sofian\AppData\Local\Temp\IXP000.TMP\pes2009.exe:Pro Evolution Soccer 2009
"{5A873637-D304-44AD-B6B7-D92CAC9CB7A7}"= TCP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{71F6CAC2-2793-4B81-9419-D0E6CDE27018}"= UDP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"UDP Query User{3BA73912-EFBC-445F-9FED-48D4C32F0E70}c:\\users\\sofian\\program files\\dna\\btdna.exe"= TCP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"TCP Query User{B16AEDBA-9399-48CB-9528-0E76A6C6EBAB}c:\\users\\sofian\\program files\\dna\\btdna.exe"= UDP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"UDP Query User{56B32E8E-6D7C-4E4D-BEAA-4143D683FA87}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{7C790108-0887-4C66-AAA4-242BC76667BC}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"{FB7012F6-A0C8-4829-841C-5485A6D7DD44}"= UDP:443:Utorrent
"UDP Query User{4BA4EECA-D8F9-4C97-B7B4-0EA7AEFDB223}c:\\users\\sofian\\program files\\dna\\btdna.exe"= TCP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"TCP Query User{961E0236-D718-46B2-A522-505DBFF4766D}c:\\users\\sofian\\program files\\dna\\btdna.exe"= UDP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"UDP Query User{0C2368A4-D8F1-4A43-9E5A-720E391B0D21}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{2EBC57E7-8E14-4963-84BC-D5B70D7B3084}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{CC6F7951-1541-4A49-B98E-6908AD7BC79B}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{657A9266-4CFF-48EC-841D-F69665BBED93}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{6BFA36F6-AD9B-49D6-B501-B2A139A00C84}c:\\program files\\rockstar games\\gta san andreas\\samp server\\samp-server.exe"= TCP:c:\program files\rockstar games\gta san andreas\samp server\samp-server.exe:samp-server
"TCP Query User{D8D696A3-E7E5-469F-B882-07C23402EDDF}c:\\program files\\rockstar games\\gta san andreas\\samp server\\samp-server.exe"= UDP:c:\program files\rockstar games\gta san andreas\samp server\samp-server.exe:samp-server
"UDP Query User{AC851BC4-9C86-4F06-8029-6C6050F73632}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{160A1F8E-75C0-4671-B13D-59C5ABD16251}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{D29620AC-3F93-49AA-B939-DFDCF0B35107}c:\\program files\\voipbuster.com\\voipbuster\\voipbuster.exe"= TCP:c:\program files\voipbuster.com\voipbuster\voipbuster.exe:Client to make VoIP calls.
"TCP Query User{2F1BC6CC-18FB-4243-87D2-2C9B93CAEAFF}c:\\program files\\voipbuster.com\\voipbuster\\voipbuster.exe"= UDP:c:\program files\voipbuster.com\voipbuster\voipbuster.exe:Client to make VoIP calls.
"UDP Query User{474CF4C1-C100-466E-B971-BD205B60E352}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.814\\gtarumbleserver.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex00.814\gtarumbleserver.exe:gtarumbleserver.exe
"TCP Query User{94D1A7BD-96D7-4473-8B89-8A4238224449}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.814\\gtarumbleserver.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex00.814\gtarumbleserver.exe:gtarumbleserver.exe
"UDP Query User{646FBDC6-C40B-444A-B597-427E6A6E7A80}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{A83BBA09-E270-48AB-879E-DE2A1FBD94E4}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"{59D77588-33BF-4B97-B10A-4897EB53AFE0}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{803E39F7-78B8-4684-99C0-0C2CB8BD4CFC}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"UDP Query User{21CC4C73-8569-45EE-997D-124B256FAAEA}c:\\users\\sofian\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= Disabled:TCP:c:\users\sofian\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"TCP Query User{22196733-FEDE-4DA5-83FC-DACF7CC96061}c:\\users\\sofian\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\sofian\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"UDP Query User{DEC548EE-2047-4C50-8BFF-CDAC46870652}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex35.8289\\patch.exe"= Disabled:TCP:c:\users\sofian\appdata\local\temp\rar$ex35.8289\patch.exe:patch.exe
"TCP Query User{3614CF16-7F8A-4004-8E05-3F400E4B5E3E}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex35.8289\\patch.exe"= Disabled:UDP:c:\users\sofian\appdata\local\temp\rar$ex35.8289\patch.exe:patch.exe
"UDP Query User{F18437DC-9F41-4383-9AD6-C1A60988DDCC}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex13.6771\\patch.exe"= Disabled:TCP:c:\users\sofian\appdata\local\temp\rar$ex13.6771\patch.exe:patch.exe
"TCP Query User{224A609B-63B2-467B-912D-A681AE74AD6E}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex13.6771\\patch.exe"= Disabled:UDP:c:\users\sofian\appdata\local\temp\rar$ex13.6771\patch.exe:patch.exe
"UDP Query User{C0E29B39-C25C-4FEF-A656-39E7F33E74BD}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"TCP Query User{8437116C-045A-4735-BA3A-C780755848AF}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{8CE7B374-7E44-412D-B4E4-D6AA7886F43F}c:\\program files\\mta san andreas\\server\\mta server.exe"= TCP:c:\program files\mta san andreas\server\mta server.exe:MTA Server
"TCP Query User{B36A7935-97DA-4F7A-AB71-CDBCFECAF281}c:\\program files\\mta san andreas\\server\\mta server.exe"= UDP:c:\program files\mta san andreas\server\mta server.exe:MTA Server
"{F2923331-22E1-4E05-8FD4-EED852780340}"= TCP:c:\program files\Hide IP Platinum\hideippla.exe:Hide IP Platinum
"{A645F9A2-9908-4313-8B14-70924656A8B9}"= UDP:c:\program files\Hide IP Platinum\hideippla.exe:Hide IP Platinum
"UDP Query User{324774FA-B894-4D94-962F-0FA0D38BCBBE}c:\\program files\\ea sports\\fifa 08\\fifa08.exe"= TCP:c:\program files\ea sports\fifa 08\fifa08.exe:FIFA08
"TCP Query User{0103AA03-8BA7-4D39-99CA-4EB76E0F2FDB}c:\\program files\\ea sports\\fifa 08\\fifa08.exe"= UDP:c:\program files\ea sports\fifa 08\fifa08.exe:FIFA08
"UDP Query User{D591E3CB-061E-47F3-A798-60851B935FFC}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{D8034389-8DA4-4336-9F4F-05DC5D6D933C}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{27CA4F2C-F4A8-4CCB-B37A-58D91CDA187B}c:\\windows\\system32\\zonelabs\\vsmon.exe"= TCP:c:\windows\system32\zonelabs\vsmon.exe:TrueVector Service
"TCP Query User{09B71C24-C278-4CEE-A07D-A85FAC53D66F}c:\\windows\\system32\\zonelabs\\vsmon.exe"= UDP:c:\windows\system32\zonelabs\vsmon.exe:TrueVector Service
"{A694356B-DCE6-46B4-81C9-7F1BF6E8D0BD}"= TCP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"{D6E0B432-B38F-4604-9C66-E8DBD0D26D85}"= UDP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"UDP Query User{081DF3A1-A737-4B1A-8E2F-3ED3191946D9}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{74E35358-40CC-48B1-8254-B8B0DE21EC20}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{9E78BC5B-6B79-4A83-B420-F4FFC1C824B9}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{3A67AA1E-2903-46CF-AFB3-13EDE809CC1C}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{3E3F2425-7523-4869-BF0B-948EE453792B}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{1E068C53-2CF4-45B3-B8D6-D5D2C758CC47}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{A60A5777-3712-4781-909A-E562EC13F6AB}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{1850859D-E62C-4D16-A780-4968346CA9C4}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"UDP Query User{E7EDA855-37AB-4B36-8022-BACE3FC8ADA0}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= TCP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:tp_win32
"TCP Query User{B233138C-50A1-4A52-A313-9863D95F0E53}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= UDP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:tp_win32
"{44532AF2-7C13-40D8-9DD2-BD9B00FAC573}"= TCP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"{CD223108-C909-4C5F-A619-812D6AD86666}"= UDP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"{9AC21C58-6565-4B09-A236-1C6E53E234D8}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{11B576E1-B887-47A7-A55D-9EDD18EFE2C6}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{F8E3F7D3-F590-4016-9007-3EAE21EAA446}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{369C3E79-E41A-44B4-A978-2B93CFF0CE3C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DDB069C9-E320-4264-9A6D-6EC50BF098F3}"= TCP:c:\users\Sofian\Program Files\uTorrent\uTorrent.exe:µTorrent
"{3522FAAA-E7CC-4D52-8A11-379115C6D72E}"= UDP:c:\users\Sofian\Program Files\uTorrent\uTorrent.exe:µTorrent
"{C54D7D3B-57AF-4522-89AA-159E577773D0}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{3DB6E3AB-1D74-4F00-A772-795E4A26D6D8}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{3CABAA43-9F86-4D02-AB76-8FE8F562D6AD}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{D874EB75-B187-4F66-9E24-8BDB71152578}"= c:\program files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect
"{B47A655A-053C-4B47-BC89-646ACA1D9DF1}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{149CA782-81E2-49E4-B14A-D23BCA105DAC}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{AEC7333B-4641-4907-A68C-64304FC929E1}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{6F77D1F2-B3BB-40F5-B0CC-1A129BBEBB37}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{98FAEA70-FFDF-4465-9FED-0D9E424E96CC}c:\\program files\\rainbow six vegas\\binaries\\r6vegas2_game.exe"= UDP:c:\program files\rainbow six vegas\binaries\r6vegas2_game.exe:R6Vegas2_Game
"UDP Query User{06AF7056-339E-4B4B-ACED-28D9AED1B00A}c:\\program files\\rainbow six vegas\\binaries\\r6vegas2_game.exe"= TCP:c:\program files\rainbow six vegas\binaries\r6vegas2_game.exe:R6Vegas2_Game
"{A72FA228-4027-4C09-9E5D-16CCCADDE895}"= UDP:27015:cs
"{6F58EE41-EE56-466A-811E-B91231C6B098}"= TCP:27015:cs2
"TCP Query User{89D619DA-8462-47D2-B87A-F65465542D13}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{81D927CC-9991-4D31-BA21-F5D597770B4C}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{CF28231D-A4AB-4EC6-A8A1-3435FEDA5975}c:\\program files\\free download manager\\fdm.exe"= UDP:c:\program files\free download manager\fdm.exe:Free Download Manager
"UDP Query User{467F41AF-99A6-455D-B1B2-CE2308C3AE3D}c:\\program files\\free download manager\\fdm.exe"= TCP:c:\program files\free download manager\fdm.exe:Free Download Manager
"TCP Query User{8A7D27FA-DA13-49A0-A28C-6CEA99A48ED0}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= UDP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"UDP Query User{1AFCE24B-B976-41BB-8277-5EF44F459ADD}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= TCP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"TCP Query User{B8B3C1A0-DAAC-4EE9-A6F9-64EAF9419DE5}c:\\program files\\midnight club 2\\mc2.exe"= UDP:c:\program files\midnight club 2\mc2.exe:mc2
"UDP Query User{6A29C6CE-3831-4646-B400-5F783BCAEACD}c:\\program files\\midnight club 2\\mc2.exe"= TCP:c:\program files\midnight club 2\mc2.exe:mc2
"{B9BC18A5-EFE4-46EB-AC93-72A2B6F801D7}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{18CEC237-0B76-4515-BE32-0C100FEC6D86}c:\\program files\\midnight club 2\\mc2.exe"= UDP:c:\program files\midnight club 2\mc2.exe:mc2
"UDP Query User{148526E6-35AA-46C0-884C-A31AA5BBEAB9}c:\\program files\\midnight club 2\\mc2.exe"= TCP:c:\program files\midnight club 2\mc2.exe:mc2
"TCP Query User{D761FCBC-4F47-4BFE-BFE4-42DF050F1529}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{32E24C83-E7F4-44A1-B755-B8F8F20D4A0E}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"TCP Query User{9BDB6799-E480-4523-BB34-7599B7A3C00F}c:\\program files\\valve\\counter-strike source\\hl2.exe"= UDP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"UDP Query User{DC5F9973-99AE-45C3-926A-6016CA54FA07}c:\\program files\\valve\\counter-strike source\\hl2.exe"= TCP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"TCP Query User{180C3D0D-0D7D-4E93-ABFA-B1AA2B8B4326}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.016\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex00.016\nfsuclient.exe:nfsuclient.exe
"UDP Query User{EE52C356-31CA-49D3-86C5-31EDA7B83272}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.016\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex00.016\nfsuclient.exe:nfsuclient.exe
"TCP Query User{1D19EC40-539C-45A0-B14A-DCBB420D73FB}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex02.807\\nfsuserver.1.0.1.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex02.807\nfsuserver.1.0.1.exe:nfsuserver.1.0.1.exe
"UDP Query User{CA9AA832-14CF-4784-A0E6-A873FBFF2537}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex02.807\\nfsuserver.1.0.1.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex02.807\nfsuserver.1.0.1.exe:nfsuserver.1.0.1.exe
"TCP Query User{F20E1835-AA1E-4A33-B08C-060A5A1C5446}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex04.415\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex04.415\nfsuclient.exe:nfsuclient.exe
"UDP Query User{6CF40273-EF0A-43CA-BAE9-3F47DBD855F9}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex04.415\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex04.415\nfsuclient.exe:nfsuclient.exe
"TCP Query User{926B5B97-4EA8-4604-BA27-469A17E4EC4B}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex05.310\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex05.310\nfsuclient.exe:nfsuclient.exe
"UDP Query User{5584FE3E-B6C3-4B7A-AB1F-2104113C6C2D}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex05.310\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex05.310\nfsuclient.exe:nfsuclient.exe
"{954FA7EB-DF6C-4A27-83D4-C3DCDA96386B}"= UDP:80:LAN-MW
"{78BF540B-9E58-4DB5-B4EC-1F1F72E42DCE}"= UDP:13505:LAN-MW1
"{D3C9E63D-91BA-464F-82A4-C38CB57CB538}"= TCP:3658:LAN-MW3
"{7223C4BC-7C74-4639-A38C-0E3142A8E5E7}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{BE499951-71C5-407D-99B6-89A000F71B29}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"TCP Query User{A3CBBF16-7F14-4671-840B-B7B2A30DFA5C}c:\\program files\\counter-strike 1.6\\hlds.exe"= UDP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
"UDP Query User{FFF9971C-3B60-482F-8B37-04F8133A9C74}c:\\program files\\counter-strike 1.6\\hlds.exe"= TCP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Configurable\System]
"Rip-Listener-1"= TCP:520|%SystemRoot%\System32\svchost.exe|Svc=iprip:@iprip.dll,-200|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
"SNMP-1"= TCP:%SystemRoot%\system32\snmp.exe|Svc=SNMP:@%SystemRoot%\system32\snmp.exe,-5|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"c:\\Program Files\\River Past\\Audio Converter Pro\\AudioConverter.exe"= c:\program files\River Past\Audio Converter Pro\AudioConverter.exe:*:Enabled:River Past Audio Converter Pro
S1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-01-31 111184]
S3 DESVUSB;Dell service driver;c:\windows\System32\drivers\desrvusb.sys [2008-11-30 17536]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [2008-11-30 111616]
S3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [2008-11-30 235648]
S3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [2008-11-30 7424]
S3 WMSvc;Web Management-service;c:\windows\System32\inetsrv\WMSvc.exe [2006-11-02 10752]
S4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [2008-04-16 73728]
S4 Anyplace Control Security;Anyplace Control Security;c:\windows\svcadmin.exe [2008-04-24 104960]
S4 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-01-31 20560]
S4 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-01-31 51792]
S4 deMntrService;Dell AIO Center Service;c:\program files\Dell\MFP_DELL\deMntrService.exe [2007-06-28 131072]
S4 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LPDService REG_MULTI_SZ LPDSVC
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
bthsvcs REG_MULTI_SZ BthServ
.
Inhoud van de 'Gedeelde Taken' map
2009-02-01 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe []
2009-02-01 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2007-08-02 10:20]
2008-12-12 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2007-08-02 10:20]
2009-01-31 c:\windows\Tasks\RegTool Scan.job
- c:\program files\RegTool\RegTool.exe []
2009-01-31 c:\windows\Tasks\RegTool Scan.job
- c:\program files\RegTool []
2009-02-01 c:\windows\Tasks\RegTool Startup.job
- c:\program files\RegTool\RegTool.exe []
.
- - - - ORPHANS VERWIJDERD - - - -
HKLM-RunOnce-<NO NAME> - (no file)
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.games-fusion.net/
mStart Page = hxxp://www.games-fusion.net/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)
FF - prefs.js: browser.startup.homepage - about:blank
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.ftp -
FF - user.js: network.proxy.ftp_port - 0
FF - user.js: network.proxy.gopher -
FF - user.js: network.proxy.gopher_port - 0
FF - user.js: network.proxy.socks_version - 5
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-01 14:09:57
Windows 6.0.6000 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
Voltooingstijd: 2009-02-01 14:12:14
ComboFix-quarantined-files.txt 2009-02-01 13:12:12
ComboFix2.txt 2009-01-31 19:56:04
ComboFix3.txt 2009-01-31 15:19:40
Pre-Run: 75,753,709,568 bytes beschikbaar
Post-Run: 75,725,246,464 bytes beschikbaar
450
-
Hier is het logje bedankt nog, beetje sneller, maar nog niet helemaal. Ik heb nog even die tips gelezen maar die schijfcontrole vind ik niet op vista.
ComboFix 09-01-31.01 - Sofian 2009-01-31 20:51:11.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.2037.889 [GMT 1:00]
Gestart vanuit: c:\users\Sofian\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Sofian\Desktop\CFScript.txt
* Nieuw herstelpunt werd aangemaakt
FILE ::
c:\windows\System32\tmp2AD2.tmp
c:\windows\System32\tmp2B50.tmp
c:\windows\System32\tmp8D14.tmp
c:\windows\System32\tmp8D63.tmp
c:\windows\System32\tmp8EC8.tmp
c:\windows\System32\tmp8F17.tmp
c:\windows\System32\tmpB36E.tmp
c:\windows\System32\tmpB3BD.tmp
c:\windows\System32\tmpC754.tmp
c:\windows\System32\tmpC793.tmp
c:\windows\System32\tmpE4BE.tmp
c:\windows\System32\tmpE53B.tmp
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Sofian\AppData\Roaming\.#
c:\windows\System32\tmp2AD2.tmp
c:\windows\System32\tmp2B50.tmp
c:\windows\System32\tmp8D14.tmp
c:\windows\System32\tmp8D63.tmp
c:\windows\System32\tmp8EC8.tmp
c:\windows\System32\tmp8F17.tmp
c:\windows\System32\tmpB36E.tmp
c:\windows\System32\tmpB3BD.tmp
c:\windows\System32\tmpC754.tmp
c:\windows\System32\tmpC793.tmp
c:\windows\System32\tmpE4BE.tmp
c:\windows\System32\tmpE53B.tmp
.
(((((((((((((((((((( Bestanden Gemaakt van 2008-12-28 to 2009-01-31 ))))))))))))))))))))))))))))))
.
2009-01-31 14:42 . 2009-01-31 14:42 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-31 14:42 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-01-31 14:42 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-01-30 23:41 . 2009-01-30 23:41 <DIR> d-------- c:\program files\Gabest
2009-01-28 21:47 . 2009-01-28 21:47 45 --a------ c:\windows\System32\initdebug.nfo
2009-01-28 18:38 . 2009-01-28 18:41 <DIR> d-------- c:\program files\DivX
2009-01-26 19:08 . 2009-01-26 19:08 <DIR> d-------- c:\program files\Xvid(120)
2009-01-26 18:50 . 2009-01-26 18:50 <DIR> d-------- c:\users\Sofian\AppData\Roaming\BSplayer Pro
2009-01-26 18:50 . 2009-01-26 18:54 <DIR> d-------- c:\users\Sofian\AppData\Roaming\BSplayer
2009-01-26 18:50 . 2009-01-26 18:50 <DIR> d-------- c:\program files\Webteh
2009-01-24 16:40 . 2009-01-24 16:54 <DIR> d-------- c:\program files\AC3Filter
2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\users\Sofian\AppData\Roaming\River Past G5
2009-01-24 16:35 . 2009-01-24 16:47 <DIR> d-------- c:\users\All Users\River Past G5
2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\program files\River Past
2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\program files\Common Files\River Past
2009-01-24 16:35 . 2009-01-24 16:47 <DIR> d-------- c:\progra~2\River Past G5
2009-01-24 16:35 . 2009-01-24 16:35 163,250 --a------ c:\windows\Audio Converter Pro Uninstaller.exe
2009-01-24 16:30 . 2009-01-24 16:32 <DIR> d-------- c:\program files\DoremiSoft
2009-01-24 16:25 . 2009-01-24 16:27 150 --a------ c:\windows\videotoaudio.ini
2009-01-24 16:24 . 2009-01-24 16:24 <DIR> d-------- c:\program files\Crystal Software
2009-01-24 16:24 . 2009-01-24 16:27 5 --a------ c:\windows\System32\SySatw.dat
2009-01-24 16:22 . 2004-12-07 10:11 258,352 --a------ c:\windows\System32\Unicows.dll
2009-01-24 15:28 . 2009-01-04 12:35 31,232 --a------ c:\windows\system\vdremote.dll
2009-01-24 15:28 . 2009-01-04 12:35 25,088 --a------ c:\windows\system\vdsvrlnk.dll
2009-01-24 00:14 . 2006-10-26 19:56 32,592 --a------ c:\windows\System32\msonpmon.dll
2009-01-24 00:01 . 2009-01-27 21:53 <DIR> d-------- c:\users\All Users\Microsoft Help
2009-01-24 00:01 . 2009-01-27 21:53 <DIR> d-------- c:\progra~2\Microsoft Help
2009-01-23 23:57 . 2009-01-23 23:57 <DIR> d-------- c:\users\Sofian\AppData\Roaming\DAEMON Tools Lite
2009-01-23 23:36 . 2006-11-02 10:39 15,821,312 --a------ c:\windows\System32\imageres.dll
2009-01-23 22:30 . 2009-01-24 17:55 <DIR> d-------- c:\users\Sofian\AppData\Roaming\vlc
2009-01-23 22:23 . 2009-01-23 22:24 <DIR> d-------- c:\users\Sofian\AppData\Roaming\MozillaControl
2009-01-23 22:23 . 2009-01-23 22:23 <DIR> d-------- c:\users\All Users\Graboid Inc
2009-01-23 22:23 . 2009-01-23 22:23 <DIR> d-------- c:\progra~2\Graboid Inc
2009-01-23 22:22 . 2009-01-23 22:30 <DIR> d-------- c:\program files\Graboid
2009-01-22 19:11 . 2009-01-22 19:11 <DIR> d-------- c:\users\All Users\TechSmith
2009-01-22 19:11 . 2009-01-22 19:11 <DIR> d-------- c:\progra~2\TechSmith
2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\windows\System32\QuickTime
2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\program files\TechSmith
2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\program files\Common Files\TechSmith Shared
2009-01-22 19:08 . 2008-07-10 14:56 107,864 --a------ c:\windows\System32\tsccvid.dll
2009-01-20 19:57 . 2009-01-20 20:46 <DIR> d-------- c:\users\Sofian\AppData\Roaming\SmartDraw
2009-01-19 21:34 . 2009-01-20 19:13 <DIR> d-------- c:\program files\Linguistic Systems
2009-01-18 19:25 . 2009-01-30 23:18 21,840 --a----t- c:\windows\System32\SIntfNT.dll
2009-01-18 19:25 . 2009-01-30 23:18 17,212 --a----t- c:\windows\System32\SIntf32.dll
2009-01-18 19:25 . 2009-01-30 23:18 12,067 --a----t- c:\windows\System32\SIntf16.dll
2009-01-18 17:08 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll
2009-01-18 17:08 . 2006-11-29 13:06 440,080 --a------ c:\windows\System32\d3dx10.dll
2009-01-18 17:08 . 2006-12-08 12:02 251,672 --a------ c:\windows\System32\xactengine2_5.dll
2009-01-18 00:25 . 2009-01-18 00:25 <DIR> d-------- c:\program files\Paint.NET
2009-01-16 18:54 . 2009-01-16 20:42 <DIR> d-------- c:\program files\Counter-Strike Source
2009-01-11 13:47 . 2009-01-11 13:54 <DIR> d-------- c:\users\Sofian\AppData\Roaming\RegTool
2009-01-02 21:42 . 2009-01-02 21:42 <DIR> d-------- c:\program files\GameSpy3D
2009-01-01 15:24 . 2009-01-01 15:24 103,736 --a------ c:\windows\System32\PnkBstrB.exe
2009-01-01 15:24 . 2009-01-01 15:24 22,328 --a------ c:\windows\System32\drivers\PnkBstrK.sys
2008-12-27 20:07 . 2008-12-27 20:07 <DIR> d-------- c:\users\Sofian\AppData\Roaming\OpenOffice.org
2008-12-26 13:57 . 2008-12-26 13:57 98,304 --a------ c:\windows\System32\CmdLineExt.dll
2008-12-26 13:54 . 2008-12-26 13:54 <DIR> d-------- c:\program files\Empire Interactive
2008-12-24 17:48 . 2008-12-24 17:48 <DIR> d-------- c:\windows\SWAT 4
2008-12-24 17:48 . 2008-12-24 18:15 <DIR> d-------- c:\program files\SWAT 4
2008-12-24 17:17 . 2008-12-25 18:20 <DIR> d-------- c:\program files\AlerteGPS
2008-12-24 11:30 . 2008-12-24 11:30 <DIR> d-------- c:\program files\OpenOffice.org 3
2008-12-24 11:30 . 2008-12-24 11:30 <DIR> d-------- c:\program files\JRE
2008-12-24 11:14 . 2008-12-24 11:14 <DIR> d-------- c:\program files\Common Files\Java
2008-12-20 19:45 . 2009-01-18 13:49 <DIR> d-------- c:\program files\Steam
2008-12-20 19:45 . 2009-01-18 13:47 <DIR> d-------- c:\program files\Common Files\Steam
2008-12-19 18:57 . 2009-01-27 18:36 <DIR> d-------- c:\program files\WarRock
2008-12-17 18:22 . 2008-12-17 18:22 109,080 --a------ c:\windows\System32\OpenAL32.dll
2008-12-17 17:57 . 2008-12-17 18:22 444,952 --a------ c:\windows\System32\wrap_oal.dll
2008-12-17 16:48 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmp1644.tmp
2008-12-17 16:02 . 2008-12-17 16:02 <DIR> d-------- c:\program files\Codemasters
2008-12-17 13:57 . 2008-12-28 16:57 <DIR> d-------- c:\program files\Live For Speed
2008-12-17 13:06 . 2008-12-17 13:06 <DIR> d-------- c:\users\All Users\Codemasters
2008-12-17 13:06 . 2008-12-17 13:06 <DIR> d-------- c:\progra~2\Codemasters
2008-12-17 11:17 . 2008-01-02 16:37 188,416 --a------ c:\windows\System32\igfxres.dll
2008-12-16 22:03 . 2008-12-16 22:03 <DIR> d-------- c:\program files\OpenAL
2008-12-14 19:00 . 2008-12-14 19:00 <DIR> d-------- c:\users\All Users\Yahoo!
2008-12-14 19:00 . 2008-12-14 19:00 <DIR> d-------- c:\progra~2\Yahoo!
2008-12-14 18:59 . 2008-12-14 18:59 <DIR> d-------- c:\users\Sofian\AppData\Roaming\Yahoo!
2008-12-14 18:59 . 2008-12-14 18:59 <DIR> d-------- c:\users\All Users\Yahoo! Companion
2008-12-14 18:59 . 2008-12-14 18:59 <DIR> d-------- c:\progra~2\Yahoo! Companion
2008-12-12 11:59 . 2008-12-12 11:59 <DIR> d-------- c:\windows\System32\Profiles
2008-12-11 21:57 . 2008-12-11 21:57 <DIR> dr------- c:\windows\System32\config\systemprofile\Music
2008-12-11 21:54 . 2008-12-11 21:54 <DIR> d-------- c:\program files\LimeWire
2008-12-11 20:51 . 2008-12-11 20:51 <DIR> d-------- c:\windows\RegCure
2008-12-11 20:51 . 2008-12-11 20:52 <DIR> d-------- c:\program files\RegCure
2008-12-10 23:00 . 2008-12-10 23:00 2,608 --a------ c:\windows\System32\settings.aaw
2008-12-10 23:00 . 2008-12-10 23:00 1,712 --a------ c:\windows\System32\history.aaw
2008-12-10 22:29 . 2008-12-10 22:29 2,252,288 --a------ c:\windows\System32\msi.dll
2008-12-10 22:29 . 2008-12-10 22:29 332,800 --a------ c:\windows\System32\msihnd.dll
2008-12-10 22:29 . 2008-12-10 22:29 73,216 --a------ c:\windows\System32\msiexec.exe
2008-12-10 22:29 . 2008-12-10 22:29 2,560 --a------ c:\windows\System32\msimsg.dll
2008-12-10 13:36 . 2008-12-10 13:36 <DIR> d-------- c:\program files\Common Files\Futuremark Shared
2008-12-10 12:32 . 2008-12-10 12:32 <DIR> d-------- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab
2008-12-09 22:47 . 2008-12-09 22:47 <DIR> d-------- c:\users\Sofian\AppData\Roaming\Desktopicon
2008-12-09 22:35 . 2008-12-09 22:34 410,984 --a------ c:\windows\System32\deploytk.dll
2008-12-09 22:21 . 2009-01-07 22:18 <DIR> d-------- c:\program files\CCleaner
2008-12-09 16:40 . 2008-12-16 22:07 <DIR> d-------- c:\program files\Cool Beans NFO Creator
2008-12-08 20:05 . 2008-12-08 20:05 4,608 --a------ c:\windows\System32\temp.001
2008-12-08 16:47 . 2008-12-08 16:47 <DIR> d-------- c:\windows\PCHEALTH
2008-12-06 22:49 . 2008-12-06 22:49 <DIR> d-------- c:\windows\Midnight Club 2
2008-12-06 22:49 . 2009-01-31 11:15 <DIR> d-------- c:\program files\Midnight Club 2
2008-12-06 18:21 . 2008-12-06 18:21 <DIR> d-------- c:\windows\System32\Futuremark
2008-12-05 17:44 . 2008-12-05 17:44 <DIR> d-------- c:\program files\Electronic Arts
2008-12-05 17:44 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\System32\d3dx9_34.dll
2008-12-05 17:44 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\System32\D3DCompiler_34.dll
2008-12-05 17:44 . 2007-05-16 16:45 443,752 --a------ c:\windows\System32\d3dx10_34.dll
2008-12-05 17:44 . 2007-06-20 20:46 266,088 --a------ c:\windows\System32\xactengine2_8.dll
2008-12-05 17:44 . 2007-04-04 18:55 261,480 --a------ c:\windows\System32\xactengine2_7.dll
2008-12-05 17:43 . 2007-01-24 15:27 255,848 --a------ c:\windows\System32\xactengine2_6.dll
2008-12-05 17:43 . 2007-03-05 12:42 15,128 --a------ c:\windows\System32\x3daudio1_1.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-30 22:44 --------- d-----w c:\program files\ffdshow
2009-01-30 19:23 --------- d-----w c:\users\Sofian\AppData\Roaming\Hamachi
2009-01-27 22:47 --------- d-----w c:\users\Sofian\AppData\Roaming\uTorrent
2009-01-27 21:11 --------- d-----w c:\program files\dvdSanta
2009-01-27 20:52 --------- d-----w c:\program files\Microsoft Works
2009-01-27 20:49 --------- d-----w c:\program files\MSBuild
2009-01-27 17:36 --------- d-----w c:\program files\Xvid
2009-01-27 17:36 --------- d-----w c:\program files\Sigmatel
2009-01-27 17:25 --------- d-----w c:\users\Sofian\AppData\Roaming\LimeWire
2009-01-27 17:23 --------- d-----w c:\program files\Java
2009-01-27 17:22 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-27 17:07 --------- d-----w c:\program files\Intel
2009-01-27 16:01 --------- d-----w c:\program files\Dell
2009-01-24 19:45 --------- d-----w c:\program files\Pegasys Inc
2009-01-20 20:04 3,036 --sha-w c:\windows\System32\KGyGaAvL.sys
2009-01-20 20:04 --------- d-----w c:\users\Sofian\AppData\Roaming\Corel
2009-01-20 16:14 --------- d-----w c:\users\Sofian\AppData\Roaming\Pegasys Inc
2009-01-18 18:26 --------- d-----w c:\program files\Disney Interactive
2009-01-18 16:27 --------- d-----w c:\program files\Activision
2009-01-18 16:09 --------- d-----w c:\users\Sofian\AppData\Roaming\Activision
2009-01-18 16:09 --------- d-----w c:\progra~2\Activision
2009-01-16 16:02 --------- d-----w c:\program files\Counter-Strike 1.6
2009-01-09 17:24 --------- d-----w c:\users\Sofian\AppData\Roaming\MailWasherPro
2009-01-07 18:10 --------- d-----w c:\program files\Mozilla Thunderbird
2009-01-04 17:45 --------- d-----w c:\progra~2\Roxio
2009-01-01 14:24 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2008-12-31 18:54 --------- d-----w c:\program files\StuffPlug3
2008-12-24 10:13 --------- d-----w c:\users\Sofian\AppData\Roaming\OpenOffice.org2
2008-12-18 11:38 --------- d-----w c:\program files\PES 2009
2008-12-16 21:14 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-12-14 18:11 --------- d-----w c:\users\Sofian\AppData\Roaming\Webcammax
2008-12-14 17:59 --------- d-----w c:\program files\Yahoo!
2008-12-09 21:27 --------- d-----w c:\progra~2\Spybot - Search & Destroy
2008-12-08 19:05 73,216 ----a-w c:\windows\ST6UNST.EXE
2008-12-08 19:05 249,856 ------w c:\windows\Setup1.exe
2008-12-08 19:05 --------- d-----w c:\program files\vbNFSMWMegaTrainer
2008-11-30 17:10 --------- d-----w c:\progra~2\Ubisoft
2008-11-30 14:46 22,328 ----a-w c:\users\Sofian\AppData\Roaming\PnkBstrK.sys
2008-11-30 14:21 --------- d-----w c:\program files\Hamachi
2008-11-30 14:20 25,280 ----a-w c:\windows\system32\drivers\hamachi.sys
2008-11-30 08:39 51,224 ----a-w c:\windows\System32\wuauclt.exe
2008-11-30 08:39 43,544 ----a-w c:\windows\System32\wups2.dll
2008-11-30 08:39 1,809,944 ----a-w c:\windows\System32\wuaueng.dll
2008-11-30 08:39 1,524,736 ----a-w c:\windows\System32\wucltux.dll
2008-11-30 08:38 83,456 ----a-w c:\windows\System32\wudriver.dll
2008-11-30 08:38 561,688 ----a-w c:\windows\System32\wuapi.dll
2008-11-30 08:38 34,328 ----a-w c:\windows\System32\wups.dll
2008-11-30 08:38 31,232 ----a-w c:\windows\System32\wuapp.exe
2008-11-30 08:38 162,064 ----a-w c:\windows\System32\wuwebv.dll
2008-11-30 08:35 --------- d-sh--w c:\progra~2\Sjablonen
2008-11-30 08:35 --------- d-sh--w c:\progra~2\Menu Start
2008-11-30 08:35 --------- d-sh--w c:\progra~2\Favorieten
2008-11-30 08:35 --------- d-sh--w c:\progra~2\Documenten
2008-11-30 08:35 --------- d-sh--w c:\progra~2\Bureaublad
2008-11-30 01:00 --------- d-----w c:\users\Sofian\AppData\Roaming\mIRC
2008-11-30 00:48 --------- dc-h--w c:\progra~2\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-30 00:48 --------- d-----w c:\progra~2\WLInstaller
2008-11-30 00:48 --------- d-----w c:\progra~2\Uninstall
2008-11-30 00:48 --------- d-----w c:\progra~2\Ulead Systems
2008-11-30 00:48 --------- d-----w c:\progra~2\SupportSoft
2008-11-30 00:48 --------- d-----w c:\progra~2\Stardock
2008-11-30 00:48 --------- d-----w c:\progra~2\Sonic
2008-11-30 00:48 --------- d-----w c:\progra~2\SlySoft
2008-11-30 00:48 --------- d-----w c:\progra~2\ScanSoft
2008-11-30 00:48 --------- d-----w c:\progra~2\PC Drivers HeadQuarters
2008-11-30 00:48 --------- d-----w c:\progra~2\PassMark
2008-11-30 00:48 --------- d-----w c:\progra~2\Office Genuine Advantage
2008-11-30 00:48 --------- d-----w c:\progra~2\My Music
2008-11-30 00:40 --------- d-----w c:\program files\uTorrent
2008-11-30 00:40 --------- d-----w c:\program files\Uniblue
2008-11-30 00:40 --------- d-----w c:\program files\Trend Micro
2008-11-30 00:40 --------- d-----w c:\program files\Thrustmaster
2008-11-30 00:40 --------- d-----w c:\program files\SystemRequirementsLab
2008-11-30 00:40 --------- d-----w c:\program files\SubSync
2008-11-30 00:40 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-30 00:39 --------- d-----w c:\program files\SlySoft
2008-11-30 00:39 --------- d-----w c:\program files\SetPoint
2008-11-30 00:39 --------- d-----w c:\program files\SEGA
2008-11-30 00:39 --------- d-----w c:\program files\ScanSoft
2008-11-30 00:39 --------- d-----w c:\program files\Sanny Builder 3
2008-11-30 00:39 --------- d-----w c:\program files\San Andreas Mod Installer
2008-11-30 00:39 --------- d-----w c:\program files\Samsung
2008-11-30 00:39 --------- d-----w c:\program files\Roxio
2008-11-30 00:38 --------- d-----w c:\program files\Rockstar Games
2008-11-30 00:38 --------- d-----w c:\program files\Reallusion
2008-11-30 00:38 --------- d-----w c:\program files\QuickTime
2008-11-30 00:38 --------- d-----w c:\program files\PowerISO
2008-11-30 00:38 --------- d-----w c:\program files\PortTrigger
2008-11-30 00:38 --------- d-----w c:\program files\Participatory Culture Foundation
2008-11-30 00:36 --------- d-----w c:\program files\gPotato
2008-11-30 00:34 --------- d-----w c:\program files\Google Earth Pro 4.2
2008-11-30 00:34 --------- d-----w c:\program files\Google
2008-11-30 00:34 --------- d-----w c:\program files\Folder Lock
2008-11-30 00:34 --------- d-----w c:\program files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2008-11-30 00:34 --------- d-----w c:\program files\FireTrust
2008-11-30 00:34 --------- d-----w c:\program files\FIFA09
2008-11-30 00:33 --------- d-----w c:\program files\EZ Boosters
2008-11-30 00:32 --------- d-----w c:\program files\EA Sports
2008-11-30 00:32 --------- d-----w c:\program files\EA GAMES
2008-11-30 00:32 --------- d-----w c:\program files\DVDVideoSoft
2008-04-15 23:28 76 --sha-w c:\windows\CT4CET.bin
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\voipbuster.exe" [2008-11-24 9017648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"DeStatusMon"="c:\program files\Dell\MFP_DELL\deDvcStatus.exe" [2007-06-28 286720]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-03-12 79400]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-09 136600]
"Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2007-03-21 478800]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-11 c:\windows\KHALMNPR.Exe]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-04-16 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-09-07 1180952]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-991331777-2378318461-4560006-1000]
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"UDP Query User{5CC58DDD-6000-4FB3-A854-7241EBE4C5CB}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= TCP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:TP_Win32
"TCP Query User{54834E1A-4F46-47D1-91AA-6AFB388A49A3}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= UDP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:TP_Win32
"UDP Query User{A3111D06-F8A6-4033-9D01-E0865EAEB4D9}c:\\program files\\valve\\counter-strike source\\hl2.exe"= TCP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"TCP Query User{9293FB58-0420-4115-A49E-A2976C1B3564}c:\\program files\\valve\\counter-strike source\\hl2.exe"= UDP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"{D346D765-9524-49F4-BDED-DDB16AE73879}"= TCP:c:\windows\System32\mqsvc.exe:Message Queuing
"{45A90E50-5152-4959-8E7F-7E7EF4F7424A}"= UDP:c:\windows\System32\mqsvc.exe:Message Queuing
"{1D9069E9-375D-44A0-9CC2-400255F8CE78}"= TCP:c:\windows\System32\mqsvc.exe:Message Queuing
"{63477523-E780-4425-82C0-55FFAA497F10}"= UDP:c:\windows\System32\mqsvc.exe:Message Queuing
"UDP Query User{1C7BFDF9-B75E-43EC-B6BB-E8A9D0B7D71D}c:\\program files\\dna\\btdna.exe"= TCP:c:\program files\dna\btdna.exe:DNA
"TCP Query User{3CA1B8DB-15AF-4500-8464-89652E56CCDD}c:\\program files\\dna\\btdna.exe"= UDP:c:\program files\dna\btdna.exe:DNA
"{ED40C921-0241-41BA-9728-57E557C93C9E}"= TCP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{D2FCE9FF-BA9C-4637-81C6-5E482A64F5AE}"= UDP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{6B4496AF-FC00-4791-BFBA-2A8BBB254869}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"UDP Query User{E5B9A067-7D56-4164-962D-4FC016F75802}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{FFE6709D-E020-4886-8070-432D9ADD0FAE}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{3245B40A-F081-4386-8E3A-2289A2C6614F}c:\\program files\\counter-strike 1.6\\hlds.exe"= TCP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
"TCP Query User{C96B2973-710E-48B9-A8F9-B91A6F5DCC36}c:\\program files\\counter-strike 1.6\\hlds.exe"= UDP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
"UDP Query User{E51EBB21-CF5E-4D83-9AA2-2D8C282E9AC6}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"TCP Query User{3656B3D5-B7C1-45B2-998F-56B20C9E9581}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{2879B1FB-70EE-47C4-8654-8A1DC1DF0DFD}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"TCP Query User{9A526FB3-485C-4E94-B333-92CE71217FED}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{514D414F-BEC6-4BEF-9EE9-7E68D1A05CEF}c:\\users\\sofian\\appdata\\roaming\\mozilla\\firefox\\profiles\\yo9qwklf.default\\extensions\\solidstateion@solidstatenetworks.com\\plugins\\solidnm.exe"= TCP:c:\users\sofian\appdata\roaming\mozilla\firefox\profiles\yo9qwklf.default\extensions\solidstateion@solidstatenetworks.com\plugins\solidnm.exe:solidnm.exe
"TCP Query User{55A58C11-6386-4375-88C1-005F988E9E3D}c:\\users\\sofian\\appdata\\roaming\\mozilla\\firefox\\profiles\\yo9qwklf.default\\extensions\\solidstateion@solidstatenetworks.com\\plugins\\solidnm.exe"= UDP:c:\users\sofian\appdata\roaming\mozilla\firefox\profiles\yo9qwklf.default\extensions\solidstateion@solidstatenetworks.com\plugins\solidnm.exe:solidnm.exe
"UDP Query User{8CF5866F-A838-4FB1-A9C1-8938F237C422}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{989B7C13-1290-44EF-9FBC-842CA0D14D81}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{A5EB80E9-95C2-46DA-A037-73A2764FAC35}c:\\program files\\fifa09\\fifa09.exe"= TCP:c:\program files\fifa09\fifa09.exe:FIFA09
"TCP Query User{FD7024AD-BD7F-4F6E-9614-16B288759DAC}c:\\program files\\fifa09\\fifa09.exe"= UDP:c:\program files\fifa09\fifa09.exe:FIFA09
"{238E3750-1BF9-4C39-91C5-2FE52CB02AB9}"= TCP:c:\users\Sofian\AppData\Local\Temp\IXP000.TMP\pes2009.exe:Pro Evolution Soccer 2009
"{2D0DFF56-FE02-46CA-B338-8A03C162B8CD}"= UDP:c:\users\Sofian\AppData\Local\Temp\IXP000.TMP\pes2009.exe:Pro Evolution Soccer 2009
"{5A873637-D304-44AD-B6B7-D92CAC9CB7A7}"= TCP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{71F6CAC2-2793-4B81-9419-D0E6CDE27018}"= UDP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"UDP Query User{3BA73912-EFBC-445F-9FED-48D4C32F0E70}c:\\users\\sofian\\program files\\dna\\btdna.exe"= TCP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"TCP Query User{B16AEDBA-9399-48CB-9528-0E76A6C6EBAB}c:\\users\\sofian\\program files\\dna\\btdna.exe"= UDP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"UDP Query User{56B32E8E-6D7C-4E4D-BEAA-4143D683FA87}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{7C790108-0887-4C66-AAA4-242BC76667BC}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"{FB7012F6-A0C8-4829-841C-5485A6D7DD44}"= UDP:443:Utorrent
"UDP Query User{4BA4EECA-D8F9-4C97-B7B4-0EA7AEFDB223}c:\\users\\sofian\\program files\\dna\\btdna.exe"= TCP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"TCP Query User{961E0236-D718-46B2-A522-505DBFF4766D}c:\\users\\sofian\\program files\\dna\\btdna.exe"= UDP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"UDP Query User{0C2368A4-D8F1-4A43-9E5A-720E391B0D21}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{2EBC57E7-8E14-4963-84BC-D5B70D7B3084}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{CC6F7951-1541-4A49-B98E-6908AD7BC79B}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{657A9266-4CFF-48EC-841D-F69665BBED93}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{6BFA36F6-AD9B-49D6-B501-B2A139A00C84}c:\\program files\\rockstar games\\gta san andreas\\samp server\\samp-server.exe"= TCP:c:\program files\rockstar games\gta san andreas\samp server\samp-server.exe:samp-server
"TCP Query User{D8D696A3-E7E5-469F-B882-07C23402EDDF}c:\\program files\\rockstar games\\gta san andreas\\samp server\\samp-server.exe"= UDP:c:\program files\rockstar games\gta san andreas\samp server\samp-server.exe:samp-server
"UDP Query User{AC851BC4-9C86-4F06-8029-6C6050F73632}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{160A1F8E-75C0-4671-B13D-59C5ABD16251}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{D29620AC-3F93-49AA-B939-DFDCF0B35107}c:\\program files\\voipbuster.com\\voipbuster\\voipbuster.exe"= TCP:c:\program files\voipbuster.com\voipbuster\voipbuster.exe:Client to make VoIP calls.
"TCP Query User{2F1BC6CC-18FB-4243-87D2-2C9B93CAEAFF}c:\\program files\\voipbuster.com\\voipbuster\\voipbuster.exe"= UDP:c:\program files\voipbuster.com\voipbuster\voipbuster.exe:Client to make VoIP calls.
"UDP Query User{474CF4C1-C100-466E-B971-BD205B60E352}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.814\\gtarumbleserver.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex00.814\gtarumbleserver.exe:gtarumbleserver.exe
"TCP Query User{94D1A7BD-96D7-4473-8B89-8A4238224449}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.814\\gtarumbleserver.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex00.814\gtarumbleserver.exe:gtarumbleserver.exe
"UDP Query User{646FBDC6-C40B-444A-B597-427E6A6E7A80}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{A83BBA09-E270-48AB-879E-DE2A1FBD94E4}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"{59D77588-33BF-4B97-B10A-4897EB53AFE0}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{803E39F7-78B8-4684-99C0-0C2CB8BD4CFC}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"UDP Query User{21CC4C73-8569-45EE-997D-124B256FAAEA}c:\\users\\sofian\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= Disabled:TCP:c:\users\sofian\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"TCP Query User{22196733-FEDE-4DA5-83FC-DACF7CC96061}c:\\users\\sofian\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\sofian\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"UDP Query User{DEC548EE-2047-4C50-8BFF-CDAC46870652}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex35.8289\\patch.exe"= Disabled:TCP:c:\users\sofian\appdata\local\temp\rar$ex35.8289\patch.exe:patch.exe
"TCP Query User{3614CF16-7F8A-4004-8E05-3F400E4B5E3E}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex35.8289\\patch.exe"= Disabled:UDP:c:\users\sofian\appdata\local\temp\rar$ex35.8289\patch.exe:patch.exe
"UDP Query User{F18437DC-9F41-4383-9AD6-C1A60988DDCC}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex13.6771\\patch.exe"= Disabled:TCP:c:\users\sofian\appdata\local\temp\rar$ex13.6771\patch.exe:patch.exe
"TCP Query User{224A609B-63B2-467B-912D-A681AE74AD6E}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex13.6771\\patch.exe"= Disabled:UDP:c:\users\sofian\appdata\local\temp\rar$ex13.6771\patch.exe:patch.exe
"UDP Query User{C0E29B39-C25C-4FEF-A656-39E7F33E74BD}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"TCP Query User{8437116C-045A-4735-BA3A-C780755848AF}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{8CE7B374-7E44-412D-B4E4-D6AA7886F43F}c:\\program files\\mta san andreas\\server\\mta server.exe"= TCP:c:\program files\mta san andreas\server\mta server.exe:MTA Server
"TCP Query User{B36A7935-97DA-4F7A-AB71-CDBCFECAF281}c:\\program files\\mta san andreas\\server\\mta server.exe"= UDP:c:\program files\mta san andreas\server\mta server.exe:MTA Server
"{F2923331-22E1-4E05-8FD4-EED852780340}"= TCP:c:\program files\Hide IP Platinum\hideippla.exe:Hide IP Platinum
"{A645F9A2-9908-4313-8B14-70924656A8B9}"= UDP:c:\program files\Hide IP Platinum\hideippla.exe:Hide IP Platinum
"UDP Query User{324774FA-B894-4D94-962F-0FA0D38BCBBE}c:\\program files\\ea sports\\fifa 08\\fifa08.exe"= TCP:c:\program files\ea sports\fifa 08\fifa08.exe:FIFA08
"TCP Query User{0103AA03-8BA7-4D39-99CA-4EB76E0F2FDB}c:\\program files\\ea sports\\fifa 08\\fifa08.exe"= UDP:c:\program files\ea sports\fifa 08\fifa08.exe:FIFA08
"UDP Query User{D591E3CB-061E-47F3-A798-60851B935FFC}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{D8034389-8DA4-4336-9F4F-05DC5D6D933C}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{27CA4F2C-F4A8-4CCB-B37A-58D91CDA187B}c:\\windows\\system32\\zonelabs\\vsmon.exe"= TCP:c:\windows\system32\zonelabs\vsmon.exe:TrueVector Service
"TCP Query User{09B71C24-C278-4CEE-A07D-A85FAC53D66F}c:\\windows\\system32\\zonelabs\\vsmon.exe"= UDP:c:\windows\system32\zonelabs\vsmon.exe:TrueVector Service
"{A694356B-DCE6-46B4-81C9-7F1BF6E8D0BD}"= TCP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"{D6E0B432-B38F-4604-9C66-E8DBD0D26D85}"= UDP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"UDP Query User{081DF3A1-A737-4B1A-8E2F-3ED3191946D9}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{74E35358-40CC-48B1-8254-B8B0DE21EC20}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{9E78BC5B-6B79-4A83-B420-F4FFC1C824B9}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{3A67AA1E-2903-46CF-AFB3-13EDE809CC1C}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{3E3F2425-7523-4869-BF0B-948EE453792B}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{1E068C53-2CF4-45B3-B8D6-D5D2C758CC47}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{A60A5777-3712-4781-909A-E562EC13F6AB}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{1850859D-E62C-4D16-A780-4968346CA9C4}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"UDP Query User{E7EDA855-37AB-4B36-8022-BACE3FC8ADA0}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= TCP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:tp_win32
"TCP Query User{B233138C-50A1-4A52-A313-9863D95F0E53}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= UDP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:tp_win32
"{44532AF2-7C13-40D8-9DD2-BD9B00FAC573}"= TCP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"{CD223108-C909-4C5F-A619-812D6AD86666}"= UDP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"{9AC21C58-6565-4B09-A236-1C6E53E234D8}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{11B576E1-B887-47A7-A55D-9EDD18EFE2C6}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{F8E3F7D3-F590-4016-9007-3EAE21EAA446}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{369C3E79-E41A-44B4-A978-2B93CFF0CE3C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DDB069C9-E320-4264-9A6D-6EC50BF098F3}"= TCP:c:\users\Sofian\Program Files\uTorrent\uTorrent.exe:µTorrent
"{3522FAAA-E7CC-4D52-8A11-379115C6D72E}"= UDP:c:\users\Sofian\Program Files\uTorrent\uTorrent.exe:µTorrent
"{C54D7D3B-57AF-4522-89AA-159E577773D0}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{3DB6E3AB-1D74-4F00-A772-795E4A26D6D8}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{3CABAA43-9F86-4D02-AB76-8FE8F562D6AD}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{D874EB75-B187-4F66-9E24-8BDB71152578}"= c:\program files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect
"{B47A655A-053C-4B47-BC89-646ACA1D9DF1}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{149CA782-81E2-49E4-B14A-D23BCA105DAC}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{AEC7333B-4641-4907-A68C-64304FC929E1}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{6F77D1F2-B3BB-40F5-B0CC-1A129BBEBB37}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{98FAEA70-FFDF-4465-9FED-0D9E424E96CC}c:\\program files\\rainbow six vegas\\binaries\\r6vegas2_game.exe"= UDP:c:\program files\rainbow six vegas\binaries\r6vegas2_game.exe:R6Vegas2_Game
"UDP Query User{06AF7056-339E-4B4B-ACED-28D9AED1B00A}c:\\program files\\rainbow six vegas\\binaries\\r6vegas2_game.exe"= TCP:c:\program files\rainbow six vegas\binaries\r6vegas2_game.exe:R6Vegas2_Game
"{A72FA228-4027-4C09-9E5D-16CCCADDE895}"= UDP:27015:cs
"{6F58EE41-EE56-466A-811E-B91231C6B098}"= TCP:27015:cs2
"TCP Query User{89D619DA-8462-47D2-B87A-F65465542D13}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{81D927CC-9991-4D31-BA21-F5D597770B4C}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{CF28231D-A4AB-4EC6-A8A1-3435FEDA5975}c:\\program files\\free download manager\\fdm.exe"= UDP:c:\program files\free download manager\fdm.exe:Free Download Manager
"UDP Query User{467F41AF-99A6-455D-B1B2-CE2308C3AE3D}c:\\program files\\free download manager\\fdm.exe"= TCP:c:\program files\free download manager\fdm.exe:Free Download Manager
"TCP Query User{8A7D27FA-DA13-49A0-A28C-6CEA99A48ED0}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= UDP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"UDP Query User{1AFCE24B-B976-41BB-8277-5EF44F459ADD}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= TCP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"TCP Query User{B8B3C1A0-DAAC-4EE9-A6F9-64EAF9419DE5}c:\\program files\\midnight club 2\\mc2.exe"= UDP:c:\program files\midnight club 2\mc2.exe:mc2
"UDP Query User{6A29C6CE-3831-4646-B400-5F783BCAEACD}c:\\program files\\midnight club 2\\mc2.exe"= TCP:c:\program files\midnight club 2\mc2.exe:mc2
"{B9BC18A5-EFE4-46EB-AC93-72A2B6F801D7}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{18CEC237-0B76-4515-BE32-0C100FEC6D86}c:\\program files\\midnight club 2\\mc2.exe"= UDP:c:\program files\midnight club 2\mc2.exe:mc2
"UDP Query User{148526E6-35AA-46C0-884C-A31AA5BBEAB9}c:\\program files\\midnight club 2\\mc2.exe"= TCP:c:\program files\midnight club 2\mc2.exe:mc2
"TCP Query User{D761FCBC-4F47-4BFE-BFE4-42DF050F1529}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{32E24C83-E7F4-44A1-B755-B8F8F20D4A0E}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"TCP Query User{9BDB6799-E480-4523-BB34-7599B7A3C00F}c:\\program files\\valve\\counter-strike source\\hl2.exe"= UDP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"UDP Query User{DC5F9973-99AE-45C3-926A-6016CA54FA07}c:\\program files\\valve\\counter-strike source\\hl2.exe"= TCP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"TCP Query User{180C3D0D-0D7D-4E93-ABFA-B1AA2B8B4326}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.016\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex00.016\nfsuclient.exe:nfsuclient.exe
"UDP Query User{EE52C356-31CA-49D3-86C5-31EDA7B83272}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.016\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex00.016\nfsuclient.exe:nfsuclient.exe
"TCP Query User{1D19EC40-539C-45A0-B14A-DCBB420D73FB}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex02.807\\nfsuserver.1.0.1.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex02.807\nfsuserver.1.0.1.exe:nfsuserver.1.0.1.exe
"UDP Query User{CA9AA832-14CF-4784-A0E6-A873FBFF2537}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex02.807\\nfsuserver.1.0.1.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex02.807\nfsuserver.1.0.1.exe:nfsuserver.1.0.1.exe
"TCP Query User{F20E1835-AA1E-4A33-B08C-060A5A1C5446}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex04.415\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex04.415\nfsuclient.exe:nfsuclient.exe
"UDP Query User{6CF40273-EF0A-43CA-BAE9-3F47DBD855F9}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex04.415\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex04.415\nfsuclient.exe:nfsuclient.exe
"TCP Query User{926B5B97-4EA8-4604-BA27-469A17E4EC4B}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex05.310\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex05.310\nfsuclient.exe:nfsuclient.exe
"UDP Query User{5584FE3E-B6C3-4B7A-AB1F-2104113C6C2D}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex05.310\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex05.310\nfsuclient.exe:nfsuclient.exe
"{954FA7EB-DF6C-4A27-83D4-C3DCDA96386B}"= UDP:80:LAN-MW
"{78BF540B-9E58-4DB5-B4EC-1F1F72E42DCE}"= UDP:13505:LAN-MW1
"{D3C9E63D-91BA-464F-82A4-C38CB57CB538}"= TCP:3658:LAN-MW3
"{7223C4BC-7C74-4639-A38C-0E3142A8E5E7}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{BE499951-71C5-407D-99B6-89A000F71B29}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"TCP Query User{A3CBBF16-7F14-4671-840B-B7B2A30DFA5C}c:\\program files\\counter-strike 1.6\\hlds.exe"= UDP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
"UDP Query User{FFF9971C-3B60-482F-8B37-04F8133A9C74}c:\\program files\\counter-strike 1.6\\hlds.exe"= TCP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Configurable\System]
"Rip-Listener-1"= TCP:520|%SystemRoot%\System32\svchost.exe|Svc=iprip:@iprip.dll,-200|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
"SNMP-1"= TCP:%SystemRoot%\system32\snmp.exe|Svc=SNMP:@%SystemRoot%\system32\snmp.exe,-5|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"c:\\Program Files\\River Past\\Audio Converter Pro\\AudioConverter.exe"= c:\program files\River Past\Audio Converter Pro\AudioConverter.exe:*:Enabled:River Past Audio Converter Pro
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [2008-11-30 111616]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [2008-11-30 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [2008-11-30 7424]
R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [2008-04-16 73728]
R4 deMntrService;Dell AIO Center Service;c:\program files\Dell\MFP_DELL\deMntrService.exe [2007-06-28 131072]
R4 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016]
S3 DESVUSB;Dell service driver;c:\windows\System32\drivers\desrvusb.sys [2008-11-30 17536]
S3 WMSvc;Web Management-service;c:\windows\System32\inetsrv\WMSvc.exe [2006-11-02 10752]
S4 Anyplace Control Security;Anyplace Control Security;c:\windows\svcadmin.exe [2008-04-24 104960]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LPDService REG_MULTI_SZ LPDSVC
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
bthsvcs REG_MULTI_SZ BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1d54b09-be71-11dd-b2e0-806e6f6e6963}]
\shell\AutoRun\command - E:\Autorun.exe
\shell\start\command - \Autorun.exe
.
Inhoud van de 'Gedeelde Taken' map
2009-01-31 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe []
2009-01-31 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2007-08-02 10:20]
2008-12-12 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2007-08-02 10:20]
2009-01-31 c:\windows\Tasks\RegTool Scan.job
- c:\program files\RegTool\RegTool.exe []
2009-01-31 c:\windows\Tasks\RegTool Scan.job
- c:\program files\RegTool []
2009-01-31 c:\windows\Tasks\RegTool Startup.job
- c:\program files\RegTool\RegTool.exe []
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.games-fusion.net/
mStart Page = hxxp://www.games-fusion.net/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)
FF - prefs.js: browser.startup.homepage - about:blank
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.ftp -
FF - user.js: network.proxy.ftp_port - 0
FF - user.js: network.proxy.gopher -
FF - user.js: network.proxy.gopher_port - 0
FF - user.js: network.proxy.socks_version - 5
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-31 20:53:04
Windows 6.0.6000 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
c:\windows\TEMP\TMP00000078DF48F6EC6F4DAE2C 524288 bytes executable
Scan succesvol afgerond
verborgen bestanden: 1
**************************************************************************
.
Voltooingstijd: 2009-01-31 20:56:00
ComboFix-quarantined-files.txt 2009-01-31 19:55:57
ComboFix2.txt 2009-01-31 15:19:40
Pre-Run: 70,700,331,008 bytes beschikbaar
Post-Run: 70,671,339,520 bytes beschikbaar
520
-
En hier logje ComboFix
ComboFix 09-01-21.04 - Sofian 2009-01-31 16:13:06.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.2037.1013 [GMT 1:00]
Gestart vanuit: c:\users\Sofian\Desktop\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
- VERMINDERDE FUNCTIONALITEIT MODUS -
.
(((((((((((((((((((( Bestanden Gemaakt van 2008-12-28 to 2009-01-31 ))))))))))))))))))))))))))))))
.
2009-01-31 14:42 . 2009-01-31 14:42 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-31 14:42 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-01-31 14:42 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-01-30 23:41 . 2009-01-30 23:41 <DIR> d-------- c:\program files\Gabest
2009-01-28 21:47 . 2009-01-28 21:47 45 --a------ c:\windows\System32\initdebug.nfo
2009-01-28 18:38 . 2009-01-28 18:41 <DIR> d-------- c:\program files\DivX
2009-01-26 19:08 . 2009-01-26 19:08 <DIR> d-------- c:\program files\Xvid(120)
2009-01-26 18:50 . 2009-01-26 18:50 <DIR> d-------- c:\users\Sofian\AppData\Roaming\BSplayer Pro
2009-01-26 18:50 . 2009-01-26 18:54 <DIR> d-------- c:\users\Sofian\AppData\Roaming\BSplayer
2009-01-26 18:50 . 2009-01-26 18:50 <DIR> d-------- c:\program files\Webteh
2009-01-24 16:40 . 2009-01-24 16:54 <DIR> d-------- c:\program files\AC3Filter
2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\users\Sofian\AppData\Roaming\River Past G5
2009-01-24 16:35 . 2009-01-24 16:47 <DIR> d-------- c:\users\All Users\River Past G5
2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\program files\River Past
2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\program files\Common Files\River Past
2009-01-24 16:35 . 2009-01-24 16:47 <DIR> d-------- c:\progra~2\River Past G5
2009-01-24 16:35 . 2009-01-24 16:35 163,250 --a------ c:\windows\Audio Converter Pro Uninstaller.exe
2009-01-24 16:30 . 2009-01-24 16:32 <DIR> d-------- c:\program files\DoremiSoft
2009-01-24 16:25 . 2009-01-24 16:27 150 --a------ c:\windows\videotoaudio.ini
2009-01-24 16:24 . 2009-01-24 16:24 <DIR> d-------- c:\program files\Crystal Software
2009-01-24 16:24 . 2009-01-24 16:27 5 --a------ c:\windows\System32\SySatw.dat
2009-01-24 16:22 . 2004-12-07 10:11 258,352 --a------ c:\windows\System32\Unicows.dll
2009-01-24 15:28 . 2009-01-04 12:35 31,232 --a------ c:\windows\system\vdremote.dll
2009-01-24 15:28 . 2009-01-04 12:35 25,088 --a------ c:\windows\system\vdsvrlnk.dll
2009-01-24 00:14 . 2006-10-26 19:56 32,592 --a------ c:\windows\System32\msonpmon.dll
2009-01-24 00:01 . 2009-01-27 21:53 <DIR> d-------- c:\users\All Users\Microsoft Help
2009-01-24 00:01 . 2009-01-27 21:53 <DIR> d-------- c:\progra~2\Microsoft Help
2009-01-23 23:57 . 2009-01-23 23:57 <DIR> d-------- c:\users\Sofian\AppData\Roaming\DAEMON Tools Lite
2009-01-23 23:36 . 2006-11-02 10:39 15,821,312 --a------ c:\windows\System32\imageres.dll
2009-01-23 22:30 . 2009-01-24 17:55 <DIR> d-------- c:\users\Sofian\AppData\Roaming\vlc
2009-01-23 22:23 . 2009-01-23 22:24 <DIR> d-------- c:\users\Sofian\AppData\Roaming\MozillaControl
2009-01-23 22:23 . 2009-01-23 22:23 <DIR> d-------- c:\users\All Users\Graboid Inc
2009-01-23 22:23 . 2009-01-23 22:23 <DIR> d-------- c:\progra~2\Graboid Inc
2009-01-23 22:22 . 2009-01-23 22:30 <DIR> d-------- c:\program files\Graboid
2009-01-23 16:04 . 2009-01-31 11:18 <DIR> d--hs---- c:\users\Sofian\AppData\Roaming\.#
2009-01-22 19:11 . 2009-01-22 19:11 <DIR> d-------- c:\users\All Users\TechSmith
2009-01-22 19:11 . 2009-01-22 19:11 <DIR> d-------- c:\progra~2\TechSmith
2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\windows\System32\QuickTime
2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\program files\TechSmith
2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\program files\Common Files\TechSmith Shared
2009-01-22 19:08 . 2008-07-10 14:56 107,864 --a------ c:\windows\System32\tsccvid.dll
2009-01-20 19:57 . 2009-01-20 20:46 <DIR> d-------- c:\users\Sofian\AppData\Roaming\SmartDraw
2009-01-19 21:34 . 2009-01-20 19:13 <DIR> d-------- c:\program files\Linguistic Systems
2009-01-18 19:25 . 2009-01-30 23:18 21,840 --a----t- c:\windows\System32\SIntfNT.dll
2009-01-18 19:25 . 2009-01-30 23:18 17,212 --a----t- c:\windows\System32\SIntf32.dll
2009-01-18 19:25 . 2009-01-30 23:18 12,067 --a----t- c:\windows\System32\SIntf16.dll
2009-01-18 17:08 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll
2009-01-18 17:08 . 2006-11-29 13:06 440,080 --a------ c:\windows\System32\d3dx10.dll
2009-01-18 17:08 . 2006-12-08 12:02 251,672 --a------ c:\windows\System32\xactengine2_5.dll
2009-01-18 00:25 . 2009-01-18 00:25 <DIR> d-------- c:\program files\Paint.NET
2009-01-16 18:54 . 2009-01-16 20:42 <DIR> d-------- c:\program files\Counter-Strike Source
2009-01-11 13:47 . 2009-01-11 13:54 <DIR> d-------- c:\users\Sofian\AppData\Roaming\RegTool
2009-01-02 21:42 . 2009-01-02 21:42 <DIR> d-------- c:\program files\GameSpy3D
2009-01-01 15:24 . 2009-01-01 15:24 103,736 --a------ c:\windows\System32\PnkBstrB.exe
2009-01-01 15:24 . 2009-01-01 15:24 22,328 --a------ c:\windows\System32\drivers\PnkBstrK.sys
2008-12-27 20:07 . 2008-12-27 20:07 <DIR> d-------- c:\users\Sofian\AppData\Roaming\OpenOffice.org
2008-12-26 13:57 . 2008-12-26 13:57 98,304 --a------ c:\windows\System32\CmdLineExt.dll
2008-12-26 13:54 . 2008-12-26 13:54 <DIR> d-------- c:\program files\Empire Interactive
2008-12-24 17:48 . 2008-12-24 17:48 <DIR> d-------- c:\windows\SWAT 4
2008-12-24 17:48 . 2008-12-24 18:15 <DIR> d-------- c:\program files\SWAT 4
2008-12-24 17:17 . 2008-12-25 18:20 <DIR> d-------- c:\program files\AlerteGPS
2008-12-24 11:30 . 2008-12-24 11:30 <DIR> d-------- c:\program files\OpenOffice.org 3
2008-12-24 11:30 . 2008-12-24 11:30 <DIR> d-------- c:\program files\JRE
2008-12-24 11:14 . 2008-12-24 11:14 <DIR> d-------- c:\program files\Common Files\Java
2008-12-20 19:45 . 2009-01-18 13:49 <DIR> d-------- c:\program files\Steam
2008-12-20 19:45 . 2009-01-18 13:47 <DIR> d-------- c:\program files\Common Files\Steam
2008-12-19 18:57 . 2009-01-27 18:36 <DIR> d-------- c:\program files\WarRock
2008-12-17 18:22 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmpC793.tmp
2008-12-17 18:22 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmpC754.tmp
2008-12-17 18:22 . 2008-12-17 18:22 109,080 --a------ c:\windows\System32\OpenAL32.dll
2008-12-17 17:57 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmpB3BD.tmp
2008-12-17 17:57 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmpB36E.tmp
2008-12-17 17:57 . 2008-12-17 18:22 444,952 --a------ c:\windows\System32\wrap_oal.dll
2008-12-17 16:48 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmp1644.tmp
2008-12-17 16:02 . 2008-12-17 16:02 <DIR> d-------- c:\program files\Codemasters
2008-12-17 13:57 . 2008-12-28 16:57 <DIR> d-------- c:\program files\Live For Speed
2008-12-17 13:28 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmp8D63.tmp
2008-12-17 13:28 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmp8D14.tmp
2008-12-17 13:06 . 2008-12-17 13:06 <DIR> d-------- c:\users\All Users\Codemasters
2008-12-17 13:06 . 2008-12-17 13:06 <DIR> d-------- c:\progra~2\Codemasters
2008-12-17 13:03 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmp8F17.tmp
2008-12-17 13:03 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmp8EC8.tmp
2008-12-17 11:17 . 2008-01-02 16:37 188,416 --a------ c:\windows\System32\igfxres.dll
2008-12-16 22:03 . 2008-12-16 22:03 <DIR> d-------- c:\program files\OpenAL
2008-12-16 22:03 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmpE53B.tmp
2008-12-16 22:03 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmpE4BE.tmp
2008-12-16 22:03 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmp2B50.tmp
2008-12-16 22:03 . 2008-04-28 16:53 805,400 -ra------ c:\windows\System32\tmp2AD2.tmp
2008-12-14 19:00 . 2008-12-14 19:00 <DIR> d-------- c:\users\All Users\Yahoo!
2008-12-14 19:00 . 2008-12-14 19:00 <DIR> d-------- c:\progra~2\Yahoo!
2008-12-14 18:59 . 2008-12-14 18:59 <DIR> d-------- c:\users\Sofian\AppData\Roaming\Yahoo!
2008-12-14 18:59 . 2008-12-14 18:59 <DIR> d-------- c:\users\All Users\Yahoo! Companion
2008-12-14 18:59 . 2008-12-14 18:59 <DIR> d-------- c:\progra~2\Yahoo! Companion
2008-12-12 11:59 . 2008-12-12 11:59 <DIR> d-------- c:\windows\System32\Profiles
2008-12-11 21:57 . 2008-12-11 21:57 <DIR> dr------- c:\windows\System32\config\systemprofile\Music
2008-12-11 21:54 . 2008-12-11 21:54 <DIR> d-------- c:\program files\LimeWire
2008-12-11 20:51 . 2008-12-11 20:51 <DIR> d-------- c:\windows\RegCure
2008-12-11 20:51 . 2008-12-11 20:52 <DIR> d-------- c:\program files\RegCure
2008-12-10 23:00 . 2008-12-10 23:00 2,608 --a------ c:\windows\System32\settings.aaw
2008-12-10 23:00 . 2008-12-10 23:00 1,712 --a------ c:\windows\System32\history.aaw
2008-12-10 22:29 . 2008-12-10 22:29 2,252,288 --a------ c:\windows\System32\msi.dll
2008-12-10 22:29 . 2008-12-10 22:29 332,800 --a------ c:\windows\System32\msihnd.dll
2008-12-10 22:29 . 2008-12-10 22:29 73,216 --a------ c:\windows\System32\msiexec.exe
2008-12-10 22:29 . 2008-12-10 22:29 2,560 --a------ c:\windows\System32\msimsg.dll
2008-12-10 13:36 . 2008-12-10 13:36 <DIR> d-------- c:\program files\Common Files\Futuremark Shared
2008-12-10 12:32 . 2008-12-10 12:32 <DIR> d-------- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab
2008-12-09 22:47 . 2008-12-09 22:47 <DIR> d-------- c:\users\Sofian\AppData\Roaming\Desktopicon
2008-12-09 22:35 . 2008-12-09 22:34 410,984 --a------ c:\windows\System32\deploytk.dll
2008-12-09 22:21 . 2009-01-07 22:18 <DIR> d-------- c:\program files\CCleaner
2008-12-09 16:40 . 2008-12-16 22:07 <DIR> d-------- c:\program files\Cool Beans NFO Creator
2008-12-08 20:05 . 2008-12-08 20:05 4,608 --a------ c:\windows\System32\temp.001
2008-12-08 16:47 . 2008-12-08 16:47 <DIR> d-------- c:\windows\PCHEALTH
2008-12-06 22:49 . 2008-12-06 22:49 <DIR> d-------- c:\windows\Midnight Club 2
2008-12-06 22:49 . 2009-01-31 11:15 <DIR> d-------- c:\program files\Midnight Club 2
2008-12-06 18:21 . 2008-12-06 18:21 <DIR> d-------- c:\windows\System32\Futuremark
2008-12-05 17:44 . 2008-12-05 17:44 <DIR> d-------- c:\program files\Electronic Arts
2008-12-05 17:44 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\System32\d3dx9_34.dll
2008-12-05 17:44 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\System32\D3DCompiler_34.dll
2008-12-05 17:44 . 2007-05-16 16:45 443,752 --a------ c:\windows\System32\d3dx10_34.dll
2008-12-05 17:44 . 2007-06-20 20:46 266,088 --a------ c:\windows\System32\xactengine2_8.dll
2008-12-05 17:44 . 2007-04-04 18:55 261,480 --a------ c:\windows\System32\xactengine2_7.dll
2008-12-05 17:43 . 2007-01-24 15:27 255,848 --a------ c:\windows\System32\xactengine2_6.dll
2008-12-05 17:43 . 2007-03-05 12:42 15,128 --a------ c:\windows\System32\x3daudio1_1.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-30 22:44 --------- d-----w c:\program files\ffdshow
2009-01-30 19:23 --------- d-----w c:\users\Sofian\AppData\Roaming\Hamachi
2009-01-27 22:47 --------- d-----w c:\users\Sofian\AppData\Roaming\uTorrent
2009-01-27 21:11 --------- d-----w c:\program files\dvdSanta
2009-01-27 20:52 --------- d-----w c:\program files\Microsoft Works
2009-01-27 20:49 --------- d-----w c:\program files\MSBuild
2009-01-27 17:36 --------- d-----w c:\program files\Xvid
2009-01-27 17:36 --------- d-----w c:\program files\Sigmatel
2009-01-27 17:25 --------- d-----w c:\users\Sofian\AppData\Roaming\LimeWire
2009-01-27 17:23 --------- d-----w c:\program files\Java
2009-01-27 17:22 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-27 17:07 --------- d-----w c:\program files\Intel
2009-01-27 16:01 --------- d-----w c:\program files\Dell
2009-01-24 19:45 --------- d-----w c:\program files\Pegasys Inc
2009-01-20 20:04 3,036 --sha-w c:\windows\System32\KGyGaAvL.sys
2009-01-20 20:04 --------- d-----w c:\users\Sofian\AppData\Roaming\Corel
2009-01-20 16:14 --------- d-----w c:\users\Sofian\AppData\Roaming\Pegasys Inc
2009-01-18 18:26 --------- d-----w c:\program files\Disney Interactive
2009-01-18 16:27 --------- d-----w c:\program files\Activision
2009-01-18 16:09 --------- d-----w c:\users\Sofian\AppData\Roaming\Activision
2009-01-18 16:09 --------- d-----w c:\progra~2\Activision
2009-01-16 16:02 --------- d-----w c:\program files\Counter-Strike 1.6
2009-01-09 17:24 --------- d-----w c:\users\Sofian\AppData\Roaming\MailWasherPro
2009-01-07 18:10 --------- d-----w c:\program files\Mozilla Thunderbird
2009-01-04 17:45 --------- d-----w c:\progra~2\Roxio
2009-01-01 14:24 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2008-12-31 18:54 --------- d-----w c:\program files\StuffPlug3
2008-12-24 10:13 --------- d-----w c:\users\Sofian\AppData\Roaming\OpenOffice.org2
2008-12-18 11:38 --------- d-----w c:\program files\PES 2009
2008-12-16 21:14 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-12-14 18:11 --------- d-----w c:\users\Sofian\AppData\Roaming\Webcammax
2008-12-14 17:59 --------- d-----w c:\program files\Yahoo!
2008-12-09 21:27 --------- d-----w c:\progra~2\Spybot - Search & Destroy
2008-12-08 19:05 73,216 ----a-w c:\windows\ST6UNST.EXE
2008-12-08 19:05 249,856 ------w c:\windows\Setup1.exe
2008-12-08 19:05 --------- d-----w c:\program files\vbNFSMWMegaTrainer
2008-11-30 17:10 --------- d-----w c:\progra~2\Ubisoft
2008-11-30 14:46 22,328 ----a-w c:\users\Sofian\AppData\Roaming\PnkBstrK.sys
2008-11-30 14:21 --------- d-----w c:\program files\Hamachi
2008-11-30 14:20 25,280 ----a-w c:\windows\system32\drivers\hamachi.sys
2008-11-30 08:39 51,224 ----a-w c:\windows\System32\wuauclt.exe
2008-11-30 08:39 43,544 ----a-w c:\windows\System32\wups2.dll
2008-11-30 08:39 1,809,944 ----a-w c:\windows\System32\wuaueng.dll
2008-11-30 08:39 1,524,736 ----a-w c:\windows\System32\wucltux.dll
2008-11-30 08:38 83,456 ----a-w c:\windows\System32\wudriver.dll
2008-11-30 08:38 561,688 ----a-w c:\windows\System32\wuapi.dll
2008-11-30 08:38 34,328 ----a-w c:\windows\System32\wups.dll
2008-11-30 08:38 31,232 ----a-w c:\windows\System32\wuapp.exe
2008-11-30 08:38 162,064 ----a-w c:\windows\System32\wuwebv.dll
2008-11-30 08:35 --------- d-sh--w c:\progra~2\Sjablonen
2008-11-30 08:35 --------- d-sh--w c:\progra~2\Menu Start
2008-11-30 08:35 --------- d-sh--w c:\progra~2\Favorieten
2008-11-30 08:35 --------- d-sh--w c:\progra~2\Documenten
2008-11-30 08:35 --------- d-sh--w c:\progra~2\Bureaublad
2008-11-30 01:00 --------- d-----w c:\users\Sofian\AppData\Roaming\mIRC
2008-11-30 00:48 --------- dc-h--w c:\progra~2\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-30 00:48 --------- d-----w c:\progra~2\WLInstaller
2008-11-30 00:48 --------- d-----w c:\progra~2\Uninstall
2008-11-30 00:48 --------- d-----w c:\progra~2\Ulead Systems
2008-11-30 00:48 --------- d-----w c:\progra~2\SupportSoft
2008-11-30 00:48 --------- d-----w c:\progra~2\Stardock
2008-11-30 00:48 --------- d-----w c:\progra~2\Sonic
2008-11-30 00:48 --------- d-----w c:\progra~2\SlySoft
2008-11-30 00:48 --------- d-----w c:\progra~2\ScanSoft
2008-11-30 00:48 --------- d-----w c:\progra~2\PC Drivers HeadQuarters
2008-11-30 00:48 --------- d-----w c:\progra~2\PassMark
2008-11-30 00:48 --------- d-----w c:\progra~2\Office Genuine Advantage
2008-11-30 00:48 --------- d-----w c:\progra~2\My Music
2008-11-30 00:40 --------- d-----w c:\program files\uTorrent
2008-11-30 00:40 --------- d-----w c:\program files\Uniblue
2008-11-30 00:40 --------- d-----w c:\program files\Trend Micro
2008-11-30 00:40 --------- d-----w c:\program files\Thrustmaster
2008-11-30 00:40 --------- d-----w c:\program files\SystemRequirementsLab
2008-11-30 00:40 --------- d-----w c:\program files\SubSync
2008-11-30 00:40 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-30 00:39 --------- d-----w c:\program files\SlySoft
2008-11-30 00:39 --------- d-----w c:\program files\SetPoint
2008-11-30 00:39 --------- d-----w c:\program files\SEGA
2008-11-30 00:39 --------- d-----w c:\program files\ScanSoft
2008-11-30 00:39 --------- d-----w c:\program files\Sanny Builder 3
2008-11-30 00:39 --------- d-----w c:\program files\San Andreas Mod Installer
2008-11-30 00:39 --------- d-----w c:\program files\Samsung
2008-11-30 00:39 --------- d-----w c:\program files\Roxio
2008-11-30 00:38 --------- d-----w c:\program files\Rockstar Games
2008-11-30 00:38 --------- d-----w c:\program files\Reallusion
2008-11-30 00:38 --------- d-----w c:\program files\QuickTime
2008-11-30 00:38 --------- d-----w c:\program files\PowerISO
2008-11-30 00:38 --------- d-----w c:\program files\PortTrigger
2008-11-30 00:38 --------- d-----w c:\program files\Participatory Culture Foundation
2008-11-30 00:36 --------- d-----w c:\program files\gPotato
2008-11-30 00:34 --------- d-----w c:\program files\Google Earth Pro 4.2
2008-11-30 00:34 --------- d-----w c:\program files\Google
2008-11-30 00:34 --------- d-----w c:\program files\Folder Lock
2008-11-30 00:34 --------- d-----w c:\program files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2008-11-30 00:34 --------- d-----w c:\program files\FireTrust
2008-11-30 00:34 --------- d-----w c:\program files\FIFA09
2008-11-30 00:33 --------- d-----w c:\program files\EZ Boosters
2008-11-30 00:32 --------- d-----w c:\program files\EA Sports
2008-11-30 00:32 --------- d-----w c:\program files\EA GAMES
2008-11-30 00:32 --------- d-----w c:\program files\DVDVideoSoft
2008-12-19 18:54 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2008-12-19 18:54 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-19 18:54 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2008-12-19 18:54 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2008-12-19 18:54 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
2008-04-15 23:28 76 --sha-w c:\windows\CT4CET.bin
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\voipbuster.exe" [2008-11-24 9017648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"DeStatusMon"="c:\program files\Dell\MFP_DELL\deDvcStatus.exe" [2007-06-28 286720]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-03-12 79400]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-09 136600]
"Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2007-03-21 478800]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-11 c:\windows\KHALMNPR.Exe]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-04-16 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-09-07 1180952]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxMoniter
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-991331777-2378318461-4560006-1000]
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"UDP Query User{5CC58DDD-6000-4FB3-A854-7241EBE4C5CB}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= TCP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:TP_Win32
"TCP Query User{54834E1A-4F46-47D1-91AA-6AFB388A49A3}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= UDP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:TP_Win32
"UDP Query User{A3111D06-F8A6-4033-9D01-E0865EAEB4D9}c:\\program files\\valve\\counter-strike source\\hl2.exe"= TCP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"TCP Query User{9293FB58-0420-4115-A49E-A2976C1B3564}c:\\program files\\valve\\counter-strike source\\hl2.exe"= UDP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"{D346D765-9524-49F4-BDED-DDB16AE73879}"= TCP:c:\windows\System32\mqsvc.exe:Message Queuing
"{45A90E50-5152-4959-8E7F-7E7EF4F7424A}"= UDP:c:\windows\System32\mqsvc.exe:Message Queuing
"{1D9069E9-375D-44A0-9CC2-400255F8CE78}"= TCP:c:\windows\System32\mqsvc.exe:Message Queuing
"{63477523-E780-4425-82C0-55FFAA497F10}"= UDP:c:\windows\System32\mqsvc.exe:Message Queuing
"UDP Query User{1C7BFDF9-B75E-43EC-B6BB-E8A9D0B7D71D}c:\\program files\\dna\\btdna.exe"= TCP:c:\program files\dna\btdna.exe:DNA
"TCP Query User{3CA1B8DB-15AF-4500-8464-89652E56CCDD}c:\\program files\\dna\\btdna.exe"= UDP:c:\program files\dna\btdna.exe:DNA
"{ED40C921-0241-41BA-9728-57E557C93C9E}"= TCP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{D2FCE9FF-BA9C-4637-81C6-5E482A64F5AE}"= UDP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{6B4496AF-FC00-4791-BFBA-2A8BBB254869}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"UDP Query User{E5B9A067-7D56-4164-962D-4FC016F75802}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{FFE6709D-E020-4886-8070-432D9ADD0FAE}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{3245B40A-F081-4386-8E3A-2289A2C6614F}c:\\program files\\counter-strike 1.6\\hlds.exe"= TCP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
"TCP Query User{C96B2973-710E-48B9-A8F9-B91A6F5DCC36}c:\\program files\\counter-strike 1.6\\hlds.exe"= UDP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
"UDP Query User{E51EBB21-CF5E-4D83-9AA2-2D8C282E9AC6}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"TCP Query User{3656B3D5-B7C1-45B2-998F-56B20C9E9581}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{2879B1FB-70EE-47C4-8654-8A1DC1DF0DFD}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"TCP Query User{9A526FB3-485C-4E94-B333-92CE71217FED}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{514D414F-BEC6-4BEF-9EE9-7E68D1A05CEF}c:\\users\\sofian\\appdata\\roaming\\mozilla\\firefox\\profiles\\yo9qwklf.default\\extensions\\solidstateion@solidstatenetworks.com\\plugins\\solidnm.exe"= TCP:c:\users\sofian\appdata\roaming\mozilla\firefox\profiles\yo9qwklf.default\extensions\solidstateion@solidstatenetworks.com\plugins\solidnm.exe:solidnm.exe
"TCP Query User{55A58C11-6386-4375-88C1-005F988E9E3D}c:\\users\\sofian\\appdata\\roaming\\mozilla\\firefox\\profiles\\yo9qwklf.default\\extensions\\solidstateion@solidstatenetworks.com\\plugins\\solidnm.exe"= UDP:c:\users\sofian\appdata\roaming\mozilla\firefox\profiles\yo9qwklf.default\extensions\solidstateion@solidstatenetworks.com\plugins\solidnm.exe:solidnm.exe
"UDP Query User{8CF5866F-A838-4FB1-A9C1-8938F237C422}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{989B7C13-1290-44EF-9FBC-842CA0D14D81}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{A5EB80E9-95C2-46DA-A037-73A2764FAC35}c:\\program files\\fifa09\\fifa09.exe"= TCP:c:\program files\fifa09\fifa09.exe:FIFA09
"TCP Query User{FD7024AD-BD7F-4F6E-9614-16B288759DAC}c:\\program files\\fifa09\\fifa09.exe"= UDP:c:\program files\fifa09\fifa09.exe:FIFA09
"{238E3750-1BF9-4C39-91C5-2FE52CB02AB9}"= TCP:c:\users\Sofian\AppData\Local\Temp\IXP000.TMP\pes2009.exe:Pro Evolution Soccer 2009
"{2D0DFF56-FE02-46CA-B338-8A03C162B8CD}"= UDP:c:\users\Sofian\AppData\Local\Temp\IXP000.TMP\pes2009.exe:Pro Evolution Soccer 2009
"{5A873637-D304-44AD-B6B7-D92CAC9CB7A7}"= TCP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{71F6CAC2-2793-4B81-9419-D0E6CDE27018}"= UDP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"UDP Query User{3BA73912-EFBC-445F-9FED-48D4C32F0E70}c:\\users\\sofian\\program files\\dna\\btdna.exe"= TCP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"TCP Query User{B16AEDBA-9399-48CB-9528-0E76A6C6EBAB}c:\\users\\sofian\\program files\\dna\\btdna.exe"= UDP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"UDP Query User{56B32E8E-6D7C-4E4D-BEAA-4143D683FA87}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{7C790108-0887-4C66-AAA4-242BC76667BC}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"{FB7012F6-A0C8-4829-841C-5485A6D7DD44}"= UDP:443:Utorrent
"UDP Query User{4BA4EECA-D8F9-4C97-B7B4-0EA7AEFDB223}c:\\users\\sofian\\program files\\dna\\btdna.exe"= TCP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"TCP Query User{961E0236-D718-46B2-A522-505DBFF4766D}c:\\users\\sofian\\program files\\dna\\btdna.exe"= UDP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"UDP Query User{0C2368A4-D8F1-4A43-9E5A-720E391B0D21}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{2EBC57E7-8E14-4963-84BC-D5B70D7B3084}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{CC6F7951-1541-4A49-B98E-6908AD7BC79B}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{657A9266-4CFF-48EC-841D-F69665BBED93}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{6BFA36F6-AD9B-49D6-B501-B2A139A00C84}c:\\program files\\rockstar games\\gta san andreas\\samp server\\samp-server.exe"= TCP:c:\program files\rockstar games\gta san andreas\samp server\samp-server.exe:samp-server
"TCP Query User{D8D696A3-E7E5-469F-B882-07C23402EDDF}c:\\program files\\rockstar games\\gta san andreas\\samp server\\samp-server.exe"= UDP:c:\program files\rockstar games\gta san andreas\samp server\samp-server.exe:samp-server
"UDP Query User{AC851BC4-9C86-4F06-8029-6C6050F73632}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{160A1F8E-75C0-4671-B13D-59C5ABD16251}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{D29620AC-3F93-49AA-B939-DFDCF0B35107}c:\\program files\\voipbuster.com\\voipbuster\\voipbuster.exe"= TCP:c:\program files\voipbuster.com\voipbuster\voipbuster.exe:Client to make VoIP calls.
"TCP Query User{2F1BC6CC-18FB-4243-87D2-2C9B93CAEAFF}c:\\program files\\voipbuster.com\\voipbuster\\voipbuster.exe"= UDP:c:\program files\voipbuster.com\voipbuster\voipbuster.exe:Client to make VoIP calls.
"UDP Query User{474CF4C1-C100-466E-B971-BD205B60E352}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.814\\gtarumbleserver.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex00.814\gtarumbleserver.exe:gtarumbleserver.exe
"TCP Query User{94D1A7BD-96D7-4473-8B89-8A4238224449}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.814\\gtarumbleserver.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex00.814\gtarumbleserver.exe:gtarumbleserver.exe
"UDP Query User{646FBDC6-C40B-444A-B597-427E6A6E7A80}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{A83BBA09-E270-48AB-879E-DE2A1FBD94E4}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"{59D77588-33BF-4B97-B10A-4897EB53AFE0}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{803E39F7-78B8-4684-99C0-0C2CB8BD4CFC}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"UDP Query User{21CC4C73-8569-45EE-997D-124B256FAAEA}c:\\users\\sofian\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= Disabled:TCP:c:\users\sofian\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"TCP Query User{22196733-FEDE-4DA5-83FC-DACF7CC96061}c:\\users\\sofian\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\sofian\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"UDP Query User{DEC548EE-2047-4C50-8BFF-CDAC46870652}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex35.8289\\patch.exe"= Disabled:TCP:c:\users\sofian\appdata\local\temp\rar$ex35.8289\patch.exe:patch.exe
"TCP Query User{3614CF16-7F8A-4004-8E05-3F400E4B5E3E}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex35.8289\\patch.exe"= Disabled:UDP:c:\users\sofian\appdata\local\temp\rar$ex35.8289\patch.exe:patch.exe
"UDP Query User{F18437DC-9F41-4383-9AD6-C1A60988DDCC}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex13.6771\\patch.exe"= Disabled:TCP:c:\users\sofian\appdata\local\temp\rar$ex13.6771\patch.exe:patch.exe
"TCP Query User{224A609B-63B2-467B-912D-A681AE74AD6E}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex13.6771\\patch.exe"= Disabled:UDP:c:\users\sofian\appdata\local\temp\rar$ex13.6771\patch.exe:patch.exe
"UDP Query User{C0E29B39-C25C-4FEF-A656-39E7F33E74BD}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"TCP Query User{8437116C-045A-4735-BA3A-C780755848AF}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{8CE7B374-7E44-412D-B4E4-D6AA7886F43F}c:\\program files\\mta san andreas\\server\\mta server.exe"= TCP:c:\program files\mta san andreas\server\mta server.exe:MTA Server
"TCP Query User{B36A7935-97DA-4F7A-AB71-CDBCFECAF281}c:\\program files\\mta san andreas\\server\\mta server.exe"= UDP:c:\program files\mta san andreas\server\mta server.exe:MTA Server
"{F2923331-22E1-4E05-8FD4-EED852780340}"= TCP:c:\program files\Hide IP Platinum\hideippla.exe:Hide IP Platinum
"{A645F9A2-9908-4313-8B14-70924656A8B9}"= UDP:c:\program files\Hide IP Platinum\hideippla.exe:Hide IP Platinum
"UDP Query User{324774FA-B894-4D94-962F-0FA0D38BCBBE}c:\\program files\\ea sports\\fifa 08\\fifa08.exe"= TCP:c:\program files\ea sports\fifa 08\fifa08.exe:FIFA08
"TCP Query User{0103AA03-8BA7-4D39-99CA-4EB76E0F2FDB}c:\\program files\\ea sports\\fifa 08\\fifa08.exe"= UDP:c:\program files\ea sports\fifa 08\fifa08.exe:FIFA08
"UDP Query User{D591E3CB-061E-47F3-A798-60851B935FFC}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{D8034389-8DA4-4336-9F4F-05DC5D6D933C}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{27CA4F2C-F4A8-4CCB-B37A-58D91CDA187B}c:\\windows\\system32\\zonelabs\\vsmon.exe"= TCP:c:\windows\system32\zonelabs\vsmon.exe:TrueVector Service
"TCP Query User{09B71C24-C278-4CEE-A07D-A85FAC53D66F}c:\\windows\\system32\\zonelabs\\vsmon.exe"= UDP:c:\windows\system32\zonelabs\vsmon.exe:TrueVector Service
"{A694356B-DCE6-46B4-81C9-7F1BF6E8D0BD}"= TCP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"{D6E0B432-B38F-4604-9C66-E8DBD0D26D85}"= UDP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"UDP Query User{081DF3A1-A737-4B1A-8E2F-3ED3191946D9}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{74E35358-40CC-48B1-8254-B8B0DE21EC20}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{9E78BC5B-6B79-4A83-B420-F4FFC1C824B9}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{3A67AA1E-2903-46CF-AFB3-13EDE809CC1C}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{3E3F2425-7523-4869-BF0B-948EE453792B}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{1E068C53-2CF4-45B3-B8D6-D5D2C758CC47}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{A60A5777-3712-4781-909A-E562EC13F6AB}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{1850859D-E62C-4D16-A780-4968346CA9C4}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"UDP Query User{E7EDA855-37AB-4B36-8022-BACE3FC8ADA0}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= TCP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:tp_win32
"TCP Query User{B233138C-50A1-4A52-A313-9863D95F0E53}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= UDP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:tp_win32
"{44532AF2-7C13-40D8-9DD2-BD9B00FAC573}"= TCP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"{CD223108-C909-4C5F-A619-812D6AD86666}"= UDP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"{9AC21C58-6565-4B09-A236-1C6E53E234D8}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{11B576E1-B887-47A7-A55D-9EDD18EFE2C6}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{F8E3F7D3-F590-4016-9007-3EAE21EAA446}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{369C3E79-E41A-44B4-A978-2B93CFF0CE3C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DDB069C9-E320-4264-9A6D-6EC50BF098F3}"= TCP:c:\users\Sofian\Program Files\uTorrent\uTorrent.exe:µTorrent
"{3522FAAA-E7CC-4D52-8A11-379115C6D72E}"= UDP:c:\users\Sofian\Program Files\uTorrent\uTorrent.exe:µTorrent
"{C54D7D3B-57AF-4522-89AA-159E577773D0}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{3DB6E3AB-1D74-4F00-A772-795E4A26D6D8}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{3CABAA43-9F86-4D02-AB76-8FE8F562D6AD}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{D874EB75-B187-4F66-9E24-8BDB71152578}"= c:\program files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect
"{B47A655A-053C-4B47-BC89-646ACA1D9DF1}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{149CA782-81E2-49E4-B14A-D23BCA105DAC}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{AEC7333B-4641-4907-A68C-64304FC929E1}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{6F77D1F2-B3BB-40F5-B0CC-1A129BBEBB37}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{98FAEA70-FFDF-4465-9FED-0D9E424E96CC}c:\\program files\\rainbow six vegas\\binaries\\r6vegas2_game.exe"= UDP:c:\program files\rainbow six vegas\binaries\r6vegas2_game.exe:R6Vegas2_Game
"UDP Query User{06AF7056-339E-4B4B-ACED-28D9AED1B00A}c:\\program files\\rainbow six vegas\\binaries\\r6vegas2_game.exe"= TCP:c:\program files\rainbow six vegas\binaries\r6vegas2_game.exe:R6Vegas2_Game
"{A72FA228-4027-4C09-9E5D-16CCCADDE895}"= UDP:27015:cs
"{6F58EE41-EE56-466A-811E-B91231C6B098}"= TCP:27015:cs2
"TCP Query User{89D619DA-8462-47D2-B87A-F65465542D13}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{81D927CC-9991-4D31-BA21-F5D597770B4C}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{CF28231D-A4AB-4EC6-A8A1-3435FEDA5975}c:\\program files\\free download manager\\fdm.exe"= UDP:c:\program files\free download manager\fdm.exe:Free Download Manager
"UDP Query User{467F41AF-99A6-455D-B1B2-CE2308C3AE3D}c:\\program files\\free download manager\\fdm.exe"= TCP:c:\program files\free download manager\fdm.exe:Free Download Manager
"TCP Query User{8A7D27FA-DA13-49A0-A28C-6CEA99A48ED0}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= UDP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"UDP Query User{1AFCE24B-B976-41BB-8277-5EF44F459ADD}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= TCP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"TCP Query User{B8B3C1A0-DAAC-4EE9-A6F9-64EAF9419DE5}c:\\program files\\midnight club 2\\mc2.exe"= UDP:c:\program files\midnight club 2\mc2.exe:mc2
"UDP Query User{6A29C6CE-3831-4646-B400-5F783BCAEACD}c:\\program files\\midnight club 2\\mc2.exe"= TCP:c:\program files\midnight club 2\mc2.exe:mc2
"{B9BC18A5-EFE4-46EB-AC93-72A2B6F801D7}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{18CEC237-0B76-4515-BE32-0C100FEC6D86}c:\\program files\\midnight club 2\\mc2.exe"= UDP:c:\program files\midnight club 2\mc2.exe:mc2
"UDP Query User{148526E6-35AA-46C0-884C-A31AA5BBEAB9}c:\\program files\\midnight club 2\\mc2.exe"= TCP:c:\program files\midnight club 2\mc2.exe:mc2
"TCP Query User{D761FCBC-4F47-4BFE-BFE4-42DF050F1529}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{32E24C83-E7F4-44A1-B755-B8F8F20D4A0E}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"TCP Query User{9BDB6799-E480-4523-BB34-7599B7A3C00F}c:\\program files\\valve\\counter-strike source\\hl2.exe"= UDP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"UDP Query User{DC5F9973-99AE-45C3-926A-6016CA54FA07}c:\\program files\\valve\\counter-strike source\\hl2.exe"= TCP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"TCP Query User{180C3D0D-0D7D-4E93-ABFA-B1AA2B8B4326}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.016\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex00.016\nfsuclient.exe:nfsuclient.exe
"UDP Query User{EE52C356-31CA-49D3-86C5-31EDA7B83272}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.016\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex00.016\nfsuclient.exe:nfsuclient.exe
"TCP Query User{1D19EC40-539C-45A0-B14A-DCBB420D73FB}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex02.807\\nfsuserver.1.0.1.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex02.807\nfsuserver.1.0.1.exe:nfsuserver.1.0.1.exe
"UDP Query User{CA9AA832-14CF-4784-A0E6-A873FBFF2537}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex02.807\\nfsuserver.1.0.1.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex02.807\nfsuserver.1.0.1.exe:nfsuserver.1.0.1.exe
"TCP Query User{F20E1835-AA1E-4A33-B08C-060A5A1C5446}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex04.415\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex04.415\nfsuclient.exe:nfsuclient.exe
"UDP Query User{6CF40273-EF0A-43CA-BAE9-3F47DBD855F9}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex04.415\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex04.415\nfsuclient.exe:nfsuclient.exe
"TCP Query User{926B5B97-4EA8-4604-BA27-469A17E4EC4B}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex05.310\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex05.310\nfsuclient.exe:nfsuclient.exe
"UDP Query User{5584FE3E-B6C3-4B7A-AB1F-2104113C6C2D}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex05.310\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex05.310\nfsuclient.exe:nfsuclient.exe
"{954FA7EB-DF6C-4A27-83D4-C3DCDA96386B}"= UDP:80:LAN-MW
"{78BF540B-9E58-4DB5-B4EC-1F1F72E42DCE}"= UDP:13505:LAN-MW1
"{D3C9E63D-91BA-464F-82A4-C38CB57CB538}"= TCP:3658:LAN-MW3
"{7223C4BC-7C74-4639-A38C-0E3142A8E5E7}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{BE499951-71C5-407D-99B6-89A000F71B29}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"TCP Query User{A3CBBF16-7F14-4671-840B-B7B2A30DFA5C}c:\\program files\\counter-strike 1.6\\hlds.exe"= UDP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
"UDP Query User{FFF9971C-3B60-482F-8B37-04F8133A9C74}c:\\program files\\counter-strike 1.6\\hlds.exe"= TCP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Configurable\System]
"Rip-Listener-1"= TCP:520|%SystemRoot%\System32\svchost.exe|Svc=iprip:@iprip.dll,-200|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
"SNMP-1"= TCP:%SystemRoot%\system32\snmp.exe|Svc=SNMP:@%SystemRoot%\system32\snmp.exe,-5|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"c:\\Program Files\\River Past\\Audio Converter Pro\\AudioConverter.exe"= c:\program files\River Past\Audio Converter Pro\AudioConverter.exe:*:Enabled:River Past Audio Converter Pro
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [2008-11-30 111616]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [2008-11-30 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [2008-11-30 7424]
R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [2008-04-16 73728]
R4 deMntrService;Dell AIO Center Service;c:\program files\Dell\MFP_DELL\deMntrService.exe [2007-06-28 131072]
R4 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016]
S3 DESVUSB;Dell service driver;c:\windows\System32\drivers\desrvusb.sys [2008-11-30 17536]
S3 WMSvc;Web Management-service;c:\windows\System32\inetsrv\WMSvc.exe [2006-11-02 10752]
S4 Anyplace Control Security;Anyplace Control Security;c:\windows\svcadmin.exe [2008-04-24 104960]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LPDService REG_MULTI_SZ LPDSVC
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
bthsvcs REG_MULTI_SZ BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\SETUP.EXE
\shell\configure\command - F:\SETUP.EXE
\shell\install\command - F:\SETUP.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1d54b09-be71-11dd-b2e0-806e6f6e6963}]
\shell\AutoRun\command - E:\Autorun.exe
\shell\start\command - \Autorun.exe
.
Inhoud van de 'Gedeelde Taken' map
2009-01-31 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe []
2009-01-31 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2007-08-02 10:20]
2008-12-12 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2007-08-02 10:20]
2009-01-31 c:\windows\Tasks\RegTool Scan.job
- c:\program files\RegTool\RegTool.exe []
2009-01-31 c:\windows\Tasks\RegTool Scan.job
- c:\program files\RegTool []
2009-01-31 c:\windows\Tasks\RegTool Startup.job
- c:\program files\RegTool\RegTool.exe []
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.games-fusion.net/
mStart Page = hxxp://www.games-fusion.net/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)
FF - prefs.js: browser.startup.homepage - about:blank
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.ftp -
FF - user.js: network.proxy.ftp_port - 0
FF - user.js: network.proxy.gopher -
FF - user.js: network.proxy.gopher_port - 0
FF - user.js: network.proxy.socks_version - 5
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.hideGoButton", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.enabled", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-31 16:13:25
Windows 6.0.6000 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
**************************************************************************
.
Voltooingstijd: 2009-01-31 16:19:38
ComboFix-quarantined-files.txt 2009-01-31 15:18:16
Pre-Run: 67.247.484.928 bytes beschikbaar
Post-Run: 67,160,293,376 bytes beschikbaar
522
-
Sorry, dubbele post
-
Hier is een logje van MBAM
Malwarebytes' Anti-Malware 1.33
Database versie: 1712
Windows 6.0.6000
31/01/2009 15:31:23
mbam-log-2009-01-31 (15-31-23).txt
Scan type: Snelle Scan
Objecten gescand: 48397
Verstreken tijd: 4 minute(s), 28 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
-
Goeiendag
Mijn computer is heel traag geworden. Ik denk dat ik HJT moet laten scannen.
Hier een logje
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:22:11, on 30/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Games-Fusion.NET - PC Cheats, PS2 Cheats, Xbox Cheats ( Demo, Patch, Screens )
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Games-Fusion.NET - PC Cheats, PS2 Cheats, Xbox Cheats ( Demo, Patch, Screens )
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [DeStatusMon] "C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209149147425
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1209149996026
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - http://gameadvisor.futuremark.com/global/msc3121.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 11220 bytes
Bij voorbaat dank
-
thanks het is gelukt
-
Goeiendag,
IK heb op mijn Dell Inspiron 1525 bluetooth. Ik denk Dell 335 Truemobile. ALs ik een liedje wil verzenden naar mijn gsm met bluetooth en ik druk met de rechtermuisknop => kopieren naar => bluetooth apparaat schijnt het niet meer te werken. terwijl mijn bluetooth aanstaat en mijn muis met bluetooth werkt. Wat moet ik doen?
dank u
-
Nou ja bedankt nog
-
Hey, dit moet verplaats worden naar spyware en virussen.
-
Hey,
Ik wil een nvidia 9800M GT kopen. Maar ik heb gehoord dat mijn video card op mijn moederbord plakt en ik het er niet uit kan halen. Dus is dit waar of wat zou ik moeten doen?
Ik heb een Dell Inspiron 1525
Mobile Intel 965 express chipset family
Windows Vista
-
goed het probleem is opgelost bedankt.
-
Het is gelukt, er komt geen error meer. Bedankt
-
ComboFix 08-12-07.04 - Sofian 2008-12-09 17:51:03.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.840 [GMT 1:00]
Gestart vanuit: c:\users\Sofian\Desktop\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Sofian\AppData\Roaming\.#
c:\windows\System32\bklatleu.ini
c:\windows\System32\bklatleu.ini2
c:\windows\System32\bklatleu.tmp
c:\windows\system32\Ghjilnnn.ini
c:\windows\system32\Ghjilnnn.ini2
c:\windows\system32\igfxres.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_Boonty Games
-------\Service_iprip
(((((((((((((((((((( Bestanden Gemaakt van 2008-11-09 to 2008-12-09 ))))))))))))))))))))))))))))))
.
2008-12-09 16:40 . 2008-12-09 16:40 <DIR> d-------- c:\program files\Cool Beans NFO Creator
2008-12-09 12:02 . 2008-12-09 12:02 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-09 12:02 . 2008-12-03 19:59 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2008-12-09 12:02 . 2008-12-03 19:59 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2008-12-08 20:05 . 2008-12-08 20:05 4,608 --a------ c:\windows\System32\temp.001
2008-12-08 16:47 . 2008-12-08 16:47 <DIR> d-------- c:\windows\PCHEALTH
2008-12-06 22:49 . 2008-12-06 22:49 <DIR> d-------- c:\windows\Midnight Club 2
2008-12-06 22:49 . 2008-12-06 23:19 <DIR> d-------- c:\program files\Midnight Club 2
2008-12-06 18:21 . 2008-12-06 18:21 <DIR> d-------- c:\windows\System32\Futuremark
2008-12-05 17:44 . 2008-12-05 17:44 <DIR> d-------- c:\program files\Electronic Arts
2008-12-05 17:44 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\System32\d3dx9_34.dll
2008-12-05 17:44 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\System32\D3DCompiler_34.dll
2008-12-05 17:44 . 2007-05-16 16:45 443,752 --a------ c:\windows\System32\d3dx10_34.dll
2008-12-05 17:44 . 2007-06-20 20:46 266,088 --a------ c:\windows\System32\xactengine2_8.dll
2008-12-05 17:44 . 2007-04-04 18:55 261,480 --a------ c:\windows\System32\xactengine2_7.dll
2008-12-05 17:43 . 2007-01-24 15:27 255,848 --a------ c:\windows\System32\xactengine2_6.dll
2008-12-05 17:43 . 2007-03-05 12:42 15,128 --a------ c:\windows\System32\x3daudio1_1.dll
2008-12-03 15:07 . 2008-12-06 15:55 <DIR> d-------- C:\Downloads
2008-11-30 18:10 . 2008-11-30 18:10 <DIR> d-------- c:\users\All Users\Ubisoft
2008-11-30 18:10 . 2008-11-30 18:10 <DIR> d-------- c:\programdata\Ubisoft
2008-11-30 16:12 . 2000-07-31 13:28 286,208 --a------ c:\windows\system\binkw32.dll
2008-11-30 16:11 . 2007-12-02 13:28 53,248 --a------ c:\windows\system\PhysXLoader.dll
2008-11-30 15:55 . 2008-06-23 10:22 386,600 --a------ c:\windows\system\nxcooking.dll
2008-11-30 15:53 . 2007-08-14 23:49 3,821,568 --a------ c:\windows\system\wxmsw262u.dll
2008-11-30 15:42 . 2008-11-30 15:46 22,328 --a------ c:\users\Sofian\AppData\Roaming\PnkBstrK.sys
2008-11-30 15:41 . 2008-11-30 15:41 66,872 --a------ c:\windows\System32\PnkBstrA.exe
2008-11-30 15:20 . 2008-11-30 15:21 <DIR> d-------- c:\program files\Hamachi
2008-11-30 15:20 . 2008-11-30 15:20 25,280 --a------ c:\windows\System32\drivers\hamachi.sys
2008-11-30 11:06 . 2008-11-26 18:17 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys
2008-11-30 09:39 . 2008-11-30 09:39 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-30 09:39 . 2008-11-30 09:39 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-30 09:39 . 2008-11-30 09:39 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-30 09:39 . 2008-11-30 09:39 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-30 09:38 . 2008-11-30 09:38 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-30 09:38 . 2008-11-30 09:38 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-30 09:38 . 2008-11-30 09:38 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-30 09:38 . 2008-11-30 09:38 34,328 --a------ c:\windows\System32\wups.dll
2008-11-30 09:38 . 2008-11-30 09:38 31,232 --a------ c:\windows\System32\wuapp.exe
2008-11-30 02:13 . 2008-11-30 02:13 22,160 --a------ c:\windows\System32\emptyregdb.dat
2008-11-30 02:04 . 2008-11-30 02:04 <DIR> d-------- c:\users\Default\video
2008-11-30 02:04 . 2008-11-30 02:04 <DIR> d-------- c:\users\Default\Roaming
2008-11-30 01:22 . 2008-11-30 02:01 <DIR> dr------- c:\users\Sofian\Videos
2008-11-30 01:22 . 2008-11-30 02:01 <DIR> dr------- c:\users\Sofian\Saved Games
2008-11-30 01:22 . 2008-11-30 09:39 <DIR> dr------- c:\users\Sofian\Pictures
2008-11-30 01:22 . 2008-11-30 09:39 <DIR> dr------- c:\users\Sofian\Music
2008-11-30 01:22 . 2008-11-30 09:39 <DIR> dr------- c:\users\Sofian\Links
2008-11-30 01:22 . 2008-11-30 02:01 <DIR> dr------- c:\users\Sofian\Downloads
2008-11-30 01:22 . 2008-12-08 19:14 <DIR> dr------- c:\users\Sofian\Documents
2008-11-30 01:22 . 2006-11-02 13:37 <DIR> d-------- c:\users\Sofian\AppData\Roaming\Media Center Programs
2008-11-30 01:22 . 2008-11-30 02:00 <DIR> d--h----- c:\users\Sofian\AppData
2008-11-30 01:22 . 2008-11-30 09:39 <DIR> d-------- c:\users\Sofian
2008-11-30 01:17 . 2008-11-30 01:17 <DIR> d-------- c:\windows\System32\URTTEMP
2008-11-30 01:17 . 2008-12-08 16:47 <DIR> d--hs---- c:\windows\Installer
2008-11-30 01:16 . 2008-12-09 17:55 2,942 --a------ c:\windows\bthservsdp.dat
2008-11-30 01:16 . 2008-11-30 01:16 0 --ah----- c:\windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-11-30 01:14 . 2008-11-30 01:14 <DIR> d-------- c:\program files\DellTPad
2008-11-30 01:14 . 2008-11-30 01:14 <DIR> d-------- c:\program files\CONEXANT
2008-11-30 01:14 . 2008-11-30 01:14 0 --ah----- c:\windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2008-11-30 01:12 . 2008-11-30 11:24 <DIR> d-------- c:\windows\System32\catroot2
2008-11-30 00:58 . 2007-09-06 17:43 304,920 --a------ c:\windows\System32\drivers\iaStor.sys
2008-11-30 00:58 . 2007-09-06 17:35 90,112 --a------ c:\windows\System32\snymsico.dll
2008-11-30 00:58 . 2007-09-06 17:35 42,496 --a------ c:\windows\System32\drivers\rimsptsk.sys
2008-11-30 00:58 . 2007-09-06 17:35 39,936 --a------ c:\windows\System32\drivers\rimmptsk.sys
2008-11-30 00:58 . 2007-09-06 17:35 37,376 --a------ c:\windows\System32\drivers\rixdptsk.sys
2008-11-30 00:58 . 2007-09-06 17:35 16,480 --a------ c:\windows\System32\rixdicon.dll
2008-11-30 00:57 . 2008-11-30 01:15 <DIR> d-------- c:\windows\Debug
2008-11-30 00:56 . 2008-11-30 00:56 <DIR> d-------- c:\windows\System32\msmq
2008-11-30 00:56 . 2008-11-30 00:56 862 --a------ c:\windows\System32\termcap
2008-11-30 00:55 . 2008-11-30 00:55 <DIR> d-------- c:\windows\System32\OEM
2008-11-30 00:55 . 2007-02-26 20:13 36 -rah----- c:\windows\DELL_VERSION
2008-11-30 00:36 . 2008-11-30 00:36 <DIR> d--h----- C:\$WINDOWS.~Q
2008-11-30 00:24 . 2008-11-30 00:29 <DIR> d--h----- C:\$INPLACE.~TR
2008-11-30 00:17 . 2008-11-30 00:59 8,192 -ra-s---- C:\BOOTSECT.BAK
2008-11-29 23:27 . 2008-11-30 13:26 1,905 --a------ c:\windows\diagwrn.xml
2008-11-29 23:27 . 2008-11-30 13:26 1,905 --a------ c:\windows\diagerr.xml
2008-11-29 23:10 . 2008-11-30 01:48 <DIR> d-------- c:\users\All Users\Office Genuine Advantage
2008-11-29 23:10 . 2008-11-30 01:48 <DIR> d-------- c:\programdata\Office Genuine Advantage
2008-11-29 22:28 . 2008-11-30 01:48 <DIR> d-------- c:\windows\CheckSur
2008-11-29 22:28 . 2008-11-30 01:48 <DIR> d-------- c:\users\All Users\Windows Genuine Advantage
2008-11-29 13:10 . 2008-11-29 21:54 <DIR> d-------- C:\e952acb781df7695386c
2008-11-29 12:23 . 2008-11-30 01:33 <DIR> d-------- c:\program files\ffdshow
2008-11-29 12:23 . 2008-11-02 10:11 60,273 --a------ c:\windows\System32\pthreadGC2.dll
2008-11-29 12:23 . 2008-11-02 10:11 11,264 --a------ c:\windows\System32\ff_vfw.dll
2008-11-29 12:23 . 2008-11-02 10:11 547 --a------ c:\windows\System32\ff_vfw.dll.manifest
2008-11-29 12:21 . 2008-11-30 01:47 <DIR> d-------- c:\program files\Xvid
2008-11-29 12:21 . 2008-04-27 10:33 765,952 --a------ c:\windows\System32\xvidcore.dll
2008-11-29 12:21 . 2008-04-27 10:35 180,224 --a------ c:\windows\System32\xvidvfw.dll
2008-11-29 12:21 . 2007-06-28 18:55 77,824 --a------ c:\windows\System32\xvid.ax
2008-11-29 10:39 . 2008-11-30 01:48 <DIR> d--h-c--- c:\users\All Users\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-29 10:39 . 2008-11-30 01:48 <DIR> d--h-c--- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-29 10:39 . 2008-11-30 01:40 <DIR> d-------- c:\program files\Uniblue
2008-11-28 23:27 . 2008-11-28 23:27 1,056,768 --a------ c:\windows\System32\defltbase.sdb
2008-11-28 20:58 . 2008-11-28 20:58 <DIR> d-------- C:\5b534c155c11e0b6d2a7d4b2
2008-11-28 18:53 . 2008-11-28 18:53 16,094 --a------ c:\windows\System32\results.xml
2008-11-28 18:16 . 2008-11-28 22:04 720,896 --a------ c:\windows\SPInstall.etl
2008-11-28 17:46 . 2008-11-30 02:00 <DIR> d-------- c:\users\Sofian\AppData\Roaming\Corel
2008-11-28 17:46 . 2008-11-28 17:47 2,828 --ahs---- c:\windows\System32\KGyGaAvL.sys
2008-11-28 17:46 . 2008-11-28 17:46 88 --ahs---- c:\windows\System32\658BC72326.sys
2008-11-28 16:05 . 2008-11-30 01:51 <DIR> d-------- c:\windows\System32\NtmsData
2008-11-26 20:58 . 2008-11-30 01:48 <DIR> d-------- c:\users\All Users\My Music
2008-11-26 20:58 . 2008-11-30 01:47 <DIR> d-------- c:\users\All Users\Corel
2008-11-26 20:58 . 2008-11-30 01:48 <DIR> d-------- c:\programdata\My Music
2008-11-26 20:58 . 2008-11-30 01:47 <DIR> d-------- c:\programdata\Corel
2008-11-26 20:57 . 2008-11-30 01:29 <DIR> d-------- c:\program files\Corel
2008-11-26 20:57 . 2008-11-30 01:29 <DIR> d-------- c:\program files\Common Files\Corel
2008-11-26 16:54 . 2008-11-30 01:48 <DIR> d-------- c:\users\All Users\PC Drivers HeadQuarters
2008-11-26 16:54 . 2008-11-30 01:48 <DIR> d-------- c:\programdata\PC Drivers HeadQuarters
2008-11-24 19:05 . 2008-11-25 22:49 <DIR> d-------- C:\2de431c060eb2340c01eaf598ea0
2008-11-24 18:58 . 2007-09-04 17:56 164,352 --a------ c:\windows\System32\unrar.dll
2008-11-23 19:30 . 2008-11-23 19:30 307,968 --a------ c:\windows\System32\TuneUpDefragService.exe
2008-11-23 19:30 . 2008-02-27 13:15 28,416 --a------ c:\windows\System32\uxtuneup.dll
2008-11-23 19:30 . 2008-02-27 13:15 16,640 --a------ c:\windows\System32\authuitu.dll
2008-11-23 19:29 . 2008-11-30 02:01 <DIR> d-------- c:\users\Sofian\AppData\Roaming\TuneUp Software
2008-11-23 19:29 . 2008-11-30 01:48 <DIR> d-------- c:\users\All Users\TuneUp Software
2008-11-23 19:29 . 2008-11-30 01:48 <DIR> d-------- c:\programdata\TuneUp Software
2008-11-23 19:29 . 2008-11-30 01:40 <DIR> d-------- c:\program files\TuneUp Utilities 2008
2008-11-23 18:54 . 2008-05-30 14:11 3,850,760 --a------ c:\windows\System32\D3DX9_38.dll
2008-11-23 13:02 . 2008-11-30 01:30 <DIR> d-------- c:\program files\Counter-Strike Source
2008-11-22 22:56 . 2008-11-22 22:56 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-22 22:41 . 2008-11-30 01:40 <DIR> d-------- c:\program files\VALVe
2008-11-22 18:43 . 2008-11-30 01:40 <DIR> d-------- c:\program files\SystemRequirementsLab
2008-11-22 13:11 . 2008-11-30 01:48 <DIR> d-------- c:\users\All Users\Stardock
2008-11-22 13:11 . 2008-11-30 01:48 <DIR> d-------- c:\programdata\Stardock
2008-11-22 13:11 . 2008-11-30 01:40 <DIR> d-------- c:\program files\Stardock
2008-11-22 13:11 . 2007-06-05 11:26 567,040 --a------ c:\windows\System32\wbocx.ocx
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-09 10:53 --------- d-----w c:\users\Sofian\AppData\Roaming\OpenOffice.org2
2008-12-08 21:57 --------- d-----w c:\users\Sofian\AppData\Roaming\uTorrent
2008-12-08 19:05 73,216 ----a-w c:\windows\ST6UNST.EXE
2008-12-08 19:05 249,856 ------w c:\windows\Setup1.exe
2008-12-08 19:05 --------- d-----w c:\program files\vbNFSMWMegaTrainer
2008-12-08 14:29 --------- d-----w c:\users\Sofian\AppData\Roaming\LimeWire
2008-12-08 13:18 --------- d-----w c:\users\Sofian\AppData\Roaming\Hamachi
2008-12-06 11:03 --------- d-----w c:\programdata\Webcammax
2008-12-05 15:35 --------- d-----w c:\program files\Counter-Strike 1.6
2008-11-30 09:26 --------- d-----w c:\users\Sofian\AppData\Roaming\MailWasherPro
2008-11-30 08:35 --------- d-sh--w c:\programdata\Sjablonen
2008-11-30 08:35 --------- d-sh--w c:\programdata\Menu Start
2008-11-30 08:35 --------- d-sh--w c:\programdata\Favorieten
2008-11-30 08:35 --------- d-sh--w c:\programdata\Documenten
2008-11-30 08:35 --------- d-sh--w c:\programdata\Bureaublad
2008-11-30 01:00 --------- d-----w c:\users\Sofian\AppData\Roaming\mIRC
2008-11-30 00:48 --------- d-----w c:\programdata\Xfire
2008-11-30 00:48 --------- d-----w c:\programdata\WLInstaller
2008-11-30 00:48 --------- d-----w c:\programdata\Uninstall
2008-11-30 00:48 --------- d-----w c:\programdata\Ulead Systems
2008-11-30 00:48 --------- d-----w c:\programdata\SupportSoft
2008-11-30 00:48 --------- d-----w c:\programdata\Spybot - Search & Destroy
2008-11-30 00:48 --------- d-----w c:\programdata\Sonic
2008-11-30 00:48 --------- d-----w c:\programdata\SlySoft
2008-11-30 00:48 --------- d-----w c:\programdata\ScanSoft
2008-11-30 00:48 --------- d-----w c:\programdata\PassMark
2008-11-30 00:40 --------- d-----w c:\program files\uTorrent
2008-11-30 00:40 --------- d-----w c:\program files\Trend Micro
2008-11-30 00:40 --------- d-----w c:\program files\Thrustmaster
2008-11-30 00:40 --------- d-----w c:\program files\The Privacy Guard
2008-11-30 00:40 --------- d-----w c:\program files\SubSync
2008-11-30 00:40 --------- d-----w c:\program files\StuffPlug3
2008-11-30 00:40 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-30 00:39 --------- d-----w c:\program files\SlySoft
2008-11-30 00:39 --------- d-----w c:\program files\Sigmatel
2008-11-30 00:39 --------- d-----w c:\program files\SetPoint
2008-11-30 00:39 --------- d-----w c:\program files\SEGA
2008-11-30 00:39 --------- d-----w c:\program files\ScanSoft
2008-11-30 00:39 --------- d-----w c:\program files\Sanny Builder 3
2008-11-30 00:39 --------- d-----w c:\program files\San Andreas Mod Installer
2008-11-30 00:39 --------- d-----w c:\program files\Samsung
2008-11-30 00:39 --------- d-----w c:\program files\Roxio
2008-11-30 00:38 --------- d-----w c:\program files\Rockstar Games
2008-11-30 00:38 --------- d-----w c:\program files\Reallusion
2008-11-30 00:38 --------- d-----w c:\program files\QuickTime
2008-11-30 00:38 --------- d-----w c:\program files\PowerISO
2008-11-30 00:38 --------- d-----w c:\program files\PortTrigger
2008-11-30 00:38 --------- d-----w c:\program files\PES 2009
2008-11-30 00:38 --------- d-----w c:\program files\Pegasys Inc
2008-11-30 00:38 --------- d-----w c:\program files\Participatory Culture Foundation
2008-11-30 00:38 --------- d-----w c:\program files\OpenOffice.org 2.4
2008-11-30 00:36 --------- d-----w c:\program files\gPotato
2008-11-30 00:34 --------- d-----w c:\program files\Google Earth Pro 4.2
2008-11-30 00:34 --------- d-----w c:\program files\Google
2008-11-30 00:34 --------- d-----w c:\program files\Folder Lock
2008-11-30 00:34 --------- d-----w c:\program files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2008-11-30 00:34 --------- d-----w c:\program files\FireTrust
2008-11-30 00:34 --------- d-----w c:\program files\FIFA09
2008-11-30 00:33 --------- d-----w c:\program files\EZ Boosters
2008-11-30 00:32 --------- d-----w c:\program files\EA Sports
2008-11-30 00:32 --------- d-----w c:\program files\EA GAMES
2008-11-30 00:32 --------- d-----w c:\program files\DVDVideoSoft
2008-11-30 00:32 --------- d-----w c:\program files\dvdSanta
2008-11-30 00:32 --------- d-----w c:\program files\DNA
2008-11-30 00:31 --------- d-----w c:\program files\Disney Interactive
2008-11-30 00:31 --------- d-----w c:\program files\Digital Line Detect
2008-11-30 00:31 --------- d-----w c:\program files\Desktop Graffitist
2008-11-30 00:31 --------- d-----w c:\program files\Dell Support Center
2008-11-30 00:30 --------- d-----w c:\program files\Dell
2008-11-30 00:30 --------- d-----w c:\program files\DAMN NFO Viewer
2008-11-30 00:30 --------- d-----w c:\program files\DAEMON Tools Lite
2008-11-30 00:30 --------- d-----w c:\program files\CyberLink
2008-11-30 00:30 --------- d-----w c:\program files\Creative Live! Cam
2008-11-30 00:30 --------- d-----w c:\program files\Creative
2008-11-30 00:28 --------- d-----w c:\program files\Belgacom
2008-11-30 00:28 --------- d-----w c:\program files\Apple Software Update
2008-11-30 00:28 --------- d-----w c:\program files\Alwil Software
2008-11-30 00:28 --------- d-----w c:\program files\Activision
2008-11-30 00:27 --------- d-----w c:\program files\Accessories
2008-10-26 11:03 59,488 ----a-w c:\windows\System32\GenSvcInst.exe
2008-10-26 11:03 145,504 ----a-w c:\windows\System32\bgsvcgen.exe
2008-09-30 15:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-18 00:40 42,320 ----a-w c:\windows\System32\xfcodec.dll
2008-09-02 15:06 24 ----a-w c:\users\Sofian\jagex_runescape_preferences.dat
2008-05-18 09:28 0 ----a-w c:\users\Sofian\AppData\Roaming\wklnhst.dat
2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2008-04-15 23:28 76 --sha-w c:\windows\CT4CET.bin
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\voipbuster.exe" [2008-11-24 9017648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"DeStatusMon"="c:\program files\Dell\MFP_DELL\deDvcStatus.exe" [2007-06-28 286720]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136]
"MSConfig"="c:\windows\System32\msconfig.exe" [2006-11-02 222208]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-03-12 79400]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"WebcamMaxMoniter"="c:\program files\WebcamMax\wcmmon.exe" [2007-09-16 450048]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2007-03-21 478800]
c:\users\Sofian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.4 .lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-04-16 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-09-07 1180952]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-991331777-2378318461-4560006-1000]
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"UDP Query User{5CC58DDD-6000-4FB3-A854-7241EBE4C5CB}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= TCP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:TP_Win32
"TCP Query User{54834E1A-4F46-47D1-91AA-6AFB388A49A3}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= UDP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:TP_Win32
"UDP Query User{A3111D06-F8A6-4033-9D01-E0865EAEB4D9}c:\\program files\\valve\\counter-strike source\\hl2.exe"= TCP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"TCP Query User{9293FB58-0420-4115-A49E-A2976C1B3564}c:\\program files\\valve\\counter-strike source\\hl2.exe"= UDP:c:\program files\valve\counter-strike source\hl2.exe:hl2
"{D346D765-9524-49F4-BDED-DDB16AE73879}"= TCP:c:\windows\System32\mqsvc.exe:Message Queuing
"{45A90E50-5152-4959-8E7F-7E7EF4F7424A}"= UDP:c:\windows\System32\mqsvc.exe:Message Queuing
"{1D9069E9-375D-44A0-9CC2-400255F8CE78}"= TCP:c:\windows\System32\mqsvc.exe:Message Queuing
"{63477523-E780-4425-82C0-55FFAA497F10}"= UDP:c:\windows\System32\mqsvc.exe:Message Queuing
"UDP Query User{1C7BFDF9-B75E-43EC-B6BB-E8A9D0B7D71D}c:\\program files\\dna\\btdna.exe"= TCP:c:\program files\dna\btdna.exe:DNA
"TCP Query User{3CA1B8DB-15AF-4500-8464-89652E56CCDD}c:\\program files\\dna\\btdna.exe"= UDP:c:\program files\dna\btdna.exe:DNA
"{ED40C921-0241-41BA-9728-57E557C93C9E}"= TCP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{D2FCE9FF-BA9C-4637-81C6-5E482A64F5AE}"= UDP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{6B4496AF-FC00-4791-BFBA-2A8BBB254869}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"UDP Query User{E5B9A067-7D56-4164-962D-4FC016F75802}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{FFE6709D-E020-4886-8070-432D9ADD0FAE}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{3245B40A-F081-4386-8E3A-2289A2C6614F}c:\\program files\\counter-strike 1.6\\hlds.exe"= TCP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
"TCP Query User{C96B2973-710E-48B9-A8F9-B91A6F5DCC36}c:\\program files\\counter-strike 1.6\\hlds.exe"= UDP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher
"UDP Query User{E51EBB21-CF5E-4D83-9AA2-2D8C282E9AC6}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"TCP Query User{3656B3D5-B7C1-45B2-998F-56B20C9E9581}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{2879B1FB-70EE-47C4-8654-8A1DC1DF0DFD}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"TCP Query User{9A526FB3-485C-4E94-B333-92CE71217FED}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{514D414F-BEC6-4BEF-9EE9-7E68D1A05CEF}c:\\users\\sofian\\appdata\\roaming\\mozilla\\firefox\\profiles\\yo9qwklf.default\\extensions\\solidstateion@solidstatenetworks.com\\plugins\\solidnm.exe"= TCP:c:\users\sofian\appdata\roaming\mozilla\firefox\profiles\yo9qwklf.default\extensions\solidstateion@solidstatenetworks.com\plugins\solidnm.exe:solidnm.exe
"TCP Query User{55A58C11-6386-4375-88C1-005F988E9E3D}c:\\users\\sofian\\appdata\\roaming\\mozilla\\firefox\\profiles\\yo9qwklf.default\\extensions\\solidstateion@solidstatenetworks.com\\plugins\\solidnm.exe"= UDP:c:\users\sofian\appdata\roaming\mozilla\firefox\profiles\yo9qwklf.default\extensions\solidstateion@solidstatenetworks.com\plugins\solidnm.exe:solidnm.exe
"UDP Query User{8CF5866F-A838-4FB1-A9C1-8938F237C422}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{989B7C13-1290-44EF-9FBC-842CA0D14D81}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{A5EB80E9-95C2-46DA-A037-73A2764FAC35}c:\\program files\\fifa09\\fifa09.exe"= TCP:c:\program files\fifa09\fifa09.exe:FIFA09
"TCP Query User{FD7024AD-BD7F-4F6E-9614-16B288759DAC}c:\\program files\\fifa09\\fifa09.exe"= UDP:c:\program files\fifa09\fifa09.exe:FIFA09
"{238E3750-1BF9-4C39-91C5-2FE52CB02AB9}"= TCP:c:\users\Sofian\AppData\Local\Temp\IXP000.TMP\pes2009.exe:Pro Evolution Soccer 2009
"{2D0DFF56-FE02-46CA-B338-8A03C162B8CD}"= UDP:c:\users\Sofian\AppData\Local\Temp\IXP000.TMP\pes2009.exe:Pro Evolution Soccer 2009
"{5A873637-D304-44AD-B6B7-D92CAC9CB7A7}"= TCP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{71F6CAC2-2793-4B81-9419-D0E6CDE27018}"= UDP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"UDP Query User{3BA73912-EFBC-445F-9FED-48D4C32F0E70}c:\\users\\sofian\\program files\\dna\\btdna.exe"= TCP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"TCP Query User{B16AEDBA-9399-48CB-9528-0E76A6C6EBAB}c:\\users\\sofian\\program files\\dna\\btdna.exe"= UDP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"UDP Query User{56B32E8E-6D7C-4E4D-BEAA-4143D683FA87}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{7C790108-0887-4C66-AAA4-242BC76667BC}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"{FB7012F6-A0C8-4829-841C-5485A6D7DD44}"= UDP:443:Utorrent
"UDP Query User{4BA4EECA-D8F9-4C97-B7B4-0EA7AEFDB223}c:\\users\\sofian\\program files\\dna\\btdna.exe"= TCP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"TCP Query User{961E0236-D718-46B2-A522-505DBFF4766D}c:\\users\\sofian\\program files\\dna\\btdna.exe"= UDP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe
"UDP Query User{0C2368A4-D8F1-4A43-9E5A-720E391B0D21}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{2EBC57E7-8E14-4963-84BC-D5B70D7B3084}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{CC6F7951-1541-4A49-B98E-6908AD7BC79B}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{657A9266-4CFF-48EC-841D-F69665BBED93}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{6BFA36F6-AD9B-49D6-B501-B2A139A00C84}c:\\program files\\rockstar games\\gta san andreas\\samp server\\samp-server.exe"= TCP:c:\program files\rockstar games\gta san andreas\samp server\samp-server.exe:samp-server
"TCP Query User{D8D696A3-E7E5-469F-B882-07C23402EDDF}c:\\program files\\rockstar games\\gta san andreas\\samp server\\samp-server.exe"= UDP:c:\program files\rockstar games\gta san andreas\samp server\samp-server.exe:samp-server
"UDP Query User{AC851BC4-9C86-4F06-8029-6C6050F73632}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{160A1F8E-75C0-4671-B13D-59C5ABD16251}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{D29620AC-3F93-49AA-B939-DFDCF0B35107}c:\\program files\\voipbuster.com\\voipbuster\\voipbuster.exe"= TCP:c:\program files\voipbuster.com\voipbuster\voipbuster.exe:Client to make VoIP calls.
"TCP Query User{2F1BC6CC-18FB-4243-87D2-2C9B93CAEAFF}c:\\program files\\voipbuster.com\\voipbuster\\voipbuster.exe"= UDP:c:\program files\voipbuster.com\voipbuster\voipbuster.exe:Client to make VoIP calls.
"UDP Query User{474CF4C1-C100-466E-B971-BD205B60E352}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.814\\gtarumbleserver.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex00.814\gtarumbleserver.exe:gtarumbleserver.exe
"TCP Query User{94D1A7BD-96D7-4473-8B89-8A4238224449}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.814\\gtarumbleserver.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex00.814\gtarumbleserver.exe:gtarumbleserver.exe
"UDP Query User{646FBDC6-C40B-444A-B597-427E6A6E7A80}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{A83BBA09-E270-48AB-879E-DE2A1FBD94E4}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"{59D77588-33BF-4B97-B10A-4897EB53AFE0}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{803E39F7-78B8-4684-99C0-0C2CB8BD4CFC}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"UDP Query User{21CC4C73-8569-45EE-997D-124B256FAAEA}c:\\users\\sofian\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= Disabled:TCP:c:\users\sofian\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"TCP Query User{22196733-FEDE-4DA5-83FC-DACF7CC96061}c:\\users\\sofian\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\sofian\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"UDP Query User{DEC548EE-2047-4C50-8BFF-CDAC46870652}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex35.8289\\patch.exe"= Disabled:TCP:c:\users\sofian\appdata\local\temp\rar$ex35.8289\patch.exe:patch.exe
"TCP Query User{3614CF16-7F8A-4004-8E05-3F400E4B5E3E}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex35.8289\\patch.exe"= Disabled:UDP:c:\users\sofian\appdata\local\temp\rar$ex35.8289\patch.exe:patch.exe
"UDP Query User{F18437DC-9F41-4383-9AD6-C1A60988DDCC}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex13.6771\\patch.exe"= Disabled:TCP:c:\users\sofian\appdata\local\temp\rar$ex13.6771\patch.exe:patch.exe
"TCP Query User{224A609B-63B2-467B-912D-A681AE74AD6E}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex13.6771\\patch.exe"= Disabled:UDP:c:\users\sofian\appdata\local\temp\rar$ex13.6771\patch.exe:patch.exe
"UDP Query User{C0E29B39-C25C-4FEF-A656-39E7F33E74BD}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"TCP Query User{8437116C-045A-4735-BA3A-C780755848AF}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{8CE7B374-7E44-412D-B4E4-D6AA7886F43F}c:\\program files\\mta san andreas\\server\\mta server.exe"= TCP:c:\program files\mta san andreas\server\mta server.exe:MTA Server
"TCP Query User{B36A7935-97DA-4F7A-AB71-CDBCFECAF281}c:\\program files\\mta san andreas\\server\\mta server.exe"= UDP:c:\program files\mta san andreas\server\mta server.exe:MTA Server
"{F2923331-22E1-4E05-8FD4-EED852780340}"= TCP:c:\program files\Hide IP Platinum\hideippla.exe:Hide IP Platinum
"{A645F9A2-9908-4313-8B14-70924656A8B9}"= UDP:c:\program files\Hide IP Platinum\hideippla.exe:Hide IP Platinum
"UDP Query User{324774FA-B894-4D94-962F-0FA0D38BCBBE}c:\\program files\\ea sports\\fifa 08\\fifa08.exe"= TCP:c:\program files\ea sports\fifa 08\fifa08.exe:FIFA08
"TCP Query User{0103AA03-8BA7-4D39-99CA-4EB76E0F2FDB}c:\\program files\\ea sports\\fifa 08\\fifa08.exe"= UDP:c:\program files\ea sports\fifa 08\fifa08.exe:FIFA08
"UDP Query User{D591E3CB-061E-47F3-A798-60851B935FFC}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{D8034389-8DA4-4336-9F4F-05DC5D6D933C}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{27CA4F2C-F4A8-4CCB-B37A-58D91CDA187B}c:\\windows\\system32\\zonelabs\\vsmon.exe"= TCP:c:\windows\system32\zonelabs\vsmon.exe:TrueVector Service
"TCP Query User{09B71C24-C278-4CEE-A07D-A85FAC53D66F}c:\\windows\\system32\\zonelabs\\vsmon.exe"= UDP:c:\windows\system32\zonelabs\vsmon.exe:TrueVector Service
"{A694356B-DCE6-46B4-81C9-7F1BF6E8D0BD}"= TCP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"{D6E0B432-B38F-4604-9C66-E8DBD0D26D85}"= UDP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"UDP Query User{081DF3A1-A737-4B1A-8E2F-3ED3191946D9}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{74E35358-40CC-48B1-8254-B8B0DE21EC20}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{9E78BC5B-6B79-4A83-B420-F4FFC1C824B9}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{3A67AA1E-2903-46CF-AFB3-13EDE809CC1C}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{3E3F2425-7523-4869-BF0B-948EE453792B}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{1E068C53-2CF4-45B3-B8D6-D5D2C758CC47}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{A60A5777-3712-4781-909A-E562EC13F6AB}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{1850859D-E62C-4D16-A780-4968346CA9C4}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"UDP Query User{E7EDA855-37AB-4B36-8022-BACE3FC8ADA0}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= TCP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:tp_win32
"TCP Query User{B233138C-50A1-4A52-A313-9863D95F0E53}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= UDP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:tp_win32
"{44532AF2-7C13-40D8-9DD2-BD9B00FAC573}"= TCP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"{CD223108-C909-4C5F-A619-812D6AD86666}"= UDP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"{9AC21C58-6565-4B09-A236-1C6E53E234D8}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{11B576E1-B887-47A7-A55D-9EDD18EFE2C6}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{F8E3F7D3-F590-4016-9007-3EAE21EAA446}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{369C3E79-E41A-44B4-A978-2B93CFF0CE3C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DDB069C9-E320-4264-9A6D-6EC50BF098F3}"= TCP:c:\users\Sofian\Program Files\uTorrent\uTorrent.exe:µTorrent
"{3522FAAA-E7CC-4D52-8A11-379115C6D72E}"= UDP:c:\users\Sofian\Program Files\uTorrent\uTorrent.exe:µTorrent
"{C54D7D3B-57AF-4522-89AA-159E577773D0}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{3DB6E3AB-1D74-4F00-A772-795E4A26D6D8}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{3CABAA43-9F86-4D02-AB76-8FE8F562D6AD}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{D874EB75-B187-4F66-9E24-8BDB71152578}"= c:\program files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect
"{B47A655A-053C-4B47-BC89-646ACA1D9DF1}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{149CA782-81E2-49E4-B14A-D23BCA105DAC}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{AEC7333B-4641-4907-A68C-64304FC929E1}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{6F77D1F2-B3BB-40F5-B0CC-1A129BBEBB37}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{98FAEA70-FFDF-4465-9FED-0D9E424E96CC}c:\\program files\\rainbow six vegas\\binaries\\r6vegas2_game.exe"= UDP:c:\program files\rainbow six vegas\binaries\r6vegas2_game.exe:R6Vegas2_Game
"UDP Query User{06AF7056-339E-4B4B-ACED-28D9AED1B00A}c:\\program files\\rainbow six vegas\\binaries\\r6vegas2_game.exe"= TCP:c:\program files\rainbow six vegas\binaries\r6vegas2_game.exe:R6Vegas2_Game
"{A72FA228-4027-4C09-9E5D-16CCCADDE895}"= UDP:27015:cs
"{6F58EE41-EE56-466A-811E-B91231C6B098}"= TCP:27015:cs2
"TCP Query User{89D619DA-8462-47D2-B87A-F65465542D13}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{81D927CC-9991-4D31-BA21-F5D597770B4C}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{CF28231D-A4AB-4EC6-A8A1-3435FEDA5975}c:\\program files\\free download manager\\fdm.exe"= UDP:c:\program files\free download manager\fdm.exe:Free Download Manager
"UDP Query User{467F41AF-99A6-455D-B1B2-CE2308C3AE3D}c:\\program files\\free download manager\\fdm.exe"= TCP:c:\program files\free download manager\fdm.exe:Free Download Manager
"TCP Query User{8A7D27FA-DA13-49A0-A28C-6CEA99A48ED0}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= UDP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"UDP Query User{1AFCE24B-B976-41BB-8277-5EF44F459ADD}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= TCP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"TCP Query User{B8B3C1A0-DAAC-4EE9-A6F9-64EAF9419DE5}c:\\program files\\midnight club 2\\mc2.exe"= UDP:c:\program files\midnight club 2\mc2.exe:mc2
"UDP Query User{6A29C6CE-3831-4646-B400-5F783BCAEACD}c:\\program files\\midnight club 2\\mc2.exe"= TCP:c:\program files\midnight club 2\mc2.exe:mc2
"{B9BC18A5-EFE4-46EB-AC93-72A2B6F801D7}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Configurable\System]
"Rip-Listener-1"= TCP:520|%SystemRoot%\System32\svchost.exe|Svc=iprip:@iprip.dll,-200|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
"SNMP-1"= TCP:%SystemRoot%\system32\snmp.exe|Svc=SNMP:@%SystemRoot%\system32\snmp.exe,-5|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-30 111184]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2008-04-16 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-30 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2008-11-30 51792]
R2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\CamthWDM.sys [2008-11-30 935936]
R2 deMntrService;Dell AIO Center Service;"c:\program files\Dell\MFP_DELL\deMntrService.exe" [2007-06-28 131072]
R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe /service /p belgacom []
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-11-30 111616]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\system32\DRIVERS\OEM02Dev.sys [2008-11-30 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\system32\DRIVERS\OEM02Vfx.sys [2008-11-30 7424]
S3 DESVUSB;Dell service driver;c:\windows\system32\DRIVERS\desrvusb.sys [2008-11-30 17536]
S3 WMSvc;Web Management-service;c:\windows\system32\inetsrv\wmsvc.exe [2006-11-02 10752]
S4 Anyplace Control Security;Anyplace Control Security;c:\windows\svcadmin.exe /service [2008-04-24 104960]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LPDService REG_MULTI_SZ LPDSVC
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
bthsvcs REG_MULTI_SZ BthServ
.
Inhoud van de 'Gedeelde Taken' map
2008-12-09 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-02-29 14:24]
.
- - - - ORPHANS VERWIJDERD - - - -
MSConfigStartUp-MSSMSGS - winlft32.rom
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/ig/dell?hl=nl&client=dell-row&channel=be&ibd=0080416
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
c:\windows\Downloaded Program Files\sysreqlab_srl.dll - O16 -: {1E54D648-B804-468d-BC78-4AFFED8E262E}
hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab
c:\windows\Downloaded Program Files\sysreqlab.osd
c:\windows\Downloaded Program Files\GoPetsWeb.ocx - O16 -: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8}
hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
c:\windows\Downloaded Program Files\GoPetsWeb.inf
FireFox -: Profile - c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - about:blank
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-09 17:59:24
Windows 6.0.6000 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
c:\windows\TEMP\TMP00000044F88D48E8718CB0EC
Scan succesvol afgerond
verborgen bestanden: 1
**************************************************************************
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\System32\bgsvcgen.exe
c:\windows\System32\CISVC.EXE
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\windows\System32\PSIService.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\System32\TCPSVCS.EXE
c:\windows\System32\snmp.exe
c:\program files\Belgacom\bin\sprtsvc.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\System32\drivers\XAudio.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\System32\conime.exe
c:\windows\System32\igfxsrvc.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\OpenOffice.org 2.4\program\soffice.exe
c:\windows\ehome\ehmsas.exe
c:\program files\OpenOffice.org 2.4\program\soffice.bin
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\WIDCOMM\Bluetooth Software\BTStackServer.exe
c:\program files\DellTPad\hidfind.exe
c:\program files\DellTPad\ApntEx.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Voltooingstijd: 2008-12-09 18:03:39 - machine werd herstart
ComboFix-quarantined-files.txt 2008-12-09 17:03:35
Pre-Run: 98.489.737.216 bytes beschikbaar
Post-Run: 98,407,874,560 bytes beschikbaar
495
-
Nou ja de computer was traag en ik krijg steeds de melding dat een programma niet wilt uitgevoerd worden. Ik heb het weggevinkt bij MSconfig wat het is een virus MSSMGS ofziets. Maar het blijft nog komen.
-
nog bedankt hoor
-
Het MBAM Logje
Malwarebytes' Anti-Malware 1.31
Database versie: 1477
Windows 6.0.6000
9/12/2008 12:22:43
mbam-log-2008-12-09 (12-22-43).txt
Scan type: Snelle Scan
Objecten gescand: 46682
Verstreken tijd: 3 minute(s), 37 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 14
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 8
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
C:\Windows\System32\c.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\System32\m.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\System32\p.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\System32\s.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Sofian\Favorites\Free MP3 Search.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Users\Sofian\Favorites\Free ****.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Users\Sofian\Favorites\Search Online.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Users\Sofian\Favorites\VIP Casino.url (Rogue.Link) -> Quarantined and deleted successfully.
HJT-Logje
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:24:46, on 9/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\WebcamMax\wcmmon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [DeStatusMon] "C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 2.4 .lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209149147425
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1209149996026
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://gameadvisor.futuremark.com/global/msc3121.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\system32\bgsvcgen.exe
O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 11950 bytes
-
Goeiendag,
Als ik mijn windows media player open en ik wil dat MSN-Messenger mijn muziek laat zien. Moet ik eerst bij MSN aanduiden dat ze men muziek mogen zien. En dan moet ik de invoegtoepassingen inschakelen. Maar nu vind ik die invoegtoepassing niet meer. Ik gebruik Windows Media Player 11
Dank u
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:26:42, on 8/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\WebcamMax\wcmmon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [DeStatusMon] "C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 2.4 .lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://assets.wrts.nl (HKLM)
O15 - Trusted Zone: Wrts (HKLM)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209149147425
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1209149996026
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://gameadvisor.futuremark.com/global/msc3121.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\system32\bgsvcgen.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12221 bytes
Dank je
-
Ik probeer sinds laast sp1 te downloaden en te installeren.
Als ik aan het installeren ben komt er deze error: Foutcode 80070005
Dank u
[OPGELOST] Hijackthis Logje
in Archief Bestrijding malware & virussen
Geplaatst:
Goeiendag,
Toen ik vandaag mijn computer opstarte was hij ineens heel traag. Misschien zal een HJT-logje het wel oplossen.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:22:54, on 4/07/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Games Fusion - PC Cheats, Saved Games, Trailers, Demos and Patches
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: 5.10.237.199 pes09pcgate-e.winning-eleven.net
O1 - Hosts: 5.10.237.199 pes2009web.winning-eleven.net
O1 - Hosts: localhost pes7stun-e.winning-eleven.net
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [DeStatusMon] "C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Netlog Music Tool] "C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe"
O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted IP range: http://192.168.0.1
O15 - ESC Trusted IP range: http://192.168.0.1
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209149147425
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1209149996026
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - http://gameadvisor.futuremark.com/global/msc3121.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 13469 bytes