sofianmaster

4 juli 2009

Goeiendag,

Toen ik vandaag mijn computer opstarte was hij ineens heel traag. Misschien zal een HJT-logje het wel oplossen.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:22:54, on 4/07/2009

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\OEM02Mon.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe

C:\Program Files\Dell\MediaDirect\PCMService.exe

C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe

C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Windows\ehome\ehmsas.exe

c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Windows\system32\conime.exe

C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Games Fusion - PC Cheats, Saved Games, Trailers, Demos and Patches

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O1 - Hosts: 5.10.237.199 pes09pcgate-e.winning-eleven.net

O1 - Hosts: 5.10.237.199 pes2009web.winning-eleven.net

O1 - Hosts: localhost pes7stun-e.winning-eleven.net

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe

O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe

O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [DeStatusMon] "C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe" dvcStatusMinimize

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"

O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"

O4 - HKCU\..\Run: [Netlog Music Tool] "C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe"

O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe

O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O15 - Trusted IP range: http://192.168.0.1

O15 - ESC Trusted IP range: http://192.168.0.1

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209149147425

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1209149996026

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - http://gameadvisor.futuremark.com/global/msc3121.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe

O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe

O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 13469 bytes

28 maart 2009

Goedendag,

Ik spreek al maanden met mijn vriend op voipbuster. Van PC naar PC

Nu spreek ik met hem en iemand anders tesamen op MSN tegelijk.

Na een week, als ik met hen allebei wil spreken. 1 via voipbuster en 1 via msn.

Blokkeert msn en voipbuster en sluiten ze af.

Waarom zou ik niet meer spreken met hen allebei.

Dank u

24 maart 2009

Bedankt kweezie wabbit. Het werkt.

Slotje

23 maart 2009

Goeiendag,

Ik heb op mijn computer in de map "opstarten" een programma toegevoegd.

Nou als ik bij dat kleine programma op minimaliseren druk, gaat het in tray.

Hoe zou ik Windows configureren dat het programma automatisch opstart en naar tray gaat.

Dank u

1 februari 2009

Weer een dubbel post

1 februari 2009

Hier is het logje dan

ComboFix 09-01-31.01 - Sofian 2009-02-01 14:09:01.4 - NTFSx86 NETWORK

Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.2037.1469 [GMT 1:00]

Gestart vanuit: c:\users\Sofian\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Sofian\Desktop\CFScript.txt

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-01-01 to 2009-02-01 ))))))))))))))))))))))))))))))

.

2009-01-31 23:56 . 2008-11-26 18:17 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys

2009-01-31 14:42 . 2009-01-31 14:42 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2009-01-31 14:42 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys

2009-01-31 14:42 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys

2009-01-30 23:41 . 2009-01-30 23:41 <DIR> d-------- c:\program files\Gabest

2009-01-28 21:47 . 2009-01-28 21:47 45 --a------ c:\windows\System32\initdebug.nfo

2009-01-28 18:38 . 2009-01-28 18:41 <DIR> d-------- c:\program files\DivX

2009-01-26 19:08 . 2009-01-26 19:08 <DIR> d-------- c:\program files\Xvid(120)

2009-01-26 18:50 . 2009-01-26 18:50 <DIR> d-------- c:\users\Sofian\AppData\Roaming\BSplayer Pro

2009-01-26 18:50 . 2009-01-26 18:54 <DIR> d-------- c:\users\Sofian\AppData\Roaming\BSplayer

2009-01-26 18:50 . 2009-01-26 18:50 <DIR> d-------- c:\program files\Webteh

2009-01-24 16:40 . 2009-01-24 16:54 <DIR> d-------- c:\program files\AC3Filter

2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\users\Sofian\AppData\Roaming\River Past G5

2009-01-24 16:35 . 2009-01-24 16:47 <DIR> d-------- c:\users\All Users\River Past G5

2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\program files\River Past

2009-01-24 16:35 . 2009-01-24 16:35 <DIR> d-------- c:\program files\Common Files\River Past

2009-01-24 16:35 . 2009-01-24 16:47 <DIR> d-------- c:\progra~2\River Past G5

2009-01-24 16:35 . 2009-01-24 16:35 163,250 --a------ c:\windows\Audio Converter Pro Uninstaller.exe

2009-01-24 16:30 . 2009-01-24 16:32 <DIR> d-------- c:\program files\DoremiSoft

2009-01-24 16:25 . 2009-01-24 16:27 150 --a------ c:\windows\videotoaudio.ini

2009-01-24 16:24 . 2009-01-24 16:24 <DIR> d-------- c:\program files\Crystal Software

2009-01-24 16:24 . 2009-01-24 16:27 5 --a------ c:\windows\System32\SySatw.dat

2009-01-24 16:22 . 2004-12-07 10:11 258,352 --a------ c:\windows\System32\Unicows.dll

2009-01-24 15:28 . 2009-01-04 12:35 31,232 --a------ c:\windows\system\vdremote.dll

2009-01-24 15:28 . 2009-01-04 12:35 25,088 --a------ c:\windows\system\vdsvrlnk.dll

2009-01-24 00:14 . 2006-10-26 19:56 32,592 --a------ c:\windows\System32\msonpmon.dll

2009-01-24 00:01 . 2009-01-27 21:53 <DIR> d-------- c:\users\All Users\Microsoft Help

2009-01-24 00:01 . 2009-01-27 21:53 <DIR> d-------- c:\progra~2\Microsoft Help

2009-01-23 23:57 . 2009-01-23 23:57 <DIR> d-------- c:\users\Sofian\AppData\Roaming\DAEMON Tools Lite

2009-01-23 23:36 . 2006-11-02 10:39 15,821,312 --a------ c:\windows\System32\imageres.dll

2009-01-23 22:30 . 2009-01-24 17:55 <DIR> d-------- c:\users\Sofian\AppData\Roaming\vlc

2009-01-23 22:23 . 2009-01-23 22:24 <DIR> d-------- c:\users\Sofian\AppData\Roaming\MozillaControl

2009-01-23 22:23 . 2009-01-23 22:23 <DIR> d-------- c:\users\All Users\Graboid Inc

2009-01-23 22:23 . 2009-01-23 22:23 <DIR> d-------- c:\progra~2\Graboid Inc

2009-01-23 22:22 . 2009-01-23 22:30 <DIR> d-------- c:\program files\Graboid

2009-01-22 19:11 . 2009-01-22 19:11 <DIR> d-------- c:\users\All Users\TechSmith

2009-01-22 19:11 . 2009-01-22 19:11 <DIR> d-------- c:\progra~2\TechSmith

2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\windows\System32\QuickTime

2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\program files\TechSmith

2009-01-22 19:08 . 2009-01-22 19:08 <DIR> d-------- c:\program files\Common Files\TechSmith Shared

2009-01-22 19:08 . 2008-07-10 14:56 107,864 --a------ c:\windows\System32\tsccvid.dll

2009-01-20 19:57 . 2009-01-20 20:46 <DIR> d-------- c:\users\Sofian\AppData\Roaming\SmartDraw

2009-01-19 21:34 . 2009-01-20 19:13 <DIR> d-------- c:\program files\Linguistic Systems

2009-01-18 19:25 . 2009-01-30 23:18 21,840 --a----t- c:\windows\System32\SIntfNT.dll

2009-01-18 19:25 . 2009-01-30 23:18 17,212 --a----t- c:\windows\System32\SIntf32.dll

2009-01-18 19:25 . 2009-01-30 23:18 12,067 --a----t- c:\windows\System32\SIntf16.dll

2009-01-18 17:08 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll

2009-01-18 17:08 . 2006-11-29 13:06 440,080 --a------ c:\windows\System32\d3dx10.dll

2009-01-18 17:08 . 2006-12-08 12:02 251,672 --a------ c:\windows\System32\xactengine2_5.dll

2009-01-18 00:25 . 2009-01-18 00:25 <DIR> d-------- c:\program files\Paint.NET

2009-01-16 18:54 . 2009-01-16 20:42 <DIR> d-------- c:\program files\Counter-Strike Source

2009-01-11 13:47 . 2009-01-11 13:54 <DIR> d-------- c:\users\Sofian\AppData\Roaming\RegTool

2009-01-02 21:42 . 2009-01-02 21:42 <DIR> d-------- c:\program files\GameSpy3D

2009-01-01 15:24 . 2009-01-01 15:24 103,736 --a------ c:\windows\System32\PnkBstrB.exe

2009-01-01 15:24 . 2009-01-01 15:24 22,328 --a------ c:\windows\System32\drivers\PnkBstrK.sys

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-31 10:15 --------- d-----w c:\program files\Midnight Club 2

2009-01-30 22:44 --------- d-----w c:\program files\ffdshow

2009-01-30 19:23 --------- d-----w c:\users\Sofian\AppData\Roaming\Hamachi

2009-01-27 22:47 --------- d-----w c:\users\Sofian\AppData\Roaming\uTorrent

2009-01-27 21:11 --------- d-----w c:\program files\dvdSanta

2009-01-27 20:52 --------- d-----w c:\program files\Microsoft Works

2009-01-27 20:49 --------- d-----w c:\program files\MSBuild

2009-01-27 17:36 --------- d-----w c:\program files\Xvid

2009-01-27 17:36 --------- d-----w c:\program files\WarRock

2009-01-27 17:36 --------- d-----w c:\program files\Sigmatel

2009-01-27 17:25 --------- d-----w c:\users\Sofian\AppData\Roaming\LimeWire

2009-01-27 17:23 --------- d-----w c:\program files\Java

2009-01-27 17:22 --------- d--h--w c:\program files\InstallShield Installation Information

2009-01-27 17:07 --------- d-----w c:\program files\Intel

2009-01-27 16:01 --------- d-----w c:\program files\Dell

2009-01-24 19:45 --------- d-----w c:\program files\Pegasys Inc

2009-01-20 20:04 3,036 --sha-w c:\windows\System32\KGyGaAvL.sys

2009-01-20 20:04 --------- d-----w c:\users\Sofian\AppData\Roaming\Corel

2009-01-20 16:14 --------- d-----w c:\users\Sofian\AppData\Roaming\Pegasys Inc

2009-01-18 18:26 --------- d-----w c:\program files\Disney Interactive

2009-01-18 16:27 --------- d-----w c:\program files\Activision

2009-01-18 16:09 --------- d-----w c:\users\Sofian\AppData\Roaming\Activision

2009-01-18 16:09 --------- d-----w c:\progra~2\Activision

2009-01-18 12:49 --------- d-----w c:\program files\Steam

2009-01-18 12:47 --------- d-----w c:\program files\Common Files\Steam

2009-01-16 16:02 --------- d-----w c:\program files\Counter-Strike 1.6

2009-01-09 17:24 --------- d-----w c:\users\Sofian\AppData\Roaming\MailWasherPro

2009-01-07 21:18 --------- d-----w c:\program files\CCleaner

2009-01-07 18:10 --------- d-----w c:\program files\Mozilla Thunderbird

2009-01-04 17:45 --------- d-----w c:\progra~2\Roxio

2009-01-01 14:24 66,872 ----a-w c:\windows\System32\PnkBstrA.exe

2008-12-31 18:54 --------- d-----w c:\program files\StuffPlug3

2008-12-28 15:57 --------- d-----w c:\program files\Live For Speed

2008-12-27 19:07 --------- d-----w c:\users\Sofian\AppData\Roaming\OpenOffice.org

2008-12-26 12:57 98,304 ----a-w c:\windows\System32\CmdLineExt.dll

2008-12-26 12:54 --------- d-----w c:\program files\Empire Interactive

2008-12-25 17:20 --------- d-----w c:\program files\AlerteGPS

2008-12-24 17:15 --------- d-----w c:\program files\SWAT 4

2008-12-24 10:30 --------- d-----w c:\program files\OpenOffice.org 3

2008-12-24 10:30 --------- d-----w c:\program files\JRE

2008-12-24 10:14 --------- d-----w c:\program files\Common Files\Java

2008-12-24 10:13 --------- d-----w c:\users\Sofian\AppData\Roaming\OpenOffice.org2

2008-12-18 11:38 --------- d-----w c:\program files\PES 2009

2008-12-17 17:22 444,952 ----a-w c:\windows\System32\wrap_oal.dll

2008-12-17 17:22 109,080 ----a-w c:\windows\System32\OpenAL32.dll

2008-12-17 15:02 --------- d-----w c:\program files\Codemasters

2008-12-17 12:06 --------- d-----w c:\progra~2\Codemasters

2008-12-16 21:14 --------- d-----w c:\program files\Common Files\Wise Installation Wizard

2008-12-16 21:07 --------- d-----w c:\program files\Cool Beans NFO Creator

2008-12-16 21:03 --------- d-----w c:\program files\OpenAL

2008-12-14 18:11 --------- d-----w c:\users\Sofian\AppData\Roaming\Webcammax

2008-12-14 18:00 --------- d-----w c:\progra~2\Yahoo!

2008-12-14 17:59 --------- d-----w c:\users\Sofian\AppData\Roaming\Yahoo!

2008-12-14 17:59 --------- d-----w c:\program files\Yahoo!

2008-12-14 17:59 --------- d-----w c:\progra~2\Yahoo! Companion

2008-12-11 20:54 --------- d-----w c:\program files\LimeWire

2008-12-11 19:52 --------- d-----w c:\program files\RegCure

2008-12-10 21:29 73,216 ----a-w c:\windows\System32\msiexec.exe

2008-12-10 21:29 332,800 ----a-w c:\windows\System32\msihnd.dll

2008-12-10 21:29 2,560 ----a-w c:\windows\System32\msimsg.dll

2008-12-10 21:29 2,252,288 ----a-w c:\windows\System32\msi.dll

2008-12-10 12:36 --------- d-----w c:\program files\Common Files\Futuremark Shared

2008-12-10 11:32 --------- d-----w c:\users\Sofian\AppData\Roaming\SystemRequirementsLab

2008-12-09 21:47 --------- d-----w c:\users\Sofian\AppData\Roaming\Desktopicon

2008-12-09 21:34 410,984 ----a-w c:\windows\System32\deploytk.dll

2008-12-09 21:27 --------- d-----w c:\progra~2\Spybot - Search & Destroy

2008-12-08 19:05 73,216 ----a-w c:\windows\ST6UNST.EXE

2008-12-08 19:05 249,856 ------w c:\windows\Setup1.exe

2008-12-08 19:05 --------- d-----w c:\program files\vbNFSMWMegaTrainer

2008-12-05 16:44 --------- d-----w c:\program files\Electronic Arts

2008-11-30 14:46 22,328 ----a-w c:\users\Sofian\AppData\Roaming\PnkBstrK.sys

2008-11-30 08:39 51,224 ----a-w c:\windows\System32\wuauclt.exe

2008-11-30 08:39 43,544 ----a-w c:\windows\System32\wups2.dll

2008-11-30 08:39 1,809,944 ----a-w c:\windows\System32\wuaueng.dll

2008-11-30 08:39 1,524,736 ----a-w c:\windows\System32\wucltux.dll

2008-11-30 08:38 83,456 ----a-w c:\windows\System32\wudriver.dll

2008-11-30 08:38 561,688 ----a-w c:\windows\System32\wuapi.dll

2008-11-30 08:38 34,328 ----a-w c:\windows\System32\wups.dll

2008-11-30 08:38 31,232 ----a-w c:\windows\System32\wuapp.exe

2008-11-30 08:38 162,064 ----a-w c:\windows\System32\wuwebv.dll

2008-11-06 16:35 200,704 ----a-w c:\windows\System32\ssldivx.dll

2008-11-06 16:35 1,044,480 ----a-w c:\windows\System32\libdivx.dll

2008-11-02 09:11 60,273 ----a-w c:\windows\System32\pthreadGC2.dll

2008-09-02 15:06 24 ----a-w c:\users\Sofian\jagex_runescape_preferences.dat

2008-05-18 09:28 0 ----a-w c:\users\Sofian\AppData\Roaming\wklnhst.dat

2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini

2008-04-15 23:28 76 --sha-w c:\windows\CT4CET.bin

.

((((((((((((((((((((((((((((( snapshot@2009-01-31_20.53.42.53 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-01-31 17:53:39 2,484 ----a-w c:\windows\bthservsdp.dat

+ 2009-01-31 23:42:15 2,484 ----a-w c:\windows\bthservsdp.dat

- 2009-01-31 18:40:15 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT

+ 2009-02-01 13:07:17 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT

+ 2009-02-01 13:07:17 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1

- 2009-01-31 18:40:10 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT

+ 2009-02-01 13:07:12 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT

+ 2009-02-01 13:07:12 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1

+ 2008-11-26 17:21:30 1,236,208 ----a-w c:\windows\System32\aswBoot.exe

+ 2008-11-26 17:15:10 97,480 ----a-w c:\windows\System32\AvastSS.scr

- 2009-01-31 18:36:55 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-02-01 12:52:16 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-01-31 18:36:55 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-02-01 12:52:16 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-01-31 18:36:55 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-02-01 12:52:16 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2008-11-26 17:17:25 20,560 ----a-w c:\windows\System32\drivers\aswFsBlk.sys

+ 2008-11-26 17:16:29 23,152 ----a-w c:\windows\System32\drivers\aswRdr.sys

+ 2008-11-26 17:17:36 111,184 ----a-w c:\windows\System32\drivers\aswSP.sys

+ 2008-11-26 17:16:38 50,864 ----a-w c:\windows\System32\drivers\aswTdi.sys

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]

"VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\voipbuster.exe" [2008-11-24 9017648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744]

"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016]

"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]

"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]

"DeStatusMon"="c:\program files\Dell\MFP_DELL\deDvcStatus.exe" [2007-06-28 286720]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384]

"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]

"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136]

"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-03-12 79400]

"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]

"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-09 136600]

"Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2007-03-21 478800]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-11 c:\windows\KHALMNPR.Exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"GrpConv"="grpconv -o" [X]

"aswAhAScr.dll"="c:\progra~1\ALWILS~1\Avast4\ASWREG~1.EXE" [2003-09-16 22016]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 703280]

Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-04-16 50688]

QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-09-07 1180952]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-991331777-2378318461-4560006-1000]

"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"UDP Query User{5CC58DDD-6000-4FB3-A854-7241EBE4C5CB}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= TCP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:TP_Win32

"TCP Query User{54834E1A-4F46-47D1-91AA-6AFB388A49A3}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= UDP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:TP_Win32

"UDP Query User{A3111D06-F8A6-4033-9D01-E0865EAEB4D9}c:\\program files\\valve\\counter-strike source\\hl2.exe"= TCP:c:\program files\valve\counter-strike source\hl2.exe:hl2

"TCP Query User{9293FB58-0420-4115-A49E-A2976C1B3564}c:\\program files\\valve\\counter-strike source\\hl2.exe"= UDP:c:\program files\valve\counter-strike source\hl2.exe:hl2

"{D346D765-9524-49F4-BDED-DDB16AE73879}"= TCP:c:\windows\System32\mqsvc.exe:Message Queuing

"{45A90E50-5152-4959-8E7F-7E7EF4F7424A}"= UDP:c:\windows\System32\mqsvc.exe:Message Queuing

"{1D9069E9-375D-44A0-9CC2-400255F8CE78}"= TCP:c:\windows\System32\mqsvc.exe:Message Queuing

"{63477523-E780-4425-82C0-55FFAA497F10}"= UDP:c:\windows\System32\mqsvc.exe:Message Queuing

"UDP Query User{1C7BFDF9-B75E-43EC-B6BB-E8A9D0B7D71D}c:\\program files\\dna\\btdna.exe"= TCP:c:\program files\dna\btdna.exe:DNA

"TCP Query User{3CA1B8DB-15AF-4500-8464-89652E56CCDD}c:\\program files\\dna\\btdna.exe"= UDP:c:\program files\dna\btdna.exe:DNA

"{ED40C921-0241-41BA-9728-57E557C93C9E}"= TCP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009

"{D2FCE9FF-BA9C-4637-81C6-5E482A64F5AE}"= UDP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009

"{6B4496AF-FC00-4791-BFBA-2A8BBB254869}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"UDP Query User{E5B9A067-7D56-4164-962D-4FC016F75802}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox

"TCP Query User{FFE6709D-E020-4886-8070-432D9ADD0FAE}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox

"UDP Query User{3245B40A-F081-4386-8E3A-2289A2C6614F}c:\\program files\\counter-strike 1.6\\hlds.exe"= TCP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher

"TCP Query User{C96B2973-710E-48B9-A8F9-B91A6F5DCC36}c:\\program files\\counter-strike 1.6\\hlds.exe"= UDP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher

"UDP Query User{E51EBB21-CF5E-4D83-9AA2-2D8C282E9AC6}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher

"TCP Query User{3656B3D5-B7C1-45B2-998F-56B20C9E9581}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher

"UDP Query User{2879B1FB-70EE-47C4-8654-8A1DC1DF0DFD}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine

"TCP Query User{9A526FB3-485C-4E94-B333-92CE71217FED}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine

"UDP Query User{514D414F-BEC6-4BEF-9EE9-7E68D1A05CEF}c:\\users\\sofian\\appdata\\roaming\\mozilla\\firefox\\profiles\\yo9qwklf.default\\extensions\\solidstateion@solidstatenetworks.com\\plugins\\solidnm.exe"= TCP:c:\users\sofian\appdata\roaming\mozilla\firefox\profiles\yo9qwklf.default\extensions\solidstateion@solidstatenetworks.com\plugins\solidnm.exe:solidnm.exe

"TCP Query User{55A58C11-6386-4375-88C1-005F988E9E3D}c:\\users\\sofian\\appdata\\roaming\\mozilla\\firefox\\profiles\\yo9qwklf.default\\extensions\\solidstateion@solidstatenetworks.com\\plugins\\solidnm.exe"= UDP:c:\users\sofian\appdata\roaming\mozilla\firefox\profiles\yo9qwklf.default\extensions\solidstateion@solidstatenetworks.com\plugins\solidnm.exe:solidnm.exe

"UDP Query User{8CF5866F-A838-4FB1-A9C1-8938F237C422}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon

"TCP Query User{989B7C13-1290-44EF-9FBC-842CA0D14D81}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon

"UDP Query User{A5EB80E9-95C2-46DA-A037-73A2764FAC35}c:\\program files\\fifa09\\fifa09.exe"= TCP:c:\program files\fifa09\fifa09.exe:FIFA09

"TCP Query User{FD7024AD-BD7F-4F6E-9614-16B288759DAC}c:\\program files\\fifa09\\fifa09.exe"= UDP:c:\program files\fifa09\fifa09.exe:FIFA09

"{238E3750-1BF9-4C39-91C5-2FE52CB02AB9}"= TCP:c:\users\Sofian\AppData\Local\Temp\IXP000.TMP\pes2009.exe:Pro Evolution Soccer 2009

"{2D0DFF56-FE02-46CA-B338-8A03C162B8CD}"= UDP:c:\users\Sofian\AppData\Local\Temp\IXP000.TMP\pes2009.exe:Pro Evolution Soccer 2009

"{5A873637-D304-44AD-B6B7-D92CAC9CB7A7}"= TCP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009

"{71F6CAC2-2793-4B81-9419-D0E6CDE27018}"= UDP:c:\program files\PES 2009\pes2009.exe:Pro Evolution Soccer 2009

"UDP Query User{3BA73912-EFBC-445F-9FED-48D4C32F0E70}c:\\users\\sofian\\program files\\dna\\btdna.exe"= TCP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe

"TCP Query User{B16AEDBA-9399-48CB-9528-0E76A6C6EBAB}c:\\users\\sofian\\program files\\dna\\btdna.exe"= UDP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe

"UDP Query User{56B32E8E-6D7C-4E4D-BEAA-4143D683FA87}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent

"TCP Query User{7C790108-0887-4C66-AAA4-242BC76667BC}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent

"{FB7012F6-A0C8-4829-841C-5485A6D7DD44}"= UDP:443:Utorrent

"UDP Query User{4BA4EECA-D8F9-4C97-B7B4-0EA7AEFDB223}c:\\users\\sofian\\program files\\dna\\btdna.exe"= TCP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe

"TCP Query User{961E0236-D718-46B2-A522-505DBFF4766D}c:\\users\\sofian\\program files\\dna\\btdna.exe"= UDP:c:\users\sofian\program files\dna\btdna.exe:btdna.exe

"UDP Query User{0C2368A4-D8F1-4A43-9E5A-720E391B0D21}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent

"TCP Query User{2EBC57E7-8E14-4963-84BC-D5B70D7B3084}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent

"UDP Query User{CC6F7951-1541-4A49-B98E-6908AD7BC79B}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus

"TCP Query User{657A9266-4CFF-48EC-841D-F69665BBED93}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus

"UDP Query User{6BFA36F6-AD9B-49D6-B501-B2A139A00C84}c:\\program files\\rockstar games\\gta san andreas\\samp server\\samp-server.exe"= TCP:c:\program files\rockstar games\gta san andreas\samp server\samp-server.exe:samp-server

"TCP Query User{D8D696A3-E7E5-469F-B882-07C23402EDDF}c:\\program files\\rockstar games\\gta san andreas\\samp server\\samp-server.exe"= UDP:c:\program files\rockstar games\gta san andreas\samp server\samp-server.exe:samp-server

"UDP Query User{AC851BC4-9C86-4F06-8029-6C6050F73632}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire

"TCP Query User{160A1F8E-75C0-4671-B13D-59C5ABD16251}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire

"UDP Query User{D29620AC-3F93-49AA-B939-DFDCF0B35107}c:\\program files\\voipbuster.com\\voipbuster\\voipbuster.exe"= TCP:c:\program files\voipbuster.com\voipbuster\voipbuster.exe:Client to make VoIP calls.

"TCP Query User{2F1BC6CC-18FB-4243-87D2-2C9B93CAEAFF}c:\\program files\\voipbuster.com\\voipbuster\\voipbuster.exe"= UDP:c:\program files\voipbuster.com\voipbuster\voipbuster.exe:Client to make VoIP calls.

"UDP Query User{474CF4C1-C100-466E-B971-BD205B60E352}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.814\\gtarumbleserver.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex00.814\gtarumbleserver.exe:gtarumbleserver.exe

"TCP Query User{94D1A7BD-96D7-4473-8B89-8A4238224449}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.814\\gtarumbleserver.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex00.814\gtarumbleserver.exe:gtarumbleserver.exe

"UDP Query User{646FBDC6-C40B-444A-B597-427E6A6E7A80}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader

"TCP Query User{A83BBA09-E270-48AB-879E-DE2A1FBD94E4}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader

"{59D77588-33BF-4B97-B10A-4897EB53AFE0}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

"{803E39F7-78B8-4684-99C0-0C2CB8BD4CFC}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)

"UDP Query User{21CC4C73-8569-45EE-997D-124B256FAAEA}c:\\users\\sofian\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= Disabled:TCP:c:\users\sofian\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe

"TCP Query User{22196733-FEDE-4DA5-83FC-DACF7CC96061}c:\\users\\sofian\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\sofian\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe

"UDP Query User{DEC548EE-2047-4C50-8BFF-CDAC46870652}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex35.8289\\patch.exe"= Disabled:TCP:c:\users\sofian\appdata\local\temp\rar$ex35.8289\patch.exe:patch.exe

"TCP Query User{3614CF16-7F8A-4004-8E05-3F400E4B5E3E}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex35.8289\\patch.exe"= Disabled:UDP:c:\users\sofian\appdata\local\temp\rar$ex35.8289\patch.exe:patch.exe

"UDP Query User{F18437DC-9F41-4383-9AD6-C1A60988DDCC}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex13.6771\\patch.exe"= Disabled:TCP:c:\users\sofian\appdata\local\temp\rar$ex13.6771\patch.exe:patch.exe

"TCP Query User{224A609B-63B2-467B-912D-A681AE74AD6E}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex13.6771\\patch.exe"= Disabled:UDP:c:\users\sofian\appdata\local\temp\rar$ex13.6771\patch.exe:patch.exe

"UDP Query User{C0E29B39-C25C-4FEF-A656-39E7F33E74BD}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine

"TCP Query User{8437116C-045A-4735-BA3A-C780755848AF}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine

"UDP Query User{8CE7B374-7E44-412D-B4E4-D6AA7886F43F}c:\\program files\\mta san andreas\\server\\mta server.exe"= TCP:c:\program files\mta san andreas\server\mta server.exe:MTA Server

"TCP Query User{B36A7935-97DA-4F7A-AB71-CDBCFECAF281}c:\\program files\\mta san andreas\\server\\mta server.exe"= UDP:c:\program files\mta san andreas\server\mta server.exe:MTA Server

"{F2923331-22E1-4E05-8FD4-EED852780340}"= TCP:c:\program files\Hide IP Platinum\hideippla.exe:Hide IP Platinum

"{A645F9A2-9908-4313-8B14-70924656A8B9}"= UDP:c:\program files\Hide IP Platinum\hideippla.exe:Hide IP Platinum

"UDP Query User{324774FA-B894-4D94-962F-0FA0D38BCBBE}c:\\program files\\ea sports\\fifa 08\\fifa08.exe"= TCP:c:\program files\ea sports\fifa 08\fifa08.exe:FIFA08

"TCP Query User{0103AA03-8BA7-4D39-99CA-4EB76E0F2FDB}c:\\program files\\ea sports\\fifa 08\\fifa08.exe"= UDP:c:\program files\ea sports\fifa 08\fifa08.exe:FIFA08

"UDP Query User{D591E3CB-061E-47F3-A798-60851B935FFC}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed

"TCP Query User{D8034389-8DA4-4336-9F4F-05DC5D6D933C}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed

"UDP Query User{27CA4F2C-F4A8-4CCB-B37A-58D91CDA187B}c:\\windows\\system32\\zonelabs\\vsmon.exe"= TCP:c:\windows\system32\zonelabs\vsmon.exe:TrueVector Service

"TCP Query User{09B71C24-C278-4CEE-A07D-A85FAC53D66F}c:\\windows\\system32\\zonelabs\\vsmon.exe"= UDP:c:\windows\system32\zonelabs\vsmon.exe:TrueVector Service

"{A694356B-DCE6-46B4-81C9-7F1BF6E8D0BD}"= TCP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module

"{D6E0B432-B38F-4604-9C66-E8DBD0D26D85}"= UDP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module

"UDP Query User{081DF3A1-A737-4B1A-8E2F-3ED3191946D9}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC

"TCP Query User{74E35358-40CC-48B1-8254-B8B0DE21EC20}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC

"UDP Query User{9E78BC5B-6B79-4A83-B420-F4FFC1C824B9}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon

"TCP Query User{3A67AA1E-2903-46CF-AFB3-13EDE809CC1C}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon

"UDP Query User{3E3F2425-7523-4869-BF0B-948EE453792B}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox

"TCP Query User{1E068C53-2CF4-45B3-B8D6-D5D2C758CC47}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox

"{A60A5777-3712-4781-909A-E562EC13F6AB}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent

"{1850859D-E62C-4D16-A780-4968346CA9C4}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent

"UDP Query User{E7EDA855-37AB-4B36-8022-BACE3FC8ADA0}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= TCP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:tp_win32

"TCP Query User{B233138C-50A1-4A52-A313-9863D95F0E53}c:\\program files\\disney interactive\\treasure planet battle at procyon\\tp_game\\tp_win32.exe"= UDP:c:\program files\disney interactive\treasure planet battle at procyon\tp_game\tp_win32.exe:tp_win32

"{44532AF2-7C13-40D8-9DD2-BD9B00FAC573}"= TCP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster

"{CD223108-C909-4C5F-A619-812D6AD86666}"= UDP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster

"{9AC21C58-6565-4B09-A236-1C6E53E234D8}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"{11B576E1-B887-47A7-A55D-9EDD18EFE2C6}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"{F8E3F7D3-F590-4016-9007-3EAE21EAA446}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"{369C3E79-E41A-44B4-A978-2B93CFF0CE3C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"{DDB069C9-E320-4264-9A6D-6EC50BF098F3}"= TCP:c:\users\Sofian\Program Files\uTorrent\uTorrent.exe:µTorrent

"{3522FAAA-E7CC-4D52-8A11-379115C6D72E}"= UDP:c:\users\Sofian\Program Files\uTorrent\uTorrent.exe:µTorrent

"{C54D7D3B-57AF-4522-89AA-159E577773D0}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server

"{3DB6E3AB-1D74-4F00-A772-795E4A26D6D8}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine

"{3CABAA43-9F86-4D02-AB76-8FE8F562D6AD}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program

"{D874EB75-B187-4F66-9E24-8BDB71152578}"= c:\program files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect

"{B47A655A-053C-4B47-BC89-646ACA1D9DF1}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA

"{149CA782-81E2-49E4-B14A-D23BCA105DAC}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA

"{AEC7333B-4641-4907-A68C-64304FC929E1}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB

"{6F77D1F2-B3BB-40F5-B0CC-1A129BBEBB37}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB

"TCP Query User{98FAEA70-FFDF-4465-9FED-0D9E424E96CC}c:\\program files\\rainbow six vegas\\binaries\\r6vegas2_game.exe"= UDP:c:\program files\rainbow six vegas\binaries\r6vegas2_game.exe:R6Vegas2_Game

"UDP Query User{06AF7056-339E-4B4B-ACED-28D9AED1B00A}c:\\program files\\rainbow six vegas\\binaries\\r6vegas2_game.exe"= TCP:c:\program files\rainbow six vegas\binaries\r6vegas2_game.exe:R6Vegas2_Game

"{A72FA228-4027-4C09-9E5D-16CCCADDE895}"= UDP:27015:cs

"{6F58EE41-EE56-466A-811E-B91231C6B098}"= TCP:27015:cs2

"TCP Query User{89D619DA-8462-47D2-B87A-F65465542D13}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed

"UDP Query User{81D927CC-9991-4D31-BA21-F5D597770B4C}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed

"TCP Query User{CF28231D-A4AB-4EC6-A8A1-3435FEDA5975}c:\\program files\\free download manager\\fdm.exe"= UDP:c:\program files\free download manager\fdm.exe:Free Download Manager

"UDP Query User{467F41AF-99A6-455D-B1B2-CE2308C3AE3D}c:\\program files\\free download manager\\fdm.exe"= TCP:c:\program files\free download manager\fdm.exe:Free Download Manager

"TCP Query User{8A7D27FA-DA13-49A0-A28C-6CEA99A48ED0}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= UDP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd

"UDP Query User{1AFCE24B-B976-41BB-8277-5EF44F459ADD}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= TCP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd

"TCP Query User{B8B3C1A0-DAAC-4EE9-A6F9-64EAF9419DE5}c:\\program files\\midnight club 2\\mc2.exe"= UDP:c:\program files\midnight club 2\mc2.exe:mc2

"UDP Query User{6A29C6CE-3831-4646-B400-5F783BCAEACD}c:\\program files\\midnight club 2\\mc2.exe"= TCP:c:\program files\midnight club 2\mc2.exe:mc2

"{B9BC18A5-EFE4-46EB-AC93-72A2B6F801D7}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"TCP Query User{18CEC237-0B76-4515-BE32-0C100FEC6D86}c:\\program files\\midnight club 2\\mc2.exe"= UDP:c:\program files\midnight club 2\mc2.exe:mc2

"UDP Query User{148526E6-35AA-46C0-884C-A31AA5BBEAB9}c:\\program files\\midnight club 2\\mc2.exe"= TCP:c:\program files\midnight club 2\mc2.exe:mc2

"TCP Query User{D761FCBC-4F47-4BFE-BFE4-42DF050F1529}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher

"UDP Query User{32E24C83-E7F4-44A1-B755-B8F8F20D4A0E}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher

"TCP Query User{9BDB6799-E480-4523-BB34-7599B7A3C00F}c:\\program files\\valve\\counter-strike source\\hl2.exe"= UDP:c:\program files\valve\counter-strike source\hl2.exe:hl2

"UDP Query User{DC5F9973-99AE-45C3-926A-6016CA54FA07}c:\\program files\\valve\\counter-strike source\\hl2.exe"= TCP:c:\program files\valve\counter-strike source\hl2.exe:hl2

"TCP Query User{180C3D0D-0D7D-4E93-ABFA-B1AA2B8B4326}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.016\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex00.016\nfsuclient.exe:nfsuclient.exe

"UDP Query User{EE52C356-31CA-49D3-86C5-31EDA7B83272}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex00.016\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex00.016\nfsuclient.exe:nfsuclient.exe

"TCP Query User{1D19EC40-539C-45A0-B14A-DCBB420D73FB}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex02.807\\nfsuserver.1.0.1.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex02.807\nfsuserver.1.0.1.exe:nfsuserver.1.0.1.exe

"UDP Query User{CA9AA832-14CF-4784-A0E6-A873FBFF2537}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex02.807\\nfsuserver.1.0.1.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex02.807\nfsuserver.1.0.1.exe:nfsuserver.1.0.1.exe

"TCP Query User{F20E1835-AA1E-4A33-B08C-060A5A1C5446}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex04.415\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex04.415\nfsuclient.exe:nfsuclient.exe

"UDP Query User{6CF40273-EF0A-43CA-BAE9-3F47DBD855F9}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex04.415\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex04.415\nfsuclient.exe:nfsuclient.exe

"TCP Query User{926B5B97-4EA8-4604-BA27-469A17E4EC4B}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex05.310\\nfsuclient.exe"= UDP:c:\users\sofian\appdata\local\temp\rar$ex05.310\nfsuclient.exe:nfsuclient.exe

"UDP Query User{5584FE3E-B6C3-4B7A-AB1F-2104113C6C2D}c:\\users\\sofian\\appdata\\local\\temp\\rar$ex05.310\\nfsuclient.exe"= TCP:c:\users\sofian\appdata\local\temp\rar$ex05.310\nfsuclient.exe:nfsuclient.exe

"{954FA7EB-DF6C-4A27-83D4-C3DCDA96386B}"= UDP:80:LAN-MW

"{78BF540B-9E58-4DB5-B4EC-1F1F72E42DCE}"= UDP:13505:LAN-MW1

"{D3C9E63D-91BA-464F-82A4-C38CB57CB538}"= TCP:3658:LAN-MW3

"{7223C4BC-7C74-4639-A38C-0E3142A8E5E7}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger

"{BE499951-71C5-407D-99B6-89A000F71B29}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger

"TCP Query User{A3CBBF16-7F14-4671-840B-B7B2A30DFA5C}c:\\program files\\counter-strike 1.6\\hlds.exe"= UDP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher

"UDP Query User{FFF9971C-3B60-482F-8B37-04F8133A9C74}c:\\program files\\counter-strike 1.6\\hlds.exe"= TCP:c:\program files\counter-strike 1.6\hlds.exe:HLDS Launcher

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Configurable\System]

"Rip-Listener-1"= TCP:520|%SystemRoot%\System32\svchost.exe|Svc=iprip:@iprip.dll,-200|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]

"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

"SNMP-1"= TCP:%SystemRoot%\system32\snmp.exe|Svc=SNMP:@%SystemRoot%\system32\snmp.exe,-5|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

"c:\\Program Files\\River Past\\Audio Converter Pro\\AudioConverter.exe"= c:\program files\River Past\Audio Converter Pro\AudioConverter.exe:*:Enabled:River Past Audio Converter Pro

S1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-01-31 111184]

S3 DESVUSB;Dell service driver;c:\windows\System32\drivers\desrvusb.sys [2008-11-30 17536]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [2008-11-30 111616]

S3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [2008-11-30 235648]

S3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [2008-11-30 7424]

S3 WMSvc;Web Management-service;c:\windows\System32\inetsrv\WMSvc.exe [2006-11-02 10752]

S4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [2008-04-16 73728]

S4 Anyplace Control Security;Anyplace Control Security;c:\windows\svcadmin.exe [2008-04-24 104960]

S4 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-01-31 20560]

S4 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-01-31 51792]

S4 deMntrService;Dell AIO Center Service;c:\program files\Dell\MFP_DELL\deMntrService.exe [2007-06-28 131072]

S4 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LPDService REG_MULTI_SZ LPDSVC

rsmsvcs REG_MULTI_SZ ntmssvc

ipripsvc REG_MULTI_SZ iprip

bthsvcs REG_MULTI_SZ BthServ

.

Inhoud van de 'Gedeelde Taken' map

2009-02-01 c:\windows\Tasks\1-Click Maintenance.job

- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe []

2009-02-01 c:\windows\Tasks\RegCure Program Check.job

- c:\program files\RegCure\RegCure.exe [2007-08-02 10:20]

2008-12-12 c:\windows\Tasks\RegCure.job

- c:\program files\RegCure\RegCure.exe [2007-08-02 10:20]

2009-01-31 c:\windows\Tasks\RegTool Scan.job

- c:\program files\RegTool\RegTool.exe []

2009-01-31 c:\windows\Tasks\RegTool Scan.job

- c:\program files\RegTool []

2009-02-01 c:\windows\Tasks\RegTool Startup.job

- c:\program files\RegTool\RegTool.exe []

.

- - - - ORPHANS VERWIJDERD - - - -

HKLM-RunOnce-<NO NAME> - (no file)

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.games-fusion.net/

mStart Page = hxxp://www.games-fusion.net/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab

FF - ProfilePath - c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)

FF - prefs.js: browser.startup.homepage - about:blank

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll

---- FIREFOX POLICIES ----

FF - user.js: network.proxy.type - 0

FF - user.js: network.proxy.http -

FF - user.js: network.proxy.http_port - 0

FF - user.js: network.proxy.ssl -

FF - user.js: network.proxy.ssl_port - 0

FF - user.js: network.proxy.ftp -

FF - user.js: network.proxy.ftp_port - 0

FF - user.js: network.proxy.gopher -

FF - user.js: network.proxy.gopher_port - 0

FF - user.js: network.proxy.socks_version - 5

FF - user.js: network.proxy.socks -

FF - user.js: network.proxy.socks_port - 0

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-02-01 14:09:57

Windows 6.0.6000 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

Voltooingstijd: 2009-02-01 14:12:14

ComboFix-quarantined-files.txt 2009-02-01 13:12:12

ComboFix2.txt 2009-01-31 19:56:04

ComboFix3.txt 2009-01-31 15:19:40

Pre-Run: 75,753,709,568 bytes beschikbaar

Post-Run: 75,725,246,464 bytes beschikbaar

450

31 januari 2009

Hier is het logje bedankt nog, beetje sneller, maar nog niet helemaal. Ik heb nog even die tips gelezen maar die schijfcontrole vind ik niet op vista.

ComboFix 09-01-31.01 - Sofian 2009-01-31 20:51:11.3 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.2037.889 [GMT 1:00]

Gestart vanuit: c:\users\Sofian\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Sofian\Desktop\CFScript.txt

* Nieuw herstelpunt werd aangemaakt

FILE ::

c:\windows\System32\tmp2AD2.tmp

c:\windows\System32\tmp2B50.tmp

c:\windows\System32\tmp8D14.tmp

c:\windows\System32\tmp8D63.tmp

c:\windows\System32\tmp8EC8.tmp

c:\windows\System32\tmp8F17.tmp

c:\windows\System32\tmpB36E.tmp

c:\windows\System32\tmpB3BD.tmp

c:\windows\System32\tmpC754.tmp

c:\windows\System32\tmpC793.tmp

c:\windows\System32\tmpE4BE.tmp

c:\windows\System32\tmpE53B.tmp

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Sofian\AppData\Roaming\.#

c:\windows\System32\tmp2AD2.tmp

c:\windows\System32\tmp2B50.tmp

c:\windows\System32\tmp8D14.tmp

c:\windows\System32\tmp8D63.tmp

c:\windows\System32\tmp8EC8.tmp

c:\windows\System32\tmp8F17.tmp

c:\windows\System32\tmpB36E.tmp

c:\windows\System32\tmpB3BD.tmp

c:\windows\System32\tmpC754.tmp

c:\windows\System32\tmpC793.tmp

c:\windows\System32\tmpE4BE.tmp

c:\windows\System32\tmpE53B.tmp

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-12-28 to 2009-01-31 ))))))))))))))))))))))))))))))