Ga naar inhoud

Dude_Stef

Lid
  • Items

    12
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door Dude_Stef

  1. Enkel deze update.. het probleem is dan als ik die update manueel wil instaleren dan krijg ik een error (tezien op afbeelding) En waneer ik dan doe wat vermeld staat op dat venstertje krijg ik dit (zie afbeelding)
  2. Ok dan, maar m'n probleem nog steeds niet opgelost, Ik maakte me enkel zorgen dat ik niks van een cd afweet, maar ik kan nog steeds die update(s) niet installeren, Zowel Windows update, als handmatige installatie doet het niet, ik krijg steeds dezelfde error. Eigenlijk vind ik het zeer jammer dat het niet (één van) de systeembestanden zijn die her verantwoordelijk voor zijn, dan had(den) ik/we tenminste een idee hoe dit op te lossen is. Zijn er nog andere mogelijke oplossingen? Als er helaas geen oplossing kan worden gevonden zal ik de computer eens laten nakijken door een computer installateur.
  3. 2012-09-22 07:05:51, Info CSI 0000000e [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:05:51, Info CSI 0000000f [sR] Beginning Verify and Repair transaction 2012-09-22 07:05:53, Info CSI 00000011 [sR] Verify complete 2012-09-22 07:05:55, Info CSI 00000012 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:05:55, Info CSI 00000013 [sR] Beginning Verify and Repair transaction 2012-09-22 07:05:57, Info CSI 00000015 [sR] Verify complete 2012-09-22 07:05:57, Info CSI 00000016 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:05:57, Info CSI 00000017 [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:03, Info CSI 00000019 [sR] Verify complete 2012-09-22 07:06:03, Info CSI 0000001a [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:03, Info CSI 0000001b [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:05, Info CSI 0000001d [sR] Verify complete 2012-09-22 07:06:06, Info CSI 0000001e [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:06, Info CSI 0000001f [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:08, Info CSI 00000021 [sR] Verify complete 2012-09-22 07:06:08, Info CSI 00000022 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:08, Info CSI 00000023 [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:10, Info CSI 00000025 [sR] Verify complete 2012-09-22 07:06:11, Info CSI 00000026 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:11, Info CSI 00000027 [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:12, Info CSI 00000029 [sR] Verify complete 2012-09-22 07:06:12, Info CSI 0000002a [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:12, Info CSI 0000002b [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:13, Info CSI 0000002d [sR] Verify complete 2012-09-22 07:06:14, Info CSI 0000002e [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:14, Info CSI 0000002f [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:18, Info CSI 00000032 [sR] Verify complete 2012-09-22 07:06:18, Info CSI 00000033 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:18, Info CSI 00000034 [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:23, Info CSI 00000038 [sR] Verify complete 2012-09-22 07:06:24, Info CSI 00000039 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:24, Info CSI 0000003a [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:27, Info CSI 0000003d [sR] Verify complete 2012-09-22 07:06:27, Info CSI 0000003e [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:27, Info CSI 0000003f [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:31, Info CSI 00000041 [sR] Verify complete 2012-09-22 07:06:31, Info CSI 00000042 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:31, Info CSI 00000043 [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:35, Info CSI 0000005c [sR] Verify complete 2012-09-22 07:06:36, Info CSI 0000005d [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:36, Info CSI 0000005e [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:40, Info CSI 0000006c [sR] Verify complete 2012-09-22 07:06:41, Info CSI 0000006d [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:41, Info CSI 0000006e [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:46, Info CSI 00000070 [sR] Verify complete 2012-09-22 07:06:46, Info CSI 00000071 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:46, Info CSI 00000072 [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:50, Info CSI 00000074 [sR] Verify complete 2012-09-22 07:06:50, Info CSI 00000075 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:50, Info CSI 00000076 [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:54, Info CSI 00000078 [sR] Verify complete 2012-09-22 07:06:54, Info CSI 00000079 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:06:54, Info CSI 0000007a [sR] Beginning Verify and Repair transaction 2012-09-22 07:06:59, Info CSI 0000007e [sR] Verify complete 2012-09-22 07:07:00, Info CSI 0000007f [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:00, Info CSI 00000080 [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:06, Info CSI 000000a1 [sR] Verify complete 2012-09-22 07:07:06, Info CSI 000000a2 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:06, Info CSI 000000a3 [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:15, Info CSI 000000a5 [sR] Verify complete 2012-09-22 07:07:16, Info CSI 000000a6 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:16, Info CSI 000000a7 [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:19, Info CSI 000000ab [sR] Verify complete 2012-09-22 07:07:19, Info CSI 000000ac [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:19, Info CSI 000000ad [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:22, Info CSI 000000af [sR] Verify complete 2012-09-22 07:07:22, Info CSI 000000b0 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:22, Info CSI 000000b1 [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:23, Info CSI 000000b3 [sR] Verify complete 2012-09-22 07:07:23, Info CSI 000000b4 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:23, Info CSI 000000b5 [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:27, Info CSI 000000b9 [sR] Verify complete 2012-09-22 07:07:28, Info CSI 000000ba [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:28, Info CSI 000000bb [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:32, Info CSI 000000cc [sR] Verify complete 2012-09-22 07:07:32, Info CSI 000000cd [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:32, Info CSI 000000ce [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:32, Info CSI 000000d0 [sR] Verify complete 2012-09-22 07:07:33, Info CSI 000000d1 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:33, Info CSI 000000d2 [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:35, Info CSI 000000d5 [sR] Verify complete 2012-09-22 07:07:35, Info CSI 000000d6 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:35, Info CSI 000000d7 [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:37, Info CSI 000000d9 [sR] Verify complete 2012-09-22 07:07:37, Info CSI 000000da [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:37, Info CSI 000000db [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:41, Info CSI 000000de [sR] Verify complete 2012-09-22 07:07:41, Info CSI 000000df [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:41, Info CSI 000000e0 [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:49, Info CSI 000000e5 [sR] Verify complete 2012-09-22 07:07:49, Info CSI 000000e6 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:49, Info CSI 000000e7 [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:52, Info CSI 000000e9 [sR] Verify complete 2012-09-22 07:07:52, Info CSI 000000ea [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:52, Info CSI 000000eb [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:54, Info CSI 000000ed [sR] Verify complete 2012-09-22 07:07:54, Info CSI 000000ee [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:54, Info CSI 000000ef [sR] Beginning Verify and Repair transaction 2012-09-22 07:07:57, Info CSI 000000f1 [sR] Verify complete 2012-09-22 07:07:58, Info CSI 000000f2 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:07:58, Info CSI 000000f3 [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:02, Info CSI 000000f5 [sR] Verify complete 2012-09-22 07:08:02, Info CSI 000000f6 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:08:02, Info CSI 000000f7 [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:06, Info CSI 000000f9 [sR] Verify complete 2012-09-22 07:08:06, Info CSI 000000fa [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:08:06, Info CSI 000000fb [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:12, Info CSI 00000113 [sR] Verify complete 2012-09-22 07:08:12, Info CSI 00000114 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:08:12, Info CSI 00000115 [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:17, Info CSI 00000117 [sR] Verify complete 2012-09-22 07:08:17, Info CSI 00000118 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:08:17, Info CSI 00000119 [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:28, Info CSI 0000011b [sR] Verify complete 2012-09-22 07:08:29, Info CSI 0000011c [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:08:29, Info CSI 0000011d [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:33, Info CSI 0000011f [sR] Verify complete 2012-09-22 07:08:33, Info CSI 00000120 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:08:33, Info CSI 00000121 [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:39, Info CSI 00000123 [sR] Verify complete 2012-09-22 07:08:40, Info CSI 00000124 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:08:40, Info CSI 00000125 [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:43, Info CSI 00000127 [sR] Verify complete 2012-09-22 07:08:43, Info CSI 00000128 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:08:43, Info CSI 00000129 [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:47, Info CSI 0000012b [sR] Verify complete 2012-09-22 07:08:47, Info CSI 0000012c [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:08:47, Info CSI 0000012d [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:51, Info CSI 00000131 [sR] Verify complete 2012-09-22 07:08:51, Info CSI 00000132 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:08:51, Info CSI 00000133 [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:55, Info CSI 00000135 [sR] Verify complete 2012-09-22 07:08:55, Info CSI 00000136 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:08:55, Info CSI 00000137 [sR] Beginning Verify and Repair transaction 2012-09-22 07:08:59, Info CSI 0000013a [sR] Verify complete 2012-09-22 07:09:00, Info CSI 0000013b [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:00, Info CSI 0000013c [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:04, Info CSI 0000013f [sR] Verify complete 2012-09-22 07:09:04, Info CSI 00000140 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:04, Info CSI 00000141 [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:08, Info CSI 00000143 [sR] Verify complete 2012-09-22 07:09:08, Info CSI 00000144 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:08, Info CSI 00000145 [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:13, Info CSI 00000148 [sR] Verify complete 2012-09-22 07:09:13, Info CSI 00000149 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:13, Info CSI 0000014a [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:17, Info CSI 0000014c [sR] Verify complete 2012-09-22 07:09:17, Info CSI 0000014d [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:17, Info CSI 0000014e [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:21, Info CSI 00000150 [sR] Verify complete 2012-09-22 07:09:21, Info CSI 00000151 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:21, Info CSI 00000152 [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:25, Info CSI 00000155 [sR] Verify complete 2012-09-22 07:09:26, Info CSI 00000156 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:26, Info CSI 00000157 [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:29, Info CSI 00000159 [sR] Verify complete 2012-09-22 07:09:29, Info CSI 0000015a [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:29, Info CSI 0000015b [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:33, Info CSI 0000015e [sR] Verify complete 2012-09-22 07:09:34, Info CSI 0000015f [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:34, Info CSI 00000160 [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:39, Info CSI 00000163 [sR] Verify complete 2012-09-22 07:09:39, Info CSI 00000164 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:39, Info CSI 00000165 [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:44, Info CSI 00000168 [sR] Verify complete 2012-09-22 07:09:44, Info CSI 00000169 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:44, Info CSI 0000016a [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:49, Info CSI 0000016c [sR] Verify complete 2012-09-22 07:09:49, Info CSI 0000016d [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:49, Info CSI 0000016e [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:53, Info CSI 00000170 [sR] Verify complete 2012-09-22 07:09:53, Info CSI 00000171 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:53, Info CSI 00000172 [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:55, Info CSI 00000174 [sR] Verify complete 2012-09-22 07:09:55, Info CSI 00000175 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:55, Info CSI 00000176 [sR] Beginning Verify and Repair transaction 2012-09-22 07:09:58, Info CSI 00000178 [sR] Verify complete 2012-09-22 07:09:58, Info CSI 00000179 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:09:58, Info CSI 0000017a [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:00, Info CSI 0000017c [sR] Verify complete 2012-09-22 07:10:00, Info CSI 0000017d [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:00, Info CSI 0000017e [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:03, Info CSI 00000180 [sR] Verify complete 2012-09-22 07:10:03, Info CSI 00000181 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:03, Info CSI 00000182 [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:05, Info CSI 00000184 [sR] Verify complete 2012-09-22 07:10:05, Info CSI 00000185 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:05, Info CSI 00000186 [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:09, Info CSI 00000188 [sR] Verify complete 2012-09-22 07:10:10, Info CSI 00000189 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:10, Info CSI 0000018a [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:22, Info CSI 0000018c [sR] Verify complete 2012-09-22 07:10:22, Info CSI 0000018d [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:22, Info CSI 0000018e [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:24, Info CSI 00000190 [sR] Verify complete 2012-09-22 07:10:24, Info CSI 00000191 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:24, Info CSI 00000192 [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:28, Info CSI 00000194 [sR] Verify complete 2012-09-22 07:10:28, Info CSI 00000195 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:28, Info CSI 00000196 [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:30, Info CSI 00000198 [sR] Verify complete 2012-09-22 07:10:30, Info CSI 00000199 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:30, Info CSI 0000019a [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:32, Info CSI 0000019c [sR] Verify complete 2012-09-22 07:10:32, Info CSI 0000019d [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:32, Info CSI 0000019e [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:35, Info CSI 000001a0 [sR] Verify complete 2012-09-22 07:10:35, Info CSI 000001a1 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:35, Info CSI 000001a2 [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:39, Info CSI 000001aa [sR] Verify complete 2012-09-22 07:10:40, Info CSI 000001ab [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:40, Info CSI 000001ac [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:43, Info CSI 000001ae [sR] Verify complete 2012-09-22 07:10:43, Info CSI 000001af [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:43, Info CSI 000001b0 [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:48, Info CSI 000001b2 [sR] Verify complete 2012-09-22 07:10:49, Info CSI 000001b3 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:49, Info CSI 000001b4 [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:59, Info CSI 000001b7 [sR] Verify complete 2012-09-22 07:10:59, Info CSI 000001b8 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:10:59, Info CSI 000001b9 [sR] Beginning Verify and Repair transaction 2012-09-22 07:10:59, Info CSI 000001bb [sR] Verify complete 2012-09-22 07:11:00, Info CSI 000001bc [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:00, Info CSI 000001bd [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:06, Info CSI 000001c1 [sR] Verify complete 2012-09-22 07:11:06, Info CSI 000001c2 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:06, Info CSI 000001c3 [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:15, Info CSI 000001c8 [sR] Verify complete 2012-09-22 07:11:16, Info CSI 000001c9 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:16, Info CSI 000001ca [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:24, Info CSI 000001cf [sR] Verify complete 2012-09-22 07:11:24, Info CSI 000001d0 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:24, Info CSI 000001d1 [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:29, Info CSI 000001d9 [sR] Verify complete 2012-09-22 07:11:29, Info CSI 000001da [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:29, Info CSI 000001db [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:35, Info CSI 000001e5 [sR] Verify complete 2012-09-22 07:11:35, Info CSI 000001e6 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:35, Info CSI 000001e7 [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:39, Info CSI 000001e9 [sR] Verify complete 2012-09-22 07:11:40, Info CSI 000001ea [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:40, Info CSI 000001eb [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:42, Info CSI 000001ef [sR] Verify complete 2012-09-22 07:11:42, Info CSI 000001f0 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:42, Info CSI 000001f1 [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:45, Info CSI 000001f3 [sR] Verify complete 2012-09-22 07:11:45, Info CSI 000001f4 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:45, Info CSI 000001f5 [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:49, Info CSI 0000021a [sR] Verify complete 2012-09-22 07:11:49, Info CSI 0000021b [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:49, Info CSI 0000021c [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:52, Info CSI 0000021e [sR] Verify complete 2012-09-22 07:11:52, Info CSI 0000021f [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:52, Info CSI 00000220 [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:55, Info CSI 00000222 [sR] Verify complete 2012-09-22 07:11:55, Info CSI 00000223 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:55, Info CSI 00000224 [sR] Beginning Verify and Repair transaction 2012-09-22 07:11:58, Info CSI 00000226 [sR] Verify complete 2012-09-22 07:11:58, Info CSI 00000227 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:11:58, Info CSI 00000228 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:01, Info CSI 00000236 [sR] Verify complete 2012-09-22 07:12:01, Info CSI 00000237 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:01, Info CSI 00000238 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:04, Info CSI 00000242 [sR] Verify complete 2012-09-22 07:12:04, Info CSI 00000243 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:04, Info CSI 00000244 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:07, Info CSI 0000024a [sR] Verify complete 2012-09-22 07:12:07, Info CSI 0000024b [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:07, Info CSI 0000024c [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:08, Info CSI 0000024e [sR] Verify complete 2012-09-22 07:12:09, Info CSI 0000024f [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:09, Info CSI 00000250 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:13, Info CSI 00000253 [sR] Verify complete 2012-09-22 07:12:13, Info CSI 00000254 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:13, Info CSI 00000255 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:15, Info CSI 00000257 [sR] Verify complete 2012-09-22 07:12:15, Info CSI 00000258 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:15, Info CSI 00000259 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:17, Info CSI 0000025b [sR] Verify complete 2012-09-22 07:12:17, Info CSI 0000025c [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:17, Info CSI 0000025d [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:20, Info CSI 0000025f [sR] Verify complete 2012-09-22 07:12:20, Info CSI 00000260 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:20, Info CSI 00000261 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:23, Info CSI 00000263 [sR] Verify complete 2012-09-22 07:12:23, Info CSI 00000264 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:23, Info CSI 00000265 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:28, Info CSI 0000027f [sR] Verify complete 2012-09-22 07:12:28, Info CSI 00000280 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:28, Info CSI 00000281 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:38, Info CSI 00000283 [sR] Verify complete 2012-09-22 07:12:38, Info CSI 00000284 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:38, Info CSI 00000285 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:41, Info CSI 00000287 [sR] Verify complete 2012-09-22 07:12:41, Info CSI 00000288 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:41, Info CSI 00000289 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:43, Info CSI 0000028b [sR] Verify complete 2012-09-22 07:12:44, Info CSI 0000028c [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:44, Info CSI 0000028d [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:47, Info CSI 00000291 [sR] Verify complete 2012-09-22 07:12:47, Info CSI 00000292 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:47, Info CSI 00000293 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:50, Info CSI 00000295 [sR] Verify complete 2012-09-22 07:12:50, Info CSI 00000296 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:50, Info CSI 00000297 [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:53, Info CSI 00000299 [sR] Verify complete 2012-09-22 07:12:53, Info CSI 0000029a [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:53, Info CSI 0000029b [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:56, Info CSI 0000029d [sR] Verify complete 2012-09-22 07:12:56, Info CSI 0000029e [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:56, Info CSI 0000029f [sR] Beginning Verify and Repair transaction 2012-09-22 07:12:59, Info CSI 000002a2 [sR] Verify complete 2012-09-22 07:12:59, Info CSI 000002a3 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:12:59, Info CSI 000002a4 [sR] Beginning Verify and Repair transaction 2012-09-22 07:13:01, Info CSI 000002a6 [sR] Verify complete 2012-09-22 07:13:02, Info CSI 000002a7 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:13:02, Info CSI 000002a8 [sR] Beginning Verify and Repair transaction 2012-09-22 07:13:05, Info CSI 000002aa [sR] Verify complete 2012-09-22 07:13:05, Info CSI 000002ab [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:13:05, Info CSI 000002ac [sR] Beginning Verify and Repair transaction 2012-09-22 07:13:09, Info CSI 000002af [sR] Verify complete 2012-09-22 07:13:09, Info CSI 000002b0 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:13:09, Info CSI 000002b1 [sR] Beginning Verify and Repair transaction 2012-09-22 07:13:11, Info CSI 000002b3 [sR] Verify complete 2012-09-22 07:13:11, Info CSI 000002b4 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:13:11, Info CSI 000002b5 [sR] Beginning Verify and Repair transaction 2012-09-22 07:13:14, Info CSI 000002b7 [sR] Verify complete 2012-09-22 07:13:14, Info CSI 000002b8 [sR] Verifying 100 (0x0000000000000064) components 2012-09-22 07:13:14, Info CSI 000002b9 [sR] Beginning Verify and Repair transaction 2012-09-22 07:13:16, Info CSI 000002bb [sR] Verify complete 2012-09-22 07:13:17, Info CSI 000002bc [sR] Verifying 26 (0x000000000000001a) components 2012-09-22 07:13:17, Info CSI 000002bd [sR] Beginning Verify and Repair transaction 2012-09-22 07:13:18, Info CSI 000002bf [sR] Verify complete 2012-09-22 07:13:18, Info CSI 000002c0 [sR] Repairing 0 components 2012-09-22 07:13:18, Info CSI 000002c1 [sR] Beginning Verify and Repair transaction 2012-09-22 07:13:18, Info CSI 000002c3 [sR] Repair complete Er werd niet gevraagd om een Windows installatie dvd/cd te gebruiken, Ik ben niet eens zeker of ik een Windows installatie dvd/cd heb, ik heb wel enkele cd's gekregen by men pc, maar daar staat niet duidelijk op waarvoor die zijn. voor zover ik me kan herinneren heb ik deze ook niet nodig gehad om men computer te instaleren, alhoewel ik daar niet echt zeker meer van ben. is dit een probleem?
  4. het gaat om deze update; Beveiligingsupdate voor .NET Framework 3.5.1 op Windows 7 en Windows Server 2008 R2 SP1 voor x64-systemen (KB2478662) Downloadgrootte: 1,8 MB U moet de computer mogelijk opnieuw opstarten om deze update van kracht te laten worden. Type update: belangrijk Er is een beveiligingsprobleem vastgesteld waardoor een kwaadwillende gebruiker uw Windows-systeem waarop Microsoft .NET Framework wordt uitgevoerd, kan beschadigen en volledige controle over het systeem kan krijgen. Installeer deze update van Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze update hebt geïnstalleerd, moet u de computer mogelijk opnieuw opstarten. Meer informatie: MS11-039: Description of the security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 and on Windows Server 2008 R2 Service Pack 1: June 14, 2011 Help en ondersteuning: Microsoft Support Screenshot; Hijackthis logjes zijn all gecheckt door Administrator Kape op deze pagina; http://www.pc-helpforum.be/f163/hijackthis-50373/ indien het nodig is, zal ik probleemloos nog eens een logje maken. Maar ik ga een verhaaltje bij deze update vertellen, Enkele maanden geleden, merkte ik dat me'n Windows Media Player (standaard versie van Windows7) weg was, ik kon die niet meer gebruiken, ik vind het raar, maar ik gebruikte toch meestal Itunes, nu de mp3 extentie wordt nu automatisch afgespeeld door Itunes, Mp4 en Dvd (denk ik) worden ge opent met Clear.fi, Nu dat vind ik niet echt een probleem het heeft een lange tijd zo geweest, tot wanneer ik onlangs een error kreeg in Windows live mail, ik had ergens gelezen dat ik dit gewoon kon herstellen door Windows live essentials te verwijderen, en opnieuw te downloaden en installeren, dat deed ik, of ten minste probeerde ik, toen ik probeerde windows live essentials te installeren, kreeg ik dit bericht; Toen ik dat dan ook probeerde installeren, kreeg ik deze waarschuwing En wanneer ik programma's in- of uit probeer te schakelen in "onderdelen in- of uitschakelen" dan krijg ik dit enkel "hulp programma's voor web-beheer" en "Compatibiliteit met IIS 6-beheer" zijn ingeschakeld, Ik heb Fix it al meerdere keren geprobeerd te gebruiken, zonder resultaat, ik heb ook geprobeert de instellingen te veranderen in veiligheids modus, ook geprobeerd die update te doen. ik heb ook "Enable_Windows_Features" geprobeerd, Kan iemand me misschien helpen dit oplossen? Alvast bedankt.
  5. Oké, bedankt dat zal ik zeker eens in Veiligheidsmodus proberen. Ik wou zeker zijn dat alles in orde was qua malware, ect,.. voordat ik men ander probleem zou posten in de vragen/problemen met windows 7 sectie, ik neem aan dat dit dan op gelost is en die ask.com updater stoort me niet echt. dus ga ik dit markeren als OPGELOST, hartelijk bedankt voor je tijd en hulp, zeer erg ge-apprecieerd. Tot nog eens (:
  6. ComboFix 12-09-13.03 - DuDe_stef 14/09/2012 11:40:44.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3944.2544 [GMT 2:00] Gestart vanuit: c:\users\DuDe_stef\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\DuDe_stef\Desktop\CFScript.txt AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C} SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\system32\REN227.tmp" "c:\windows\system32\REN228.tmp" "c:\windows\system32\REN229.tmp" "c:\windows\system32\REN24A5.tmp" "c:\windows\system32\REN24A6.tmp" "c:\windows\system32\REN24A7.tmp" "c:\windows\system32\REN4973.tmp" "c:\windows\system32\REN4974.tmp" "c:\windows\system32\REN4975.tmp" "c:\windows\system32\RENA664.tmp" "c:\windows\system32\RENA665.tmp" "c:\windows\system32\RENA666.tmp" "c:\windows\SysWow64\REN41C5.tmp" "c:\windows\SysWow64\REN41C6.tmp" "c:\windows\SysWow64\REN41C7.tmp" "c:\windows\SysWow64\RENDBD2.tmp" "c:\windows\SysWow64\RENDBD3.tmp" "c:\windows\SysWow64\RENDBD4.tmp" "c:\windows\SysWow64\sho2F9A.tmp" "c:\windows\SysWow64\sho77C9.tmp" "c:\windows\SysWow64\sho7C24.tmp" "c:\windows\SysWow64\sho9C80.tmp" "c:\windows\SysWow64\shoA9BA.tmp" "c:\windows\SysWow64\shoAEC1.tmp" "c:\windows\SysWow64\shoC3C0.tmp" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\1ClickDownload c:\program files (x86)\1ClickDownload\ocmainpack.exe c:\windows\system32\REN227.tmp c:\windows\system32\REN228.tmp c:\windows\system32\REN229.tmp c:\windows\system32\REN24A5.tmp c:\windows\system32\REN24A6.tmp c:\windows\system32\REN24A7.tmp c:\windows\system32\REN4973.tmp c:\windows\system32\REN4974.tmp c:\windows\system32\REN4975.tmp c:\windows\system32\RENA664.tmp c:\windows\system32\RENA665.tmp c:\windows\system32\RENA666.tmp c:\windows\SysWow64\REN41C5.tmp c:\windows\SysWow64\REN41C6.tmp c:\windows\SysWow64\REN41C7.tmp c:\windows\SysWow64\RENDBD2.tmp c:\windows\SysWow64\RENDBD3.tmp c:\windows\SysWow64\RENDBD4.tmp c:\windows\SysWow64\sho2F9A.tmp c:\windows\SysWow64\sho77C9.tmp c:\windows\SysWow64\sho7C24.tmp c:\windows\SysWow64\sho9C80.tmp c:\windows\SysWow64\shoA9BA.tmp c:\windows\SysWow64\shoAEC1.tmp c:\windows\SysWow64\shoC3C0.tmp c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-14 to 2012-09-14 )))))))))))))))))))))))))))))) . . 2012-09-14 09:53 . 2012-09-14 09:53 -------- d-----w- c:\users\pascale\AppData\Local\temp 2012-09-14 09:53 . 2012-09-14 09:53 -------- d-----w- c:\users\Gast\AppData\Local\temp 2012-09-14 09:53 . 2012-09-14 09:53 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-09-12 13:51 . 2012-09-13 08:59 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4AE80E04-D265-4434-AFF9-3F6BA2103786}\offreg.dll 2012-09-12 10:51 . 2012-09-12 10:51 -------- d-----w- c:\users\DuDe_stef\AppData\Local\EgisTec 2012-09-12 09:09 . 2012-09-14 09:59 -------- d-----w- c:\users\DuDe_stef\AppData\Local\temp 2012-09-09 22:17 . 2012-09-09 22:17 -------- d-----w- c:\users\pascale\AppData\Local\Opera 2012-09-09 14:19 . 2012-09-09 14:19 -------- d-----w- c:\users\DuDe_stef\.fontconfig 2012-09-09 11:13 . 2012-09-09 11:13 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Apps 2012-09-07 19:47 . 2012-09-07 19:50 -------- d-----w- c:\users\DuDe_stef\.Mikescape_Cache 2012-09-06 22:13 . 2012-09-06 22:26 -------- d-----w- c:\users\DuDe_stef\legacy 2012-09-06 22:13 . 2012-09-06 22:15 -------- d-----w- c:\users\DuDe_stef\paradise704Cache1 2012-09-06 21:56 . 2012-09-06 21:56 -------- d-----w- c:\users\DuDe_stef\sevadorcache 2012-09-06 21:33 . 2012-09-06 21:33 -------- d-----w- c:\users\DuDe_stef\resistancepkv8cache 2012-09-03 17:04 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.epicurus.cache 2012-09-03 17:03 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.ecl.cache 2012-08-27 20:41 . 2012-08-27 20:41 -------- d-----w- c:\users\pascale\AppData\Local\PC_Drivers_Headquarters 2012-08-27 09:28 . 2012-09-06 14:55 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\.techniclauncher 2012-08-25 14:19 . 2012-08-25 14:19 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-08-23 13:14 . 2012-08-23 13:14 2818560 ----a-w- c:\windows\SysWow64\Sterrenhemel Screensaver.scr 2012-08-23 13:09 . 2012-08-23 13:09 6412288 ----a-w- c:\windows\SysWow64\Schermbeveiliging open haard.scr 2012-08-21 19:30 . 2012-08-21 19:30 -------- d-----w- c:\programdata\Ableton 2012-08-21 19:26 . 2012-08-21 19:27 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\Ableton 2012-08-18 15:44 . 2012-08-18 15:44 -------- d-----w- c:\program files (x86)\Electronic Arts 2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\programdata\RegUse 2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\program files (x86)\RegUse 2012-08-17 12:17 . 2012-08-17 12:17 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Opera 2012-08-17 12:17 . 2012-09-01 13:43 -------- d-----w- c:\program files (x86)\Opera . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-01 13:42 . 2012-04-01 11:14 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-09-01 13:42 . 2011-08-17 00:17 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-25 14:18 . 2012-05-17 16:50 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-08-25 14:18 . 2011-08-09 20:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-15 13:44 . 2012-05-12 16:17 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys 2012-08-03 02:27 . 2011-09-18 00:20 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-07-22 10:46 . 2012-08-06 14:31 191280 ----a-w- c:\windows\system32\javaws.exe 2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\javaw.exe 2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\java.exe 2012-07-19 10:25 . 2012-07-19 10:25 65536 ----a-w- c:\windows\IFinst27.exe 2012-07-19 09:38 . 2012-07-23 06:06 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys 2012-07-17 13:14 . 2012-07-17 13:14 253184 ----a-w- c:\windows\system32\LIVESSP.DLL 2012-07-17 12:49 . 2012-07-17 12:49 209648 ----a-w- c:\windows\SysWow64\LIVESSP.DLL 2012-07-17 12:37 . 2012-07-17 12:37 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-07-10 02:48 . 2012-07-10 02:48 41704 ----a-w- c:\windows\system32\drivers\hssdrv6.sys 2012-07-03 11:46 . 2012-05-19 02:00 24904 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-09-12_08.52.43 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-09-12 08:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-09-14 09:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-09-12 08:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-09-14 09:57 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-09-12 08:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-09-14 09:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-21 03:09 . 2012-09-13 00:54 86372 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-09-14 10:00 41264 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2011-08-10 08:18 . 2012-09-10 08:32 16610 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-661364119-148139604-4287045721-1003_UserData.bin + 2011-08-10 08:18 . 2012-09-13 00:54 16610 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-661364119-148139604-4287045721-1003_UserData.bin + 2011-08-09 19:27 . 2012-09-14 10:00 17880 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-661364119-148139604-4287045721-1000_UserData.bin - 2012-09-12 08:49 . 2012-09-12 08:49 2111 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat + 2012-09-12 20:29 . 2012-09-12 20:29 2111 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat - 2012-09-12 08:50 . 2012-09-12 08:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-09-14 09:54 . 2012-09-14 09:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-09-12 08:50 . 2012-09-12 08:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-09-14 09:54 . 2012-09-14 09:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-09-14 09:57 . 2009-10-06 23:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll - 2012-09-12 08:50 . 2009-10-06 23:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll + 2012-09-14 09:57 . 2009-10-06 23:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll - 2012-09-12 08:50 . 2009-10-06 23:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll + 2011-08-10 17:57 . 2012-09-14 09:10 417864 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin - 2011-06-01 19:31 . 2012-09-12 08:33 677434 c:\windows\system32\perfh013.dat + 2011-06-01 19:31 . 2012-09-14 09:12 677434 c:\windows\system32\perfh013.dat - 2009-07-14 02:36 . 2012-09-12 08:33 593110 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-09-14 09:12 593110 c:\windows\system32\perfh009.dat + 2011-06-01 19:31 . 2012-09-14 09:12 131584 c:\windows\system32\perfc013.dat - 2011-06-01 19:31 . 2012-09-12 08:33 131584 c:\windows\system32\perfc013.dat + 2009-07-14 02:36 . 2012-09-14 09:12 103750 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-09-12 08:33 103750 c:\windows\system32\perfc009.dat + 2009-07-14 05:01 . 2012-09-14 09:53 527688 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2012-09-12 08:49 527688 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-08-10 11:53 . 2012-09-12 08:14 1537316 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1003-8192.dat + 2011-08-10 11:53 . 2012-09-14 09:54 1537316 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1003-8192.dat - 2011-08-19 04:29 . 2012-08-19 05:16 2593232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1000-12288.dat + 2011-08-19 04:29 . 2012-09-12 20:29 2593232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1000-12288.dat - 2011-08-10 04:54 . 2012-09-09 21:53 25141948 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1000-8192.dat + 2011-08-10 04:54 . 2012-09-14 09:54 25141948 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1000-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-06-26 1021840] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160] "ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-26 177448] "Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-01-19 620136] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "F-Secure Manager"="c:\program files (x86)\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-07-19 336992] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] R2 OpenVPNAccessClient;OpenVPN Access Client;c:\program files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [2011-08-25 24064] R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe [2012-05-04 2438696] R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176] R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] R3 LVUVC64;Logitech QuickCam Pro 5000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-13 1255736] S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-08-15 56016] S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 57920] S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-10-16 45624] S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-10-16 94280] S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904] S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-07-10 41704] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-03-16 22912] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-03-16 20328] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-03-16 62584] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-08-03 476016] S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-08-03 387440] S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2012-05-29 199848] S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe [2011-10-16 61088] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-08-11 1014624] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-18 30720] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . Inhoud van de 'Gedeelde Taken' map . 2012-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 13:42] . 2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd62f299efd786.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14] . 2012-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14] . 2012-09-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000Core1cd8d649cf3dec1.job - c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15] . 2012-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000UA.job - c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15] . 2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003Core1cd60f4e7ea1050.job - c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20] . 2012-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003UA.job - c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] 2012-05-16 01:10 287048 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = 61.6.196.218:8118 IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 LSP: c:\program files (x86)\Telenet Security Pack\FSPS\program\FSLSP.DLL TCP: DhcpNameServer = 195.130.130.5 195.130.131.5 TCP: Interfaces\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.21.16.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file) WebBrowser-{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.bmp.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.bmp.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice] @Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000) @Denied: (2) (LocalSystem) "Progid"="Applications\\gimp-2.6.exe" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000) @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.png.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.tif.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.tif.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.wdp.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\SecuROM\License information*] "datasecu"=hex:31,a6,ae,23,19,39,9d,b9,94,fc,a2,83,30,ed,94,17,c6,10,6e,44,e5, 73,8c,0b,51,eb,a1,92,40,26,60,f1,87,3f,f2,b8,f4,e5,7e,d0,08,b4,91,a7,e9,3d,\ "rkeysecu"=hex:64,72,28,51,23,35,18,17,54,5e,ac,72,42,d8,b1,48 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe c:\program files (x86)\Telenet Security Pack\Common\FSMA32.EXE c:\program files (x86)\Telenet Security Pack\Anti-Virus\FSGK32.EXE c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe c:\program files (x86)\Telenet Security Pack\Common\FSHDLL32.EXE c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe c:\program files (x86)\Hotspot Shield\bin\openvpntray.exe c:\program files (x86)\Telenet Security Pack\Anti-Virus\fssm32.exe c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsav32.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-09-14 12:04:28 - machine werd herstart ComboFix-quarantined-files.txt 2012-09-14 10:04 ComboFix2.txt 2012-09-12 09:09 . Pre-Run: 32.937.283.584 bytes beschikbaar Post-Run: 32.776.486.912 bytes beschikbaar . - - End Of File - - 1658A214B64813ACEF950C42F81F7A26 Na dat deze Combofix gedaan had, heb ik even een kijkje genomen in me'n configuratiescherm en gezocht voor enige ask programma's die er mogelijk nog aanwezig zouden zijn, en inderdaad "Ask Toolbar updater" is nog steeds aanwezig, ik heb geprobeert dat dan ook te verwijderen, maar daarvoor heb ik de macht niet en moet ik contact opnemen met de systeem beheerder, Dus dacht ik dat nog eens een HijackThis scan doen en het logje posten eventueel om te zien of die nu in orde is. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:38:39, on 14/09/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\Desktop\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 61.6.196.218:8118 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.21.16.1 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 14309 bytes
  7. ComboFix 12-09-11.02 - DuDe_stef 12/09/2012 10:32:14.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3944.2048 [GMT 2:00] Gestart vanuit: c:\users\DuDe_stef\Desktop\ComboFix.exe AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C} SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Adobe\Photoshop.exe c:\program files (x86)\Adobe\SHFOLDER.dll c:\windows\install.exe . ---- Voorgaande Run ------- . c:\program files (x86)\GadgetBox\gaDGetboxtb.dll c:\programdata\AMMYY\hr c:\programdata\AMMYY\settings.bin c:\programdata\Bcool\background.html c:\programdata\Bcool\bhoclass.dll c:\programdata\Bcool\content.js c:\programdata\Bcool\ffjnknndhepadgpkppcajcplleabnkbc.crx c:\programdata\Bcool\settings.ini c:\programdata\FullRemove.exe c:\users\DuDe_stef\AppData\Roaming\22DNR8DIPXfshf.exe c:\users\DuDe_stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk c:\windows\security\Database\tmp.edb D:\install.exe c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-12 to 2012-09-12 )))))))))))))))))))))))))))))) . . 2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\pascale\AppData\Local\temp 2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\Gast\AppData\Local\temp 2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-09-09 22:17 . 2012-09-09 22:17 -------- d-----w- c:\users\pascale\AppData\Local\Opera 2012-09-09 14:19 . 2012-09-09 14:19 -------- d-----w- c:\users\DuDe_stef\.fontconfig 2012-09-09 11:48 . 2012-09-09 11:48 0 ----a-w- c:\windows\SysWow64\sho77C9.tmp 2012-09-09 11:13 . 2012-09-09 11:13 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Apps 2012-09-07 19:47 . 2012-09-07 19:50 -------- d-----w- c:\users\DuDe_stef\.Mikescape_Cache 2012-09-06 22:13 . 2012-09-06 22:26 -------- d-----w- c:\users\DuDe_stef\legacy 2012-09-06 22:13 . 2012-09-06 22:15 -------- d-----w- c:\users\DuDe_stef\paradise704Cache1 2012-09-06 21:56 . 2012-09-06 21:56 -------- d-----w- c:\users\DuDe_stef\sevadorcache 2012-09-06 21:33 . 2012-09-06 21:33 -------- d-----w- c:\users\DuDe_stef\resistancepkv8cache 2012-09-06 21:29 . 2012-09-06 21:30 -------- d-----w- C:\NewOverloadXCache 2012-09-04 23:58 . 2012-09-04 23:58 0 ----a-w- c:\windows\SysWow64\sho7C24.tmp 2012-09-04 05:21 . 2012-09-09 10:34 -------- d-----w- c:\program files\RAR Password Unlocker 2012-09-03 17:28 . 2012-09-03 17:28 889416 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\82c654841cd89f902\dotNetFx40_Full_setup.exe 2012-09-03 17:04 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.epicurus.cache 2012-09-03 17:03 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.ecl.cache 2012-08-27 20:41 . 2012-08-27 20:41 -------- d-----w- c:\users\pascale\AppData\Local\PC_Drivers_Headquarters 2012-08-27 20:13 . 2012-08-27 20:13 0 ----a-w- c:\windows\SysWow64\shoA9BA.tmp 2012-08-27 09:28 . 2012-09-06 14:55 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\.techniclauncher 2012-08-25 21:05 . 2012-08-25 21:05 -------- d-----w- c:\program files (x86)\1ClickDownload 2012-08-25 14:19 . 2012-08-25 14:19 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-08-23 13:14 . 2012-08-23 13:14 2818560 ----a-w- c:\windows\SysWow64\Sterrenhemel Screensaver.scr 2012-08-23 13:09 . 2012-08-23 13:09 6412288 ----a-w- c:\windows\SysWow64\Schermbeveiliging open haard.scr 2012-08-22 02:23 . 2012-08-22 02:23 0 ----a-w- c:\windows\SysWow64\sho2F9A.tmp 2012-08-21 19:30 . 2012-08-21 19:30 -------- d-----w- c:\programdata\Ableton 2012-08-21 19:26 . 2012-08-21 19:27 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\Ableton 2012-08-18 15:44 . 2012-08-18 15:44 -------- d-----w- c:\program files (x86)\Electronic Arts 2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\programdata\RegUse 2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\program files (x86)\RegUse 2012-08-17 12:17 . 2012-08-17 12:17 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Opera 2012-08-17 12:17 . 2012-09-01 13:43 -------- d-----w- c:\program files (x86)\Opera 2012-08-15 07:35 . 2012-08-15 07:35 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\Need for Speed World 2012-08-15 07:26 . 2012-08-15 07:26 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Electronic_Arts_Inc 2012-08-15 07:26 . 2012-08-15 07:26 -------- d-----w- c:\programdata\Electronic Arts 2012-08-14 07:06 . 2012-08-14 07:06 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\PowerISO . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-01 13:42 . 2012-04-01 11:14 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-09-01 13:42 . 2011-08-17 00:17 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-25 14:18 . 2012-05-17 16:50 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-08-25 14:18 . 2011-08-09 20:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-15 13:44 . 2012-05-12 16:17 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys 2012-08-05 15:59 . 2012-08-05 15:59 0 ----a-w- c:\windows\SysWow64\shoAEC1.tmp 2012-08-03 02:27 . 2011-09-18 00:20 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-07-29 01:03 . 2012-07-29 01:03 0 ----a-w- c:\windows\SysWow64\shoC3C0.tmp 2012-07-27 21:26 . 2012-07-27 21:26 0 ----a-w- c:\windows\SysWow64\sho9C80.tmp 2012-07-22 10:46 . 2012-08-06 14:31 191280 ----a-w- c:\windows\system32\javaws.exe 2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\javaw.exe 2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\java.exe 2012-07-19 10:25 . 2012-07-19 10:25 65536 ----a-w- c:\windows\IFinst27.exe 2012-07-19 09:38 . 2012-07-23 06:06 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys 2012-07-17 13:14 . 2012-07-17 13:14 253184 ----a-w- c:\windows\system32\LIVESSP.DLL 2012-07-17 12:49 . 2012-07-17 12:49 209648 ----a-w- c:\windows\SysWow64\LIVESSP.DLL 2012-07-17 12:37 . 2012-07-17 12:37 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-07-10 02:48 . 2012-07-10 02:48 41704 ----a-w- c:\windows\system32\drivers\hssdrv6.sys 2012-07-03 11:46 . 2012-05-19 02:00 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C7.tmp 2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C6.tmp 2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C5.tmp 2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A7.tmp 2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A6.tmp 2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A5.tmp 2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD4.tmp 2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD3.tmp 2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD2.tmp 2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN229.tmp 2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN228.tmp 2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN227.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA666.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA665.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA664.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4975.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4974.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4973.tmp . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-06-26 1021840] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160] "ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-26 177448] "Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-01-19 620136] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "F-Secure Manager"="c:\program files (x86)\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-07-19 336992] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] R2 OpenVPNAccessClient;OpenVPN Access Client;c:\program files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [2011-08-25 24064] R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe [2012-05-04 2438696] R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-13 1255736] S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-08-15 56016] S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 57920] S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-10-16 45624] S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-10-16 94280] S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904] S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-07-10 41704] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-03-16 22912] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-03-16 20328] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-03-16 62584] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-08-03 476016] S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-08-03 387440] S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2012-05-29 199848] S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe [2011-10-16 61088] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] S3 LVUVC64;Logitech QuickCam Pro 5000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-08-11 1014624] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-18 30720] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . Inhoud van de 'Gedeelde Taken' map . 2012-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 13:42] . 2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd62f299efd786.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14] . 2012-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14] . 2012-09-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000Core1cd8d649cf3dec1.job - c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15] . 2012-09-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000UA.job - c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15] . 2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003Core1cd60f4e7ea1050.job - c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20] . 2012-09-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003UA.job - c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20] . 2012-09-12 c:\windows\Tasks\Scheduled scanning task.job - c:\progra~2\TELENE~1\ANTI-V~1\fsav.exe [2011-10-16 15:56] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] 2012-05-16 01:10 287048 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = 61.6.196.218:8118 IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 LSP: c:\program files (x86)\Telenet Security Pack\FSPS\program\FSLSP.DLL TCP: DhcpNameServer = 195.130.130.5 195.130.131.5 TCP: Interfaces\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.21.16.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Wow6432Node-HKCU-Run-IpSharkkEvo - c:\program files (x86)\IpSharkkEvolution\IpSharkkEvo.exe Wow6432Node-HKCU-Run-RGSC - c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe Wow6432Node-HKLM-Run-ROC_ROC_JULY_P1 - c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe Toolbar-Locked - (no file) Toolbar-10 - (no file) WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file) WebBrowser-{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) AddRemove-63601EB2-A7CE-4C97-9B8C-83925DF392FA - c:\windows\system32\beidpp\uninstall.exe AddRemove-Audacity 1.3 Beta (Unicode)_is1 - c:\program files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe AddRemove-{576CA494-F771-4B10-9AF0-8ED4A7AFB0CC}_is1 - c:\program files (x86)\Amnesia - The Dark Descent Demo\unins000.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.bmp.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.bmp.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice] @Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000) @Denied: (2) (LocalSystem) "Progid"="Applications\\gimp-2.6.exe" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000) @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.png.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.tif.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.tif.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.wdp.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\SecuROM\License information*] "datasecu"=hex:31,a6,ae,23,19,39,9d,b9,94,fc,a2,83,30,ed,94,17,c6,10,6e,44,e5, 73,8c,0b,51,eb,a1,92,40,26,60,f1,87,3f,f2,b8,f4,e5,7e,d0,08,b4,91,a7,e9,3d,\ "rkeysecu"=hex:64,72,28,51,23,35,18,17,54,5e,ac,72,42,d8,b1,48 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe c:\program files (x86)\Telenet Security Pack\Common\FSMA32.EXE c:\program files (x86)\Telenet Security Pack\Anti-Virus\FSGK32.EXE c:\program files (x86)\Telenet Security Pack\Common\FSHDLL32.EXE c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe c:\program files (x86)\Telenet Security Pack\Anti-Virus\fssm32.exe c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsav32.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-09-12 11:09:24 - machine werd herstart ComboFix-quarantined-files.txt 2012-09-12 09:09 . Pre-Run: 34.619.441.152 bytes beschikbaar Post-Run: 33.970.556.928 bytes beschikbaar . - - End Of File - - A6F85A1E8DB9C854A78069698802FE2F ComboFix 12-09-11.02 - DuDe_stef 12/09/2012 10:32:14.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3944.2048 [GMT 2:00] Gestart vanuit: c:\users\DuDe_stef\Desktop\ComboFix.exe AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C} SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Adobe\Photoshop.exe c:\program files (x86)\Adobe\SHFOLDER.dll c:\windows\install.exe . ---- Voorgaande Run ------- . c:\program files (x86)\GadgetBox\gaDGetboxtb.dll c:\programdata\AMMYY\hr c:\programdata\AMMYY\settings.bin c:\programdata\Bcool\background.html c:\programdata\Bcool\bhoclass.dll c:\programdata\Bcool\content.js c:\programdata\Bcool\ffjnknndhepadgpkppcajcplleabnkbc.crx c:\programdata\Bcool\settings.ini c:\programdata\FullRemove.exe c:\users\DuDe_stef\AppData\Roaming\22DNR8DIPXfshf.exe c:\users\DuDe_stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk c:\windows\security\Database\tmp.edb D:\install.exe c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-12 to 2012-09-12 )))))))))))))))))))))))))))))) . . 2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\pascale\AppData\Local\temp 2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\Gast\AppData\Local\temp 2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-09-09 22:17 . 2012-09-09 22:17 -------- d-----w- c:\users\pascale\AppData\Local\Opera 2012-09-09 14:19 . 2012-09-09 14:19 -------- d-----w- c:\users\DuDe_stef\.fontconfig 2012-09-09 11:48 . 2012-09-09 11:48 0 ----a-w- c:\windows\SysWow64\sho77C9.tmp 2012-09-09 11:13 . 2012-09-09 11:13 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Apps 2012-09-07 19:47 . 2012-09-07 19:50 -------- d-----w- c:\users\DuDe_stef\.Mikescape_Cache 2012-09-06 22:13 . 2012-09-06 22:26 -------- d-----w- c:\users\DuDe_stef\legacy 2012-09-06 22:13 . 2012-09-06 22:15 -------- d-----w- c:\users\DuDe_stef\paradise704Cache1 2012-09-06 21:56 . 2012-09-06 21:56 -------- d-----w- c:\users\DuDe_stef\sevadorcache 2012-09-06 21:33 . 2012-09-06 21:33 -------- d-----w- c:\users\DuDe_stef\resistancepkv8cache 2012-09-06 21:29 . 2012-09-06 21:30 -------- d-----w- C:\NewOverloadXCache 2012-09-04 23:58 . 2012-09-04 23:58 0 ----a-w- c:\windows\SysWow64\sho7C24.tmp 2012-09-04 05:21 . 2012-09-09 10:34 -------- d-----w- c:\program files\RAR Password Unlocker 2012-09-03 17:28 . 2012-09-03 17:28 889416 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\82c654841cd89f902\dotNetFx40_Full_setup.exe 2012-09-03 17:04 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.epicurus.cache 2012-09-03 17:03 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.ecl.cache 2012-08-27 20:41 . 2012-08-27 20:41 -------- d-----w- c:\users\pascale\AppData\Local\PC_Drivers_Headquarters 2012-08-27 20:13 . 2012-08-27 20:13 0 ----a-w- c:\windows\SysWow64\shoA9BA.tmp 2012-08-27 09:28 . 2012-09-06 14:55 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\.techniclauncher 2012-08-25 21:05 . 2012-08-25 21:05 -------- d-----w- c:\program files (x86)\1ClickDownload 2012-08-25 14:19 . 2012-08-25 14:19 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-08-23 13:14 . 2012-08-23 13:14 2818560 ----a-w- c:\windows\SysWow64\Sterrenhemel Screensaver.scr 2012-08-23 13:09 . 2012-08-23 13:09 6412288 ----a-w- c:\windows\SysWow64\Schermbeveiliging open haard.scr 2012-08-22 02:23 . 2012-08-22 02:23 0 ----a-w- c:\windows\SysWow64\sho2F9A.tmp 2012-08-21 19:30 . 2012-08-21 19:30 -------- d-----w- c:\programdata\Ableton 2012-08-21 19:26 . 2012-08-21 19:27 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\Ableton 2012-08-18 15:44 . 2012-08-18 15:44 -------- d-----w- c:\program files (x86)\Electronic Arts 2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\programdata\RegUse 2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\program files (x86)\RegUse 2012-08-17 12:17 . 2012-08-17 12:17 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Opera 2012-08-17 12:17 . 2012-09-01 13:43 -------- d-----w- c:\program files (x86)\Opera 2012-08-15 07:35 . 2012-08-15 07:35 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\Need for Speed World 2012-08-15 07:26 . 2012-08-15 07:26 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Electronic_Arts_Inc 2012-08-15 07:26 . 2012-08-15 07:26 -------- d-----w- c:\programdata\Electronic Arts 2012-08-14 07:06 . 2012-08-14 07:06 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\PowerISO . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-01 13:42 . 2012-04-01 11:14 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-09-01 13:42 . 2011-08-17 00:17 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-25 14:18 . 2012-05-17 16:50 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-08-25 14:18 . 2011-08-09 20:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-15 13:44 . 2012-05-12 16:17 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys 2012-08-05 15:59 . 2012-08-05 15:59 0 ----a-w- c:\windows\SysWow64\shoAEC1.tmp 2012-08-03 02:27 . 2011-09-18 00:20 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-07-29 01:03 . 2012-07-29 01:03 0 ----a-w- c:\windows\SysWow64\shoC3C0.tmp 2012-07-27 21:26 . 2012-07-27 21:26 0 ----a-w- c:\windows\SysWow64\sho9C80.tmp 2012-07-22 10:46 . 2012-08-06 14:31 191280 ----a-w- c:\windows\system32\javaws.exe 2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\javaw.exe 2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\java.exe 2012-07-19 10:25 . 2012-07-19 10:25 65536 ----a-w- c:\windows\IFinst27.exe 2012-07-19 09:38 . 2012-07-23 06:06 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys 2012-07-17 13:14 . 2012-07-17 13:14 253184 ----a-w- c:\windows\system32\LIVESSP.DLL 2012-07-17 12:49 . 2012-07-17 12:49 209648 ----a-w- c:\windows\SysWow64\LIVESSP.DLL 2012-07-17 12:37 . 2012-07-17 12:37 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-07-10 02:48 . 2012-07-10 02:48 41704 ----a-w- c:\windows\system32\drivers\hssdrv6.sys 2012-07-03 11:46 . 2012-05-19 02:00 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C7.tmp 2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C6.tmp 2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C5.tmp 2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A7.tmp 2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A6.tmp 2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A5.tmp 2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD4.tmp 2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD3.tmp 2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD2.tmp 2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN229.tmp 2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN228.tmp 2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN227.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA666.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA665.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA664.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4975.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4974.tmp 2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4973.tmp . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-06-26 1021840] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160] "ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-26 177448] "Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-01-19 620136] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "F-Secure Manager"="c:\program files (x86)\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-07-19 336992] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] R2 OpenVPNAccessClient;OpenVPN Access Client;c:\program files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [2011-08-25 24064] R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe [2012-05-04 2438696] R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-13 1255736] S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-08-15 56016] S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 57920] S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-10-16 45624] S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-10-16 94280] S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904] S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-07-10 41704] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-03-16 22912] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-03-16 20328] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-03-16 62584] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-08-03 476016] S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-08-03 387440] S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2012-05-29 199848] S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe [2011-10-16 61088] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] S3 LVUVC64;Logitech QuickCam Pro 5000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-08-11 1014624] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-18 30720] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . Inhoud van de 'Gedeelde Taken' map . 2012-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 13:42] . 2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd62f299efd786.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14] . 2012-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14] . 2012-09-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000Core1cd8d649cf3dec1.job - c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15] . 2012-09-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000UA.job - c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15] . 2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003Core1cd60f4e7ea1050.job - c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20] . 2012-09-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003UA.job - c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20] . 2012-09-12 c:\windows\Tasks\Scheduled scanning task.job - c:\progra~2\TELENE~1\ANTI-V~1\fsav.exe [2011-10-16 15:56] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] 2012-05-16 01:10 287048 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = 61.6.196.218:8118 IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 LSP: c:\program files (x86)\Telenet Security Pack\FSPS\program\FSLSP.DLL TCP: DhcpNameServer = 195.130.130.5 195.130.131.5 TCP: Interfaces\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.21.16.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Wow6432Node-HKCU-Run-IpSharkkEvo - c:\program files (x86)\IpSharkkEvolution\IpSharkkEvo.exe Wow6432Node-HKCU-Run-RGSC - c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe Wow6432Node-HKLM-Run-ROC_ROC_JULY_P1 - c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe Toolbar-Locked - (no file) Toolbar-10 - (no file) WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file) WebBrowser-{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) AddRemove-63601EB2-A7CE-4C97-9B8C-83925DF392FA - c:\windows\system32\beidpp\uninstall.exe AddRemove-Audacity 1.3 Beta (Unicode)_is1 - c:\program files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe AddRemove-{576CA494-F771-4B10-9AF0-8ED4A7AFB0CC}_is1 - c:\program files (x86)\Amnesia - The Dark Descent Demo\unins000.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.bmp.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.bmp.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice] @Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000) @Denied: (2) (LocalSystem) "Progid"="Applications\\gimp-2.6.exe" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000) @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.png.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.tif.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.tif.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.wdp.15.4" . [HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\SecuROM\License information*] "datasecu"=hex:31,a6,ae,23,19,39,9d,b9,94,fc,a2,83,30,ed,94,17,c6,10,6e,44,e5, 73,8c,0b,51,eb,a1,92,40,26,60,f1,87,3f,f2,b8,f4,e5,7e,d0,08,b4,91,a7,e9,3d,\ "rkeysecu"=hex:64,72,28,51,23,35,18,17,54,5e,ac,72,42,d8,b1,48 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe c:\program files (x86)\Telenet Security Pack\Common\FSMA32.EXE c:\program files (x86)\Telenet Security Pack\Anti-Virus\FSGK32.EXE c:\program files (x86)\Telenet Security Pack\Common\FSHDLL32.EXE c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe c:\program files (x86)\Telenet Security Pack\Anti-Virus\fssm32.exe c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsav32.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-09-12 11:09:24 - machine werd herstart ComboFix-quarantined-files.txt 2012-09-12 09:09 . Pre-Run: 34.619.441.152 bytes beschikbaar Post-Run: 33.970.556.928 bytes beschikbaar . - - End Of File - - A6F85A1E8DB9C854A78069698802FE2F
  8. Malwarebytes Anti-Malware 1.62.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2012.09.09.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 DuDe_stef :: DUDE_STEF-PC [administrator] Realtime bescherming: Ingeschakeld 10/09/2012 18:00:11 mbam-log-2012-09-10 (18-00-11).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 259649 Verstreken tijd: 9 minuut/minuten, 26 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:14:56, on 10/09/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\pascale\Downloads\wlsetup-web (1).exe C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\Desktop\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 61.6.196.218:8118 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 O4 - HKCU\..\Run: [Google Update] "C:\Users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ipSharkkEvo] "C:\Program Files (x86)\IpSharkkEvolution\IpSharkkEvo.exe" --auto-start O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-661364119-148139604-4287045721-1003\..\Run: [searchEngineProtection] C:\Program Files (x86)\GamesBar\SearchEngineProtection.exe (User 'pascale') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - S-1-5-21-661364119-148139604-4287045721-1003 Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (User 'pascale') O4 - S-1-5-21-661364119-148139604-4287045721-1003 User Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (User 'pascale') O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: OpenVPN Connect.lnk = C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.76.80.1 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 17720 bytes Wanneer ik Ask.com uit men program files probeerde te verwijderen ging dat niet, zou dit kunnen zijn wegens een andere gebruiker online te zijn op m'n computer die mogelijk een internet-browers open staan heeft? alvast bedankt.
  9. Ga naar je instellingen van google chrome en druk dan op extensies, daar heb je de mogelijkheid om deze te verwijderen of uit te schakelen.
  10. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:24:15, on 9/09/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\DuDe_stef\Desktop\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={4F71666D-3EB4-4A4D-8196-55E1BDEB617F}&mid=ded8d546ca9747d09c183120d343e0ef-3502e4f0c26cda9ae4bd89490bdf71f367bfe1e0〈=nl&ds=st011&pr=sa&d=2012-07-23 08:07:07&v=12.1.0.20&sap=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Gadgetbox Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 61.6.196.218:8118 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) R3 - URLSearchHook: (no name) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - (no file) R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file) R3 - URLSearchHook: (no name) - {32b29df0-2237-4370-9a29-37cebb730e9b} - (no file) R3 - URLSearchHook: (no name) - - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing) O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (file missing) O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files (x86)\GamesBar\2.0.1.109\oberontb.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (file missing) O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (file missing) O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.109\oberontb.dll O3 - Toolbar: GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 O4 - HKCU\..\Run: [Google Update] "C:\Users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ipSharkkEvo] "C:\Program Files (x86)\IpSharkkEvolution\IpSharkkEvo.exe" --auto-start O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKCU\..\Run: [javac.exe] C:\Users\DuDe_stef\AppData\Local\Temp\IXP006.TMP\javac.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: OpenVPN Connect.lnk = C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files (x86)\GamesBar\2.0.1.109\oberontb.dll O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files (x86)\GamesBar\2.0.1.109\oberontb.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.67.48.1 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 19498 bytes
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.