Dude_Stef
-
Items
12 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Dude_Stef
-
-
Ok dan, maar m'n probleem nog steeds niet opgelost,
Ik maakte me enkel zorgen dat ik niks van een cd afweet, maar ik kan nog steeds die update(s) niet installeren,
Zowel Windows update, als handmatige installatie doet het niet, ik krijg steeds dezelfde error.
Eigenlijk vind ik het zeer jammer dat het niet (één van) de systeembestanden zijn die her verantwoordelijk voor zijn, dan had(den) ik/we tenminste een idee hoe dit op te lossen is.
Zijn er nog andere mogelijke oplossingen?
Als er helaas geen oplossing kan worden gevonden zal ik de computer eens laten nakijken door een computer installateur.
-
2012-09-22 07:05:51, Info CSI 0000000e [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:05:51, Info CSI 0000000f [sR] Beginning Verify and Repair transaction
2012-09-22 07:05:53, Info CSI 00000011 [sR] Verify complete
2012-09-22 07:05:55, Info CSI 00000012 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:05:55, Info CSI 00000013 [sR] Beginning Verify and Repair transaction
2012-09-22 07:05:57, Info CSI 00000015 [sR] Verify complete
2012-09-22 07:05:57, Info CSI 00000016 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:05:57, Info CSI 00000017 [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:03, Info CSI 00000019 [sR] Verify complete
2012-09-22 07:06:03, Info CSI 0000001a [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:03, Info CSI 0000001b [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:05, Info CSI 0000001d [sR] Verify complete
2012-09-22 07:06:06, Info CSI 0000001e [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:06, Info CSI 0000001f [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:08, Info CSI 00000021 [sR] Verify complete
2012-09-22 07:06:08, Info CSI 00000022 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:08, Info CSI 00000023 [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:10, Info CSI 00000025 [sR] Verify complete
2012-09-22 07:06:11, Info CSI 00000026 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:11, Info CSI 00000027 [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:12, Info CSI 00000029 [sR] Verify complete
2012-09-22 07:06:12, Info CSI 0000002a [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:12, Info CSI 0000002b [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:13, Info CSI 0000002d [sR] Verify complete
2012-09-22 07:06:14, Info CSI 0000002e [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:14, Info CSI 0000002f [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:18, Info CSI 00000032 [sR] Verify complete
2012-09-22 07:06:18, Info CSI 00000033 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:18, Info CSI 00000034 [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:23, Info CSI 00000038 [sR] Verify complete
2012-09-22 07:06:24, Info CSI 00000039 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:24, Info CSI 0000003a [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:27, Info CSI 0000003d [sR] Verify complete
2012-09-22 07:06:27, Info CSI 0000003e [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:27, Info CSI 0000003f [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:31, Info CSI 00000041 [sR] Verify complete
2012-09-22 07:06:31, Info CSI 00000042 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:31, Info CSI 00000043 [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:35, Info CSI 0000005c [sR] Verify complete
2012-09-22 07:06:36, Info CSI 0000005d [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:36, Info CSI 0000005e [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:40, Info CSI 0000006c [sR] Verify complete
2012-09-22 07:06:41, Info CSI 0000006d [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:41, Info CSI 0000006e [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:46, Info CSI 00000070 [sR] Verify complete
2012-09-22 07:06:46, Info CSI 00000071 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:46, Info CSI 00000072 [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:50, Info CSI 00000074 [sR] Verify complete
2012-09-22 07:06:50, Info CSI 00000075 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:50, Info CSI 00000076 [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:54, Info CSI 00000078 [sR] Verify complete
2012-09-22 07:06:54, Info CSI 00000079 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:06:54, Info CSI 0000007a [sR] Beginning Verify and Repair transaction
2012-09-22 07:06:59, Info CSI 0000007e [sR] Verify complete
2012-09-22 07:07:00, Info CSI 0000007f [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:00, Info CSI 00000080 [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:06, Info CSI 000000a1 [sR] Verify complete
2012-09-22 07:07:06, Info CSI 000000a2 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:06, Info CSI 000000a3 [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:15, Info CSI 000000a5 [sR] Verify complete
2012-09-22 07:07:16, Info CSI 000000a6 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:16, Info CSI 000000a7 [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:19, Info CSI 000000ab [sR] Verify complete
2012-09-22 07:07:19, Info CSI 000000ac [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:19, Info CSI 000000ad [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:22, Info CSI 000000af [sR] Verify complete
2012-09-22 07:07:22, Info CSI 000000b0 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:22, Info CSI 000000b1 [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:23, Info CSI 000000b3 [sR] Verify complete
2012-09-22 07:07:23, Info CSI 000000b4 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:23, Info CSI 000000b5 [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:27, Info CSI 000000b9 [sR] Verify complete
2012-09-22 07:07:28, Info CSI 000000ba [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:28, Info CSI 000000bb [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:32, Info CSI 000000cc [sR] Verify complete
2012-09-22 07:07:32, Info CSI 000000cd [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:32, Info CSI 000000ce [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:32, Info CSI 000000d0 [sR] Verify complete
2012-09-22 07:07:33, Info CSI 000000d1 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:33, Info CSI 000000d2 [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:35, Info CSI 000000d5 [sR] Verify complete
2012-09-22 07:07:35, Info CSI 000000d6 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:35, Info CSI 000000d7 [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:37, Info CSI 000000d9 [sR] Verify complete
2012-09-22 07:07:37, Info CSI 000000da [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:37, Info CSI 000000db [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:41, Info CSI 000000de [sR] Verify complete
2012-09-22 07:07:41, Info CSI 000000df [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:41, Info CSI 000000e0 [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:49, Info CSI 000000e5 [sR] Verify complete
2012-09-22 07:07:49, Info CSI 000000e6 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:49, Info CSI 000000e7 [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:52, Info CSI 000000e9 [sR] Verify complete
2012-09-22 07:07:52, Info CSI 000000ea [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:52, Info CSI 000000eb [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:54, Info CSI 000000ed [sR] Verify complete
2012-09-22 07:07:54, Info CSI 000000ee [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:54, Info CSI 000000ef [sR] Beginning Verify and Repair transaction
2012-09-22 07:07:57, Info CSI 000000f1 [sR] Verify complete
2012-09-22 07:07:58, Info CSI 000000f2 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:07:58, Info CSI 000000f3 [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:02, Info CSI 000000f5 [sR] Verify complete
2012-09-22 07:08:02, Info CSI 000000f6 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:08:02, Info CSI 000000f7 [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:06, Info CSI 000000f9 [sR] Verify complete
2012-09-22 07:08:06, Info CSI 000000fa [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:08:06, Info CSI 000000fb [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:12, Info CSI 00000113 [sR] Verify complete
2012-09-22 07:08:12, Info CSI 00000114 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:08:12, Info CSI 00000115 [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:17, Info CSI 00000117 [sR] Verify complete
2012-09-22 07:08:17, Info CSI 00000118 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:08:17, Info CSI 00000119 [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:28, Info CSI 0000011b [sR] Verify complete
2012-09-22 07:08:29, Info CSI 0000011c [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:08:29, Info CSI 0000011d [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:33, Info CSI 0000011f [sR] Verify complete
2012-09-22 07:08:33, Info CSI 00000120 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:08:33, Info CSI 00000121 [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:39, Info CSI 00000123 [sR] Verify complete
2012-09-22 07:08:40, Info CSI 00000124 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:08:40, Info CSI 00000125 [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:43, Info CSI 00000127 [sR] Verify complete
2012-09-22 07:08:43, Info CSI 00000128 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:08:43, Info CSI 00000129 [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:47, Info CSI 0000012b [sR] Verify complete
2012-09-22 07:08:47, Info CSI 0000012c [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:08:47, Info CSI 0000012d [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:51, Info CSI 00000131 [sR] Verify complete
2012-09-22 07:08:51, Info CSI 00000132 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:08:51, Info CSI 00000133 [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:55, Info CSI 00000135 [sR] Verify complete
2012-09-22 07:08:55, Info CSI 00000136 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:08:55, Info CSI 00000137 [sR] Beginning Verify and Repair transaction
2012-09-22 07:08:59, Info CSI 0000013a [sR] Verify complete
2012-09-22 07:09:00, Info CSI 0000013b [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:00, Info CSI 0000013c [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:04, Info CSI 0000013f [sR] Verify complete
2012-09-22 07:09:04, Info CSI 00000140 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:04, Info CSI 00000141 [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:08, Info CSI 00000143 [sR] Verify complete
2012-09-22 07:09:08, Info CSI 00000144 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:08, Info CSI 00000145 [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:13, Info CSI 00000148 [sR] Verify complete
2012-09-22 07:09:13, Info CSI 00000149 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:13, Info CSI 0000014a [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:17, Info CSI 0000014c [sR] Verify complete
2012-09-22 07:09:17, Info CSI 0000014d [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:17, Info CSI 0000014e [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:21, Info CSI 00000150 [sR] Verify complete
2012-09-22 07:09:21, Info CSI 00000151 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:21, Info CSI 00000152 [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:25, Info CSI 00000155 [sR] Verify complete
2012-09-22 07:09:26, Info CSI 00000156 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:26, Info CSI 00000157 [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:29, Info CSI 00000159 [sR] Verify complete
2012-09-22 07:09:29, Info CSI 0000015a [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:29, Info CSI 0000015b [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:33, Info CSI 0000015e [sR] Verify complete
2012-09-22 07:09:34, Info CSI 0000015f [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:34, Info CSI 00000160 [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:39, Info CSI 00000163 [sR] Verify complete
2012-09-22 07:09:39, Info CSI 00000164 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:39, Info CSI 00000165 [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:44, Info CSI 00000168 [sR] Verify complete
2012-09-22 07:09:44, Info CSI 00000169 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:44, Info CSI 0000016a [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:49, Info CSI 0000016c [sR] Verify complete
2012-09-22 07:09:49, Info CSI 0000016d [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:49, Info CSI 0000016e [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:53, Info CSI 00000170 [sR] Verify complete
2012-09-22 07:09:53, Info CSI 00000171 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:53, Info CSI 00000172 [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:55, Info CSI 00000174 [sR] Verify complete
2012-09-22 07:09:55, Info CSI 00000175 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:55, Info CSI 00000176 [sR] Beginning Verify and Repair transaction
2012-09-22 07:09:58, Info CSI 00000178 [sR] Verify complete
2012-09-22 07:09:58, Info CSI 00000179 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:09:58, Info CSI 0000017a [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:00, Info CSI 0000017c [sR] Verify complete
2012-09-22 07:10:00, Info CSI 0000017d [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:00, Info CSI 0000017e [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:03, Info CSI 00000180 [sR] Verify complete
2012-09-22 07:10:03, Info CSI 00000181 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:03, Info CSI 00000182 [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:05, Info CSI 00000184 [sR] Verify complete
2012-09-22 07:10:05, Info CSI 00000185 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:05, Info CSI 00000186 [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:09, Info CSI 00000188 [sR] Verify complete
2012-09-22 07:10:10, Info CSI 00000189 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:10, Info CSI 0000018a [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:22, Info CSI 0000018c [sR] Verify complete
2012-09-22 07:10:22, Info CSI 0000018d [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:22, Info CSI 0000018e [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:24, Info CSI 00000190 [sR] Verify complete
2012-09-22 07:10:24, Info CSI 00000191 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:24, Info CSI 00000192 [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:28, Info CSI 00000194 [sR] Verify complete
2012-09-22 07:10:28, Info CSI 00000195 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:28, Info CSI 00000196 [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:30, Info CSI 00000198 [sR] Verify complete
2012-09-22 07:10:30, Info CSI 00000199 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:30, Info CSI 0000019a [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:32, Info CSI 0000019c [sR] Verify complete
2012-09-22 07:10:32, Info CSI 0000019d [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:32, Info CSI 0000019e [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:35, Info CSI 000001a0 [sR] Verify complete
2012-09-22 07:10:35, Info CSI 000001a1 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:35, Info CSI 000001a2 [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:39, Info CSI 000001aa [sR] Verify complete
2012-09-22 07:10:40, Info CSI 000001ab [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:40, Info CSI 000001ac [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:43, Info CSI 000001ae [sR] Verify complete
2012-09-22 07:10:43, Info CSI 000001af [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:43, Info CSI 000001b0 [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:48, Info CSI 000001b2 [sR] Verify complete
2012-09-22 07:10:49, Info CSI 000001b3 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:49, Info CSI 000001b4 [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:59, Info CSI 000001b7 [sR] Verify complete
2012-09-22 07:10:59, Info CSI 000001b8 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:10:59, Info CSI 000001b9 [sR] Beginning Verify and Repair transaction
2012-09-22 07:10:59, Info CSI 000001bb [sR] Verify complete
2012-09-22 07:11:00, Info CSI 000001bc [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:00, Info CSI 000001bd [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:06, Info CSI 000001c1 [sR] Verify complete
2012-09-22 07:11:06, Info CSI 000001c2 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:06, Info CSI 000001c3 [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:15, Info CSI 000001c8 [sR] Verify complete
2012-09-22 07:11:16, Info CSI 000001c9 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:16, Info CSI 000001ca [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:24, Info CSI 000001cf [sR] Verify complete
2012-09-22 07:11:24, Info CSI 000001d0 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:24, Info CSI 000001d1 [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:29, Info CSI 000001d9 [sR] Verify complete
2012-09-22 07:11:29, Info CSI 000001da [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:29, Info CSI 000001db [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:35, Info CSI 000001e5 [sR] Verify complete
2012-09-22 07:11:35, Info CSI 000001e6 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:35, Info CSI 000001e7 [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:39, Info CSI 000001e9 [sR] Verify complete
2012-09-22 07:11:40, Info CSI 000001ea [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:40, Info CSI 000001eb [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:42, Info CSI 000001ef [sR] Verify complete
2012-09-22 07:11:42, Info CSI 000001f0 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:42, Info CSI 000001f1 [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:45, Info CSI 000001f3 [sR] Verify complete
2012-09-22 07:11:45, Info CSI 000001f4 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:45, Info CSI 000001f5 [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:49, Info CSI 0000021a [sR] Verify complete
2012-09-22 07:11:49, Info CSI 0000021b [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:49, Info CSI 0000021c [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:52, Info CSI 0000021e [sR] Verify complete
2012-09-22 07:11:52, Info CSI 0000021f [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:52, Info CSI 00000220 [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:55, Info CSI 00000222 [sR] Verify complete
2012-09-22 07:11:55, Info CSI 00000223 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:55, Info CSI 00000224 [sR] Beginning Verify and Repair transaction
2012-09-22 07:11:58, Info CSI 00000226 [sR] Verify complete
2012-09-22 07:11:58, Info CSI 00000227 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:11:58, Info CSI 00000228 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:01, Info CSI 00000236 [sR] Verify complete
2012-09-22 07:12:01, Info CSI 00000237 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:01, Info CSI 00000238 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:04, Info CSI 00000242 [sR] Verify complete
2012-09-22 07:12:04, Info CSI 00000243 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:04, Info CSI 00000244 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:07, Info CSI 0000024a [sR] Verify complete
2012-09-22 07:12:07, Info CSI 0000024b [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:07, Info CSI 0000024c [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:08, Info CSI 0000024e [sR] Verify complete
2012-09-22 07:12:09, Info CSI 0000024f [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:09, Info CSI 00000250 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:13, Info CSI 00000253 [sR] Verify complete
2012-09-22 07:12:13, Info CSI 00000254 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:13, Info CSI 00000255 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:15, Info CSI 00000257 [sR] Verify complete
2012-09-22 07:12:15, Info CSI 00000258 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:15, Info CSI 00000259 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:17, Info CSI 0000025b [sR] Verify complete
2012-09-22 07:12:17, Info CSI 0000025c [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:17, Info CSI 0000025d [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:20, Info CSI 0000025f [sR] Verify complete
2012-09-22 07:12:20, Info CSI 00000260 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:20, Info CSI 00000261 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:23, Info CSI 00000263 [sR] Verify complete
2012-09-22 07:12:23, Info CSI 00000264 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:23, Info CSI 00000265 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:28, Info CSI 0000027f [sR] Verify complete
2012-09-22 07:12:28, Info CSI 00000280 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:28, Info CSI 00000281 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:38, Info CSI 00000283 [sR] Verify complete
2012-09-22 07:12:38, Info CSI 00000284 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:38, Info CSI 00000285 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:41, Info CSI 00000287 [sR] Verify complete
2012-09-22 07:12:41, Info CSI 00000288 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:41, Info CSI 00000289 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:43, Info CSI 0000028b [sR] Verify complete
2012-09-22 07:12:44, Info CSI 0000028c [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:44, Info CSI 0000028d [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:47, Info CSI 00000291 [sR] Verify complete
2012-09-22 07:12:47, Info CSI 00000292 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:47, Info CSI 00000293 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:50, Info CSI 00000295 [sR] Verify complete
2012-09-22 07:12:50, Info CSI 00000296 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:50, Info CSI 00000297 [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:53, Info CSI 00000299 [sR] Verify complete
2012-09-22 07:12:53, Info CSI 0000029a [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:53, Info CSI 0000029b [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:56, Info CSI 0000029d [sR] Verify complete
2012-09-22 07:12:56, Info CSI 0000029e [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:56, Info CSI 0000029f [sR] Beginning Verify and Repair transaction
2012-09-22 07:12:59, Info CSI 000002a2 [sR] Verify complete
2012-09-22 07:12:59, Info CSI 000002a3 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:12:59, Info CSI 000002a4 [sR] Beginning Verify and Repair transaction
2012-09-22 07:13:01, Info CSI 000002a6 [sR] Verify complete
2012-09-22 07:13:02, Info CSI 000002a7 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:13:02, Info CSI 000002a8 [sR] Beginning Verify and Repair transaction
2012-09-22 07:13:05, Info CSI 000002aa [sR] Verify complete
2012-09-22 07:13:05, Info CSI 000002ab [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:13:05, Info CSI 000002ac [sR] Beginning Verify and Repair transaction
2012-09-22 07:13:09, Info CSI 000002af [sR] Verify complete
2012-09-22 07:13:09, Info CSI 000002b0 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:13:09, Info CSI 000002b1 [sR] Beginning Verify and Repair transaction
2012-09-22 07:13:11, Info CSI 000002b3 [sR] Verify complete
2012-09-22 07:13:11, Info CSI 000002b4 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:13:11, Info CSI 000002b5 [sR] Beginning Verify and Repair transaction
2012-09-22 07:13:14, Info CSI 000002b7 [sR] Verify complete
2012-09-22 07:13:14, Info CSI 000002b8 [sR] Verifying 100 (0x0000000000000064) components
2012-09-22 07:13:14, Info CSI 000002b9 [sR] Beginning Verify and Repair transaction
2012-09-22 07:13:16, Info CSI 000002bb [sR] Verify complete
2012-09-22 07:13:17, Info CSI 000002bc [sR] Verifying 26 (0x000000000000001a) components
2012-09-22 07:13:17, Info CSI 000002bd [sR] Beginning Verify and Repair transaction
2012-09-22 07:13:18, Info CSI 000002bf [sR] Verify complete
2012-09-22 07:13:18, Info CSI 000002c0 [sR] Repairing 0 components
2012-09-22 07:13:18, Info CSI 000002c1 [sR] Beginning Verify and Repair transaction
2012-09-22 07:13:18, Info CSI 000002c3 [sR] Repair complete
Er werd niet gevraagd om een Windows installatie dvd/cd te gebruiken,
Ik ben niet eens zeker of ik een Windows installatie dvd/cd heb, ik heb wel enkele cd's gekregen by men pc, maar daar staat niet duidelijk op waarvoor die zijn. voor zover ik me kan herinneren heb ik deze ook niet nodig gehad om men computer te instaleren, alhoewel ik daar niet echt zeker meer van ben. is dit een probleem?
-
Niet dat ik weet, nee.
-
-
het gaat om deze update; Beveiligingsupdate voor .NET Framework 3.5.1 op Windows 7 en Windows Server 2008 R2 SP1 voor x64-systemen (KB2478662)
Downloadgrootte: 1,8 MB
U moet de computer mogelijk opnieuw opstarten om deze update van kracht te laten worden.
Type update: belangrijk
Er is een beveiligingsprobleem vastgesteld waardoor een kwaadwillende gebruiker uw Windows-systeem waarop Microsoft .NET Framework wordt uitgevoerd, kan beschadigen en volledige controle over het systeem kan krijgen. Installeer deze update van Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze update hebt geïnstalleerd, moet u de computer mogelijk opnieuw opstarten.
Meer informatie:
Help en ondersteuning:
Screenshot;
Hijackthis logjes zijn all gecheckt door Administrator Kape op deze pagina; http://www.pc-helpforum.be/f163/hijackthis-50373/
indien het nodig is, zal ik probleemloos nog eens een logje maken.
Maar ik ga een verhaaltje bij deze update vertellen,
Enkele maanden geleden, merkte ik dat me'n Windows Media Player (standaard versie van Windows7) weg was, ik kon die niet meer gebruiken, ik vind het raar, maar ik gebruikte toch meestal Itunes, nu de mp3 extentie wordt nu automatisch afgespeeld door Itunes, Mp4 en Dvd (denk ik) worden ge opent met Clear.fi,
Nu dat vind ik niet echt een probleem het heeft een lange tijd zo geweest, tot wanneer ik onlangs een error kreeg in Windows live mail, ik had ergens gelezen dat ik dit gewoon kon herstellen door Windows live essentials te verwijderen, en opnieuw te downloaden en installeren, dat deed ik, of ten minste probeerde ik, toen ik probeerde windows live essentials te installeren, kreeg ik dit bericht;
Toen ik dat dan ook probeerde installeren, kreeg ik deze waarschuwing
En wanneer ik programma's in- of uit probeer te schakelen in "onderdelen in- of uitschakelen"
dan krijg ik dit
enkel "hulp programma's voor web-beheer" en "Compatibiliteit met IIS 6-beheer" zijn ingeschakeld,
Ik heb Fix it al meerdere keren geprobeerd te gebruiken, zonder resultaat, ik heb ook geprobeert de instellingen te veranderen in veiligheids modus, ook geprobeerd die update te doen.
ik heb ook "Enable_Windows_Features" geprobeerd,
Kan iemand me misschien helpen dit oplossen?
Alvast bedankt.
-
Oké, bedankt dat zal ik zeker eens in Veiligheidsmodus proberen.
Ik wou zeker zijn dat alles in orde was qua malware, ect,.. voordat ik men ander probleem zou posten in de vragen/problemen met windows 7 sectie, ik neem aan dat dit dan op gelost is en die ask.com updater stoort me niet echt. dus ga ik dit markeren als OPGELOST, hartelijk bedankt voor je tijd en hulp, zeer erg ge-apprecieerd.
Tot nog eens (:
-
ComboFix 12-09-13.03 - DuDe_stef 14/09/2012 11:40:44.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3944.2544 [GMT 2:00]
Gestart vanuit: c:\users\DuDe_stef\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\DuDe_stef\Desktop\CFScript.txt
AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\REN227.tmp"
"c:\windows\system32\REN228.tmp"
"c:\windows\system32\REN229.tmp"
"c:\windows\system32\REN24A5.tmp"
"c:\windows\system32\REN24A6.tmp"
"c:\windows\system32\REN24A7.tmp"
"c:\windows\system32\REN4973.tmp"
"c:\windows\system32\REN4974.tmp"
"c:\windows\system32\REN4975.tmp"
"c:\windows\system32\RENA664.tmp"
"c:\windows\system32\RENA665.tmp"
"c:\windows\system32\RENA666.tmp"
"c:\windows\SysWow64\REN41C5.tmp"
"c:\windows\SysWow64\REN41C6.tmp"
"c:\windows\SysWow64\REN41C7.tmp"
"c:\windows\SysWow64\RENDBD2.tmp"
"c:\windows\SysWow64\RENDBD3.tmp"
"c:\windows\SysWow64\RENDBD4.tmp"
"c:\windows\SysWow64\sho2F9A.tmp"
"c:\windows\SysWow64\sho77C9.tmp"
"c:\windows\SysWow64\sho7C24.tmp"
"c:\windows\SysWow64\sho9C80.tmp"
"c:\windows\SysWow64\shoA9BA.tmp"
"c:\windows\SysWow64\shoAEC1.tmp"
"c:\windows\SysWow64\shoC3C0.tmp"
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\1ClickDownload
c:\program files (x86)\1ClickDownload\ocmainpack.exe
c:\windows\system32\REN227.tmp
c:\windows\system32\REN228.tmp
c:\windows\system32\REN229.tmp
c:\windows\system32\REN24A5.tmp
c:\windows\system32\REN24A6.tmp
c:\windows\system32\REN24A7.tmp
c:\windows\system32\REN4973.tmp
c:\windows\system32\REN4974.tmp
c:\windows\system32\REN4975.tmp
c:\windows\system32\RENA664.tmp
c:\windows\system32\RENA665.tmp
c:\windows\system32\RENA666.tmp
c:\windows\SysWow64\REN41C5.tmp
c:\windows\SysWow64\REN41C6.tmp
c:\windows\SysWow64\REN41C7.tmp
c:\windows\SysWow64\RENDBD2.tmp
c:\windows\SysWow64\RENDBD3.tmp
c:\windows\SysWow64\RENDBD4.tmp
c:\windows\SysWow64\sho2F9A.tmp
c:\windows\SysWow64\sho77C9.tmp
c:\windows\SysWow64\sho7C24.tmp
c:\windows\SysWow64\sho9C80.tmp
c:\windows\SysWow64\shoA9BA.tmp
c:\windows\SysWow64\shoAEC1.tmp
c:\windows\SysWow64\shoC3C0.tmp
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-08-14 to 2012-09-14 ))))))))))))))))))))))))))))))
.
.
2012-09-14 09:53 . 2012-09-14 09:53 -------- d-----w- c:\users\pascale\AppData\Local\temp
2012-09-14 09:53 . 2012-09-14 09:53 -------- d-----w- c:\users\Gast\AppData\Local\temp
2012-09-14 09:53 . 2012-09-14 09:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-12 13:51 . 2012-09-13 08:59 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4AE80E04-D265-4434-AFF9-3F6BA2103786}\offreg.dll
2012-09-12 10:51 . 2012-09-12 10:51 -------- d-----w- c:\users\DuDe_stef\AppData\Local\EgisTec
2012-09-12 09:09 . 2012-09-14 09:59 -------- d-----w- c:\users\DuDe_stef\AppData\Local\temp
2012-09-09 22:17 . 2012-09-09 22:17 -------- d-----w- c:\users\pascale\AppData\Local\Opera
2012-09-09 14:19 . 2012-09-09 14:19 -------- d-----w- c:\users\DuDe_stef\.fontconfig
2012-09-09 11:13 . 2012-09-09 11:13 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Apps
2012-09-07 19:47 . 2012-09-07 19:50 -------- d-----w- c:\users\DuDe_stef\.Mikescape_Cache
2012-09-06 22:13 . 2012-09-06 22:26 -------- d-----w- c:\users\DuDe_stef\legacy
2012-09-06 22:13 . 2012-09-06 22:15 -------- d-----w- c:\users\DuDe_stef\paradise704Cache1
2012-09-06 21:56 . 2012-09-06 21:56 -------- d-----w- c:\users\DuDe_stef\sevadorcache
2012-09-06 21:33 . 2012-09-06 21:33 -------- d-----w- c:\users\DuDe_stef\resistancepkv8cache
2012-09-03 17:04 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.epicurus.cache
2012-09-03 17:03 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.ecl.cache
2012-08-27 20:41 . 2012-08-27 20:41 -------- d-----w- c:\users\pascale\AppData\Local\PC_Drivers_Headquarters
2012-08-27 09:28 . 2012-09-06 14:55 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\.techniclauncher
2012-08-25 14:19 . 2012-08-25 14:19 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-08-23 13:14 . 2012-08-23 13:14 2818560 ----a-w- c:\windows\SysWow64\Sterrenhemel Screensaver.scr
2012-08-23 13:09 . 2012-08-23 13:09 6412288 ----a-w- c:\windows\SysWow64\Schermbeveiliging open haard.scr
2012-08-21 19:30 . 2012-08-21 19:30 -------- d-----w- c:\programdata\Ableton
2012-08-21 19:26 . 2012-08-21 19:27 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\Ableton
2012-08-18 15:44 . 2012-08-18 15:44 -------- d-----w- c:\program files (x86)\Electronic Arts
2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\programdata\RegUse
2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\program files (x86)\RegUse
2012-08-17 12:17 . 2012-08-17 12:17 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Opera
2012-08-17 12:17 . 2012-09-01 13:43 -------- d-----w- c:\program files (x86)\Opera
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-01 13:42 . 2012-04-01 11:14 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-01 13:42 . 2011-08-17 00:17 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-25 14:18 . 2012-05-17 16:50 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-08-25 14:18 . 2011-08-09 20:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-15 13:44 . 2012-05-12 16:17 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-08-03 02:27 . 2011-09-18 00:20 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-07-22 10:46 . 2012-08-06 14:31 191280 ----a-w- c:\windows\system32\javaws.exe
2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\javaw.exe
2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\java.exe
2012-07-19 10:25 . 2012-07-19 10:25 65536 ----a-w- c:\windows\IFinst27.exe
2012-07-19 09:38 . 2012-07-23 06:06 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2012-07-17 13:14 . 2012-07-17 13:14 253184 ----a-w- c:\windows\system32\LIVESSP.DLL
2012-07-17 12:49 . 2012-07-17 12:49 209648 ----a-w- c:\windows\SysWow64\LIVESSP.DLL
2012-07-17 12:37 . 2012-07-17 12:37 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-10 02:48 . 2012-07-10 02:48 41704 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2012-07-03 11:46 . 2012-05-19 02:00 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-09-12_08.52.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-09-12 08:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-09-14 09:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-09-12 08:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-09-14 09:57 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-09-12 08:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-09-14 09:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-21 03:09 . 2012-09-13 00:54 86372 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-09-14 10:00 41264 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-08-10 08:18 . 2012-09-10 08:32 16610 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-661364119-148139604-4287045721-1003_UserData.bin
+ 2011-08-10 08:18 . 2012-09-13 00:54 16610 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-661364119-148139604-4287045721-1003_UserData.bin
+ 2011-08-09 19:27 . 2012-09-14 10:00 17880 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-661364119-148139604-4287045721-1000_UserData.bin
- 2012-09-12 08:49 . 2012-09-12 08:49 2111 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2012-09-12 20:29 . 2012-09-12 20:29 2111 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-09-12 08:50 . 2012-09-12 08:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-09-14 09:54 . 2012-09-14 09:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-09-12 08:50 . 2012-09-12 08:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-09-14 09:54 . 2012-09-14 09:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-09-14 09:57 . 2009-10-06 23:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll
- 2012-09-12 08:50 . 2009-10-06 23:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll
+ 2012-09-14 09:57 . 2009-10-06 23:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll
- 2012-09-12 08:50 . 2009-10-06 23:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll
+ 2011-08-10 17:57 . 2012-09-14 09:10 417864 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2011-06-01 19:31 . 2012-09-12 08:33 677434 c:\windows\system32\perfh013.dat
+ 2011-06-01 19:31 . 2012-09-14 09:12 677434 c:\windows\system32\perfh013.dat
- 2009-07-14 02:36 . 2012-09-12 08:33 593110 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-09-14 09:12 593110 c:\windows\system32\perfh009.dat
+ 2011-06-01 19:31 . 2012-09-14 09:12 131584 c:\windows\system32\perfc013.dat
- 2011-06-01 19:31 . 2012-09-12 08:33 131584 c:\windows\system32\perfc013.dat
+ 2009-07-14 02:36 . 2012-09-14 09:12 103750 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-09-12 08:33 103750 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:01 . 2012-09-14 09:53 527688 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-09-12 08:49 527688 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-08-10 11:53 . 2012-09-12 08:14 1537316 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1003-8192.dat
+ 2011-08-10 11:53 . 2012-09-14 09:54 1537316 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1003-8192.dat
- 2011-08-19 04:29 . 2012-08-19 05:16 2593232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1000-12288.dat
+ 2011-08-19 04:29 . 2012-09-12 20:29 2593232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1000-12288.dat
- 2011-08-10 04:54 . 2012-09-09 21:53 25141948 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1000-8192.dat
+ 2011-08-10 04:54 . 2012-09-14 09:54 25141948 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-661364119-148139604-4287045721-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-06-26 1021840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-26 177448]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-01-19 620136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"F-Secure Manager"="c:\program files (x86)\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-07-19 336992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 OpenVPNAccessClient;OpenVPN Access Client;c:\program files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [2011-08-25 24064]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe [2012-05-04 2438696]
R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
R3 LVUVC64;Logitech QuickCam Pro 5000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-13 1255736]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-08-15 56016]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 57920]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-10-16 45624]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-10-16 94280]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-07-10 41704]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-03-16 22912]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-03-16 20328]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-03-16 62584]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-08-03 476016]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-08-03 387440]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2012-05-29 199848]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe [2011-10-16 61088]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-08-11 1014624]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-18 30720]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2012-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 13:42]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd62f299efd786.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14]
.
2012-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14]
.
2012-09-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000Core1cd8d649cf3dec1.job
- c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15]
.
2012-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000UA.job
- c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15]
.
2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003Core1cd60f4e7ea1050.job
- c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20]
.
2012-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003UA.job
- c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-05-16 01:10 287048 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 61.6.196.218:8118
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
LSP: c:\program files (x86)\Telenet Security Pack\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 195.130.130.5 195.130.131.5
TCP: Interfaces\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.21.16.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file)
WebBrowser-{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000)
@Denied: (2) (LocalSystem)
"Progid"="Applications\\gimp-2.6.exe"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.png.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.wdp.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\SecuROM\License information*]
"datasecu"=hex:31,a6,ae,23,19,39,9d,b9,94,fc,a2,83,30,ed,94,17,c6,10,6e,44,e5,
73,8c,0b,51,eb,a1,92,40,26,60,f1,87,3f,f2,b8,f4,e5,7e,d0,08,b4,91,a7,e9,3d,\
"rkeysecu"=hex:64,72,28,51,23,35,18,17,54,5e,ac,72,42,d8,b1,48
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe
c:\program files (x86)\Telenet Security Pack\Common\FSMA32.EXE
c:\program files (x86)\Telenet Security Pack\Anti-Virus\FSGK32.EXE
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files (x86)\Telenet Security Pack\Common\FSHDLL32.EXE
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Hotspot Shield\bin\openvpntray.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fssm32.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsav32.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Voltooingstijd: 2012-09-14 12:04:28 - machine werd herstart
ComboFix-quarantined-files.txt 2012-09-14 10:04
ComboFix2.txt 2012-09-12 09:09
.
Pre-Run: 32.937.283.584 bytes beschikbaar
Post-Run: 32.776.486.912 bytes beschikbaar
.
- - End Of File - - 1658A214B64813ACEF950C42F81F7A26
Na dat deze Combofix gedaan had, heb ik even een kijkje genomen in me'n configuratiescherm en gezocht voor enige ask programma's die er mogelijk nog aanwezig zouden zijn, en inderdaad "Ask Toolbar updater" is nog steeds aanwezig, ik heb geprobeert dat dan ook te verwijderen, maar daarvoor heb ik de macht niet en moet ik contact opnemen met de systeem beheerder, Dus dacht ik dat nog eens een HijackThis scan doen en het logje posten eventueel om te zien of die nu in orde is.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:38:39, on 14/09/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 61.6.196.218:8118
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.21.16.1
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 14309 bytes
-
ComboFix 12-09-11.02 - DuDe_stef 12/09/2012 10:32:14.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3944.2048 [GMT 2:00]
Gestart vanuit: c:\users\DuDe_stef\Desktop\ComboFix.exe
AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Adobe\Photoshop.exe
c:\program files (x86)\Adobe\SHFOLDER.dll
c:\windows\install.exe
.
---- Voorgaande Run -------
.
c:\program files (x86)\GadgetBox\gaDGetboxtb.dll
c:\programdata\AMMYY\hr
c:\programdata\AMMYY\settings.bin
c:\programdata\Bcool\background.html
c:\programdata\Bcool\bhoclass.dll
c:\programdata\Bcool\content.js
c:\programdata\Bcool\ffjnknndhepadgpkppcajcplleabnkbc.crx
c:\programdata\Bcool\settings.ini
c:\programdata\FullRemove.exe
c:\users\DuDe_stef\AppData\Roaming\22DNR8DIPXfshf.exe
c:\users\DuDe_stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk
c:\windows\security\Database\tmp.edb
D:\install.exe
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-08-12 to 2012-09-12 ))))))))))))))))))))))))))))))
.
.
2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\pascale\AppData\Local\temp
2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\Gast\AppData\Local\temp
2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-09 22:17 . 2012-09-09 22:17 -------- d-----w- c:\users\pascale\AppData\Local\Opera
2012-09-09 14:19 . 2012-09-09 14:19 -------- d-----w- c:\users\DuDe_stef\.fontconfig
2012-09-09 11:48 . 2012-09-09 11:48 0 ----a-w- c:\windows\SysWow64\sho77C9.tmp
2012-09-09 11:13 . 2012-09-09 11:13 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Apps
2012-09-07 19:47 . 2012-09-07 19:50 -------- d-----w- c:\users\DuDe_stef\.Mikescape_Cache
2012-09-06 22:13 . 2012-09-06 22:26 -------- d-----w- c:\users\DuDe_stef\legacy
2012-09-06 22:13 . 2012-09-06 22:15 -------- d-----w- c:\users\DuDe_stef\paradise704Cache1
2012-09-06 21:56 . 2012-09-06 21:56 -------- d-----w- c:\users\DuDe_stef\sevadorcache
2012-09-06 21:33 . 2012-09-06 21:33 -------- d-----w- c:\users\DuDe_stef\resistancepkv8cache
2012-09-06 21:29 . 2012-09-06 21:30 -------- d-----w- C:\NewOverloadXCache
2012-09-04 23:58 . 2012-09-04 23:58 0 ----a-w- c:\windows\SysWow64\sho7C24.tmp
2012-09-04 05:21 . 2012-09-09 10:34 -------- d-----w- c:\program files\RAR Password Unlocker
2012-09-03 17:28 . 2012-09-03 17:28 889416 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\82c654841cd89f902\dotNetFx40_Full_setup.exe
2012-09-03 17:04 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.epicurus.cache
2012-09-03 17:03 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.ecl.cache
2012-08-27 20:41 . 2012-08-27 20:41 -------- d-----w- c:\users\pascale\AppData\Local\PC_Drivers_Headquarters
2012-08-27 20:13 . 2012-08-27 20:13 0 ----a-w- c:\windows\SysWow64\shoA9BA.tmp
2012-08-27 09:28 . 2012-09-06 14:55 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\.techniclauncher
2012-08-25 21:05 . 2012-08-25 21:05 -------- d-----w- c:\program files (x86)\1ClickDownload
2012-08-25 14:19 . 2012-08-25 14:19 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-08-23 13:14 . 2012-08-23 13:14 2818560 ----a-w- c:\windows\SysWow64\Sterrenhemel Screensaver.scr
2012-08-23 13:09 . 2012-08-23 13:09 6412288 ----a-w- c:\windows\SysWow64\Schermbeveiliging open haard.scr
2012-08-22 02:23 . 2012-08-22 02:23 0 ----a-w- c:\windows\SysWow64\sho2F9A.tmp
2012-08-21 19:30 . 2012-08-21 19:30 -------- d-----w- c:\programdata\Ableton
2012-08-21 19:26 . 2012-08-21 19:27 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\Ableton
2012-08-18 15:44 . 2012-08-18 15:44 -------- d-----w- c:\program files (x86)\Electronic Arts
2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\programdata\RegUse
2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\program files (x86)\RegUse
2012-08-17 12:17 . 2012-08-17 12:17 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Opera
2012-08-17 12:17 . 2012-09-01 13:43 -------- d-----w- c:\program files (x86)\Opera
2012-08-15 07:35 . 2012-08-15 07:35 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\Need for Speed World
2012-08-15 07:26 . 2012-08-15 07:26 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Electronic_Arts_Inc
2012-08-15 07:26 . 2012-08-15 07:26 -------- d-----w- c:\programdata\Electronic Arts
2012-08-14 07:06 . 2012-08-14 07:06 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\PowerISO
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-01 13:42 . 2012-04-01 11:14 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-01 13:42 . 2011-08-17 00:17 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-25 14:18 . 2012-05-17 16:50 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-08-25 14:18 . 2011-08-09 20:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-15 13:44 . 2012-05-12 16:17 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-08-05 15:59 . 2012-08-05 15:59 0 ----a-w- c:\windows\SysWow64\shoAEC1.tmp
2012-08-03 02:27 . 2011-09-18 00:20 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-07-29 01:03 . 2012-07-29 01:03 0 ----a-w- c:\windows\SysWow64\shoC3C0.tmp
2012-07-27 21:26 . 2012-07-27 21:26 0 ----a-w- c:\windows\SysWow64\sho9C80.tmp
2012-07-22 10:46 . 2012-08-06 14:31 191280 ----a-w- c:\windows\system32\javaws.exe
2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\javaw.exe
2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\java.exe
2012-07-19 10:25 . 2012-07-19 10:25 65536 ----a-w- c:\windows\IFinst27.exe
2012-07-19 09:38 . 2012-07-23 06:06 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2012-07-17 13:14 . 2012-07-17 13:14 253184 ----a-w- c:\windows\system32\LIVESSP.DLL
2012-07-17 12:49 . 2012-07-17 12:49 209648 ----a-w- c:\windows\SysWow64\LIVESSP.DLL
2012-07-17 12:37 . 2012-07-17 12:37 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-10 02:48 . 2012-07-10 02:48 41704 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2012-07-03 11:46 . 2012-05-19 02:00 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C7.tmp
2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C6.tmp
2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C5.tmp
2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A7.tmp
2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A6.tmp
2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A5.tmp
2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD4.tmp
2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD3.tmp
2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD2.tmp
2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN229.tmp
2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN228.tmp
2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN227.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA666.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA665.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA664.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4975.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4974.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4973.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-06-26 1021840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-26 177448]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-01-19 620136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"F-Secure Manager"="c:\program files (x86)\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-07-19 336992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 OpenVPNAccessClient;OpenVPN Access Client;c:\program files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [2011-08-25 24064]
R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe [2012-05-04 2438696]
R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-13 1255736]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-08-15 56016]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 57920]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-10-16 45624]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-10-16 94280]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-07-10 41704]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-03-16 22912]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-03-16 20328]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-03-16 62584]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-08-03 476016]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-08-03 387440]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2012-05-29 199848]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe [2011-10-16 61088]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
S3 LVUVC64;Logitech QuickCam Pro 5000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-08-11 1014624]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-18 30720]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2012-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 13:42]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd62f299efd786.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14]
.
2012-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14]
.
2012-09-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000Core1cd8d649cf3dec1.job
- c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15]
.
2012-09-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000UA.job
- c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15]
.
2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003Core1cd60f4e7ea1050.job
- c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20]
.
2012-09-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003UA.job
- c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20]
.
2012-09-12 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~2\TELENE~1\ANTI-V~1\fsav.exe [2011-10-16 15:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-05-16 01:10 287048 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 61.6.196.218:8118
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
LSP: c:\program files (x86)\Telenet Security Pack\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 195.130.130.5 195.130.131.5
TCP: Interfaces\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.21.16.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-IpSharkkEvo - c:\program files (x86)\IpSharkkEvolution\IpSharkkEvo.exe
Wow6432Node-HKCU-Run-RGSC - c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKLM-Run-ROC_ROC_JULY_P1 - c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file)
WebBrowser-{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
AddRemove-63601EB2-A7CE-4C97-9B8C-83925DF392FA - c:\windows\system32\beidpp\uninstall.exe
AddRemove-Audacity 1.3 Beta (Unicode)_is1 - c:\program files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe
AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
AddRemove-{576CA494-F771-4B10-9AF0-8ED4A7AFB0CC}_is1 - c:\program files (x86)\Amnesia - The Dark Descent Demo\unins000.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000)
@Denied: (2) (LocalSystem)
"Progid"="Applications\\gimp-2.6.exe"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.png.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.wdp.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\SecuROM\License information*]
"datasecu"=hex:31,a6,ae,23,19,39,9d,b9,94,fc,a2,83,30,ed,94,17,c6,10,6e,44,e5,
73,8c,0b,51,eb,a1,92,40,26,60,f1,87,3f,f2,b8,f4,e5,7e,d0,08,b4,91,a7,e9,3d,\
"rkeysecu"=hex:64,72,28,51,23,35,18,17,54,5e,ac,72,42,d8,b1,48
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe
c:\program files (x86)\Telenet Security Pack\Common\FSMA32.EXE
c:\program files (x86)\Telenet Security Pack\Anti-Virus\FSGK32.EXE
c:\program files (x86)\Telenet Security Pack\Common\FSHDLL32.EXE
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fssm32.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsav32.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Voltooingstijd: 2012-09-12 11:09:24 - machine werd herstart
ComboFix-quarantined-files.txt 2012-09-12 09:09
.
Pre-Run: 34.619.441.152 bytes beschikbaar
Post-Run: 33.970.556.928 bytes beschikbaar
.
- - End Of File - - A6F85A1E8DB9C854A78069698802FE2F
ComboFix 12-09-11.02 - DuDe_stef 12/09/2012 10:32:14.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3944.2048 [GMT 2:00]
Gestart vanuit: c:\users\DuDe_stef\Desktop\ComboFix.exe
AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Adobe\Photoshop.exe
c:\program files (x86)\Adobe\SHFOLDER.dll
c:\windows\install.exe
.
---- Voorgaande Run -------
.
c:\program files (x86)\GadgetBox\gaDGetboxtb.dll
c:\programdata\AMMYY\hr
c:\programdata\AMMYY\settings.bin
c:\programdata\Bcool\background.html
c:\programdata\Bcool\bhoclass.dll
c:\programdata\Bcool\content.js
c:\programdata\Bcool\ffjnknndhepadgpkppcajcplleabnkbc.crx
c:\programdata\Bcool\settings.ini
c:\programdata\FullRemove.exe
c:\users\DuDe_stef\AppData\Roaming\22DNR8DIPXfshf.exe
c:\users\DuDe_stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk
c:\windows\security\Database\tmp.edb
D:\install.exe
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-08-12 to 2012-09-12 ))))))))))))))))))))))))))))))
.
.
2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\pascale\AppData\Local\temp
2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\Gast\AppData\Local\temp
2012-09-12 08:49 . 2012-09-12 08:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-09 22:17 . 2012-09-09 22:17 -------- d-----w- c:\users\pascale\AppData\Local\Opera
2012-09-09 14:19 . 2012-09-09 14:19 -------- d-----w- c:\users\DuDe_stef\.fontconfig
2012-09-09 11:48 . 2012-09-09 11:48 0 ----a-w- c:\windows\SysWow64\sho77C9.tmp
2012-09-09 11:13 . 2012-09-09 11:13 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Apps
2012-09-07 19:47 . 2012-09-07 19:50 -------- d-----w- c:\users\DuDe_stef\.Mikescape_Cache
2012-09-06 22:13 . 2012-09-06 22:26 -------- d-----w- c:\users\DuDe_stef\legacy
2012-09-06 22:13 . 2012-09-06 22:15 -------- d-----w- c:\users\DuDe_stef\paradise704Cache1
2012-09-06 21:56 . 2012-09-06 21:56 -------- d-----w- c:\users\DuDe_stef\sevadorcache
2012-09-06 21:33 . 2012-09-06 21:33 -------- d-----w- c:\users\DuDe_stef\resistancepkv8cache
2012-09-06 21:29 . 2012-09-06 21:30 -------- d-----w- C:\NewOverloadXCache
2012-09-04 23:58 . 2012-09-04 23:58 0 ----a-w- c:\windows\SysWow64\sho7C24.tmp
2012-09-04 05:21 . 2012-09-09 10:34 -------- d-----w- c:\program files\RAR Password Unlocker
2012-09-03 17:28 . 2012-09-03 17:28 889416 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\82c654841cd89f902\dotNetFx40_Full_setup.exe
2012-09-03 17:04 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.epicurus.cache
2012-09-03 17:03 . 2012-09-03 17:04 -------- d-----w- c:\users\DuDe_stef\.ecl.cache
2012-08-27 20:41 . 2012-08-27 20:41 -------- d-----w- c:\users\pascale\AppData\Local\PC_Drivers_Headquarters
2012-08-27 20:13 . 2012-08-27 20:13 0 ----a-w- c:\windows\SysWow64\shoA9BA.tmp
2012-08-27 09:28 . 2012-09-06 14:55 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\.techniclauncher
2012-08-25 21:05 . 2012-08-25 21:05 -------- d-----w- c:\program files (x86)\1ClickDownload
2012-08-25 14:19 . 2012-08-25 14:19 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-08-23 13:14 . 2012-08-23 13:14 2818560 ----a-w- c:\windows\SysWow64\Sterrenhemel Screensaver.scr
2012-08-23 13:09 . 2012-08-23 13:09 6412288 ----a-w- c:\windows\SysWow64\Schermbeveiliging open haard.scr
2012-08-22 02:23 . 2012-08-22 02:23 0 ----a-w- c:\windows\SysWow64\sho2F9A.tmp
2012-08-21 19:30 . 2012-08-21 19:30 -------- d-----w- c:\programdata\Ableton
2012-08-21 19:26 . 2012-08-21 19:27 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\Ableton
2012-08-18 15:44 . 2012-08-18 15:44 -------- d-----w- c:\program files (x86)\Electronic Arts
2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\programdata\RegUse
2012-08-18 08:15 . 2012-08-18 15:41 -------- d-----w- c:\program files (x86)\RegUse
2012-08-17 12:17 . 2012-08-17 12:17 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Opera
2012-08-17 12:17 . 2012-09-01 13:43 -------- d-----w- c:\program files (x86)\Opera
2012-08-15 07:35 . 2012-08-15 07:35 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\Need for Speed World
2012-08-15 07:26 . 2012-08-15 07:26 -------- d-----w- c:\users\DuDe_stef\AppData\Local\Electronic_Arts_Inc
2012-08-15 07:26 . 2012-08-15 07:26 -------- d-----w- c:\programdata\Electronic Arts
2012-08-14 07:06 . 2012-08-14 07:06 -------- d-----w- c:\users\DuDe_stef\AppData\Roaming\PowerISO
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-01 13:42 . 2012-04-01 11:14 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-01 13:42 . 2011-08-17 00:17 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-25 14:18 . 2012-05-17 16:50 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-08-25 14:18 . 2011-08-09 20:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-15 13:44 . 2012-05-12 16:17 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-08-05 15:59 . 2012-08-05 15:59 0 ----a-w- c:\windows\SysWow64\shoAEC1.tmp
2012-08-03 02:27 . 2011-09-18 00:20 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-07-29 01:03 . 2012-07-29 01:03 0 ----a-w- c:\windows\SysWow64\shoC3C0.tmp
2012-07-27 21:26 . 2012-07-27 21:26 0 ----a-w- c:\windows\SysWow64\sho9C80.tmp
2012-07-22 10:46 . 2012-08-06 14:31 191280 ----a-w- c:\windows\system32\javaws.exe
2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\javaw.exe
2012-07-22 10:46 . 2012-07-22 10:46 172336 ----a-w- c:\windows\system32\java.exe
2012-07-19 10:25 . 2012-07-19 10:25 65536 ----a-w- c:\windows\IFinst27.exe
2012-07-19 09:38 . 2012-07-23 06:06 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2012-07-17 13:14 . 2012-07-17 13:14 253184 ----a-w- c:\windows\system32\LIVESSP.DLL
2012-07-17 12:49 . 2012-07-17 12:49 209648 ----a-w- c:\windows\SysWow64\LIVESSP.DLL
2012-07-17 12:37 . 2012-07-17 12:37 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-10 02:48 . 2012-07-10 02:48 41704 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2012-07-03 11:46 . 2012-05-19 02:00 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C7.tmp
2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C6.tmp
2012-06-27 02:06 . 2012-06-27 02:06 0 ----a-w- c:\windows\SysWow64\REN41C5.tmp
2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A7.tmp
2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A6.tmp
2012-06-27 02:02 . 2012-06-27 02:02 0 ----a-w- c:\windows\system32\REN24A5.tmp
2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD4.tmp
2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD3.tmp
2012-06-27 01:59 . 2012-06-27 01:59 0 ----a-w- c:\windows\SysWow64\RENDBD2.tmp
2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN229.tmp
2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN228.tmp
2012-06-27 01:58 . 2012-06-27 01:58 0 ----a-w- c:\windows\system32\REN227.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA666.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA665.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\RENA664.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4975.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4974.tmp
2012-06-27 01:55 . 2012-06-27 01:55 0 ----a-w- c:\windows\system32\REN4973.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-06-26 1021840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-26 177448]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-01-19 620136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"F-Secure Manager"="c:\program files (x86)\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-07-19 336992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 OpenVPNAccessClient;OpenVPN Access Client;c:\program files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [2011-08-25 24064]
R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe [2012-05-04 2438696]
R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-13 1255736]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-08-15 56016]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 57920]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-10-16 45624]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-10-16 94280]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-07-10 41704]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-03-16 22912]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-03-16 20328]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-03-16 62584]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-08-03 476016]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-08-03 387440]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2012-05-29 199848]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe [2011-10-16 61088]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
S3 LVUVC64;Logitech QuickCam Pro 5000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-08-11 1014624]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-18 30720]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2012-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 13:42]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd62f299efd786.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14]
.
2012-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 09:14]
.
2012-09-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000Core1cd8d649cf3dec1.job
- c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15]
.
2012-09-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1000UA.job
- c:\users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 06:15]
.
2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003Core1cd60f4e7ea1050.job
- c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20]
.
2012-09-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-661364119-148139604-4287045721-1003UA.job
- c:\users\pascale\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 12:20]
.
2012-09-12 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~2\TELENE~1\ANTI-V~1\fsav.exe [2011-10-16 15:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-05-16 01:10 287048 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 61.6.196.218:8118
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
LSP: c:\program files (x86)\Telenet Security Pack\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 195.130.130.5 195.130.131.5
TCP: Interfaces\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.21.16.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-IpSharkkEvo - c:\program files (x86)\IpSharkkEvolution\IpSharkkEvo.exe
Wow6432Node-HKCU-Run-RGSC - c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKLM-Run-ROC_ROC_JULY_P1 - c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file)
WebBrowser-{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
AddRemove-63601EB2-A7CE-4C97-9B8C-83925DF392FA - c:\windows\system32\beidpp\uninstall.exe
AddRemove-Audacity 1.3 Beta (Unicode)_is1 - c:\program files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe
AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
AddRemove-{576CA494-F771-4B10-9AF0-8ED4A7AFB0CC}_is1 - c:\program files (x86)\Amnesia - The Dark Descent Demo\unins000.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000)
@Denied: (2) (LocalSystem)
"Progid"="Applications\\gimp-2.6.exe"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-661364119-148139604-4287045721-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.png.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.wdp.15.4"
.
[HKEY_USERS\S-1-5-21-661364119-148139604-4287045721-1000\Software\SecuROM\License information*]
"datasecu"=hex:31,a6,ae,23,19,39,9d,b9,94,fc,a2,83,30,ed,94,17,c6,10,6e,44,e5,
73,8c,0b,51,eb,a1,92,40,26,60,f1,87,3f,f2,b8,f4,e5,7e,d0,08,b4,91,a7,e9,3d,\
"rkeysecu"=hex:64,72,28,51,23,35,18,17,54,5e,ac,72,42,d8,b1,48
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe
c:\program files (x86)\Telenet Security Pack\Common\FSMA32.EXE
c:\program files (x86)\Telenet Security Pack\Anti-Virus\FSGK32.EXE
c:\program files (x86)\Telenet Security Pack\Common\FSHDLL32.EXE
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fssm32.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsav32.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Voltooingstijd: 2012-09-12 11:09:24 - machine werd herstart
ComboFix-quarantined-files.txt 2012-09-12 09:09
.
Pre-Run: 34.619.441.152 bytes beschikbaar
Post-Run: 33.970.556.928 bytes beschikbaar
.
- - End Of File - - A6F85A1E8DB9C854A78069698802FE2F
-
Malwarebytes Anti-Malware 1.62.0.1300
Malwarebytes : Free anti-malware download
Databaseversie: v2012.09.09.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
DuDe_stef :: DUDE_STEF-PC [administrator]
Realtime bescherming: Ingeschakeld
10/09/2012 18:00:11
mbam-log-2012-09-10 (18-00-11).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 259649
Verstreken tijd: 9 minuut/minuten, 26 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:14:56, on 10/09/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pascale\Downloads\wlsetup-web (1).exe
C:\Users\pascale\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 61.6.196.218:8118
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKCU\..\Run: [Google Update] "C:\Users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ipSharkkEvo] "C:\Program Files (x86)\IpSharkkEvolution\IpSharkkEvo.exe" --auto-start
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-661364119-148139604-4287045721-1003\..\Run: [searchEngineProtection] C:\Program Files (x86)\GamesBar\SearchEngineProtection.exe (User 'pascale')
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - S-1-5-21-661364119-148139604-4287045721-1003 Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (User 'pascale')
O4 - S-1-5-21-661364119-148139604-4287045721-1003 User Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (User 'pascale')
O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: OpenVPN Connect.lnk = C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.76.80.1
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 17720 bytes
Wanneer ik Ask.com uit men program files probeerde te verwijderen ging dat niet, zou dit kunnen zijn wegens een andere gebruiker online te zijn op m'n computer die mogelijk een internet-browers open staan heeft?
alvast bedankt.
-
Ga naar je instellingen van google chrome en druk dan op extensies, daar heb je de mogelijkheid om deze te verwijderen of uit te schakelen.
-
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:24:15, on 9/09/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DuDe_stef\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\DuDe_stef\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={4F71666D-3EB4-4A4D-8196-55E1BDEB617F}&mid=ded8d546ca9747d09c183120d343e0ef-3502e4f0c26cda9ae4bd89490bdf71f367bfe1e0〈=nl&ds=st011&pr=sa&d=2012-07-23 08:07:07&v=12.1.0.20&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Gadgetbox Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 61.6.196.218:8118
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
R3 - URLSearchHook: (no name) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - (no file)
R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
R3 - URLSearchHook: (no name) - {32b29df0-2237-4370-9a29-37cebb730e9b} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (file missing)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files (x86)\GamesBar\2.0.1.109\oberontb.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (file missing)
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (file missing)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.109\oberontb.dll
O3 - Toolbar: GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKCU\..\Run: [Google Update] "C:\Users\DuDe_stef\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ipSharkkEvo] "C:\Program Files (x86)\IpSharkkEvolution\IpSharkkEvo.exe" --auto-start
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [javac.exe] C:\Users\DuDe_stef\AppData\Local\Temp\IXP006.TMP\javac.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: OpenVPN Connect.lnk = C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files (x86)\GamesBar\2.0.1.109\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files (x86)\GamesBar\2.0.1.109\oberontb.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{450329B6-7B29-4C83-B46D-BE1821EFDDDA}: NameServer = 10.67.48.1
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 19498 bytes
Update doet het niet, 'instellingen in- of uitschakelen ook" niet
in Archief Windows Algemeen
Geplaatst:
Enkel deze update.. het probleem is dan als ik die update manueel wil instaleren dan krijg ik een error (tezien op afbeelding)
En waneer ik dan doe wat vermeld staat op dat venstertje krijg ik dit (zie afbeelding)