desoete
Lid-
Items
25 -
Registratiedatum
-
Laatst bezocht
desoete's prestaties
-
Internet Privacy and Security - TRUSTe
desoete reageerde op desoete's topic in Archief Bestrijding malware & virussen
Heb juist gecontroleerd, het komt er niet meer op! -
Internet Privacy and Security - TRUSTe
desoete reageerde op desoete's topic in Archief Bestrijding malware & virussen
# AdwCleaner v2.200 - Verslag gemaakt op 13/04/2013 om 13:10:45 # Geactualiseerd op 02/04/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Soete - SOETE-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Soete\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** Gestopt & Verwijdert : Partner Service ***** [Files / Mappen] ***** Map Verwijdert : C:\ProgramData\Ask Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\ProgramData\Partner Map Verwijdert : C:\Users\Soete\AppData\Roaming\Babylon Map Verwijdert : C:\Windows\SysWOW64\WNLT ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll Sleutel Verwijdert : HKLM\SOFTWARE\Classes\kt_bho.KettleBho Sleutel Verwijdert : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16470 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v26.0.1410.64 File : C:\Users\Soete\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [1973 octets] - [13/04/2013 13:10:45] ########## EOF - C:\AdwCleaner[s1].txt - [2033 octets] ########## Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:22:10, on 13/04/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.3.0.36\ccSvcHst.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\PHotkey\HCSynApi.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Soete\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.3.0.36\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.3.0.36\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.3.0.36\coIEPlg.dll O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.3.0.36\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 13683 bytes -
Internet Privacy and Security - TRUSTe
desoete plaatste een topic in Archief Bestrijding malware & virussen
Your access to this site has been restricted! Your access to our site has been restricted because of your recent activity. Your actions have been marked as malware like, to visit this website again follow instructions on the left. This is made for security reasons. Please take your time to go through the verification process to restore you access to blocked websites. TRUSTe Website Unlocker should remove any malware that affects Your browsing. We are sorry for for the inconvenience this might cause you. Internet Privacy and Security. Steps to access this website again: Click Here To Unblock Hallo, dit scherm komt erop als ik Internet Explorer open.Eerst was het ook bij Google Chrome, maar nadat ik het opnieuw had geïnstalleerd kwam het venster er niet meer op. Ik heb ook al een systeemherstel gedaan, maar dit heeft het probleem ook niet geholpen. Heb ook al een scan gedaan met Malwarebytes, maar dat vond ook niets. Hier is mijn log met Hijackthis, zouden jullie hier is willen naar kijken Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:21:40, on 13/04/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.3.0.36\ccSvcHst.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\PHotkey\HCSynApi.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Users\Soete\Downloads\HijackThis.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.3.0.36\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.3.0.36\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.3.0.36\coIEPlg.dll O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België ? Koop en verkoop. Nieuw en tweedehands. Wat je ook wil kopen, altijd eerst even eBay checken! (file missing) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België ? Koop en verkoop. Nieuw en tweedehands. Wat je ook wil kopen, altijd eerst even eBay checken! (file missing) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België ? Koop en verkoop. Nieuw en tweedehands. Wat je ook wil kopen, altijd eerst even eBay checken! (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België ? Koop en verkoop. Nieuw en tweedehands. Wat je ook wil kopen, altijd eerst even eBay checken! (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.3.0.36\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 14521 bytes -
computer doet nog altijd hetzelfde. Hier is het logbestand: ComboFix 13-03-01.01 - Administrator 02/03/2013 9:59.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3036.1733 [GMT 1:00] Gestart vanuit: c:\users\Administrator\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\PC_VAN_SOETE c:\programdata\PC_VAN_SOETE\drv06152012184544.inf c:\programdata\PC_VAN_SOETE\syslog.txt c:\programdata\PC_VAN_SOETE\win06152012184534344.sys c:\users\Administrator\AppData\Local\assembly\tmp c:\windows\system32\SET3BD3.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2013-02-02 to 2013-03-02 )))))))))))))))))))))))))))))) . . 2013-03-02 09:10 . 2013-03-02 09:10 -------- d-----w- c:\users\SoetePC\AppData\Local\temp 2013-03-02 09:10 . 2013-03-02 09:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-03-01 11:34 . 2013-02-08 00:45 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{41D2E781-4DAF-4EAC-8780-A058793497CF}\mpengine.dll 2013-02-27 20:26 . 2013-02-27 20:18 24064 ----a-w- c:\windows\zoek-delete.exe 2013-02-27 20:26 . 2013-03-02 09:11 -------- d-----w- c:\users\Administrator\AppData\Local\Temp 2013-02-27 19:25 . 2013-02-27 19:25 -------- d-----w- c:\users\Administrator\AppData\Roaming\TuneUp Software 2013-02-24 17:39 . 2013-02-24 17:39 -------- d-----w- c:\users\SoetePC\AppData\Local\Conduit 2013-02-24 17:31 . 2013-02-24 17:32 -------- d-----w- c:\program files\DVDVideoSoft 2013-02-24 17:31 . 2013-02-24 17:31 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2013-02-24 17:20 . 2013-02-24 17:20 -------- d-----w- c:\users\SoetePC\AppData\Roaming\TuneUp Software 2013-02-24 17:20 . 2013-02-27 19:31 -------- d-----w- c:\program files\TuneUp Utilities 2013 2013-02-24 17:20 . 2013-02-24 17:20 -------- d-----w- c:\programdata\TuneUp Software 2013-02-24 17:19 . 2013-02-24 17:19 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2013-02-24 17:19 . 2013-02-24 17:31 -------- d-----w- c:\users\SoetePC\AppData\Roaming\OpenCandy 2013-02-19 15:21 . 2013-02-19 15:21 -------- d-----w- c:\windows\system32\%LOCALAPPDATA% 2013-02-14 08:20 . 2013-02-14 08:23 4126720 ----a-w- c:\program files\GUT60EB.tmp 2013-02-14 08:20 . 2013-02-14 08:20 -------- d-----w- c:\program files\GUM60EA.tmp 2013-02-13 19:54 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll 2013-02-13 13:00 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 13:00 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll 2013-02-13 13:00 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-13 13:00 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 13:00 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-02-13 12:33 . 2013-02-13 12:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-02-13 12:33 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-02-13 10:36 . 2013-02-13 10:36 -------- d-----w- c:\users\SoetePC\AppData\Roaming\Malwarebytes 2013-02-06 18:58 . 2012-08-21 12:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2013-02-06 18:57 . 2013-02-06 18:57 -------- d-----w- c:\program files\iPod 2013-02-06 18:57 . 2013-02-06 18:57 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-01 12:06 . 2012-04-15 13:49 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-01 12:06 . 2012-02-02 17:34 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-02-20 12:02 . 2011-06-11 00:58 770384 ----a-w- c:\windows\system32\msvcr100.dll 2013-02-20 12:02 . 2011-06-11 00:58 421200 ----a-w- c:\windows\system32\msvcp100.dll 2013-02-13 10:23 . 2008-01-21 02:24 26624 ----a-w- c:\windows\system32\wtsapi32.dll 2013-01-20 12:05 . 2012-03-04 10:00 1945664 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2013-01-20 11:50 . 2012-11-21 13:41 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat 2013-01-17 00:28 . 2012-03-25 10:31 232336 ------w- c:\windows\system32\MpSigStub.exe 2012-12-16 13:12 . 2012-12-23 12:34 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 10:50 . 2012-12-23 12:34 293376 ----a-w- c:\windows\system32\atmfd.dll 2012-12-07 16:21 . 2012-09-29 13:11 570912 ----a-w- c:\programdata\Microsoft\VWDExpress\10.0\1033\ResourceCache.dll 2012-05-25 15:38 . 2012-04-15 11:05 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 2013-01-30 14:49 281760 ----a-w- c:\program files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Spotify Web Helper"="c:\users\Administrator\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-26 1199576] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-01 13789728] "tsnp2uvc"="c:\windows\tsnp2uvc.exe" [2008-08-28 233472] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-29 450660] "fspuip"="c:\program files\FSP\fspuip.exe" [2009-06-19 765952] "HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2009-04-10 191488] "LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2009-07-07 343552] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2009-08-05 413696] "MDS_Menu"="c:\program files\HomeCinema\MediaShow4\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-12-19 14:39 41208 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2012-11-28 13:13 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2006-12-10 20:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-12-12 12:57 152544 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut] 2009-04-15 21:54 50472 ------w- c:\program files\HomeCinema\PowerDVD8\Language\Language.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-10-24 12:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify] 2012-10-26 15:32 7880664 ----a-w- c:\users\Administrator\AppData\Roaming\Spotify\spotify.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper] 2012-10-26 15:32 1199576 ----a-w- c:\users\Administrator\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu] 2009-05-19 20:16 222504 ------w- c:\program files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe . R1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\ADMINI~1\AppData\Local\Temp\Rar$EXa0.305\EmsisoftEmergencyKit\Run\a2ddax86.sys [x] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2013-03-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 12:06] . 2013-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-23 13:32] . 2013-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-23 13:32] . 2013-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-1000Core.job - c:\users\SoetePC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-21 14:38] . 2013-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-1000UA.job - c:\users\SoetePC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-21 14:38] . 2013-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-500Core.job - c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-12 11:56] . 2013-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-500UA.job - c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-12 11:56] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = local IE: Download all by YouTube Robot - c:\program files\YouTubeRobot\downall.htm IE: Download by YouTube Robot - c:\program files\YouTubeRobot\downlink.htm IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll TCP: DhcpNameServer = 195.130.131.4 195.130.130.132 FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - ExtSQL: !HIDDEN! 2012-04-03 12:57; belgiumeid@eid.belgium.be; c:\program files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) HKLM-Run-Smart Communicator - c:\program files\SmartSchool\Bin\SmartCommunicator.exe HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-BitTorrent - c:\program files\BitTorrent\BitTorrent.exe MSConfigStartUp-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe AddRemove-Advanced System Protector_is1 - c:\program files\Advanced System Protector\unins000.exe AddRemove-Garmin TOPO Swiss_is1 - g:\garmin\TOPO Swiss\unins000.exe AddRemove-WhiteSmoke_B Toolbar - c:\program files\WhiteSmoke_B\uninstall.exe AddRemove-_{E1A63F75-1F72-4450-980D-434496FFC646} - c:\program files\Corel\Corel Painter Essentials 4\MSILauncher {E1A63F75-1F72-4450-980D-434496FFC646} . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-03-02 10:11 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MsDepSvc] "ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (Administrator) . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (Administrator) "Timestamp"=hex:e0,a2,83,7a,79,9a,cd,01 . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,28,44,88,96,e2,82,44,b4,bc,67,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,28,44,88,96,e2,82,44,b4,bc,67,\ . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.3g2" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice] @Denied: (2) (Administrator) "Progid"="VLC.3gp" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.3gp2" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.3gpp" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.7z\UserChoice] @Denied: (2) (Administrator) "Progid"="WinRAR" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.aac" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ac3\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.ac3" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adts\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.adts" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AIFF" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AIFF" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AIFF" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amc\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.amc" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AMR\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.AMR" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASF" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASX" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AU" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice] @Denied: (2) (Administrator) "Progid"="avifile" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.bwf" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.caf\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.caf" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.CDA" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdda\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.cdda" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.cel" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DB\UserChoice] @Denied: (2) (Administrator) "Progid"="Applications\\accicons.exe" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dif\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.dif" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dv\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.dv" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (Administrator) "Progid"="Microsoft Internet Mail Message" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.flc" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.fli" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.GZ\UserChoice] @Denied: (2) (Administrator) "Progid"="WinRAR" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (Administrator) "Progid"="ChromeHTML.Administrator" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (Administrator) "Progid"="ChromeHTML.Administrator" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (Administrator) "Progid"="Applications\\OIS.EXE" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.kar" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.m15" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.m1a" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1s\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.m1s" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.M3U" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3url\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.m3url" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice] @Denied: (2) (Administrator) "Progid"="VLC.m4a" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4b\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.m4b" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4p\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.m4p" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.m4v" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.m75" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mac\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.mac" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice] @Denied: (2) (Administrator) "Progid"="IE.AssocFile.MHT" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice] @Denied: (2) (Administrator) "Progid"="IE.AssocFile.MHT" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MIDI" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MIDI" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOV\UserChoice] @Denied: (2) (Administrator) "Progid"="MOV_auto_file" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MP3" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP4\UserChoice] @Denied: (2) (Administrator) "Progid"="Applications\\vlc.exe" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpm\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.mpm" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.mpv" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MPEG" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mqv\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.mqv" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.partial\UserChoice] @Denied: (2) (Administrator) "Progid"="IE.AssocFile.PARTIAL" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.pct" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.php\UserChoice] @Denied: (2) (Administrator) "Progid"="Applications\\notepad.exe" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.pic" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.pict" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pnt\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.pnt" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pntg\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.pntg" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\UserChoice] @Denied: (2) (Administrator) "Progid"="Applications\\ppvwicon.exe" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.qcp" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qt\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.qt" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qti\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.qti" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtif\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.qtif" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rar\UserChoice] @Denied: (2) (Administrator) "Progid"="WinRAR" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.MIDI" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sd2\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.sd2" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.sdv" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (Administrator) "Progid"="ChromeHTML.Administrator" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.smf" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.smi" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.smil" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.sml" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AU" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice] @Denied: (2) (Administrator) "Progid"="IE.AssocFile.SVG" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.swa" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tar\UserChoice] @Denied: (2) (Administrator) "Progid"="WinRAR" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.targa\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.targa" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tgz\UserChoice] @Denied: (2) (Administrator) "Progid"="WinRAR" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.ulw" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice] @Denied: (2) (Administrator) "Progid"="IE.AssocFile.URL" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice] @Denied: (2) (Administrator) "Progid"="QuickTime.vfw" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WAV" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WAX" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.website\UserChoice] @Denied: (2) (Administrator) "Progid"="IE.AssocFile.WEBSITE" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASF" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMA" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMD" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMS" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMV" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.ASX" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WMZ" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WPL" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.WVX" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (Administrator) "Progid"="ChromeHTML.Administrator" . [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (Administrator) "Progid"="ChromeHTML.Administrator" . Voltooingstijd: 2013-03-02 10:14:53 ComboFix-quarantined-files.txt 2013-03-02 09:14 . Pre-Run: 315.237.539.840 bytes beschikbaar Post-Run: 315.229.519.872 bytes beschikbaar . - - End Of File - - FB643C804C887041C9C8FEBCB720405A
-
Hier is de log van Start.exe . Ik had veel werk voor mijn eindwerk, dus heb weinig tijd gehad. Zoek.exe Version 4.0.0.1 Updated 27-02-2013 Tool run by Administrator on wo 27/02/2013 at 21:18:20,10. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\CLSID\{f0e59437-6148-4a98-b0a6-60d557ef57f4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f0e59437-6148-4a98-b0a6-60d557ef57f4} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{f0e59437-6148-4a98-b0a6-60d557ef57f4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f0e59437-6148-4a98-b0a6-60d557ef57f4} deleted successfully ==== Firefox Extensions ====================== ProfilePath: C:\Users\SoetePC\AppData\Roaming\Mozilla\Firefox\Profiles\by3su2n5.default - WhiteSmoke B - %ProfilePath%\extensions\{f0e59437-6148-4a98-b0a6-60d557ef57f4} AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Undetermined - %AppDir%\extensions\staged - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default F733C59712465B0BD2130BB7C1A6D6E3 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll - Shockwave Flash 667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 3FCF47BD73094FA62D81373515F46110 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 632F5B29E8C27631E7AC76E330FE2980 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U7 AB87C54CA19675880B0CAE65B8AF140C - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.11 36FBE76F4F51396B0F70FC95CD7481D2 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin B78F4C2C592C87DF54E8E0C6AAEF3874 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.1.0.30109.0.dll - Silverlight Plug-In 6209F3BD43FDA86699EEF01B9CF5F0CF - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.1 D72CC3C02764E28C691DBA9751FF8A86 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.1 BC405F582CAAC78AEDE4488E8A259FA1 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.1 C560D8A34A372EE10235938FD2D34CC3 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.1 AF28C98E0897F0475833D02D3CCFFF77 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.1 CABA1A399C7C7471DEBA73CB3BA5AADB - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.1 1D10BD2720963F6B6DB25ACB1F5CF8E9 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.1 C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 414BADCE0803E142B5B57322E85103AC - C:\Program Files\Garmin GPS Plugin\npGarmin.dll - Garmin Communicator Plug-In 9317118077072C08CD84597D2925249A - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat 667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System ==== Deleting Files \ Folders ====================== "C:\Users\SoetePC\AppData\Roaming\Mozilla\Firefox\Profiles\by3su2n5.default\extensions\{f0e59437-6148-4a98-b0a6-60d557ef57f4}" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ccbgjfdieajmokelnlapbedknchgenne - C:\Users\SoetePC\AppData\Local\CRE\ccbgjfdieajmokelnlapbedknchgenne.crx[27/06/2012 19:15] icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30/10/2012 23:48] oelbclnhkbhlhikfmpmbakbgeonbjjnp - C:\Users\SoetePC\AppData\Local\CRE\oelbclnhkbhlhikfmpmbakbgeonbjjnp.crx[14/02/2013 17:30] Google Drive - Administrator - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Administrator - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Administrator - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf avast WebRep - Administrator - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda WhiteSmoke B - Administrator - Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp Gmail - Administrator - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - SoetePC - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - SoetePC - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - SoetePC - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Game Master 2.1 - SoetePC - Default\Extensions\ccbgjfdieajmokelnlapbedknchgenne Google Search - SoetePC - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf avast WebRep - SoetePC - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda DVDVideoSoft Browser Extension - SoetePC - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp WhiteSmoke B - SoetePC - Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp Gmail - SoetePC - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {30E68078-191F-4017-AC01-10659DF0CE30} SearchYa//searchya.com/?chnl=dcom-100&s=1&cr=837630667&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyD&q={searchTerms}" {4F4D5FE8-84F3-436E-882D-458E97084CF5} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={DB958E27-D6B6-4578-9467-BE1C128B0C42}&mid=eb977de8b2f747d0a126d15650ccf3a4-3ec428ebacfab87382bd6ccc856866b177e3e6f0〈=nl&ds=AVG&pr=pr&d=2012-06-09" {F2C97E00-925F-4CCA-B0EF-63D2D27A9B23} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\SoetePC\Desktop\Microsoft Office Word 2007.lnk - C:\Users\SoetePC\Desktop\Steam.lnk - C:\Program Files\Steam\steam.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk - C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe ==== shortcuts in Users Start Menu ====================== C:\Users\SoetePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free Studio Manager.lnk - C:\Program Files\Common Files\DVDVideoSoft\FreeStudioManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk - C:\Program Files\Common Files\DVDVideoSoft\bin\DVSSysReport.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Rocket Subscription.lnk - C:\Program Files\Common Files\DVDVideoSoft\bin\SubscriptionOffer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk - C:\Program Files\Common Files\DVDVideoSoft\lib\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube to MP3 Converter.lnk - C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Info iTunes.lnk - C:\Program Files\iTunes\iTunes.Resources\nl.lproj\About iTunes.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ==== shortcuts in Quick Launch ====================== C:\Users\SoetePC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\SoetePC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2013.lnk - C:\Program Files\TuneUp Utilities 2013\Integrator.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\SoetePC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\SoetePC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\SoetePC\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\SoetePC\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ADMINI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
-
Hier is de log: Zoek.exe Version 4.0.0.1 Updated 13-February-2013 Tool run by Administrator on wo 20/02/2013 at 18:01:38,87. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode No Internet Access Detected ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\winlogon.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs c:\program files\idt\wdm\STacSV.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe C:\Program Files\Hotspot Shield\bin\hsswd.exe C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Windows\tsnp2uvc.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\WButton.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\system32\PnkBstrA.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Users\Administrator\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Windows\SYSTEM32\Rezip.exe C:\Program Files\Cyberlink\Shared files\RichVideo.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Launch Manager\WisLMSvc.exe C:\Windows\System32\alg.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Users\Administrator\Desktop\zoek.exe C:\Windows\system32\conime.exe C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe ==== Creating Sample_20132002_1809.zip ====================== Process chrome.exe killed Copied file C:\Users\Administrator\PBLauncher.exe to sample sample\PBLauncher.exe renamed to 73907901093E66FD39BC6157C82A0BD7 C:\Users\Public\Desktop\sample_20132002_1809.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\SearchScopes\{AF931483-C98F-4078-BBEA-13AB0A6EDCF4} deleted successfully HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default user.js not found ---- Lines CT2504091 removed from prefs.js ---- ---- Lines CT2504091 modified from prefs.js ---- ---- Lines CT2849859 removed from prefs.js ---- ---- Lines CT2849859 modified from prefs.js ---- ---- Lines C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2504091 removed from prefs.js ---- ---- Lines C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2504091 modified from prefs.js ---- ---- Lines C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2849859 removed from prefs.js ---- ---- Lines C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2849859 modified from prefs.js ---- ---- Lines CT2269050 removed from prefs.js ---- ---- Lines CT2269050 modified from prefs.js ---- ---- Lines y2layers removed from prefs.js ---- ---- Lines y2layers modified from prefs.js ---- ---- Lines OneClickDownload removed from prefs.js ---- user_pref("extensions.OneClickDownloader.last_register", "2012-5-15"); user_pref("extensions.OneClickDownloader.SupportedSite", "[]"); user_pref("extensions.OneClickDownloader.UserID", "10.54.167.2344fa3ee677e36f0.53211280"); ---- Lines OneClickDownload modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20132002_1810_.backup ProfilePath: C:\Users\SoetePC\AppData\Roaming\Mozilla\Firefox\Profiles\by3su2n5.default user.js not found ---- Lines CT2504091 removed from prefs.js ---- ---- Lines CT2504091 modified from prefs.js ---- ---- Lines CT2849859 removed from prefs.js ---- ---- Lines CT2849859 modified from prefs.js ---- ---- Lines C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2504091 removed from prefs.js ---- ---- Lines C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2504091 modified from prefs.js ---- ---- Lines C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2849859 removed from prefs.js ---- ---- Lines C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2849859 modified from prefs.js ---- ---- Lines CT2269050 removed from prefs.js ---- ---- Lines CT2269050 modified from prefs.js ---- ---- Lines y2layers removed from prefs.js ---- user_pref("extentions.y2layers.defaultEnableAppsList", "bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube"); user_pref("extentions.y2layers.installId", "e60fb6b4-0f19-4499-bfda-8c2a9b5f056f"); ---- Lines y2layers modified from prefs.js ---- ---- Lines OneClickDownload removed from prefs.js ---- user_pref("extensions.OneClickDownload.filter", "1,2"); user_pref("extensions.OneClickDownload.lastUpdate", "{\"hours\":21,\"min\":50}"); ---- Lines OneClickDownload modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20132002_1810_.backup ==== Deleting Files \ Folders ====================== "C:\Windows\system32\roboot.exe" deleted "C:\Users\Administrator\PBLauncher.exe" deleted "C:\Users\Administrator\AppData\Roaming\Systweak" deleted "C:\ProgramData\Bcool" deleted "C:\Users\Administrator\AppData\Local\CRE" deleted "C:\Users\Administrator\AppData\LocalLow\searchresultstb" deleted "C:\Users\Administrator\AppData\LocalLow\DataMngr" deleted "C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2504091" deleted "C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2849859" deleted "C:\Users\SoetePC\AppData\Roaming\Mozilla\Firefox\Profiles\by3su2n5.default\jetpack" deleted "C:\Users\SoetePC\AppData\Roaming\Mozilla\Firefox\Profiles\by3su2n5.default\CT2269050" deleted "C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2504091" deleted "C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\CT2849859" deleted "C:\Users\SoetePC\AppData\Roaming\Mozilla\Firefox\Profiles\by3su2n5.default\CT2269050" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\ADMINI~1\AppData\Local\Temp ==== 2013-02-20 17:11:31 85DC798F058BB987B5267286ADC21315 65566 ----a-w- C:\Users\ADMINI~1\AppData\Local\Temp\SysSpec.exe 2013-02-12 20:29:45 1CDD21F7CEBFC0F6F8610DF0B02473FF 27859456 ----a-w- C:\Users\ADMINI~1\AppData\Local\Temp\9c679.msi ====== C:\Windows\system32 ===== 2013-02-13 19:55:07 EED68558AAA106535E7290C9A8E0D5A3 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-13 19:55:07 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2013-02-13 19:55:06 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-13 19:55:05 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\System32\ieui.dll 2013-02-13 19:55:05 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-13 19:55:05 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2013-02-13 19:55:04 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2013-02-13 19:55:04 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\System32\wininet.dll 2013-02-13 19:55:03 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-13 19:55:03 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\System32\jscript.dll 2013-02-13 19:55:02 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2013-02-13 19:55:02 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\System32\url.dll 2013-02-13 19:55:00 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\System32\urlmon.dll 2013-02-13 19:55:00 470D8189D7FE9928FFFECBF55AAA3233 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-13 19:54:59 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\System32\mshtml.dll 2013-02-13 19:54:57 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\System32\ieframe.dll 2013-02-13 13:00:39 1C1F3014453865E805A8708751743A48 2048512 ----a-w- C:\Windows\System32\win32k.sys 2013-02-13 13:00:37 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll 2013-02-13 13:00:27 691F1612558BF6B27F952C4B1073B0D1 3550072 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-02-13 13:00:26 E185428925DBC53CE59B2A5CBA64B837 3602808 ----a-w- C:\Windows\System32\ntkrnlpa.exe ====== C:\Windows\system32\drivers ===== 2013-02-13 13:00:33 74E2D020C47BB2B2FCCBA29A518A7EB4 905576 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-02-13 12:33:09 629CABB0421668C9D3D402A3C3D77E14 21104 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-02-06 18:58:02 185ADA973B5020655CEE342059A86CBB 26840 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-02-14 08:20:22 4126720 ----a-w- C:\Program Files\GUT60EB.tmp 2013-02-14 08:20:22 -------- d-----w- C:\Program Files\GUM60EA.tmp 2013-02-06 18:57:03 -------- d-----w- C:\Program Files\iPod ======= C: ===== 2013-02-13 10:35:25 125AD2C260B9F3A62A1DD071E52F52BF 50067 ----a-w- C:\AdwCleaner[s1].txt ====== C:\Users\Administrator\AppData\Roaming ====== 2013-02-14 08:34:02 -------- d-----w- C:\users\SoetePC\AppData\Locallow\Conduit 2013-02-13 10:36:16 64DEBDE9AF568C8AB297B41CE6D94BE2 70 ----a-w- C:\users\SoetePC\AppData\Roaming\mbam.context.scan 2013-02-12 14:41:11 EDCA352261B9E89C939A9D6B4D2C7FE9 53 ----a-w- C:\users\Administrator\AppData\Roaming\mbam.context.scan 2013-02-06 14:19:27 E28F629E4C20FF100473A1761C7586F7 1356 ----a-w- C:\users\Administrator\AppData\Local\d3d9caps.dat ====== C:\Users\Administrator ====== 2013-02-06 18:57:00 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 ====== C: exe-files == 2013-02-20 17:11:31 85DC798F058BB987B5267286ADC21315 65566 ----a-w- C:\Users\Administrator\AppData\Local\Temp\SysSpec.exe 2013-02-20 13:54:57 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe 2013-02-20 13:54:57 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateBroker.exe 2013-02-20 13:54:55 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateSetup.exe 2013-02-20 13:54:30 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler64.exe 2013-02-20 13:54:27 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe 2013-02-20 13:53:45 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdate.exe 2013-02-20 13:53:05 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe 2013-02-17 05:47:56 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe 2013-02-17 05:47:55 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateBroker.exe 2013-02-16 08:42:57 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe 2013-02-16 08:42:57 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateBroker.exe 2013-02-16 08:42:55 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateSetup.exe 2013-02-16 08:42:41 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe 2013-02-16 08:42:40 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe 2013-02-16 08:42:29 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\GoogleUpdate.exe 2013-02-16 08:41:50 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\SoetePC\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe 2013-02-15 16:19:14 E3CD0A561F3AABE8607BF1474F4AE1DD 1354736 ----a-w- C:\Program Files\Steam\steamTmp.exe 2013-02-14 08:23:24 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateSetup.exe 2013-02-14 08:22:16 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe 2013-02-14 08:22:01 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe 2013-02-14 08:20:40 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files\GUM60EA.tmp\GoogleUpdateSetup.exe 2013-02-14 08:20:40 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\GoogleUpdate.exe 2013-02-14 08:20:24 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files\GUM60EA.tmp\GoogleCrashHandler64.exe 2013-02-14 08:20:24 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files\GUM60EA.tmp\GoogleUpdateOnDemand.exe 2013-02-14 08:20:24 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files\GUM60EA.tmp\GoogleUpdateBroker.exe 2013-02-14 08:20:23 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files\GUM60EA.tmp\GoogleCrashHandler.exe 2013-02-14 08:20:10 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Administrator\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe 2013-02-13 19:55:02 698EB1E5F8C66344D97C00B5699E871D 757280 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe === C: other files == 2013-02-20 17:09:17 8B5C8A714707CBC6ED759D27565D0261 468210 ----a-w- C:\Users\Public\Desktop\sample_20132002_1809.zip 2013-02-20 13:54:56 E0FF893763BA82BAABB869A351F0C455 572808 ----atw- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll 2013-02-20 13:54:55 C56DE8185672B9F17F127EA282DD5E07 160136 ----atw- C:\Program Files\Google\Update\1.3.21.135\psmachine.dll 2013-02-20 13:54:55 59CBFB54ECC5FE93C74ECB2E4A1FF9A2 22408 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_zh-TW.dll 2013-02-20 13:54:55 1C074E661B522E7F40D3534089FC225E 160136 ----atw- C:\Program Files\Google\Update\1.3.21.135\psuser.dll 2013-02-20 13:54:54 51B96D72840AB9232225521102AB4962 22408 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_zh-CN.dll 2013-02-20 13:54:47 0A6FD6C1F1E21A54CDC342616E8E4F82 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_vi.dll 2013-02-20 13:54:43 17EBF25727C05C7273AD72BADF1F7058 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ur.dll 2013-02-20 13:54:38 DF1FAEC09D59CF8CDBC30D3455648F8C 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_uk.dll 2013-02-20 13:54:36 EA1848EFE8F3B60C687D003977945289 28040 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_th.dll 2013-02-20 13:54:36 A613AEA586B0ADF6902A59F39C547DA6 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_tr.dll 2013-02-20 13:54:36 787B22D1B3551214EA18A438EB497BC2 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_sr.dll 2013-02-20 13:54:36 326DC32156A3587395B6858C10D34B0E 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_sw.dll 2013-02-20 13:54:36 2A0309B546700308E7DF9ED9302E8E94 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_te.dll 2013-02-20 13:54:36 1359046E906BFC1147702E78442ADB1E 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ta.dll 2013-02-20 13:54:36 0B09837C01231654CEA36BAD94F88994 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_sv.dll 2013-02-20 13:54:35 E849D447E038462CBE0B79655865CBB8 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_mr.dll 2013-02-20 13:54:35 E534BB37BF5C43826E748E1D89910253 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_sk.dll 2013-02-20 13:54:35 956C7CFAE0FCA13AE6592A72E681325A 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_pt-BR.dll 2013-02-20 13:54:35 8AAFF4EE2151DC1DBE13B1B42189A9A4 32136 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ml.dll 2013-02-20 13:54:35 6E67575379F7CE795FF77CEC74F6D769 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_lv.dll 2013-02-20 13:54:35 6D9CDB9FE405DB672187CA1F85B148FA 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_pt-PT.dll 2013-02-20 13:54:35 6D8879BF56B5875E70508A6A20812BB1 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ms.dll 2013-02-20 13:54:35 6B3640EFF0DD461E27C36AD7EB469D44 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ro.dll 2013-02-20 13:54:35 6A2929FC5F24464DBDC0577DB6766DC1 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ru.dll 2013-02-20 13:54:35 52E4EDF65BA65BEC4BA56D0B6E326F9E 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_no.dll 2013-02-20 13:54:35 3ABFB1E60F232142271FAB79253786F4 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_sl.dll 2013-02-20 13:54:35 172724B5A3F3988A7FA0F038A92FF11E 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_nl.dll 2013-02-20 13:54:35 00F8FEEFD4AE00EC5065B937BE00C595 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_pl.dll 2013-02-20 13:54:34 F7281230459DA9BF21EC099CA833CA03 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_id.dll 2013-02-20 13:54:34 F1B3D5D1D7A332FD6E24C4EB4844C7D5 23944 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ko.dll 2013-02-20 13:54:34 AD7C821EDB54639DD23D745173938ED4 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_is.dll 2013-02-20 13:54:34 93545A29801793646159E248D69D337E 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_kn.dll 2013-02-20 13:54:34 73CF46B4F2B54AF8D0BF940B12DF10A5 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_hr.dll 2013-02-20 13:54:34 648544BA93B4DD273DF243F9E72948EF 31112 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_it.dll 2013-02-20 13:54:34 4CB3C4616DA0DDF3D03829D8B18C640E 24968 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ja.dll 2013-02-20 13:54:34 3CC2D1834C1292A11C963FD9523CC4EF 26504 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_iw.dll 2013-02-20 13:54:34 2D39FA2E03FCCBB4D76A33FA03C76FE9 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_hu.dll 2013-02-20 13:54:34 0A119E73AB9ABCB87107B816B0FA74F9 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_lt.dll 2013-02-20 13:54:34 050448DEA40A5CED634C914DBE6336DE 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_hi.dll 2013-02-20 13:54:33 DE939A1A8F7EA3C0E41E46F87A4F6EF5 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_fil.dll 2013-02-20 13:54:33 D87B79DF28588640F027686FD1209DD4 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_fi.dll 2013-02-20 13:54:33 C164FE32626724656C77362A88156684 28040 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_fa.dll 2013-02-20 13:54:33 2E1685D3B946B8D4D199494AF700CD2E 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_gu.dll 2013-02-20 13:54:33 2C42FE9ACCA5654AEA2D0C7734531DDA 31112 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_fr.dll 2013-02-20 13:54:32 FC5D9F5CBC46B3662DE958C682611296 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_en-GB.dll 2013-02-20 13:54:32 F7C88FA49453C948D52D5350F16720D5 31624 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_es.dll 2013-02-20 13:54:32 DB9BE127989AF7386234BE8D746CE65D 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_da.dll 2013-02-20 13:54:32 A8D817072D08DB41F0BB193F234F43BB 31624 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_de.dll 2013-02-20 13:54:32 8F1E180AF2F5B9AF234196DAFAB07E11 31112 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_el.dll 2013-02-20 13:54:32 8D70A5894C60E412B4DF74B4EC049F13 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_et.dll 2013-02-20 13:54:32 35DB83C4DE9FA3889E937125D115EAA0 28040 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_en.dll 2013-02-20 13:54:32 0ABF233C089FB7E8191D29DA2C6AC0AF 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_es-419.dll 2013-02-20 13:54:31 EC724DAA39BEB13862324594100C1052 27016 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ar.dll 2013-02-20 13:54:31 98A4DF0939A0ECB3A1A7C7F9C3AA318F 25480 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_am.dll 2013-02-20 13:54:31 8B572945FF7BED636A05A219DD78EC95 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_bg.dll 2013-02-20 13:54:31 8ABBEF4327C86834E25E979CEEB19605 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_cs.dll 2013-02-20 13:54:31 43BC38087C79995F7BEDEF8648D5B790 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_bn.dll 2013-02-20 13:54:31 3781763F294C34D9F8A993B384A88FA2 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ca.dll 2013-02-20 13:53:53 2E5672EEA419A4DC9DACD714632E1DC3 835464 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdate.dll 2013-02-19 17:00:51 8DB38666448FE58727AC29319582AECB 352407 ----a-w- C:\Users\SoetePC\Downloads\bijlagen.zip 2013-02-19 06:48:36 5319F22AF85E427BB889E90055DA4310 297732 ----a-w- C:\Users\Administrator\Downloads\ticoder.zip 2013-02-17 05:47:54 E0FF893763BA82BAABB869A351F0C455 572808 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll 2013-02-16 08:42:56 E0FF893763BA82BAABB869A351F0C455 572808 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll 2013-02-16 08:42:55 C56DE8185672B9F17F127EA282DD5E07 160136 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\psmachine.dll 2013-02-16 08:42:54 59CBFB54ECC5FE93C74ECB2E4A1FF9A2 22408 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_zh-TW.dll 2013-02-16 08:42:54 51B96D72840AB9232225521102AB4962 22408 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_zh-CN.dll 2013-02-16 08:42:54 1C074E661B522E7F40D3534089FC225E 160136 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\psuser.dll 2013-02-16 08:42:54 17EBF25727C05C7273AD72BADF1F7058 29064 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_ur.dll 2013-02-16 08:42:54 0A6FD6C1F1E21A54CDC342616E8E4F82 28552 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_vi.dll 2013-02-16 08:42:53 EA1848EFE8F3B60C687D003977945289 28040 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_th.dll 2013-02-16 08:42:53 DF1FAEC09D59CF8CDBC30D3455648F8C 29064 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_uk.dll 2013-02-16 08:42:53 A613AEA586B0ADF6902A59F39C547DA6 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_tr.dll 2013-02-16 08:42:53 2A0309B546700308E7DF9ED9302E8E94 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_te.dll 2013-02-16 08:42:52 787B22D1B3551214EA18A438EB497BC2 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_sr.dll 2013-02-16 08:42:52 3ABFB1E60F232142271FAB79253786F4 30088 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_sl.dll 2013-02-16 08:42:52 326DC32156A3587395B6858C10D34B0E 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_sw.dll 2013-02-16 08:42:52 1359046E906BFC1147702E78442ADB1E 30600 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_ta.dll 2013-02-16 08:42:52 0B09837C01231654CEA36BAD94F88994 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_sv.dll 2013-02-16 08:42:51 E534BB37BF5C43826E748E1D89910253 30088 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_sk.dll 2013-02-16 08:42:51 6D9CDB9FE405DB672187CA1F85B148FA 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_pt-PT.dll 2013-02-16 08:42:51 6B3640EFF0DD461E27C36AD7EB469D44 30088 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_ro.dll 2013-02-16 08:42:51 6A2929FC5F24464DBDC0577DB6766DC1 29064 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_ru.dll 2013-02-16 08:42:50 E849D447E038462CBE0B79655865CBB8 29064 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_mr.dll 2013-02-16 08:42:50 956C7CFAE0FCA13AE6592A72E681325A 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_pt-BR.dll 2013-02-16 08:42:50 6D8879BF56B5875E70508A6A20812BB1 28552 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_ms.dll 2013-02-16 08:42:50 52E4EDF65BA65BEC4BA56D0B6E326F9E 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_no.dll 2013-02-16 08:42:50 172724B5A3F3988A7FA0F038A92FF11E 30600 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_nl.dll 2013-02-16 08:42:50 00F8FEEFD4AE00EC5065B937BE00C595 30600 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_pl.dll 2013-02-16 08:42:49 8AAFF4EE2151DC1DBE13B1B42189A9A4 32136 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_ml.dll 2013-02-16 08:42:49 6E67575379F7CE795FF77CEC74F6D769 30600 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_lv.dll 2013-02-16 08:42:48 F1B3D5D1D7A332FD6E24C4EB4844C7D5 23944 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_ko.dll 2013-02-16 08:42:48 93545A29801793646159E248D69D337E 30088 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_kn.dll 2013-02-16 08:42:48 0A119E73AB9ABCB87107B816B0FA74F9 28552 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_lt.dll 2013-02-16 08:42:46 F7281230459DA9BF21EC099CA833CA03 28552 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_id.dll 2013-02-16 08:42:46 AD7C821EDB54639DD23D745173938ED4 29064 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_is.dll 2013-02-16 08:42:46 648544BA93B4DD273DF243F9E72948EF 31112 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_it.dll 2013-02-16 08:42:46 4CB3C4616DA0DDF3D03829D8B18C640E 24968 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_ja.dll 2013-02-16 08:42:46 3CC2D1834C1292A11C963FD9523CC4EF 26504 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_iw.dll 2013-02-16 08:42:46 2D39FA2E03FCCBB4D76A33FA03C76FE9 30088 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_hu.dll 2013-02-16 08:42:45 73CF46B4F2B54AF8D0BF940B12DF10A5 30088 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_hr.dll 2013-02-16 08:42:45 050448DEA40A5CED634C914DBE6336DE 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_hi.dll 2013-02-16 08:42:44 DE939A1A8F7EA3C0E41E46F87A4F6EF5 30600 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_fil.dll 2013-02-16 08:42:44 D87B79DF28588640F027686FD1209DD4 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_fi.dll 2013-02-16 08:42:44 C164FE32626724656C77362A88156684 28040 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_fa.dll 2013-02-16 08:42:44 2E1685D3B946B8D4D199494AF700CD2E 29064 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_gu.dll 2013-02-16 08:42:44 2C42FE9ACCA5654AEA2D0C7734531DDA 31112 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_fr.dll 2013-02-16 08:42:43 FC5D9F5CBC46B3662DE958C682611296 28552 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_en-GB.dll 2013-02-16 08:42:43 F7C88FA49453C948D52D5350F16720D5 31624 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_es.dll 2013-02-16 08:42:43 8D70A5894C60E412B4DF74B4EC049F13 28552 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_et.dll 2013-02-16 08:42:43 35DB83C4DE9FA3889E937125D115EAA0 28040 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_en.dll 2013-02-16 08:42:43 0ABF233C089FB7E8191D29DA2C6AC0AF 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_es-419.dll 2013-02-16 08:42:42 DB9BE127989AF7386234BE8D746CE65D 29576 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_da.dll 2013-02-16 08:42:42 A8D817072D08DB41F0BB193F234F43BB 31624 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_de.dll 2013-02-16 08:42:42 8F1E180AF2F5B9AF234196DAFAB07E11 31112 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_el.dll 2013-02-16 08:42:42 8ABBEF4327C86834E25E979CEEB19605 29064 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_cs.dll 2013-02-16 08:42:42 43BC38087C79995F7BEDEF8648D5B790 29064 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_bn.dll 2013-02-16 08:42:42 3781763F294C34D9F8A993B384A88FA2 30088 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_ca.dll 2013-02-16 08:42:41 EC724DAA39BEB13862324594100C1052 27016 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_ar.dll 2013-02-16 08:42:41 98A4DF0939A0ECB3A1A7C7F9C3AA318F 25480 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_am.dll 2013-02-16 08:42:41 8B572945FF7BED636A05A219DD78EC95 30600 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdateres_bg.dll 2013-02-16 08:42:34 2E5672EEA419A4DC9DACD714632E1DC3 835464 ----atw- C:\Users\SoetePC\AppData\Local\Google\Update\1.3.21.135\goopdate.dll 2013-02-14 08:42:56 F2F370902659DBE632AEC265B04C2378 68352 ----a-w- C:\Users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbgjfdieajmokelnlapbedknchgenne\10.14.251.3_0\plugins\np-cwmp.dll 2013-02-14 08:42:56 BD7295DBD260FEFE84B81E09AF72882D 155392 ----a-w- C:\Users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbgjfdieajmokelnlapbedknchgenne\10.14.251.3_0\plugins\ChromeAutoApproveTB.dll 2013-02-14 08:42:56 99F97C9FE748C37528C338A423577FCB 163256 ----a-w- C:\Users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbgjfdieajmokelnlapbedknchgenne\10.14.251.3_0\plugins\np-mswmp.dll 2013-02-14 08:42:56 49030C334628CA5C2D961C077B5475D1 116480 ----a-w- C:\Users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbgjfdieajmokelnlapbedknchgenne\10.14.251.3_0\plugins\ChromeApproveTBPlugin.dll 2013-02-14 08:42:56 1E43103338CF28D7A8495C52535D5FCD 810752 ----a-w- C:\Users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbgjfdieajmokelnlapbedknchgenne\10.14.251.3_0\plugins\ConduitChromeApiPlugin.dll 2013-02-14 08:41:06 7114070D9BDA5901B692D896A001EC95 12638576 ----a-w- C:\Users\SoetePC\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll 2013-02-14 08:23:23 C56DE8185672B9F17F127EA282DD5E07 160136 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\psmachine.dll 2013-02-14 08:23:22 1C074E661B522E7F40D3534089FC225E 160136 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\psuser.dll 2013-02-14 08:23:21 DF1FAEC09D59CF8CDBC30D3455648F8C 29064 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_uk.dll 2013-02-14 08:23:21 A613AEA586B0ADF6902A59F39C547DA6 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_tr.dll 2013-02-14 08:23:21 59CBFB54ECC5FE93C74ECB2E4A1FF9A2 22408 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_zh-TW.dll 2013-02-14 08:23:21 51B96D72840AB9232225521102AB4962 22408 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_zh-CN.dll 2013-02-14 08:23:21 17EBF25727C05C7273AD72BADF1F7058 29064 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_ur.dll 2013-02-14 08:23:21 0A6FD6C1F1E21A54CDC342616E8E4F82 28552 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_vi.dll 2013-02-14 08:23:20 EA1848EFE8F3B60C687D003977945289 28040 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_th.dll 2013-02-14 08:23:18 787B22D1B3551214EA18A438EB497BC2 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_sr.dll 2013-02-14 08:23:18 3ABFB1E60F232142271FAB79253786F4 30088 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_sl.dll 2013-02-14 08:23:18 326DC32156A3587395B6858C10D34B0E 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_sw.dll 2013-02-14 08:23:18 2A0309B546700308E7DF9ED9302E8E94 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_te.dll 2013-02-14 08:23:18 1359046E906BFC1147702E78442ADB1E 30600 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_ta.dll 2013-02-14 08:23:18 0B09837C01231654CEA36BAD94F88994 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_sv.dll 2013-02-14 08:23:17 E534BB37BF5C43826E748E1D89910253 30088 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_sk.dll 2013-02-14 08:23:17 956C7CFAE0FCA13AE6592A72E681325A 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_pt-BR.dll 2013-02-14 08:23:17 6D9CDB9FE405DB672187CA1F85B148FA 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_pt-PT.dll 2013-02-14 08:23:17 6B3640EFF0DD461E27C36AD7EB469D44 30088 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_ro.dll 2013-02-14 08:23:17 6A2929FC5F24464DBDC0577DB6766DC1 29064 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_ru.dll 2013-02-14 08:23:16 E849D447E038462CBE0B79655865CBB8 29064 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_mr.dll 2013-02-14 08:23:16 6D8879BF56B5875E70508A6A20812BB1 28552 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_ms.dll 2013-02-14 08:23:16 52E4EDF65BA65BEC4BA56D0B6E326F9E 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_no.dll 2013-02-14 08:23:16 172724B5A3F3988A7FA0F038A92FF11E 30600 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_nl.dll 2013-02-14 08:23:16 00F8FEEFD4AE00EC5065B937BE00C595 30600 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_pl.dll 2013-02-14 08:23:15 F1B3D5D1D7A332FD6E24C4EB4844C7D5 23944 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_ko.dll 2013-02-14 08:23:15 93545A29801793646159E248D69D337E 30088 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_kn.dll 2013-02-14 08:23:15 8AAFF4EE2151DC1DBE13B1B42189A9A4 32136 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_ml.dll 2013-02-14 08:23:15 6E67575379F7CE795FF77CEC74F6D769 30600 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_lv.dll 2013-02-14 08:23:15 0A119E73AB9ABCB87107B816B0FA74F9 28552 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_lt.dll 2013-02-14 08:23:14 F7281230459DA9BF21EC099CA833CA03 28552 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_id.dll 2013-02-14 08:23:14 AD7C821EDB54639DD23D745173938ED4 29064 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_is.dll 2013-02-14 08:23:14 73CF46B4F2B54AF8D0BF940B12DF10A5 30088 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_hr.dll 2013-02-14 08:23:14 648544BA93B4DD273DF243F9E72948EF 31112 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_it.dll 2013-02-14 08:23:14 4CB3C4616DA0DDF3D03829D8B18C640E 24968 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_ja.dll 2013-02-14 08:23:14 3CC2D1834C1292A11C963FD9523CC4EF 26504 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_iw.dll 2013-02-14 08:23:14 2D39FA2E03FCCBB4D76A33FA03C76FE9 30088 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_hu.dll 2013-02-14 08:23:14 050448DEA40A5CED634C914DBE6336DE 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_hi.dll 2013-02-14 08:23:13 DE939A1A8F7EA3C0E41E46F87A4F6EF5 30600 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_fil.dll 2013-02-14 08:23:13 D87B79DF28588640F027686FD1209DD4 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_fi.dll 2013-02-14 08:23:13 C164FE32626724656C77362A88156684 28040 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_fa.dll 2013-02-14 08:23:13 2E1685D3B946B8D4D199494AF700CD2E 29064 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_gu.dll 2013-02-14 08:23:13 2C42FE9ACCA5654AEA2D0C7734531DDA 31112 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_fr.dll 2013-02-14 08:23:12 FC5D9F5CBC46B3662DE958C682611296 28552 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_en-GB.dll 2013-02-14 08:23:12 F7C88FA49453C948D52D5350F16720D5 31624 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_es.dll 2013-02-14 08:23:12 A8D817072D08DB41F0BB193F234F43BB 31624 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_de.dll 2013-02-14 08:23:12 8F1E180AF2F5B9AF234196DAFAB07E11 31112 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_el.dll 2013-02-14 08:23:12 8D70A5894C60E412B4DF74B4EC049F13 28552 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_et.dll 2013-02-14 08:23:12 35DB83C4DE9FA3889E937125D115EAA0 28040 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_en.dll 2013-02-14 08:23:12 0ABF233C089FB7E8191D29DA2C6AC0AF 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_es-419.dll 2013-02-14 08:23:11 DB9BE127989AF7386234BE8D746CE65D 29576 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_da.dll 2013-02-14 08:23:08 8ABBEF4327C86834E25E979CEEB19605 29064 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_cs.dll 2013-02-14 08:23:02 3781763F294C34D9F8A993B384A88FA2 30088 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_ca.dll 2013-02-14 08:22:45 8B572945FF7BED636A05A219DD78EC95 30600 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_bg.dll 2013-02-14 08:22:45 43BC38087C79995F7BEDEF8648D5B790 29064 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_bn.dll 2013-02-14 08:22:44 EC724DAA39BEB13862324594100C1052 27016 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_ar.dll 2013-02-14 08:22:37 98A4DF0939A0ECB3A1A7C7F9C3AA318F 25480 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdateres_am.dll 2013-02-14 08:20:55 2E5672EEA419A4DC9DACD714632E1DC3 835464 ----atw- C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.135\goopdate.dll 2013-02-14 08:20:39 59CBFB54ECC5FE93C74ECB2E4A1FF9A2 22408 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_zh-TW.dll 2013-02-14 08:20:39 51B96D72840AB9232225521102AB4962 22408 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_zh-CN.dll 2013-02-14 08:20:39 0A6FD6C1F1E21A54CDC342616E8E4F82 28552 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_vi.dll 2013-02-14 08:20:38 EA1848EFE8F3B60C687D003977945289 28040 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_th.dll 2013-02-14 08:20:38 DF1FAEC09D59CF8CDBC30D3455648F8C 29064 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_uk.dll 2013-02-14 08:20:38 A613AEA586B0ADF6902A59F39C547DA6 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_tr.dll 2013-02-14 08:20:38 2A0309B546700308E7DF9ED9302E8E94 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_te.dll 2013-02-14 08:20:38 17EBF25727C05C7273AD72BADF1F7058 29064 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_ur.dll 2013-02-14 08:20:37 787B22D1B3551214EA18A438EB497BC2 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_sr.dll 2013-02-14 08:20:37 326DC32156A3587395B6858C10D34B0E 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_sw.dll 2013-02-14 08:20:37 1359046E906BFC1147702E78442ADB1E 30600 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_ta.dll 2013-02-14 08:20:37 0B09837C01231654CEA36BAD94F88994 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_sv.dll 2013-02-14 08:20:36 E534BB37BF5C43826E748E1D89910253 30088 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_sk.dll 2013-02-14 08:20:36 6A2929FC5F24464DBDC0577DB6766DC1 29064 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_ru.dll 2013-02-14 08:20:36 3ABFB1E60F232142271FAB79253786F4 30088 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_sl.dll 2013-02-14 08:20:35 956C7CFAE0FCA13AE6592A72E681325A 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_pt-BR.dll 2013-02-14 08:20:35 6D9CDB9FE405DB672187CA1F85B148FA 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_pt-PT.dll 2013-02-14 08:20:35 6B3640EFF0DD461E27C36AD7EB469D44 30088 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_ro.dll 2013-02-14 08:20:35 52E4EDF65BA65BEC4BA56D0B6E326F9E 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_no.dll 2013-02-14 08:20:35 00F8FEEFD4AE00EC5065B937BE00C595 30600 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_pl.dll 2013-02-14 08:20:34 E849D447E038462CBE0B79655865CBB8 29064 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_mr.dll 2013-02-14 08:20:34 8AAFF4EE2151DC1DBE13B1B42189A9A4 32136 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_ml.dll 2013-02-14 08:20:34 6E67575379F7CE795FF77CEC74F6D769 30600 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_lv.dll 2013-02-14 08:20:34 6D8879BF56B5875E70508A6A20812BB1 28552 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_ms.dll 2013-02-14 08:20:34 172724B5A3F3988A7FA0F038A92FF11E 30600 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_nl.dll 2013-02-14 08:20:33 F1B3D5D1D7A332FD6E24C4EB4844C7D5 23944 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_ko.dll 2013-02-14 08:20:33 0A119E73AB9ABCB87107B816B0FA74F9 28552 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_lt.dll 2013-02-14 08:20:32 93545A29801793646159E248D69D337E 30088 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_kn.dll 2013-02-14 08:20:32 648544BA93B4DD273DF243F9E72948EF 31112 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_it.dll 2013-02-14 08:20:32 4CB3C4616DA0DDF3D03829D8B18C640E 24968 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_ja.dll 2013-02-14 08:20:32 3CC2D1834C1292A11C963FD9523CC4EF 26504 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_iw.dll 2013-02-14 08:20:31 F7281230459DA9BF21EC099CA833CA03 28552 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_id.dll 2013-02-14 08:20:31 AD7C821EDB54639DD23D745173938ED4 29064 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_is.dll 2013-02-14 08:20:31 73CF46B4F2B54AF8D0BF940B12DF10A5 30088 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_hr.dll 2013-02-14 08:20:31 2D39FA2E03FCCBB4D76A33FA03C76FE9 30088 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_hu.dll 2013-02-14 08:20:31 050448DEA40A5CED634C914DBE6336DE 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_hi.dll 2013-02-14 08:20:30 DE939A1A8F7EA3C0E41E46F87A4F6EF5 30600 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_fil.dll 2013-02-14 08:20:30 2E1685D3B946B8D4D199494AF700CD2E 29064 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_gu.dll 2013-02-14 08:20:30 2C42FE9ACCA5654AEA2D0C7734531DDA 31112 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_fr.dll 2013-02-14 08:20:29 D87B79DF28588640F027686FD1209DD4 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_fi.dll 2013-02-14 08:20:29 C164FE32626724656C77362A88156684 28040 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_fa.dll 2013-02-14 08:20:29 8D70A5894C60E412B4DF74B4EC049F13 28552 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_et.dll 2013-02-14 08:20:29 0ABF233C089FB7E8191D29DA2C6AC0AF 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_es-419.dll 2013-02-14 08:20:28 FC5D9F5CBC46B3662DE958C682611296 28552 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_en-GB.dll 2013-02-14 08:20:28 F7C88FA49453C948D52D5350F16720D5 31624 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_es.dll 2013-02-14 08:20:27 A8D817072D08DB41F0BB193F234F43BB 31624 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_de.dll 2013-02-14 08:20:27 8F1E180AF2F5B9AF234196DAFAB07E11 31112 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_el.dll 2013-02-14 08:20:27 35DB83C4DE9FA3889E937125D115EAA0 28040 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_en.dll 2013-02-14 08:20:26 DB9BE127989AF7386234BE8D746CE65D 29576 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_da.dll 2013-02-14 08:20:26 8ABBEF4327C86834E25E979CEEB19605 29064 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_cs.dll 2013-02-14 08:20:25 EC724DAA39BEB13862324594100C1052 27016 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_ar.dll 2013-02-14 08:20:25 98A4DF0939A0ECB3A1A7C7F9C3AA318F 25480 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_am.dll 2013-02-14 08:20:25 8B572945FF7BED636A05A219DD78EC95 30600 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_bg.dll 2013-02-14 08:20:25 43BC38087C79995F7BEDEF8648D5B790 29064 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_bn.dll 2013-02-14 08:20:25 3781763F294C34D9F8A993B384A88FA2 30088 ----atw- C:\Program Files\GUM60EA.tmp\goopdateres_ca.dll 2013-02-14 08:20:24 E0FF893763BA82BAABB869A351F0C455 572808 ----atw- C:\Program Files\GUM60EA.tmp\npGoogleUpdate3.dll 2013-02-14 08:20:24 C56DE8185672B9F17F127EA282DD5E07 160136 ----atw- C:\Program Files\GUM60EA.tmp\psmachine.dll 2013-02-14 08:20:24 1C074E661B522E7F40D3534089FC225E 160136 ----atw- C:\Program Files\GUM60EA.tmp\psuser.dll 2013-02-14 08:20:23 2E5672EEA419A4DC9DACD714632E1DC3 835464 ----atw- C:\Program Files\GUM60EA.tmp\goopdate.dll 2013-02-13 19:55:07 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2013-02-13 19:55:06 F7BC1D90C3A976A5259BD1A5D7D43038 194048 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll 2013-02-13 19:55:06 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-13 19:55:06 0F4871B3BF0E48664A24D2717F2117A0 149528 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll 2013-02-13 19:55:05 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\System32\ieui.dll 2013-02-13 19:55:05 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2013-02-13 19:55:04 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2013-02-13 19:55:04 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\System32\wininet.dll 2013-02-13 19:55:04 7F73235D527DCF16C38578CD1CD9F7A8 194560 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll 2013-02-13 19:55:03 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-13 19:55:03 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\System32\jscript.dll 2013-02-13 19:55:02 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2013-02-13 19:55:02 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\System32\url.dll 2013-02-13 19:55:01 2E22305A88AD0F37434C896F5A4746F8 387584 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll 2013-02-13 19:55:01 23AA73F4024DE78ED5A2F5F0BEB5388F 66048 ----a-w- C:\Windows\System32\migration\WininetPlugin.dll 2013-02-13 19:55:00 C2AD78FF88FEC9663B0227A72E65F0C3 678912 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll 2013-02-13 19:55:00 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\System32\urlmon.dll 2013-02-13 19:54:59 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\System32\mshtml.dll 2013-02-13 19:54:57 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\System32\ieframe.dll 2013-02-13 19:54:43 E74C018279BB3FB2596AA4CEEA97EC0C 768000 ----a-w- C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe /c" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "Spotify Web Helper"="C:\Users\Administrator\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "tsnp2uvc"="C:\Windows\tsnp2uvc.exe" "fspuip"="C:\Program Files\FSP\fspuip.exe" "HotkeyApp"="C:\Program Files\Launch Manager\HotkeyApp.exe" "LMgrVolOSD"="C:\Program Files\Launch Manager\OSD.exe" "Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" "MDS_Menu"="C:\Program Files\HomeCinema\MediaShow4\MUITransfer\MUIStartMenu.exe C:\Program Files\HomeCinema\MediaShow4 UpdateWithCreateOnce Software\CyberLink\MediaShow\4.1" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "Smart Communicator"="C:\Program Files\SmartSchool\Bin\SmartCommunicator.exe" "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "SysTrayApp"="%ProgramFiles%\IDT\WDM\sttray.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe /c" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "Spotify Web Helper"="C:\Users\Administrator\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BitTorrent" "hkey"="HKCU" "command"="\"C:\\Program Files\\BitTorrent\\BitTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\Nero\\Lib\\NMIndexStoreSvr.exe\" ASO-616B5711-6DAE-4795-A05F-39A1E5104020" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDVD8LanguageShortcut] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDVD8LanguageShortcut" "hkey"="HKLM" "command"="\"C:\\Program Files\\HomeCinema\\PowerDVD8\\Language\\Language.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Administrator\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Administrator\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UCam_Menu] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UCam_Menu" "hkey"="HKLM" "command"="\"C:\\Program Files\\HomeCinema\\YouCam\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files\\HomeCinema\\YouCam\" UpdateWithCreateOnce \"Software\\CyberLink\\YouCam\\3.0\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "item"="HP Digital Imaging Monitor" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe" ==== Startup Folders ====================== 2012-06-02 06:50:26 715 ----a-w- C:\users\SoetePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk 2012-06-02 06:50:26 735 ----a-w- C:\users\SoetePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk 2012-06-02 06:50:26 719 ----a-w- C:\users\SoetePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11/02/2013 20:04] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [23/03/2012 14:32] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [23/03/2012 14:32] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-1000Core.job --a------ C:\Users\SoetePC\AppData\Local\Google\Update\GoogleUpdate.exe [21/12/2011 15:38] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-1000UA.job --a------ C:\Users\SoetePC\AppData\Local\Google\Update\GoogleUpdate.exe [21/12/2011 15:38] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-1006Core.job --a------ C:\Users\Daan\AppData\Local\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-1006UA.job --a------ C:\Users\Daan\AppData\Local\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-500Core.job --a------ C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [12/02/2012 12:56] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-500UA.job --a------ C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [12/02/2012 12:56] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Undetermined - %AppDir%\extensions\staged - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default F733C59712465B0BD2130BB7C1A6D6E3 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll - Shockwave Flash 667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 3FCF47BD73094FA62D81373515F46110 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 632F5B29E8C27631E7AC76E330FE2980 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U7 AB87C54CA19675880B0CAE65B8AF140C - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.11 36FBE76F4F51396B0F70FC95CD7481D2 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin B78F4C2C592C87DF54E8E0C6AAEF3874 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.1.0.30109.0.dll - Silverlight Plug-In 6209F3BD43FDA86699EEF01B9CF5F0CF - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.1 D72CC3C02764E28C691DBA9751FF8A86 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.1 BC405F582CAAC78AEDE4488E8A259FA1 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.1 C560D8A34A372EE10235938FD2D34CC3 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.1 AF28C98E0897F0475833D02D3CCFFF77 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.1 CABA1A399C7C7471DEBA73CB3BA5AADB - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.1 1D10BD2720963F6B6DB25ACB1F5CF8E9 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.1 C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 414BADCE0803E142B5B57322E85103AC - C:\Program Files\Garmin GPS Plugin\npGarmin.dll - Garmin Communicator Plug-In 9317118077072C08CD84597D2925249A - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat 667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ccbgjfdieajmokelnlapbedknchgenne - C:\Users\SoetePC\AppData\Local\CRE\ccbgjfdieajmokelnlapbedknchgenne.crx[27/06/2012 19:15] ekkkcbfjofefclgkkcbbniojifbnpebe - C:\ProgramData\Bcool\ekkkcbfjofefclgkkcbbniojifbnpebe.crx[] icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30/10/2012 23:48] ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Administrator\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[] ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Administrator\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions kfkcangbigakljkjeglcofaomihpejif - C:\Users\Administrator\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx[] ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Administrator\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[] ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Administrator\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[] What type of content does this site provide? - Administrator - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Band of the Day - Administrator - Default\Extensions\njmhpiooedkibeiobeaklobaamfoccdn Facebook Themes (Facebook Theme Gallery) - Administrator - Default\Extensions\phejagnmddcjhjblnacgmejghffmhjfp ECHO is off (uit). - SoetePC - Default\Extensions\ccbgjfdieajmokelnlapbedknchgenne Bcool - SoetePC - Default\Extensions\ekkkcbfjofefclgkkcbbniojifbnpebe What type of content does this site provide? - SoetePC - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.privitize.com/?aff=7" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {30E68078-191F-4017-AC01-10659DF0CE30} SearchYa//searchya.com/?chnl=dcom-100&s=1&cr=837630667&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyD&q={searchTerms}" {4F4D5FE8-84F3-436E-882D-458E97084CF5} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={DB958E27-D6B6-4578-9467-BE1C128B0C42}&mid=eb977de8b2f747d0a126d15650ccf3a4-3ec428ebacfab87382bd6ccc856866b177e3e6f0〈=nl&ds=AVG&pr=pr&d=2012-06-09" {afdbddaa-5d3f-42ee-b79c-185a7020515b} Unknown Url="Not_Found" {F2C97E00-925F-4CCA-B0EF-63D2D27A9B23} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ekkkcbfjofefclgkkcbbniojifbnpebe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O8 - Extra context menu item: Download all by YouTube Robot - C:\Program Files\YouTubeRobot\downall.htm O8 - Extra context menu item: Download by YouTube Robot - C:\Program Files\YouTubeRobot\downlink.htm O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Cron Service for Prey (CronService) - Unknown owner - C:\Prey\platform\windows\cronsvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Rezip - Unknown owner - C:\Windows\SYSTEM32\Rezip.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\program files\idt\wdm\STacSV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe ==== Empty IE Cache ====================== C:\Users\Administrator\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\SoetePC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\SoetePC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\SoetePC\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\SoetePC\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ADMINI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
-
Hier is het logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:16:56, on 20/02/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Administrator\Downloads\HijackThis (1).exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe" O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\HomeCinema\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [smart Communicator] C:\Program Files\SmartSchool\Bin\SmartCommunicator.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Administrator\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Download all by YouTube Robot - C:\Program Files\YouTubeRobot\downall.htm O8 - Extra context menu item: Download by YouTube Robot - C:\Program Files\YouTubeRobot\downlink.htm O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Cron Service for Prey (CronService) - Unknown owner - C:\Prey\platform\windows\cronsvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Rezip - Unknown owner - C:\Windows\SYSTEM32\Rezip.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\program files\idt\wdm\STacSV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe -- End of file - 9576 bytes
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!