ahvhees

Ik had inderdaad Folderacces geinstalleerd maar inmiddels weer verwijderd en ik heb inmiddels de procedure van Kape uitgevoerd en het probleem is opglost. Ik wil jullie beide hartelijk danken

Als ik mijn PC opstart krijg ik een melding Interactieve Service Detection. Die verwijst naar C:\Windows\systeem32\LckFldService.exe. Ik vind dit heel vervelend kan iemand mij helpen dit op te lossen Mijn besturingssysteem is Windows 7 Ultimate bij voorbaat dank. ahvhees Bij gevoegd een Logfile. Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 9:36:54, on 21-4-2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Hard Drive Inspector\HDInspector.exe C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Registry Clean Expert\RCHelper.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files\PC Connectivity Solution\Transports\NclIVTBTSrv.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Helperobject voor Encarta Winkler Prins Webassistent - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Encarta Winkler Prins Webassistent - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [btTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [RegClean Expert Scheduler] "C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: Logitech . Productregistratie.lnk = C:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Verzenden via Bericht(&M)... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm O8 - Extra context menu item: Verzenden via Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{356C349D-428F-42D4-8C9A-B84DB3750DA3}: NameServer = 62.45.45.45 62.45.46.46 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service: BsMobileCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\Windows\system32\HDDSvc.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: LckFldService - Unknown owner - C:\Windows\system32\LckFldService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 11166 bytes

Mijn besturingssysteem is Windows7 Ultimate. Ik kom niet verder dan klik op Aanpassen Het tapblad Geavanceerd is niet te vinden

Hallo Kape, ik ben zelf aan het klooien gegaan, en ben met systeemherstel terug gegaan naar de oude situatie, dan heb ik alles weer terug, Form 1 is dan terug maar ook uitvoeren is weer terug , en er is nog iets namelijk als ik windows Mail wil openen en op het pictogram klikt dan opent windows mail niet. Dus kan ik geen email openen ik gebruik daarom windows Life Mail. Ik heb hierna de hele procedure weer helemaal doorlopen met het zelfde resultaat ik ben dan Form 1 Kwijt maar tevens ook uitvoeren ben ik dan weer kwijt. Weet je misschien een andere oplossing zodat ik form1 kwijt ben maar uitvoeren er nog staat en dat ik ook windows mail weer kan gebruiken

Het probleem is juist dat ik uitvoeren mis en dat ik Start -> Uitvoeren -> typ sfc /scannow. niet kan uitvoeren

Ik mis uitvoeren op de startbalk, ik weet ook niet zo gouw waar ik het evt ergens anders kan vinden, en het heeft er echt gestaan de vorige handelingen heb ik ook daar uitgevoerd. PS ik heb er trouwens 2 grote schijven in zitten van 650GB en alles staat er dubbel op ook windows, maar als ik naar windows op de 2e schijf ga moet ik uiteraard rebooten en de tweede schijf als eerste op laten starten.

Halo Kape toch nog een probleempje ik wil de laatste handeling uitvoeren. verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten. Maar nu mis ik het programma uitvoeren dat is namelijk weg en kan ik het bovenstaande niet uitvoeren weet je misschien hier ook een oplossing voor.

CCleaner ken ik, en heb ik op de computer staan nogmaals bedankt.

Hallo Kape, Form1 is van mijn PC verwijderd hartelijk dank hier voor, ook Jurgen en Kweezie Wabbit hartelijk dank voor jullie bijdrage. jullie zijn toppers Ik weet niet of ik jullie punten moet geven, ik ben hier op deze site voor het eerst ik zal nog even op de site neuzen hoe ik dit moet afsluiten In ieder geval nogmaals hartelijk dank Aart van-Hees

ComboFix 10-03-24.02 - Gebruiker 25-03-2010 11:59:26.1.4 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.3327.2297 [GMT 1:00] Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe * Aanwezig AV is actief . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-494328601-1695874979-3191959910-1000 C:\ErrLog.txt c:\program files\Common Files\alg.exe c:\program files\ErrorKiller c:\program files\ErrorKiller\ErrorKiller\ErrorKiller.exe c:\program files\ErrorKiller\ErrorKiller\Log\log_2010_03_05_19_57_27.eklog c:\programdata\Microsoft\Windows\Start Menu\Programs\ErrorKiller c:\programdata\Microsoft\Windows\Start Menu\Programs\ErrorKiller\Launch ErrorKiller.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\ErrorKiller\Uninstall.lnk c:\users\Gebruiker\AppData\Roaming\Desktopicon c:\windows\system32\OGACheckControl.dll . (((((((((((((((((((( Bestanden Gemaakt van 2010-02-25 to 2010-03-25 )))))))))))))))))))))))))))))) . 2010-03-25 11:05 . 2010-03-25 11:05 -------- d-----w- c:\users\Gebruiker\AppData\Local\temp 2010-03-25 11:05 . 2010-03-25 11:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-03-24 10:23 . 2010-03-24 10:23 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-03-24 10:23 . 2010-03-24 10:23 -------- d-----w- c:\program files\TrendMicro 2010-03-23 16:29 . 2010-03-23 16:29 -------- d-----w- c:\users\Gebruiker\AppData\Local\Apps 2010-03-23 15:40 . 2010-03-23 15:40 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Talkback 2010-03-23 15:39 . 2010-03-23 15:40 -------- d-----w- c:\users\Gebruiker\AppData\Local\Thunderbird 2010-03-23 15:39 . 2010-03-23 15:40 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Thunderbird 2010-03-23 10:04 . 2010-03-23 10:16 -------- d-----w- c:\program files\Enigma Software Group 2010-03-22 16:13 . 2009-11-04 15:54 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-03-22 16:13 . 2009-11-04 15:54 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys 2010-03-22 16:13 . 2009-11-04 15:54 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-03-22 16:13 . 2009-04-09 13:23 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys 2010-03-22 16:13 . 2010-03-22 16:13 -------- d-----w- c:\program files\Common Files\McAfee 2010-03-22 16:13 . 2010-03-22 16:13 -------- d-----w- c:\program files\McAfee.com 2010-03-22 16:13 . 2010-03-22 16:25 -------- d-----w- c:\program files\McAfee 2010-03-22 16:13 . 2009-11-04 15:53 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys 2010-03-22 15:12 . 2010-03-22 18:15 -------- d-----w- c:\programdata\Kaspersky Lab 2010-03-22 15:11 . 2010-03-22 15:11 -------- d-----w- C:\ckis 2010-03-22 14:30 . 2010-03-22 16:15 -------- d-----w- c:\programdata\McAfee 2010-03-20 13:13 . 2010-03-20 13:14 -------- d-----w- c:\program files\Dream Aquarium 2010-03-19 18:57 . 2004-08-10 13:29 3724800 ----a-w- c:\windows\system32\Spirit of Fire 3D Screensaver.exe 2010-03-19 18:57 . 2008-03-27 13:16 232960 ----a-w- c:\windows\system32\Spirit_of_Fire_3D_Screensaver.scr 2010-03-19 18:51 . 2008-08-22 19:37 850432 ----a-w- c:\windows\system32\Dutch_Windmills_3D_Screensaver.scr 2010-03-19 18:50 . 2008-08-22 19:37 32526848 ----a-w- c:\windows\system32\Dutch Windmills 3D Screensaver.exe 2010-03-19 18:49 . 2010-03-20 12:44 -------- d-----w- c:\program files\3Planesoft 2010-03-18 12:42 . 2010-03-18 13:02 -------- d-----w- c:\users\Gebruiker\AppData\Local\Super Internet TV 2010-03-18 12:42 . 2010-03-18 13:04 -------- d-----w- c:\program files\Super Internet TV 2010-03-18 10:51 . 2010-03-18 10:51 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\DivX 2010-03-18 10:47 . 2010-03-18 10:47 0 ----a-w- c:\users\Gebruiker\AppData\Roaming\AidMaker\AIDMAKERSILENTBUNDLESETUP.EXE 2010-03-18 10:47 . 2010-03-18 10:47 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\AidMaker 2010-03-18 10:47 . 2010-02-02 15:36 1376 ----a-w- c:\windows\system32\dciman13.sys 2010-03-18 10:47 . 2010-03-22 18:15 -------- d-----w- c:\program files\ChrisTV PVR 2010-03-17 18:40 . 2010-03-20 12:18 -------- d-----w- c:\program files\Aquarium Real Life 2010-03-17 18:09 . 2010-03-17 18:09 -------- d-----w- c:\program files\W7 to USB 2010-03-16 12:54 . 2010-03-16 12:54 -------- d-----w- c:\program files\uTorrent 2010-03-16 12:53 . 2010-03-23 13:21 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\uTorrent 2010-03-16 11:31 . 2010-03-16 11:32 -------- d-----w- c:\program files\EvilLyrics 2010-03-16 11:05 . 2010-03-16 11:05 -------- d-----w- c:\program files\TouchStoneSoftware 2010-03-16 10:59 . 2010-03-16 10:59 -------- d-----w- c:\program files\Windows Doctor 2010-03-16 10:56 . 2010-03-16 10:56 -------- d-----w- c:\program files\WinSnap 2010-03-16 10:54 . 2006-07-30 15:48 762880 ----a-w- c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAudit.exe 2010-03-16 10:52 . 2010-03-16 10:52 -------- d-----w- c:\program files\SuperCleaner 2010-03-16 10:49 . 2010-03-16 10:50 -------- d-----w- c:\program files\SpywareBlaster 2010-03-16 10:47 . 2010-03-16 10:47 724992 ----a-w- c:\windows\iun6002.exe 2010-03-16 10:47 . 2010-03-16 10:48 -------- d-----w- c:\program files\SpeedItUpExtreme 2010-03-16 10:45 . 2010-03-16 10:45 -------- d-----w- c:\program files\Recuva 2010-03-16 10:43 . 2010-03-16 10:43 -------- d-----w- c:\program files\Dnote Software 2010-03-16 10:31 . 2010-03-16 10:32 -------- d-----w- c:\program files\Microsoft Encarta 2010-03-15 18:21 . 2010-03-16 13:18 -------- d-----w- c:\program files\Music_Manager 2010-03-15 18:21 . 2010-03-16 13:18 -------- d-----w- c:\program files\Photo_Manager 2010-03-15 18:18 . 2010-03-16 13:18 -------- d-----w- c:\program files\Magix 2010-03-07 20:55 . 2010-03-07 20:55 -------- d-----w- c:\users\Gebruiker\AppData\Local\ACD Systems 2010-03-07 20:55 . 2010-03-07 20:55 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\ACD Systems 2010-03-07 20:54 . 2010-03-07 20:54 -------- d-----w- c:\programdata\ACD Systems 2010-03-07 20:54 . 2010-03-07 20:54 -------- d-----w- c:\program files\Common Files\ACD Systems 2010-03-07 20:54 . 2010-03-07 20:54 -------- d-----w- c:\program files\ACD Systems 2010-03-07 16:37 . 2010-03-07 16:37 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-03-07 16:37 . 2010-03-07 16:37 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\skypePM 2010-03-07 16:36 . 2010-03-07 16:39 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Skype 2010-03-07 16:33 . 2010-03-07 16:33 -------- d-----w- c:\program files\Common Files\Skype 2010-03-07 16:33 . 2010-03-07 18:55 -------- d-----r- c:\program files\Skype 2010-03-07 16:33 . 2010-03-07 16:33 -------- d-----w- c:\programdata\Skype 2010-03-07 16:18 . 2010-03-07 16:26 -------- d-----w- c:\users\Gebruiker\AppData\Local\Smart_PC_Utilities,_Ltd 2010-03-07 15:57 . 2010-03-07 15:57 -------- d-----w- c:\program files\Smart PC Utilities 2010-03-07 15:51 . 2010-03-15 18:22 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\MAGIX 2010-03-07 15:49 . 2003-04-18 14:29 44544 ----a-w- c:\windows\system32\msxml4a.dll 2010-03-07 15:47 . 2005-09-15 15:55 458752 ----a-w- c:\windows\system32\mgxoschk.dll 2010-03-07 15:41 . 2010-03-07 15:41 -------- d-----w- c:\program files\ROUTE66 2010-03-07 15:11 . 2010-03-23 15:33 -------- d-----w- c:\program files\Passware 2010-03-07 15:11 . 2010-03-07 15:11 -------- d--h--w- c:\windows\PIF 2010-03-07 15:02 . 2010-03-07 15:03 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\AutoSizer 2010-03-07 15:02 . 2010-03-07 15:02 -------- d-----w- c:\program files\AutoSizer 2010-03-07 13:21 . 2010-03-07 13:21 -------- d-----w- c:\program files\Common Files\Oberon Media 2010-03-07 13:21 . 2010-03-07 13:21 -------- d-----w- c:\programdata\Oberon Media 2010-03-07 13:21 . 2010-03-07 13:21 -------- d-----w- c:\program files\I-play Games 2010-03-07 13:01 . 2010-03-07 13:21 -------- d-----w- c:\program files\Oberon Media 2010-03-06 18:49 . 2010-03-06 18:49 97 ----a-w- c:\users\Gebruiker\AppData\Local\fusioncache.dat 2010-03-06 18:49 . 2010-03-17 10:56 -------- d-----w- c:\users\Gebruiker\AppData\Local\ApplicationHistory 2010-03-06 18:33 . 2010-03-06 18:33 -------- d-----w- c:\users\Gebruiker\AppData\Local\Cloanto 2010-03-06 18:33 . 2010-03-06 18:33 -------- d-----w- c:\programdata\Cloanto 2010-03-06 18:33 . 2010-03-06 18:33 -------- d-----w- c:\program files\Common Files\Cloanto 2010-03-06 18:33 . 2010-03-06 18:33 -------- d-----w- c:\program files\Cloanto 2010-03-06 18:32 . 2010-03-06 18:32 3638 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{5590FCB1-AA19-4510-9FC1-BB6A8E0A14A5}\_FFC3F84C38E057C2EBC3EC.exe 2010-03-06 18:32 . 2010-03-06 18:32 3638 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{5590FCB1-AA19-4510-9FC1-BB6A8E0A14A5}\_9D83C42C7ECDBB84B0C2E9.exe 2010-03-06 18:32 . 2010-03-06 18:32 3638 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{5590FCB1-AA19-4510-9FC1-BB6A8E0A14A5}\_6FEFF9B68218417F98F549.exe 2010-03-06 18:32 . 2010-03-06 18:32 -------- d-----w- c:\program files\Citi-Software 2010-03-06 18:21 . 2010-03-16 10:31 -------- d-----w- c:\windows\Lhsp 2010-03-06 18:19 . 2010-03-06 18:19 -------- d-----w- c:\windows\system32\URTTEMP 2010-03-06 18:14 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll 2010-03-06 18:14 . 2010-03-06 18:14 -------- d-----w- c:\program files\PDFCreator 2010-03-06 18:14 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2010-03-06 18:11 . 2010-03-06 18:12 -------- d-----w- c:\program files\Teletekstbrowser 2010-03-06 18:08 . 2010-03-17 23:12 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\LimeWire 2010-03-06 18:08 . 2010-03-22 18:15 -------- d-----w- c:\program files\LimeWire 2010-03-06 18:04 . 2010-03-06 18:04 61440 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{79ED0EE7-098C-465F-A853-B17F6FC6CDD8}\NewShortcut1_BCB094353C184B85838A8AE92A2B059B.exe 2010-03-06 18:04 . 2010-03-06 18:04 21630 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{79ED0EE7-098C-465F-A853-B17F6FC6CDD8}\ARPPRODUCTICON.exe 2010-03-06 18:04 . 2010-03-06 18:04 -------- d-----w- c:\program files\TrackMaker 2010-03-06 18:04 . 2010-03-07 20:51 -------- d-----w- c:\users\Gebruiker\AppData\Local\Downloaded Installations 2010-03-06 17:49 . 2010-03-16 11:08 -------- d-----w- c:\users\Gebruiker\AppData\Local\Google 2010-03-06 17:48 . 2010-03-16 11:08 -------- d-----w- c:\program files\Google 2010-03-06 17:46 . 2006-12-01 08:13 40960 ----a-w- c:\users\Gebruiker\AppData\Roaming\Tyre\appstop.exe 2010-03-06 17:46 . 2006-12-01 08:13 40960 ----a-w- c:\programdata\Tyre\appstop.exe 2010-03-06 17:44 . 2010-03-15 18:28 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Tyre 2010-03-06 17:44 . 2010-03-06 17:46 -------- d-----w- c:\programdata\Tyre 2010-03-06 17:44 . 2010-03-06 17:46 -------- d-----w- c:\program files\Tyre 2010-03-06 17:44 . 2010-03-16 13:18 -------- d-----w- c:\program files\Google-TomTom 2010-03-06 17:39 . 2010-03-06 17:39 -------- d-----w- c:\program files\Drive Rescue 2010-03-06 17:34 . 1997-05-29 15:25 315904 ----a-w- c:\windows\IsUn0413.exe 2010-03-06 17:33 . 2010-03-06 17:36 -------- d-----w- c:\program files\van Dale Duits 2010-03-06 17:33 . 2010-03-06 17:37 -------- d-----w- c:\program files\van Dale Frans 2010-03-06 17:32 . 2010-03-06 17:35 -------- d-----w- c:\program files\van Dale Engels 2010-03-05 18:59 . 2010-03-05 18:59 -------- d-----w- c:\program files\Lavalys 2010-03-05 18:55 . 2010-03-05 18:55 -------- d-----w- c:\program files\DupKiller 2010-03-05 18:54 . 2010-03-05 18:54 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\aignes 2010-03-05 18:54 . 2010-03-05 18:54 -------- d-----w- c:\program files\AM-DeadLink 2010-03-05 18:53 . 2010-03-15 17:22 -------- d-----w- c:\program files\MSECache 2010-03-05 18:52 . 2010-03-05 18:52 -------- d-----w- C:\DOWNLOADS 2010-03-05 18:52 . 2010-03-05 18:52 -------- d-----w- C:\!Temp 2010-03-05 18:51 . 2010-03-05 18:52 -------- d-----w- c:\program files\BearShare Pro 2010-03-05 18:25 . 2010-03-05 18:32 -------- d-----w- c:\program files\eMuleEX 2010-03-05 18:15 . 2010-03-05 18:15 -------- d-----w- c:\program files\Driver-Soft 2010-03-05 18:03 . 2010-03-05 18:03 -------- d-----w- C:\1e HD 750GB 2010-03-05 17:51 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe 2010-03-05 11:15 . 2010-03-05 19:29 -------- d-----w- c:\users\Gebruiker\AppData\Local\Microsoft Games . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-20 21:45 . 2010-03-02 15:22 10723328 ----a-w- c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ. Portable\App\VirtualDJ\virtualdj.exe 2010-03-25 11:03 . 2009-07-14 08:27 733362 ----a-w- c:\windows\system32\perfh013.dat 2010-03-25 11:03 . 2009-07-14 08:27 147076 ----a-w- c:\windows\system32\perfc013.dat 2010-03-23 13:22 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail 2010-03-23 13:22 . 2009-07-14 04:52 -------- d-----w- c:\program files\Microsoft Games 2010-03-07 15:48 . 2010-03-07 15:48 -------- d-----w- c:\program files\Common Files\MAGIX Shared 2010-03-07 15:41 . 2010-03-01 15:21 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-03-02 15:01 . 2010-03-02 13:16 -------- d-----w- c:\program files\Java 2010-03-02 13:18 . 2010-03-01 14:55 -------- d-----w- c:\program files\MCE 2010-03-01 17:50 . 2010-03-01 17:50 0 ----a-w- c:\users\Gebruiker\AppData\Roaming\wklnhst.dat 2010-03-01 17:22 . 2010-03-01 17:22 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2010-03-01 16:32 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild 2010-03-01 16:27 . 2010-03-01 16:27 -------- d-----w- c:\windows\Fonts\AdvUninstal 2010-03-01 15:24 . 2010-03-01 15:21 -------- d-----w- c:\program files\Common Files\InstallShield 2010-03-01 15:22 . 2010-03-01 15:21 -------- d--h--w- c:\program files\Temp 2010-03-01 15:21 . 2010-03-01 15:21 -------- d-----w- c:\program files\Realtek 2010-03-01 14:55 . 2010-03-01 14:55 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-03-01 14:55 . 2010-03-01 14:55 -------- d-----w- c:\program files\Microsoft Silverlight 2010-03-01 14:55 . 2010-03-01 14:55 -------- d-----w- c:\program files\PlayReady 2010-03-01 14:55 . 2010-03-01 14:55 -------- d-sh--we c:\programdata\Sjablonen 2010-03-01 14:55 . 2010-03-01 14:55 -------- d-sh--we c:\programdata\Menu Start 2010-03-01 14:55 . 2010-03-01 14:55 -------- d-sh--we c:\programdata\Favorieten 2010-03-01 14:55 . 2010-03-01 14:55 -------- d-sh--we c:\programdata\Documenten 2010-03-01 14:55 . 2010-03-01 14:55 -------- d-sh--we c:\programdata\Bureaublad 2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr 2010-02-02 16:33 . 2010-02-02 16:33 -------- d-----w- c:\program files\Windows Calendar 2010-02-02 16:33 . 2010-02-02 16:33 -------- d-----w- c:\program files\W7CLogonUIChanger 2010-02-02 16:33 . 2010-02-02 16:33 -------- d-----w- c:\program files\Vista Media Center Decoder utility 2010-02-02 16:33 . 2010-02-02 16:33 -------- d-----w- c:\program files\AutoRuns 2010-02-02 15:45 . 2010-02-02 15:45 1286456 ----a-w- c:\windows\system32\ntdll.dll 2010-02-02 15:45 . 2010-02-02 15:45 172032 ----a-w- c:\windows\system32\wintrust.dll 2010-02-02 15:44 . 2010-02-02 15:44 579584 ----a-w- c:\windows\system32\msdtcprx.dll 2010-02-02 15:44 . 2010-02-02 15:44 47616 ----a-w- c:\windows\system32\xolehlp.dll 2010-02-02 15:44 . 2010-02-02 15:44 322048 ----a-w- c:\windows\system32\mtxclu.dll 2010-02-02 15:44 . 2010-02-02 15:44 1068032 ----a-w- c:\windows\system32\msdtctm.dll 2010-02-02 15:44 . 2010-02-02 15:44 108544 ----a-w- c:\windows\system32\drivers\cdrom.sys 2010-02-02 15:44 . 2010-02-02 15:44 41984 ----a-w- c:\windows\system32\drivers\usbehci.sys 2010-02-02 15:44 . 2010-02-02 15:44 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys 2010-02-02 15:43 . 2010-02-02 15:43 977920 ----a-w- c:\windows\system32\wininet.dll 2010-02-02 15:43 . 2010-02-02 15:43 115800 ----a-w- c:\windows\system32\drivers\msdsm.sys 2010-02-02 15:42 . 2010-02-02 15:42 711552 ----a-w- c:\windows\system32\drivers\ndis.sys 2010-02-02 15:41 . 2010-02-02 15:41 477696 ----a-w- c:\windows\system32\lpksetup.exe 2010-02-02 15:41 . 2010-02-02 15:41 26624 ----a-w- c:\windows\system32\LangCleanupSysprepAction.dll 2010-02-02 15:41 . 2010-02-02 15:41 417792 ----a-w- c:\windows\system32\msdri.dll 2010-02-02 15:41 . 2010-02-02 15:41 641536 ----a-w- c:\windows\system32\CPFilters.dll 2010-02-02 15:41 . 2010-02-02 15:41 465408 ----a-w- c:\windows\system32\psisdecd.dll 2010-02-02 15:41 . 2010-02-02 15:41 271360 ----a-w- c:\windows\system32\conhost.exe 2010-02-02 15:41 . 2010-02-02 15:41 2702848 ----a-w- c:\windows\system32\mstscax.dll 2010-02-02 15:41 . 2010-02-02 15:41 131584 ----a-w- c:\windows\system32\aaclient.dll 2010-02-02 15:41 . 2010-02-02 15:41 1034240 ----a-w- c:\windows\system32\mstsc.exe 2010-02-02 15:41 . 2010-02-02 15:41 303104 ----a-w- c:\windows\system32\msinfo32.exe 2010-02-02 15:40 . 2010-02-02 15:40 514560 ----a-w- c:\windows\system32\qdvd.dll 2010-02-02 15:40 . 2010-02-02 15:40 205312 ----a-w- c:\windows\system32\efscore.dll 2010-02-02 15:40 . 2010-02-02 15:40 2326528 ----a-w- c:\windows\system32\win32k.sys 2010-02-02 15:39 . 2010-02-02 15:39 544256 ----a-w- c:\windows\system32\cscsvc.dll 2010-02-02 15:39 . 2010-02-02 15:39 2614784 ----a-w- c:\windows\explorer.exe 2010-02-02 15:38 . 2010-02-02 15:38 776192 ----a-w- c:\windows\system32\wbem\wbemcore.dll 2010-02-02 15:38 . 2010-02-02 15:38 152064 ----a-w- c:\windows\system32\rdpdd.dll 2010-02-02 15:38 . 2010-02-02 15:38 178176 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2010-02-02 15:38 . 2010-02-02 15:38 498688 ----a-w- c:\windows\system32\iphlpsvc.dll 2010-02-02 15:38 . 2010-02-02 15:38 8192 ----a-w- c:\windows\system32\spwmp.dll 2010-02-02 15:38 . 2010-02-02 15:38 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2010-02-02 15:38 . 2010-02-02 15:38 4096 ----a-w- c:\windows\system32\dxmasf.dll 2010-02-02 15:37 . 2010-02-02 15:37 1003520 ----a-w- c:\windows\system32\cryptui.dll 2010-02-02 15:37 . 2010-02-02 15:37 163328 ----a-w- c:\windows\system32\drivers\1394ohci.sys 2010-02-02 15:37 . 2010-02-02 15:37 268800 ----a-w- c:\windows\system32\Wldap32.dll 2010-02-02 15:37 . 2010-02-02 15:37 27736 ----a-w- c:\windows\system32\drivers\msahci.sys 2010-02-02 15:36 . 2010-02-02 15:36 292864 ----a-w- c:\windows\system32\apphelp.dll 2010-02-02 15:36 . 2010-02-02 15:36 3954776 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-02 15:36 . 2010-02-02 15:36 3899992 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-02 15:36 . 2010-02-02 15:36 28672 ----a-w- c:\windows\system32\dnscacheugc.exe 2010-02-02 15:36 . 2010-02-02 15:36 132608 ----a-w- c:\windows\system32\dnsrslvr.dll 2010-02-02 15:35 . 2010-02-02 15:35 1077248 ----a-w- c:\windows\system32\Narrator.exe 2010-02-02 15:34 . 2010-02-02 15:34 285696 ----a-w- c:\windows\system32\winlogon.exe 2010-02-02 15:34 . 2010-02-02 15:34 246784 ----a-w- c:\windows\system32\drivers\udfs.sys 2010-02-02 15:34 . 2010-02-02 15:34 1152000 ----a-w- c:\windows\system32\crypt32.dll 2010-02-02 15:33 . 2010-02-02 15:33 505856 ----a-w- c:\windows\system32\taskschd.dll 2010-02-02 15:33 . 2010-02-02 15:33 86528 ----a-w- c:\windows\system32\isoburn.exe 2010-02-02 15:32 . 2010-02-02 15:32 240216 ----a-w- c:\windows\system32\drivers\netio.sys 2010-02-02 15:32 . 2010-02-02 15:32 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys 2010-02-02 15:32 . 2010-02-02 15:32 26712 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2010-02-02 15:31 . 2010-02-02 15:31 541184 ----a-w- c:\windows\system32\kerberos.dll 2010-02-02 15:31 . 2010-02-02 15:31 768000 ----a-w- c:\windows\system32\localspl.dll 2010-02-02 15:31 . 2010-02-02 15:31 66048 ----a-w- c:\windows\system32\PrintBrmUi.exe 2010-02-02 15:31 . 2010-02-02 15:31 492032 ----a-w- c:\windows\system32\win32spl.dll 2010-02-02 15:31 . 2010-02-02 15:31 316416 ----a-w- c:\windows\system32\spoolsv.exe 2010-02-02 15:31 . 2010-02-02 15:31 1210456 ----a-w- c:\windows\system32\drivers\ntfs.sys 2010-02-02 15:30 . 2010-02-02 15:30 625664 ----a-w- c:\windows\system32\usp10.dll 2010-02-02 15:30 . 2010-02-02 15:30 1072640 ----a-w- c:\windows\system32\DWrite.dll 2010-02-02 15:30 . 2010-02-02 15:30 186952 ----a-w- c:\windows\system32\drivers\msiscsi.sys 2010-02-02 15:29 . 2010-02-02 15:29 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys 2010-02-02 15:29 . 2010-02-02 15:29 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2010-02-02 15:29 . 2010-02-02 15:29 1037312 ----a-w- c:\windows\system32\lsasrv.dll 2010-02-02 15:29 . 2010-02-02 15:29 3177984 ----a-w- c:\windows\system32\mf.dll 2010-02-02 15:29 . 2010-02-02 15:29 582656 ----a-w- c:\windows\system32\gpprefcl.dll 2010-02-02 15:28 . 2010-02-02 15:28 1287240 ----a-w- c:\windows\system32\drivers\tcpip.sys 2010-02-02 15:27 . 2010-02-02 15:27 153672 ----a-w- c:\windows\system32\drivers\pci.sys 2010-02-02 15:27 . 2010-02-02 15:27 91136 ----a-w- c:\windows\system32\dot3api.dll 2010-02-02 15:27 . 2010-02-02 15:27 82432 ----a-w- c:\windows\system32\dot3cfg.dll 2010-02-02 15:27 . 2010-02-02 15:27 47104 ----a-w- c:\windows\system32\dot3dlg.dll 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2010-01-22 200280] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-02-24 1771320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-05-22 7514656] "HDInspector.exe"="c:\program files\Hard Drive Inspector\HDInspector.exe" [2008-04-26 1006344] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-10-29 1218008] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496] Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-3-2 813584] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 0 (0x0) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer4"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "RegClean Expert Scheduler"="c:\program files\Registry Clean Expert\RCHelper.exe" /startup "AutoSizer"="c:\program files\AutoSizer\AutoSizer.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-01 691696] R2 0263871269274429mcinstcleanup;McAfee Application Installer Cleanup (0263871269274429);c:\users\GEBRUI~1\AppData\Local\Temp\026387~1.EXE [x] R2 Kaspersky Removal Tool v7.0.0.180_11.04.2008_23-40;Kaspersky Removal Tool v7.0.0.180_11.04.2008_23-40;c:\users\Public\Desktop\Kaspersky Lab Tool\Kaspersky Removal Tool v7.0.0.180_11.04.2008_23-40.exe [x] R3 c2wts;Claims voor Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-02-02 13080] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192] S0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [2007-02-21 38448] S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-18 169312] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-10 1044808] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map 2010-03-25 c:\windows\Tasks\AWC AutoSweep.job - c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-03-01 13:11] 2010-03-25 c:\windows\Tasks\AWC Startup.job - c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-03-01 10:02] 2010-03-23 c:\windows\Tasks\AWC Update.job - c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-03-01 12:38] 2010-03-22 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2010-03-22 11:22] 2010-03-22 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2010-03-22 11:22] . . ------- Bijkomende Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\45qqhdzd.default\ # Mozilla User Preferences /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config * For more information, see hxxp://www.mozilla.org/unix/customizing.html#prefs */ user_pref(app.update.lastUpdateTime.addon-background-update-timer, 1267536211); user_pref(app.update.lastUpdateTime.background-update-timer, 1267536202); user_pref(app.update.lastUpdateTime.blocklist-background-update-timer, 1267536202); user_pref(app.update.lastUpdateTime.microsummary-generator-update-timer, 1267536203); user_pref(app.update.lastUpdateTime.places-maintenance-timer, 1267536231); user_pref(app.update.lastUpdateTime.search-engine-update-timer, 1267536212); user_pref(browser.anchor_color, #0000FF); user_pref(browser.display.background_color, #C0C0C0); user_pref(browser.display.use_system_colors, true); user_pref(browser.migration.version, 1); user_pref(browser.places.smartBookmarksVersion, 1); user_pref(browser.rights.3.shown, true); user_pref(browser.startup.homepage_override.mstone, rv:1.9.1.6); user_pref(browser.visited_color, #800080); user_pref(extensions.enabledItems, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.6); user_pref(extensions.lastAppVersion, 3.5.6); user_pref(intl.charsetmenu.browser.cache, UTF-8); user_pref(network.cookie.prefsMigrated, true); user_pref(privacy.sanitize.migrateFx3Prefs, true); user_pref(urlclassifier.keyupdatetime.https://sb-ssl.google.com/safebrowsing/newkey, 1270128215); FF - prefs.js: browser.startup.homepage - I-play Web Search); user_pref(browser.search.selectedEngine, Web Search); user_pref(browser.search.defaultenginename, Web Search FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll . - - - - ORPHANS VERWIJDERD - - - - Toolbar-Locked - (no file) Notify-WgaLogon - (no file) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.032" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.abr" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ani" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.apd" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.bay" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.bmp" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.bw" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.cs1" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.cur" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.dcx" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.dib" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.djv" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.djvu" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.emf" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.eps" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.erf" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.fff" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.fpx" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.gif" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.hdr" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.icl" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.icn" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.iff" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ilbm" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.int" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.inta" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.iw4" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.j2c" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.j2k" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jbr" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jfif" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jif" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jp2" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jpc" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jpe" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jpeg" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jpg" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jpk" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jpx" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.lbm" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.mef" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.mos" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.nrw" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pbm" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pbr" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pcd" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pct" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pcx" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pgm" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pic" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pict" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pix" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.png" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ppm" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.psd" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.psp" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pspbrush" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pspimage" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ras" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.rgb" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.rgba" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.rle" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.rsb" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.rw2" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.rwl" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.sgi" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (S-1-5-21-2193825278-440110479-3838786078-1000) @Denied: (2) (LocalSystem) "Progid"="Google.PhotoViewer.3.0" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.tga" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.thm" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.tif" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.tiff" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ttc" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ttf" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.wbm" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.wbmp" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.wmf" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.xbm" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.xif" [HKEY_USERS\S-1-5-21-2193825278-440110479-3838786078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.xpm" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DcomLaunch\Security] @DACL=(02 0000) "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02, 00,1c,00,01,00,00,00,02,80,14,00,ff,00,0f,00,01,01,00,00,00,00,00,01,00,00,\ [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DPS\Security] @DACL=(02 0000) "Security"=hex:01,00,14,80,8c,00,00,00,98,00,00,00,14,00,00,00,30,00,00,00,02, 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcSs\Security] @DACL=(02 0000) "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02, 00,1c,00,01,00,00,00,02,80,14,00,ff,00,0f,00,01,01,00,00,00,00,00,01,00,00,\ [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrustedInstaller\Security] @DACL=(02 0000) @SACL= "Security"=hex:01,00,14,80,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02, 00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,\ [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WdiServiceHost\Security] @DACL=(02 0000) "Security"=hex:01,00,14,80,b4,00,00,00,c0,00,00,00,14,00,00,00,30,00,00,00,02, 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WdiSystemHost\Security] @DACL=(02 0000) "Security"=hex:01,00,14,80,b4,00,00,00,c0,00,00,00,14,00,00,00,30,00,00,00,02, 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ . Voltooingstijd: 2010-03-25 12:07:26 ComboFix-quarantined-files.txt 2010-03-25 11:07 Pre-Run: 124.174.012.416 bytes beschikbaar Post-Run: 123.936.681.984 bytes beschikbaar - - End Of File - - 71AE644D4E6640148A6696EF54AF6118 Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 12:18:54, on 25-3-2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Windows\system32\notepad.exe C:\Windows\explorer.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Helperobject voor Encarta Winkler Prins Webassistent - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Encarta Winkler Prins Webassistent - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A5A437FA-095D-4B1E-9128-396DB4CB8039}: NameServer = 62.45.45.45 62.45.46.46 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: McAfee Application Installer Cleanup (0263871269274429) (0263871269274429mcinstcleanup) - Unknown owner - C:\Users\GEBRUI~1\AppData\Local\Temp\026387~1.EXE (file missing) O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (AltrixSoft — Products) - C:\Windows\system32\HDDSvc.exe O23 - Service: Kaspersky Removal Tool v7.0.0.180_11.04.2008_23-40 - Unknown owner - C:\Users\Public\Desktop\Kaspersky Lab Tool\Kaspersky Removal Tool v7.0.0.180_11.04.2008_23-40.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 9125 bytes

Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 17:04:25, on 24-3-2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Hard Drive Inspector\HDInspector.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Helperobject voor Encarta Winkler Prins Webassistent - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Encarta Winkler Prins Webassistent - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe O4 - HKLM\..\Run: [Application Layer Gateway] C:\Program Files\Common Files\alg.exe O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A5A437FA-095D-4B1E-9128-396DB4CB8039}: NameServer = 62.45.45.45 62.45.46.46 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: McAfee Application Installer Cleanup (0263871269274429) (0263871269274429mcinstcleanup) - Unknown owner - C:\Users\GEBRUI~1\AppData\Local\Temp\026387~1.EXE (file missing) O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (AltrixSoft — Products) - C:\Windows\system32\HDDSvc.exe O23 - Service: Kaspersky Removal Tool v7.0.0.180_11.04.2008_23-40 - Unknown owner - C:\Users\Public\Desktop\Kaspersky Lab Tool\Kaspersky Removal Tool v7.0.0.180_11.04.2008_23-40.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 10420 bytes

Sinds enige dagen krijg ik als ik mijn PC opstart een melding van Form1 op mijn PC, ik ken dit programma niet of virus ?? ik heb hem gescant met mijn virus scanner Mc Affee en met Advanced System Care maar niets gevonden. ik zou dit wel willen verwijderen want het irriteerd mij. De PC draait wel normaal, wie kan mij evt helpen Form1 te verwijderen. mijn besturingssysteem Is Windows7 Ultimate. Bij voorbaat dank ahvhees