Volledige versie bekijken : Vista explorer slaagt om de 5 botten vast
Clioke16V 21 February 2009, 14:05 Ik dacht eerst dat het aan mijn harde schijven lag, deze heb ik 1 voor 1 grondig getest met HDtune en de full HD error test. > geen enkel fout.
Dan maar eens memtest86 gedaan, deze heb ik 5uur30 laten draaien > geen enkele error.
Nu ik heb Vista64 bit ultimate, crasht echt om gek van te worden en krijg enkel de melding > explorer reageert niet, dus heb niets om op verder te gaan.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:01:20, on 21/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent. exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files (x86)\Belkin\F5D7051\WLService.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: O&O Gateway Agent Service (GatewayAgentService) - O&O Software GmbH - C:\Program Files (x86)\OO Software\Shared\GatewayAgent\ooemcgats.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag - Unknown owner - C:\Windows\system32\oodag.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9545 bytes
Black_Bird 21 February 2009, 18:07 Hoi,
1. Klik met je rechtermuisknop op HijackThis en kies voor Run as Administrator (Nederlands: Uitvoeren als Administrator)
Kies voor Do a system scan only.
Vink de volgende regels, indien aanwezig, aan:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
Sluit nu eerst alle vensters!
Klik hierna onderin op Fix Checked.
Sluit HijackThis hierna af.
Maak nu een nieuwe HijackThislog en post deze in je volgende bericht. :)
2. Download RSIT (http://images.malwareremoval.com/random/RSIT.exe) (door random/random)
Sla het op je Bureaublad op.
Dubbelklik op RSIT om het te starten.
Klik op Continue in het disclaimer venster.
Zodra de scan beëindigd is, zullen twee logs openen. Post de inhoud van log.txt (<<zal gemaximaliseerd zijn) en info.txt (<<zal geminimaliseerd zijn) in je volgende antwoord.
Clioke16V 21 February 2009, 20:05 hijackthis log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:59:39, on 21/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent. exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files (x86)\Belkin\F5D7051\WLService.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: O&O Gateway Agent Service (GatewayAgentService) - O&O Software GmbH - C:\Program Files (x86)\OO Software\Shared\GatewayAgent\ooemcgats.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag - Unknown owner - C:\Windows\system32\oodag.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9144 bytes
info.txt logfile of random's system information tool 1.05 2009-02-21 19:00:28
======Uninstall list======
-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x13
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x13
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x13 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x13
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x13
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x13 /remove
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {00C5525B-3CB3-467D-8100-2E6FB306CD86}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-002A-0413-1000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activ eX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugi n.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files (x86)\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad 31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Reader 9 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A90000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
AVG Free 8.0-->C:\Program Files (x86)\AVG\AVG8\setup.exe /UNINSTALL
Belkin F5D7051-->C:\Program Files (x86)\InstallShield Installation Information\{EEBC3795-B846-4B9F-B559-29E07962C2B2}\setup.exe -runfromtemp -l0x0009 -removeonly
Burnout(TM) Paradise The Ultimate Box-->MsiExec.exe /X{9A996B6A-846E-4A89-B9C4-17546B7BE49F}
Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
CCleaner (remove only)-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Counter-Strike: Source-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/240
Creative Configuratiescherm voor geluid-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x13 /remove
Creative Opstart-console-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x13 /remove
Creative Sound Blaster Properties x64 Edition-->"C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x0013
DoBs-->"C:\Program Files (x86)\DoBs\unins000.exe"
Fallout 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
FoxyTunes for Firefox-->"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
Fraps (remove only)-->"D:\Games\FRAPS\uninstall.exe"
FrostWire 4.17.2-->D:\Download Programma's\Frostwire\Uninstall.exe
Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Half-Life 2: Deathmatch-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/320
Half-Life 2: Episode One-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/380
Half-Life 2: Episode Two-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/420
Half-Life 2: Lost Coast-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/340
Half-Life 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/220
HD Tune 2.55-->"C:\Program Files (x86)\HD Tune\unins000.exe"
Hercules Dualpix Chat and Show-->C:\Program Files (x86)\InstallShield Installation Information\{F0CFDC72-63D2-4086-A54F-1514494394A0}\setup.exe -runfromtemp -l0x0013 -removeonly
HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
ISP Monitor-->C:\Windows\iun6002.exe "C:\Program Files (x86)\ISP Monitor\isp.ini"
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
LG USB Modem driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x13 LG -removeonly
LGE GSM Device Driver OMAPV1030-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C2979637-6A5A-4CF3-876C-AA2F199E3750}\setup.exe" -l0x13 -removeonly
Logitech SetPoint-->"C:\Program Files (x86)\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x0013 -removeonly
Medieval CUE Splitter-->MsiExec.exe /I{B96D2269-568B-4CBF-9332-12FAE8B158F7}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
mIRC-->"D:\Download Programma's\mIRC\mirc.exe" -uninstall
Mozilla Firefox (3.0.6)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 9-->C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Next Generation Visualisations-->MsiExec.exe /I{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
ObjectDock Plus-->C:\PROGRA~2\Stardock\OBJECT~1\objectdock.exe /uninstall
OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
Portal-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/400
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Rockstar Games Social Club-->"C:\Program Files (x86)\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Serv-U 6.3-->"D:\Download Programma's\Serv-U\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Streamripper (Remove only)-->C:\Program Files (x86)\Streamripper\Uninstall.exe
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Team Fortress 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/440
TeamViewer 4-->C:\Program Files (x86)\TeamViewer\Version4\uninstall.exe
Thrustmaster Force Feedback Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}\setup.exe -runfromtemp -l0x0013 -removeonly
Total Video Converter 3.14 080930-->"C:\Program Files (x86)\Total Video Converter\unins000.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2}
Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}
VLC media player 0.9.8a-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VSO Image Resizer 2.1.7.4-->"C:\Program Files (x86)\VSO\Image Resizer\unins000.exe"
WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live aanmeldhulp-->MsiExec.exe /I{1BD6AE96-4742-4498-9D03-9451C7E5A214}
Windows Live Call-->MsiExec.exe /I{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{3CDAFDF9-A993-4B64-8D9B-36253D9C0DC9}
Windows Live Messenger-->MsiExec.exe /X{1A38EBE5-08BD-4E0D-AAB9-0DFECACE108B}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
Xfire (remove only)-->"C:\Program Files (x86)\Xfire\uninst.exe"
=====HijackThis Backups=====
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
======Hosts File======
127.0.0.1 activate.adobe.com
127.0.0.1 www.007guard.com (http://www.007guard.com)
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com (http://www.008k.com)
127.0.0.1 008k.com
127.0.0.1 www.00hq.com (http://www.00hq.com)
127.0.0.1 00hq.com
127.0.0.1 010402.com
======Security center information======
AV: AVG Anti-Virus Free
AS: AVG Anti-Virus Free (disabled)
AS: Spybot - Search and Destroy (disabled)
AS: Windows Defender
System event log
Computer Name: PC_van_CyraXx
Event Code: 7036
Message: De KtmRm for Distributed Transaction Coordinator-service heeft nu de status wordt uitgevoerd.
Record Number: 21462
Source Name: Service Control Manager
Time Written: 20090221175822.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_CyraXx
Event Code: 7036
Message: De TPM Base Services-service heeft nu de status gestopt.
Record Number: 21463
Source Name: Service Control Manager
Time Written: 20090221175822.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_CyraXx
Event Code: 7036
Message: De Windows Update-service heeft nu de status wordt uitgevoerd.
Record Number: 21464
Source Name: Service Control Manager
Time Written: 20090221175823.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_CyraXx
Event Code: 537
Message: Kan geen compatibel TPM (Trusted Platform Module)-beveiligingsapparaat op deze computer vinden. Kan TBS niet starten.
Record Number: 21465
Source Name: Microsoft-Windows-TBS
Time Written: 20090221175822.729943-000
Event Type: Informatie
User: NT AUTHORITY\LOCAL SERVICE
Computer Name: PC_van_CyraXx
Event Code: 7036
Message: De Windows Media Center Service Launcher-service heeft nu de status gestopt.
Record Number: 21466
Source Name: Service Control Manager
Time Written: 20090221175825.000000-000
Event Type: Informatie
User:
Application event log
Computer Name: PC_van_CyraXx
Event Code: 1
Message: De Windows Security Center-service is gestart.
Record Number: 3557
Source Name: SecurityCenter
Time Written: 20090221175621.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_CyraXx
Event Code: 1
Message:
Record Number: 3558
Source Name: avg8emc
Time Written: 20090221175622.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_CyraXx
Event Code: 1003
Message: De Windows Search-service is gestart.
Record Number: 3559
Source Name: Microsoft-Windows-Search
Time Written: 20090221175624.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_CyraXx
Event Code: 1
Message: Client van Certificate Services is gestart.
Record Number: 3560
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20090221175703.303943-000
Event Type: Informatie
User: PC_van_CyraXx\CyraXx
Computer Name: PC_van_CyraXx
Event Code: 1
Message: Client van Certificate Services is gestart.
Record Number: 3561
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20090221175712.431943-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM
Security event log
Computer Name: PC_van_CyraXx
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_CYRAXX$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldingstype: 5
Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x2a0
Naam proces: C:\Windows\System32\services.exe
Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 5155
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090221175619.049943-000
Event Type: Controle geslaagd
User:
Computer Name: PC_van_CyraXx
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5156
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090221175619.049943-000
Event Type: Controle geslaagd
User:
Computer Name: PC_van_CyraXx
Event Code: 4648
Message: Poging tot aanmelden met expliciete referenties.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_CYRAXX$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Account waarvan de referenties zijn gebruikt:
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Doelserver:
Naam van doelserver: localhost
Aanvullende gegevens: localhost
Procesgegevens:
Proces-id: 0x2a0
Procesnaam: C:\Windows\System32\services.exe
Netwerkgegevens:
Netwerkadres: -
Poort: -
Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.
Record Number: 5157
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090221175619.072943-000
Event Type: Controle geslaagd
User:
Computer Name: PC_van_CyraXx
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_CYRAXX$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldingstype: 5
Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x2a0
Naam proces: C:\Windows\System32\services.exe
Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 5158
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090221175619.073943-000
Event Type: Controle geslaagd
User:
Computer Name: PC_van_CyraXx
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5159
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090221175619.073943-000
Event Type: Controle geslaagd
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\S ystem32\Wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH; .MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
"DFSTRACINGON"=FALSE
"RGSCLauncher"=D:\Games\GTA4\Rockstar Games Social Club
"RGSC"=D:\Games\GTA4\Rockstar Games Social Club\1_0_0_0
-----------------EOF-----------------
Logfile of random's system information tool 1.05 (written by random/random)
Run by CyraXx at 2009-02-21 19:00:21
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 70 GB (46%) free of 153 GB
Total RAM: 2046 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:27, on 21/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\CyraXx\Desktop\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\CyraXx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent. exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files (x86)\Belkin\F5D7051\WLService.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: O&O Gateway Agent Service (GatewayAgentService) - O&O Software GmbH - C:\Program Files (x86)\OO Software\Shared\GatewayAgent\ooemcgats.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag - Unknown owner - C:\Windows\system32\oodag.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9174 bytes
======Scheduled tasks folder======
C:\Windows\tasks\1-klik Onderhoud.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG8\avgssie.dll [2009-02-04 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2009-01-21 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-01-21 34816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
"AVG8_TRAY"=C:\PROGRA~2\AVG\AVG8\avgtray.exe [2009-02-04 1601304]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2008-10-07 23552]
"B2C_AGENT"=C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent .exe [2008-06-17 179536]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Users\CyraXx\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2009-02-21 19:00:21 ----D---- C:\rsit
2009-02-21 13:06:43 ----D---- C:\Windows\system32\AGEIA
2009-02-21 13:06:42 ----D---- C:\Program Files (x86)\AGEIA Technologies
2009-02-21 13:06:29 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2009-02-21 13:01:06 ----D---- C:\Program Files (x86)\Trend Micro
2009-02-20 13:28:30 ----A---- C:\Windows\NeroDigital.ini
2009-02-19 21:39:14 ----D---- C:\Users\CyraXx\AppData\Roaming\AccurateRip
2009-02-19 21:39:06 ----A---- C:\Windows\system32\SpoonUninstall.exe
2009-02-19 14:30:09 ----D---- C:\Program Files (x86)\Western Digital Technologies
2009-02-18 21:36:51 ----A---- C:\Windows\system32\gpprefcl.dll
2009-02-18 21:05:13 ----D---- C:\Program Files (x86)\HD Tune
2009-02-18 20:01:38 ----A---- C:\Windows\IFinst27.exe
2009-02-18 15:30:16 ----D---- C:\Users\CyraXx\AppData\Roaming\Thinstall
2009-02-18 15:29:54 ----D---- C:\Windows\system32\IOSUBSYS
2009-02-18 15:29:46 ----D---- C:\Program Files (x86)\Google
2009-02-17 19:13:19 ----D---- C:\Users\CyraXx\AppData\Roaming\IrfanView
2009-02-17 19:13:19 ----D---- C:\Program Files (x86)\IrfanView
2009-02-16 20:35:50 ----D---- C:\Users\CyraXx\AppData\Roaming\VSO
2009-02-16 20:35:33 ----D---- C:\Program Files (x86)\VSO
2009-02-16 15:22:58 ----SD---- C:\Windows\system32\Microsoft
2009-02-16 14:54:33 ----A---- C:\Windows\system32\EncDec.dll
2009-02-16 14:54:31 ----A---- C:\Windows\system32\psisdecd.dll
2009-02-14 12:53:00 ----D---- C:\Sounds
2009-02-14 02:53:22 ----A---- C:\Windows\system32\msxml4a.dll
2009-02-14 02:53:22 ----A---- C:\Windows\system32\lgAxconfig.ini
2009-02-14 02:53:22 ----A---- C:\Windows\system32\CommonDL.dll
2009-02-14 02:53:19 ----D---- C:\ProgramData\LGMOBILEAX
2009-02-13 17:58:47 ----D---- C:\Program Files (x86)\Canon
2009-02-13 16:47:33 ----D---- C:\Program Files (x86)\LG Electronics
2009-02-13 16:45:05 ----D---- C:\Users\CyraXx\AppData\Roaming\LG Electronics
2009-02-11 23:19:54 ----D---- C:\Program Files (x86)\YouTube Downloader
2009-02-11 22:57:47 ----D---- C:\Program Files (x86)\Total Video Converter
2009-02-11 11:39:26 ----D---- C:\Program Files (x86)\F.E.A.R. 2
2009-02-10 22:49:18 ----A---- C:\Windows\system32\mshtml.dll
2009-02-10 22:49:17 ----A---- C:\Windows\system32\urlmon.dll
2009-02-10 22:49:17 ----A---- C:\Windows\system32\ieframe.dll
2009-02-10 22:49:16 ----A---- C:\Windows\system32\wininet.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\mstime.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\iertutil.dll
2009-02-10 00:45:23 ----D---- C:\Program Files (x86)\Common Files\Steam
2009-02-10 00:45:21 ----D---- C:\Program Files (x86)\Steam
2009-02-10 00:45:20 ----D---- C:\Config.Msi
2009-02-07 14:45:12 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.dll
2009-02-06 14:13:04 ----D---- C:\ProgramData\Test Drive Unlimited
2009-02-05 21:50:30 ----A---- C:\Windows\system32\xfcodec.dll
2009-02-04 17:28:09 ----D---- C:\ProgramData\2DBoy
2009-02-03 20:42:16 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-02-03 20:42:16 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2009-02-03 20:01:06 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-02-03 20:01:06 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-02-03 20:01:03 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-02-03 20:01:02 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-02-03 20:01:02 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-02-03 20:01:00 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-02-03 20:01:00 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-02-03 20:00:58 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-02-03 20:00:57 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-02-03 20:00:57 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-02-03 20:00:56 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-02-03 20:00:56 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-02-03 20:00:55 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-02-03 18:33:04 ----D---- C:\Program Files (x86)\Thrustmaster
2009-02-03 18:33:04 ----A---- C:\Windows\system32\tmffbdrv.dll
2009-02-03 18:33:04 ----A---- C:\Windows\system32\tmffbcpl.dll
2009-02-02 17:51:43 ----D---- C:\Users\CyraXx\AppData\Roaming\streamripper
2009-02-02 17:50:24 ----D---- C:\Program Files (x86)\Streamripper
2009-02-02 17:48:49 ----D---- C:\Users\CyraXx\AppData\Roaming\Winamp
2009-02-02 17:48:49 ----D---- C:\Program Files (x86)\Winamp
2009-01-31 18:33:53 ----D---- C:\Users\CyraXx\AppData\Roaming\vlc
2009-01-31 18:32:27 ----D---- C:\Program Files (x86)\VideoLAN
2009-01-29 19:07:14 ----D---- C:\ProgramData\FLEXnet
2009-01-29 18:57:50 ----D---- C:\Windows\system32\spool
2009-01-29 18:57:21 ----D---- C:\Program Files (x86)\Adobe Media Player
2009-01-29 18:56:06 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2009-01-29 18:54:33 ----D---- C:\ProgramData\Adobe
2009-01-29 18:54:10 ----D---- C:\Program Files (x86)\Adobe
2009-01-29 18:53:53 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2009-01-29 18:51:57 ----D---- C:\Program Files (x86)\Common Files\Adobe
2009-01-28 19:35:53 ----D---- C:\Users\CyraXx\AppData\Roaming\Audacity
2009-01-28 15:12:52 ----D---- C:\Users\CyraXx\AppData\Roaming\Xi
2009-01-28 12:51:46 ----D---- C:\temp
2009-01-28 00:10:16 ----HD---- C:\$AVG8.VAULT$
2009-01-27 22:56:01 ----N---- C:\Windows\system32\vxblock.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxwave.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxsfs.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxmas.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxinsa64.exe
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxhpinst.exe
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxdrv.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxcpya64.exe
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxafs.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\px.dll
2009-01-27 22:50:25 ----A---- C:\Windows\system32\BASSMOD.dll
2009-01-27 20:46:07 ----D---- C:\Users\CyraXx\AppData\Roaming\SoundSpectrum
2009-01-26 22:10:03 ----D---- C:\Users\CyraXx\AppData\Roaming\Kingston
2009-01-26 20:19:21 ----D---- C:\Users\CyraXx\AppData\Roaming\dvdcss
2009-01-26 15:17:44 ----RHD---- C:\Users\CyraXx\AppData\Roaming\SecuROM
2009-01-26 15:13:51 ----A---- C:\Windows\system32\CmdLineExt_x64.dll
2009-01-26 15:12:30 ----D---- C:\Windows\system32\xlive
2009-01-26 15:12:30 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2009-01-26 14:51:41 ----D---- C:\Users\CyraXx\AppData\Roaming\Artweaver
2009-01-26 14:37:01 ----AD---- C:\ProgramData\TEMP
2009-01-26 01:52:19 ----D---- C:\Users\CyraXx\AppData\Roaming\DAEMON Tools Pro
2009-01-26 01:52:19 ----D---- C:\Users\CyraXx\AppData\Roaming\DAEMON Tools
2009-01-26 01:51:36 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-01-26 01:51:25 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2009-01-26 01:37:40 ----D---- C:\Program Files (x86)\Medieval Software
2009-01-23 18:49:36 ----D---- C:\Program Files (x86)\MSXML 4.0
2009-01-22 21:48:00 ----A---- C:\Windows\OODCNT.INI
2009-01-22 21:42:12 ----D---- C:\Program Files (x86)\OO Software
2009-01-22 21:42:11 ----D---- C:\ProgramData\OO Software
2009-01-22 21:21:28 ----D---- C:\Users\CyraXx\AppData\Roaming\Creative
2009-01-22 21:14:48 ----D---- C:\ProgramData\Creative Labs
2009-01-22 17:38:03 ----D---- C:\Program Files (x86)\Common Files\Stardock
2009-01-22 17:38:02 ----D---- C:\Program Files (x86)\Stardock
2009-01-22 15:53:15 ----D---- C:\Users\CyraXx\AppData\Roaming\DoBs
2009-01-22 15:53:15 ----D---- C:\Program Files (x86)\DoBs
======List of files/folders modified in the last 1 months======
2009-02-21 19:00:24 ----D---- C:\Windows\Temp
2009-02-21 18:59:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2009-02-21 13:25:40 ----A---- C:\Windows\win.ini
2009-02-21 13:18:13 ----D---- C:\Windows\System32
2009-02-21 13:18:13 ----D---- C:\Windows\inf
2009-02-21 13:08:59 ----D---- C:\Windows
2009-02-21 13:06:49 ----SHD---- C:\Windows\Installer
2009-02-21 13:06:43 ----D---- C:\Windows\SysWOW64
2009-02-21 13:06:42 ----RD---- C:\Program Files (x86)
2009-02-21 13:06:30 ----D---- C:\Windows\Prefetch
2009-02-21 13:06:29 ----D---- C:\Program Files (x86)\Common Files
2009-02-21 11:12:48 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2009-02-20 19:36:10 ----D---- C:\Users\CyraXx\AppData\Roaming\FrostWire
2009-02-20 13:30:37 ----SHD---- C:\System Volume Information
2009-02-19 14:37:46 ----D---- C:\Windows\rescache
2009-02-19 14:30:11 ----SD---- C:\Users\CyraXx\AppData\Roaming\Microsoft
2009-02-18 21:37:13 ----D---- C:\Windows\winsxs
2009-02-18 21:03:14 ----HD---- C:\ProgramData
2009-02-18 21:00:38 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-02-18 20:07:12 ----RD---- C:\Program Files
2009-02-18 15:29:54 ----D---- C:\Windows\system32\drivers
2009-02-18 15:29:22 ----D---- C:\ProgramData\NOS
2009-02-18 15:29:22 ----D---- C:\Program Files (x86)\NOS
2009-02-18 15:22:06 ----D---- C:\Windows\Microsoft.NET
2009-02-18 15:21:48 ----RSD---- C:\Windows\assembly
2009-02-17 21:55:04 ----D---- C:\Windows\ehome
2009-02-17 21:51:12 ----D---- C:\Users\CyraXx\AppData\Roaming\Xfire
2009-02-17 18:05:13 ----D---- C:\Windows\Debug
2009-02-16 17:46:25 ----D---- C:\Users\CyraXx\AppData\Roaming\Adobe
2009-02-16 14:51:17 ----D---- C:\Windows\twain_32
2009-02-13 18:06:08 ----RSD---- C:\Windows\Media
2009-02-12 01:40:08 ----D---- C:\ProgramData\Xfire
2009-02-11 22:57:50 ----RSD---- C:\Windows\Fonts
2009-02-11 11:08:14 ----D---- C:\ProgramData\Microsoft Help
2009-02-11 11:07:04 ----D---- C:\Program Files (x86)\Windows Mail
2009-02-10 11:22:02 ----D---- C:\Program Files (x86)\Xfire
2009-02-09 11:32:44 ----D---- C:\Windows\SoftwareDistribution
2009-02-07 18:55:58 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-02-07 14:16:29 ----A---- C:\Windows\system32\pbsvc.exe
2009-02-07 13:40:25 ----D---- C:\Program Files (x86)\Activision
2009-02-06 13:57:03 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2009-02-03 18:31:32 ----D---- C:\ProgramData\avg8
2009-02-02 21:12:03 ----D---- C:\Users\CyraXx\AppData\Roaming\ISP Monitor
2009-02-02 19:02:52 ----D---- C:\Users\CyraXx\AppData\Roaming\DAEMON Tools Lite
2009-01-28 22:45:22 ----SD---- C:\Windows\Downloaded Program Files
2009-01-28 12:51:51 ----A---- C:\Windows\system32\msvos.dll
2009-01-27 20:40:04 ----D---- C:\Program Files (x86)\Windows Media Player
2009-01-26 19:24:40 ----D---- C:\Windows\Logs
2009-01-22 16:00:26 ----D---- C:\ProgramData\Creative
2009-01-22 15:58:27 ----D---- C:\Program Files (x86)\Creative
2009-01-22 15:53:20 ----SD---- C:\ProgramData\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx64;AVG Free AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys []
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys []
R1 AvgTdiA;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdia.sys []
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys []
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS []
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys []
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys []
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS []
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS []
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys []
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys []
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys []
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys []
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys []
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys []
R3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys []
R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys []
R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
S2 windrvNT;windrvNT; \??\C:\Windows\system32\windrvNT.sys [2009-01-21 35363]
S3 ara92ywl;ara92ywl; C:\Windows\system32\drivers\ara92ywl.sys []
S3 camfilt2;Hercules Filter Driver; C:\Windows\System32\Drivers\camfilt2.sys [2007-12-10 98304]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS []
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS []
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS []
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\D:\EVEREST Ultimate Edition 4.60.1631\kerneld.amd64 [2008-12-24 24192]
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys []
S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys []
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~2\AVG\AVG8\avgemc.exe [2009-02-04 903960]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe [2009-02-04 298264]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-10-31 307200]
R2 ISPMonitorSrv;ISP Monitor; C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe [2008-06-10 36864]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-08-29 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 O&O Defrag;O&O Defrag; C:\Windows\system32\oodag.exe []
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-01-21 66872]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TeamViewer4;TeamViewer 4; C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe [2009-01-19 185640]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32 \TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe []
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 Belkin High-Speed Mode Wireless G USB Network Adapter Service;Belkin High-Speed Mode Wireless G USB Driver; C:\Program Files (x86)\Belkin\F5D7051\WLService.exe []
S2 GatewayAgentService;O&O Gateway Agent Service; C:\Program Files (x86)\OO Software\Shared\GatewayAgent\ooemcgats.exe [2008-10-27 320768]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe [2008-01-21 93696]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-01-21 79360]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-01-29 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-29 655624]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-31 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-11-07 160784]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-02-10 316664]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragS ervice.exe,-1; C:\Windows\System32\TuneUpDefragService.exe []
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []
-----------------EOF-----------------
Black_Bird 21 February 2009, 20:23 Hoi,
Download OTMoveIt3 (http://download.bleepingcomputer.com/oldtimer/OTMoveIt3.exe) (by OldTimer) naar je Bureaublad.
* Dubbelklik op OTMoveIt3.exe om de tool te starten.
* Kopiëer (selecteren en druk Ctrl-C) alle onderstaande, vetgedrukte tekst :
:Processes
explorer.exe
:Services
ara92ywl
:Reg
:Files
C:\Windows\system32\drivers\ara92ywl.sys
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]* Plak de gekopiëerde tekst (druk Ctrl-V) in het "Paste List of Files/Folders to be moved" venster
* Klik op de rode MoveIt! knop
* Kopiëer en plak de inhoud van het rechter resultaat-venster in je volgende antwoord,
(of het logje dat je terugvindt als C:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log).
* Sluit OTMoveIt3
Indien een bestand of map niet onmiddellijk kan verplaatst worden,
kun je gevraagd worden om de PC te herstarten teneinde het verplaatsen te beeïndigen.
Klik dan op Ja/Yes.
Clioke16V 21 February 2009, 21:12 ========== PROCESSES ========== Unable to kill process: explorer.exe ========== SERVICES/DRIVERS ========== Unable to stop service ara92ywl . ========== REGISTRY ========== ========== FILES ========== File/Folder C:\Windows\system32\drivers\ara92ywl.sys not found. ========== COMMANDS ========== File delete failed. C:\Users\CyraXx\AppData\Local\Temp\etilqs_gm8Cqyyc CjdZJKSo4Ww4 scheduled to be deleted on reboot. File delete failed. C:\Users\CyraXx\AppData\Local\Temp\FXSAPIDebugLogF ile.txt scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. Windows Temp folder emptied. File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\XUL.mfl scheduled to be deleted on reboot.
Black_Bird 21 February 2009, 21:16 Hoi,
Herstart je pc, als dit nog niet is gedaan.
Herhaal dan de instructies van OTMoveIt.
Clioke16V 21 February 2009, 21:25 Dit kreeg ik na opstart
========== PROCESSES ==========
Unable to kill process: explorer.exe
========== SERVICES/DRIVERS ==========
Unable to stop service ara92ywl .
========== REGISTRY ==========
========== FILES ==========
File/Folder C:\Windows\system32\drivers\ara92ywl.sys not found.
========== COMMANDS ==========
File delete failed. C:\Users\CyraXx\AppData\Local\Temp\etilqs_gm8Cqyyc CjdZJKSo4Ww4 scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Temp\FXSAPIDebugLogF ile.txt scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02212009_201050
Files moved on Reboot...
File C:\Users\CyraXx\AppData\Local\Temp\etilqs_gm8Cqyyc CjdZJKSo4Ww4 not found!
C:\Users\CyraXx\AppData\Local\Temp\FXSAPIDebugLogF ile.txt moved successfully.
C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_001_ moved successfully.
C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_002_ moved successfully.
C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_003_ moved successfully.
C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\urlclassifier3.sqlite moved successfully.
C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\XUL.mfl moved successfully.
Black_Bird 21 February 2009, 21:27 Oke ziet er goed uit. :)
Hoe staat het met je problemen?
Clioke16V 21 February 2009, 21:44 Nu moet ik doorgaan, morgen hou ik u zeker op de hoogte hoe het loopt.
alvast bedankt voor al de gedaane moeite
Black_Bird 21 February 2009, 21:45 Prima, ik hoor het wel. ;)
Clioke16V 22 February 2009, 22:43 Prima, ik hoor het wel. ;)
zelfde probleem =(
Black_Bird 22 February 2009, 22:47 Hoi,
Post even een nieuwe log van RSIT aub. :)
Y-Ssin 22 February 2009, 23:16 Ik heb ook hetzelfde probleem met een 32-bits vista home premium, maar het probleem is dat ik geen ervaring heb met hijackthis logs, en alles eromheen, is er iemand die me ondanks dit toch wil helpen
Clioke16V 22 February 2009, 23:16 Logfile of random's system information tool 1.05 (written by random/random)
Run by CyraXx at 2009-02-22 22:14:28
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 70 GB (46%) free of 153 GB
Total RAM: 2046 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:14:38, on 22/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Users\CyraXx\Desktop\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\CyraXx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent. exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files (x86)\Belkin\F5D7051\WLService.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: O&O Gateway Agent Service (GatewayAgentService) - O&O Software GmbH - C:\Program Files (x86)\OO Software\Shared\GatewayAgent\ooemcgats.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag - Unknown owner - C:\Windows\system32\oodag.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9330 bytes
======Scheduled tasks folder======
C:\Windows\tasks\1-klik Onderhoud.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG8\avgssie.dll [2009-02-04 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2009-01-21 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-01-21 34816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
"AVG8_TRAY"=C:\PROGRA~2\AVG\AVG8\avgtray.exe [2009-02-04 1601304]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2008-10-07 23552]
"B2C_AGENT"=C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent .exe [2008-06-17 179536]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Users\CyraXx\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2009-02-21 20:10:50 ----D---- C:\_OTMoveIt
2009-02-21 19:00:21 ----D---- C:\rsit
2009-02-21 13:06:43 ----D---- C:\Windows\system32\AGEIA
2009-02-21 13:06:42 ----D---- C:\Program Files (x86)\AGEIA Technologies
2009-02-21 13:06:29 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2009-02-21 13:01:06 ----D---- C:\Program Files (x86)\Trend Micro
2009-02-20 13:28:30 ----A---- C:\Windows\NeroDigital.ini
2009-02-19 21:39:14 ----D---- C:\Users\CyraXx\AppData\Roaming\AccurateRip
2009-02-19 21:39:06 ----A---- C:\Windows\system32\SpoonUninstall.exe
2009-02-19 14:30:09 ----D---- C:\Program Files (x86)\Western Digital Technologies
2009-02-18 21:36:51 ----A---- C:\Windows\system32\gpprefcl.dll
2009-02-18 21:05:13 ----D---- C:\Program Files (x86)\HD Tune
2009-02-18 20:01:38 ----A---- C:\Windows\IFinst27.exe
2009-02-18 15:30:16 ----D---- C:\Users\CyraXx\AppData\Roaming\Thinstall
2009-02-18 15:29:54 ----D---- C:\Windows\system32\IOSUBSYS
2009-02-18 15:29:46 ----D---- C:\Program Files (x86)\Google
2009-02-17 19:13:19 ----D---- C:\Users\CyraXx\AppData\Roaming\IrfanView
2009-02-17 19:13:19 ----D---- C:\Program Files (x86)\IrfanView
2009-02-16 20:35:50 ----D---- C:\Users\CyraXx\AppData\Roaming\VSO
2009-02-16 20:35:33 ----D---- C:\Program Files (x86)\VSO
2009-02-16 15:22:58 ----SD---- C:\Windows\system32\Microsoft
2009-02-16 14:54:33 ----A---- C:\Windows\system32\EncDec.dll
2009-02-16 14:54:31 ----A---- C:\Windows\system32\psisdecd.dll
2009-02-14 12:53:00 ----D---- C:\Sounds
2009-02-14 02:53:22 ----A---- C:\Windows\system32\msxml4a.dll
2009-02-14 02:53:22 ----A---- C:\Windows\system32\lgAxconfig.ini
2009-02-14 02:53:22 ----A---- C:\Windows\system32\CommonDL.dll
2009-02-14 02:53:19 ----D---- C:\ProgramData\LGMOBILEAX
2009-02-13 17:58:47 ----D---- C:\Program Files (x86)\Canon
2009-02-13 16:47:33 ----D---- C:\Program Files (x86)\LG Electronics
2009-02-13 16:45:05 ----D---- C:\Users\CyraXx\AppData\Roaming\LG Electronics
2009-02-11 23:19:54 ----D---- C:\Program Files (x86)\YouTube Downloader
2009-02-11 22:57:47 ----D---- C:\Program Files (x86)\Total Video Converter
2009-02-11 11:39:26 ----D---- C:\Program Files (x86)\F.E.A.R. 2
2009-02-10 22:49:18 ----A---- C:\Windows\system32\mshtml.dll
2009-02-10 22:49:17 ----A---- C:\Windows\system32\urlmon.dll
2009-02-10 22:49:17 ----A---- C:\Windows\system32\ieframe.dll
2009-02-10 22:49:16 ----A---- C:\Windows\system32\wininet.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\mstime.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\iertutil.dll
2009-02-10 00:45:23 ----D---- C:\Program Files (x86)\Common Files\Steam
2009-02-10 00:45:21 ----D---- C:\Program Files (x86)\Steam
2009-02-10 00:45:20 ----D---- C:\Config.Msi
2009-02-07 14:45:12 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.dll
2009-02-06 14:13:04 ----D---- C:\ProgramData\Test Drive Unlimited
2009-02-05 21:50:30 ----A---- C:\Windows\system32\xfcodec.dll
2009-02-04 17:28:09 ----D---- C:\ProgramData\2DBoy
2009-02-03 20:42:16 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-02-03 20:42:16 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2009-02-03 20:01:06 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-02-03 20:01:06 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-02-03 20:01:03 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-02-03 20:01:02 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-02-03 20:01:02 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-02-03 20:01:00 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-02-03 20:01:00 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-02-03 20:00:58 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-02-03 20:00:57 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-02-03 20:00:57 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-02-03 20:00:56 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-02-03 20:00:56 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-02-03 20:00:55 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-02-03 18:33:04 ----D---- C:\Program Files (x86)\Thrustmaster
2009-02-03 18:33:04 ----A---- C:\Windows\system32\tmffbdrv.dll
2009-02-03 18:33:04 ----A---- C:\Windows\system32\tmffbcpl.dll
2009-02-02 17:51:43 ----D---- C:\Users\CyraXx\AppData\Roaming\streamripper
2009-02-02 17:50:24 ----D---- C:\Program Files (x86)\Streamripper
2009-02-02 17:48:49 ----D---- C:\Users\CyraXx\AppData\Roaming\Winamp
2009-02-02 17:48:49 ----D---- C:\Program Files (x86)\Winamp
2009-01-31 18:33:53 ----D---- C:\Users\CyraXx\AppData\Roaming\vlc
2009-01-31 18:32:27 ----D---- C:\Program Files (x86)\VideoLAN
2009-01-29 19:07:14 ----D---- C:\ProgramData\FLEXnet
2009-01-29 18:57:50 ----D---- C:\Windows\system32\spool
2009-01-29 18:57:21 ----D---- C:\Program Files (x86)\Adobe Media Player
2009-01-29 18:56:06 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2009-01-29 18:54:33 ----D---- C:\ProgramData\Adobe
2009-01-29 18:54:10 ----D---- C:\Program Files (x86)\Adobe
2009-01-29 18:53:53 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2009-01-29 18:51:57 ----D---- C:\Program Files (x86)\Common Files\Adobe
2009-01-28 19:35:53 ----D---- C:\Users\CyraXx\AppData\Roaming\Audacity
2009-01-28 15:12:52 ----D---- C:\Users\CyraXx\AppData\Roaming\Xi
2009-01-28 12:51:46 ----D---- C:\temp
2009-01-28 00:10:16 ----HD---- C:\$AVG8.VAULT$
2009-01-27 22:56:01 ----N---- C:\Windows\system32\vxblock.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxwave.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxsfs.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxmas.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxinsa64.exe
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxhpinst.exe
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxdrv.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxcpya64.exe
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxafs.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\px.dll
2009-01-27 22:50:25 ----A---- C:\Windows\system32\BASSMOD.dll
2009-01-27 20:46:07 ----D---- C:\Users\CyraXx\AppData\Roaming\SoundSpectrum
2009-01-26 22:10:03 ----D---- C:\Users\CyraXx\AppData\Roaming\Kingston
2009-01-26 20:19:21 ----D---- C:\Users\CyraXx\AppData\Roaming\dvdcss
2009-01-26 15:17:44 ----RHD---- C:\Users\CyraXx\AppData\Roaming\SecuROM
2009-01-26 15:13:51 ----A---- C:\Windows\system32\CmdLineExt_x64.dll
2009-01-26 15:12:30 ----D---- C:\Windows\system32\xlive
2009-01-26 15:12:30 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2009-01-26 14:51:41 ----D---- C:\Users\CyraXx\AppData\Roaming\Artweaver
2009-01-26 14:37:01 ----AD---- C:\ProgramData\TEMP
2009-01-26 01:52:19 ----D---- C:\Users\CyraXx\AppData\Roaming\DAEMON Tools Pro
2009-01-26 01:52:19 ----D---- C:\Users\CyraXx\AppData\Roaming\DAEMON Tools
2009-01-26 01:51:36 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-01-26 01:51:25 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2009-01-26 01:37:40 ----D---- C:\Program Files (x86)\Medieval Software
2009-01-23 18:49:36 ----D---- C:\Program Files (x86)\MSXML 4.0
======List of files/folders modified in the last 1 months======
2009-02-22 22:14:32 ----D---- C:\Windows\Temp
2009-02-22 21:48:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2009-02-22 21:41:18 ----D---- C:\ProgramData\Xfire
2009-02-21 19:08:29 ----D---- C:\Windows\System32
2009-02-21 19:08:29 ----D---- C:\Windows\inf
2009-02-21 13:25:40 ----A---- C:\Windows\win.ini
2009-02-21 13:08:59 ----D---- C:\Windows
2009-02-21 13:06:49 ----SHD---- C:\Windows\Installer
2009-02-21 13:06:43 ----D---- C:\Windows\SysWOW64
2009-02-21 13:06:42 ----RD---- C:\Program Files (x86)
2009-02-21 13:06:30 ----D---- C:\Windows\Prefetch
2009-02-21 13:06:29 ----D---- C:\Program Files (x86)\Common Files
2009-02-21 11:12:48 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2009-02-20 19:36:10 ----D---- C:\Users\CyraXx\AppData\Roaming\FrostWire
2009-02-20 13:30:37 ----SHD---- C:\System Volume Information
2009-02-19 14:37:46 ----D---- C:\Windows\rescache
2009-02-19 14:30:11 ----SD---- C:\Users\CyraXx\AppData\Roaming\Microsoft
2009-02-18 21:37:13 ----D---- C:\Windows\winsxs
2009-02-18 21:03:14 ----HD---- C:\ProgramData
2009-02-18 21:00:38 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-02-18 20:07:12 ----RD---- C:\Program Files
2009-02-18 15:29:54 ----D---- C:\Windows\system32\drivers
2009-02-18 15:29:22 ----D---- C:\ProgramData\NOS
2009-02-18 15:29:22 ----D---- C:\Program Files (x86)\NOS
2009-02-18 15:22:06 ----D---- C:\Windows\Microsoft.NET
2009-02-18 15:21:48 ----RSD---- C:\Windows\assembly
2009-02-17 21:55:04 ----D---- C:\Windows\ehome
2009-02-17 21:51:12 ----D---- C:\Users\CyraXx\AppData\Roaming\Xfire
2009-02-17 18:05:13 ----D---- C:\Windows\Debug
2009-02-16 19:16:27 ----D---- C:\Users\CyraXx\AppData\Roaming\DoBs
2009-02-16 17:46:25 ----D---- C:\Users\CyraXx\AppData\Roaming\Adobe
2009-02-16 14:51:17 ----D---- C:\Windows\twain_32
2009-02-13 18:06:08 ----RSD---- C:\Windows\Media
2009-02-11 22:57:50 ----RSD---- C:\Windows\Fonts
2009-02-11 11:08:14 ----D---- C:\ProgramData\Microsoft Help
2009-02-11 11:07:04 ----D---- C:\Program Files (x86)\Windows Mail
2009-02-10 11:22:02 ----D---- C:\Program Files (x86)\Xfire
2009-02-09 11:32:44 ----D---- C:\Windows\SoftwareDistribution
2009-02-07 18:55:58 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-02-07 14:16:29 ----A---- C:\Windows\system32\pbsvc.exe
2009-02-07 13:40:25 ----D---- C:\Program Files (x86)\Activision
2009-02-06 13:57:03 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2009-02-03 18:31:32 ----D---- C:\ProgramData\avg8
2009-02-02 21:12:03 ----D---- C:\Users\CyraXx\AppData\Roaming\ISP Monitor
2009-02-02 19:02:52 ----D---- C:\Users\CyraXx\AppData\Roaming\DAEMON Tools Lite
2009-01-28 22:45:22 ----SD---- C:\Windows\Downloaded Program Files
2009-01-28 12:51:51 ----A---- C:\Windows\system32\msvos.dll
2009-01-27 20:40:04 ----D---- C:\Program Files (x86)\Windows Media Player
2009-01-26 19:24:40 ----D---- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx64;AVG Free AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys []
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys []
R1 AvgTdiA;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdia.sys []
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys []
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS []
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys []
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys []
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS []
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS []
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys []
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys []
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys []
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys []
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys []
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys []
R3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys []
R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys []
R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
S2 windrvNT;windrvNT; \??\C:\Windows\system32\windrvNT.sys [2009-01-21 35363]
S3 afq9v5k1;afq9v5k1; C:\Windows\system32\drivers\afq9v5k1.sys []
S3 camfilt2;Hercules Filter Driver; C:\Windows\System32\Drivers\camfilt2.sys [2007-12-10 98304]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS []
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS []
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS []
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\D:\EVEREST Ultimate Edition 4.60.1631\kerneld.amd64 [2008-12-24 24192]
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys []
S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys []
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~2\AVG\AVG8\avgemc.exe [2009-02-04 903960]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe [2009-02-04 298264]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-10-31 307200]
R2 ISPMonitorSrv;ISP Monitor; C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe [2008-06-10 36864]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-08-29 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 O&O Defrag;O&O Defrag; C:\Windows\system32\oodag.exe []
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-01-21 66872]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TeamViewer4;TeamViewer 4; C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe [2009-01-19 185640]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32 \TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe []
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 Belkin High-Speed Mode Wireless G USB Network Adapter Service;Belkin High-Speed Mode Wireless G USB Driver; C:\Program Files (x86)\Belkin\F5D7051\WLService.exe []
S2 GatewayAgentService;O&O Gateway Agent Service; C:\Program Files (x86)\OO Software\Shared\GatewayAgent\ooemcgats.exe [2008-10-27 320768]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe [2008-01-21 93696]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-01-21 79360]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-01-29 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-29 655624]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-31 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-11-07 160784]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-02-10 316664]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragS ervice.exe,-1; C:\Windows\System32\TuneUpDefragService.exe []
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []
-----------------EOF-----------------
Black_Bird 23 February 2009, 12:59 Ik heb ook hetzelfde probleem met een 32-bits vista home premium, maar het probleem is dat ik geen ervaring heb met hijackthis logs, en alles eromheen, is er iemand die me ondanks dit toch wil helpen
Open even een nieuw topic in deze sectie. :)
Bedankt voor de medewerking.
Black_Bird 23 February 2009, 13:12 Clioke16V,
Ga naar Virustotal.com (http://www.virustotal.com)
Upload het volgende bestand door het volgende te kopiëren/plakken (dus niet via "Bladeren..." opzoeken!): C:\Windows\system32\drivers\adfs.sys
Wacht totdat het resultaat verschijnt. Post dit mee in je volgende reactie. :)
Doe dit ook voor het volgende bestand: C:\Windows\system32\drivers\afq9v5k1.sys
Clioke16V 23 February 2009, 13:50 foutje gedaan dubbelpost
Clioke16V 23 February 2009, 13:52 Dit bestand is reeds gescanned:
MD5: 6d7f09cd92a9fef3a8efce66231fdd79 First received: - Datum: 2009.02.11 22:25:31 (CET) [>11D] Resultaat: 0/39 Permalink: analisis/980184398c697e4aadc33919842c5d94 (http://www.virustotal.com/nl/analisis/980184398c697e4aadc33919842c5d94)
Bij het andere bestand zegt hij niet gevonden, als ik op locatie ga kijken staat er idd ook niks van vermeld.
Black_Bird 23 February 2009, 14:08 Hoi,
* Klik met je rechtermuisknop op OTMoveIt3.exe en kies voor Run as Administrator (Nederlands: Uitvoeren als Administrator) om de tool te starten.
* Kopiëer (selecteren en druk Ctrl-C) alle onderstaande, vetgedrukte tekst :
:Processes
explorer.exe
:Services
afq9v5k1
:Reg
:Files
C:\Windows\system32\drivers\afq9v5k1.sys
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]* Plak de gekopiëerde tekst (druk Ctrl-V) in het "Paste List of Files/Folders to be moved" venster
* Klik op de rode MoveIt! knop
* Kopiëer en plak de inhoud van het rechter resultaat-venster in je volgende antwoord,
(of het logje dat je terugvindt als C:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log).
* Sluit OTMoveIt3
Indien een bestand of map niet onmiddellijk kan verplaatst worden,
kun je gevraagd worden om de PC te herstarten teneinde het verplaatsen te beeïndigen.
Klik dan op Ja/Yes.
Clioke16V 23 February 2009, 14:17 ========== PROCESSES ==========
Unable to kill process: explorer.exe
========== SERVICES/DRIVERS ==========
Unable to stop service afq9v5k1 .
========== REGISTRY ==========
========== FILES ==========
File/Folder C:\Windows\system32\drivers\afq9v5k1.sys not found.
========== COMMANDS ==========
File delete failed. C:\Users\CyraXx\AppData\Local\Temp\etilqs_WwGmS7af 5G8IaNbBjDlq scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Temp\FXSAPIDebugLogF ile.txt scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\CyraXx\AppData\Local\Mozilla\Firefox\Prof iles\yndk16an.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02232009_131555
( moet nu wel gaan werken, kan pas deze avond terug antwoorden > had net nog een vastloper btw :( )
toch al bedankt voor al uw gedane moeite tot nu toe.
Black_Bird 23 February 2009, 14:18 Hoi,
Herstart de pc even, en post dan een nieuwe log van RSIT. :)
Clioke16V 23 February 2009, 23:54 Logfile of random's system information tool 1.05 (written by random/random)
Run by CyraXx at 2009-02-23 22:53:34
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 82 GB (54%) free of 153 GB
Total RAM: 2046 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:53:43, on 23/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\CyraXx\Desktop\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\CyraXx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent. exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files (x86)\Belkin\F5D7051\WLService.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: O&O Gateway Agent Service (GatewayAgentService) - O&O Software GmbH - C:\Program Files (x86)\OO Software\Shared\GatewayAgent\ooemcgats.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag - Unknown owner - C:\Windows\system32\oodag.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9060 bytes
======Scheduled tasks folder======
C:\Windows\tasks\1-klik Onderhoud.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG8\avgssie.dll [2009-02-04 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2009-01-21 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-01-21 34816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
"AVG8_TRAY"=C:\PROGRA~2\AVG\AVG8\avgtray.exe [2009-02-04 1601304]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2008-10-07 23552]
"B2C_AGENT"=C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent .exe [2008-06-17 179536]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Users\CyraXx\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2009-02-22 23:38:13 ----A---- C:\Users\CyraXx\AppData\Roaming\inst.exe
2009-02-22 23:38:06 ----D---- C:\Program Files (x86)\DVDFab 5
2009-02-21 20:10:50 ----D---- C:\_OTMoveIt
2009-02-21 19:00:21 ----D---- C:\rsit
2009-02-21 13:06:43 ----D---- C:\Windows\system32\AGEIA
2009-02-21 13:06:42 ----D---- C:\Program Files (x86)\AGEIA Technologies
2009-02-21 13:06:29 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2009-02-21 13:01:06 ----D---- C:\Program Files (x86)\Trend Micro
2009-02-20 13:28:30 ----A---- C:\Windows\NeroDigital.ini
2009-02-19 21:39:14 ----D---- C:\Users\CyraXx\AppData\Roaming\AccurateRip
2009-02-19 21:39:06 ----A---- C:\Windows\system32\SpoonUninstall.exe
2009-02-19 14:30:09 ----D---- C:\Program Files (x86)\Western Digital Technologies
2009-02-18 21:36:51 ----A---- C:\Windows\system32\gpprefcl.dll
2009-02-18 21:05:13 ----D---- C:\Program Files (x86)\HD Tune
2009-02-18 20:01:38 ----A---- C:\Windows\IFinst27.exe
2009-02-18 15:30:16 ----D---- C:\Users\CyraXx\AppData\Roaming\Thinstall
2009-02-18 15:29:54 ----D---- C:\Windows\system32\IOSUBSYS
2009-02-18 15:29:46 ----D---- C:\Program Files (x86)\Google
2009-02-17 19:13:19 ----D---- C:\Users\CyraXx\AppData\Roaming\IrfanView
2009-02-17 19:13:19 ----D---- C:\Program Files (x86)\IrfanView
2009-02-16 20:35:50 ----D---- C:\Users\CyraXx\AppData\Roaming\VSO
2009-02-16 20:35:33 ----D---- C:\Program Files (x86)\VSO
2009-02-16 15:22:58 ----SD---- C:\Windows\system32\Microsoft
2009-02-16 14:54:33 ----A---- C:\Windows\system32\EncDec.dll
2009-02-16 14:54:31 ----A---- C:\Windows\system32\psisdecd.dll
2009-02-14 12:53:00 ----D---- C:\Sounds
2009-02-14 02:53:22 ----A---- C:\Windows\system32\msxml4a.dll
2009-02-14 02:53:22 ----A---- C:\Windows\system32\lgAxconfig.ini
2009-02-14 02:53:22 ----A---- C:\Windows\system32\CommonDL.dll
2009-02-14 02:53:19 ----D---- C:\ProgramData\LGMOBILEAX
2009-02-13 17:58:47 ----D---- C:\Program Files (x86)\Canon
2009-02-13 16:47:33 ----D---- C:\Program Files (x86)\LG Electronics
2009-02-13 16:45:05 ----D---- C:\Users\CyraXx\AppData\Roaming\LG Electronics
2009-02-11 23:19:54 ----D---- C:\Program Files (x86)\YouTube Downloader
2009-02-11 22:57:47 ----D---- C:\Program Files (x86)\Total Video Converter
2009-02-11 11:39:26 ----D---- C:\Program Files (x86)\F.E.A.R. 2
2009-02-10 22:49:18 ----A---- C:\Windows\system32\mshtml.dll
2009-02-10 22:49:17 ----A---- C:\Windows\system32\urlmon.dll
2009-02-10 22:49:17 ----A---- C:\Windows\system32\ieframe.dll
2009-02-10 22:49:16 ----A---- C:\Windows\system32\wininet.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\mstime.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-10 22:49:15 ----A---- C:\Windows\system32\iertutil.dll
2009-02-10 00:45:23 ----D---- C:\Program Files (x86)\Common Files\Steam
2009-02-10 00:45:21 ----D---- C:\Program Files (x86)\Steam
2009-02-10 00:45:20 ----D---- C:\Config.Msi
2009-02-07 14:45:12 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.dll
2009-02-06 14:13:04 ----D---- C:\ProgramData\Test Drive Unlimited
2009-02-05 21:50:30 ----A---- C:\Windows\system32\xfcodec.dll
2009-02-04 17:28:09 ----D---- C:\ProgramData\2DBoy
2009-02-03 20:42:16 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-02-03 20:42:16 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2009-02-03 20:01:06 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-02-03 20:01:06 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-02-03 20:01:03 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-02-03 20:01:02 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-02-03 20:01:02 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-02-03 20:01:00 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-02-03 20:01:00 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-02-03 20:00:58 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-02-03 20:00:57 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-02-03 20:00:57 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-02-03 20:00:56 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-02-03 20:00:56 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-02-03 20:00:55 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-02-03 18:33:04 ----D---- C:\Program Files (x86)\Thrustmaster
2009-02-03 18:33:04 ----A---- C:\Windows\system32\tmffbdrv.dll
2009-02-03 18:33:04 ----A---- C:\Windows\system32\tmffbcpl.dll
2009-02-02 17:51:43 ----D---- C:\Users\CyraXx\AppData\Roaming\streamripper
2009-02-02 17:50:24 ----D---- C:\Program Files (x86)\Streamripper
2009-02-02 17:48:49 ----D---- C:\Users\CyraXx\AppData\Roaming\Winamp
2009-02-02 17:48:49 ----D---- C:\Program Files (x86)\Winamp
2009-01-31 18:33:53 ----D---- C:\Users\CyraXx\AppData\Roaming\vlc
2009-01-31 18:32:27 ----D---- C:\Program Files (x86)\VideoLAN
2009-01-29 19:07:14 ----D---- C:\ProgramData\FLEXnet
2009-01-29 18:57:50 ----D---- C:\Windows\system32\spool
2009-01-29 18:57:21 ----D---- C:\Program Files (x86)\Adobe Media Player
2009-01-29 18:56:06 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2009-01-29 18:54:33 ----D---- C:\ProgramData\Adobe
2009-01-29 18:54:10 ----D---- C:\Program Files (x86)\Adobe
2009-01-29 18:53:53 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2009-01-29 18:51:57 ----D---- C:\Program Files (x86)\Common Files\Adobe
2009-01-28 19:35:53 ----D---- C:\Users\CyraXx\AppData\Roaming\Audacity
2009-01-28 15:12:52 ----D---- C:\Users\CyraXx\AppData\Roaming\Xi
2009-01-28 12:51:46 ----D---- C:\temp
2009-01-28 00:10:16 ----HD---- C:\$AVG8.VAULT$
2009-01-27 22:56:01 ----N---- C:\Windows\system32\vxblock.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxwave.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxsfs.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxmas.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxinsa64.exe
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxhpinst.exe
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxdrv.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxcpya64.exe
2009-01-27 22:56:01 ----N---- C:\Windows\system32\pxafs.dll
2009-01-27 22:56:01 ----N---- C:\Windows\system32\px.dll
2009-01-27 22:50:25 ----A---- C:\Windows\system32\BASSMOD.dll
2009-01-27 20:46:07 ----D---- C:\Users\CyraXx\AppData\Roaming\SoundSpectrum
2009-01-26 22:10:03 ----D---- C:\Users\CyraXx\AppData\Roaming\Kingston
2009-01-26 20:19:21 ----D---- C:\Users\CyraXx\AppData\Roaming\dvdcss
2009-01-26 15:17:44 ----RHD---- C:\Users\CyraXx\AppData\Roaming\SecuROM
2009-01-26 15:13:51 ----A---- C:\Windows\system32\CmdLineExt_x64.dll
2009-01-26 15:12:30 ----D---- C:\Windows\system32\xlive
2009-01-26 15:12:30 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2009-01-26 14:51:41 ----D---- C:\Users\CyraXx\AppData\Roaming\Artweaver
2009-01-26 14:37:01 ----AD---- C:\ProgramData\TEMP
2009-01-26 01:52:19 ----D---- C:\Users\CyraXx\AppData\Roaming\DAEMON Tools Pro
2009-01-26 01:52:19 ----D---- C:\Users\CyraXx\AppData\Roaming\DAEMON Tools
2009-01-26 01:51:36 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-01-26 01:51:25 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2009-01-26 01:37:40 ----D---- C:\Program Files (x86)\Medieval Software
======List of files/folders modified in the last 1 months======
2009-02-23 22:53:43 ----D---- C:\Windows\Prefetch
2009-02-23 22:53:38 ----D---- C:\Windows\Temp
2009-02-23 22:52:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2009-02-23 13:17:53 ----A---- C:\Windows\win.ini
2009-02-23 13:09:50 ----D---- C:\Users\CyraXx\AppData\Roaming\Xfire
2009-02-23 13:07:45 ----D---- C:\Users\CyraXx\AppData\Roaming\FrostWire
2009-02-23 00:35:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-02-23 00:35:28 ----SHD---- C:\System Volume Information
2009-02-23 00:34:54 ----RD---- C:\Program Files (x86)
2009-02-23 00:34:54 ----D---- C:\Windows\SysWOW64
2009-02-22 23:50:24 ----D---- C:\Windows\System32
2009-02-22 23:50:24 ----D---- C:\Windows\inf
2009-02-22 23:48:50 ----D---- C:\Windows
2009-02-22 21:41:18 ----D---- C:\ProgramData\Xfire
2009-02-21 13:06:49 ----SHD---- C:\Windows\Installer
2009-02-21 13:06:29 ----D---- C:\Program Files (x86)\Common Files
2009-02-21 11:12:48 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2009-02-19 14:37:46 ----D---- C:\Windows\rescache
2009-02-19 14:30:11 ----SD---- C:\Users\CyraXx\AppData\Roaming\Microsoft
2009-02-18 21:37:13 ----D---- C:\Windows\winsxs
2009-02-18 21:03:14 ----HD---- C:\ProgramData
2009-02-18 20:07:12 ----RD---- C:\Program Files
2009-02-18 15:29:54 ----D---- C:\Windows\system32\drivers
2009-02-18 15:29:22 ----D---- C:\ProgramData\NOS
2009-02-18 15:29:22 ----D---- C:\Program Files (x86)\NOS
2009-02-18 15:22:06 ----D---- C:\Windows\Microsoft.NET
2009-02-18 15:21:48 ----RSD---- C:\Windows\assembly
2009-02-17 21:55:04 ----D---- C:\Windows\ehome
2009-02-17 18:05:13 ----D---- C:\Windows\Debug
2009-02-16 19:16:27 ----D---- C:\Users\CyraXx\AppData\Roaming\DoBs
2009-02-16 17:46:25 ----D---- C:\Users\CyraXx\AppData\Roaming\Adobe
2009-02-16 14:51:17 ----D---- C:\Windows\twain_32
2009-02-13 18:06:08 ----RSD---- C:\Windows\Media
2009-02-11 22:57:50 ----RSD---- C:\Windows\Fonts
2009-02-11 11:08:14 ----D---- C:\ProgramData\Microsoft Help
2009-02-11 11:07:04 ----D---- C:\Program Files (x86)\Windows Mail
2009-02-10 11:22:02 ----D---- C:\Program Files (x86)\Xfire
2009-02-09 11:32:44 ----D---- C:\Windows\SoftwareDistribution
2009-02-07 18:55:58 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-02-07 14:16:29 ----A---- C:\Windows\system32\pbsvc.exe
2009-02-07 13:40:25 ----D---- C:\Program Files (x86)\Activision
2009-02-06 13:57:03 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2009-02-03 18:31:32 ----D---- C:\ProgramData\avg8
2009-02-02 21:12:03 ----D---- C:\Users\CyraXx\AppData\Roaming\ISP Monitor
2009-02-02 19:02:52 ----D---- C:\Users\CyraXx\AppData\Roaming\DAEMON Tools Lite
2009-01-28 22:45:22 ----SD---- C:\Windows\Downloaded Program Files
2009-01-28 12:51:51 ----A---- C:\Windows\system32\msvos.dll
2009-01-27 20:40:04 ----D---- C:\Program Files (x86)\Windows Media Player
2009-01-26 19:24:40 ----D---- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx64;AVG Free AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys []
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys []
R1 AvgTdiA;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdia.sys []
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys []
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS []
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys []
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys []
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS []
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS []
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys []
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys []
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys []
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys []
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys []
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys []
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys []
R3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys []
R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys []
R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
S2 windrvNT;windrvNT; \??\C:\Windows\system32\windrvNT.sys [2009-01-21 35363]
S3 a8jg5x3j;a8jg5x3j; C:\Windows\system32\drivers\a8jg5x3j.sys []
S3 camfilt2;Hercules Filter Driver; C:\Windows\System32\Drivers\camfilt2.sys [2007-12-10 98304]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS []
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS []
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS []
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Users\CyraXx\AppData\Local\Temp\EverestDriv er.sys []
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys []
S3 scsiprnt;Microsoft SCSI/1394-algemene printerklasse; C:\Windows\system32\DRIVERS\scsiprnt.sys []
S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys []
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~2\AVG\AVG8\avgemc.exe [2009-02-04 903960]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe [2009-02-04 298264]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-10-31 307200]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-08-29 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 O&O Defrag;O&O Defrag; C:\Windows\system32\oodag.exe []
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-01-21 66872]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TeamViewer4;TeamViewer 4; C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe [2009-01-19 185640]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32 \TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe []
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 Belkin High-Speed Mode Wireless G USB Network Adapter Service;Belkin High-Speed Mode Wireless G USB Driver; C:\Program Files (x86)\Belkin\F5D7051\WLService.exe []
S2 GatewayAgentService;O&O Gateway Agent Service; C:\Program Files (x86)\OO Software\Shared\GatewayAgent\ooemcgats.exe [2008-10-27 320768]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe [2008-01-21 93696]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-01-21 79360]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-01-29 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-29 655624]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-31 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-11-07 160784]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-02-10 316664]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragS ervice.exe,-1; C:\Windows\System32\TuneUpDefragService.exe []
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []
-----------------EOF-----------------
Black_Bird 24 February 2009, 11:06 Hoi,
Hoe staat het met de problemen? :)
Clioke16V 24 February 2009, 12:54 Hoi,
Hoe staat het met de problemen? :)
Gisteren sloeg hij nog vast. :(
Black_Bird 24 February 2009, 12:57 Hoi,
Het lijkt mij niet aan malware te liggen.
Laten we eerst even wat aan de preventie doen, ter voorkoming van nieuwe malware. Daarna zullen we even verder kijken wat we nog kunnen doen. :)
Doe het volgende:
1. Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
Kijk hier hoe je je systeemherstel moet uitschakelen. (http://users.pandora.be/marcvn/spyware/1852808.htm)
Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.
2. Download OTCleanIt (http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe) (by OldTimer)
Plaats het bestand op je bureaublad.
Zorg dat er een internetverbinding is.
Klik vervolgens met je rechtermuisknop op OTCleanIt.exe en kies voor Run as Administrator (Nederlands: Uitvoeren als Administrator) om het programma te starten.
Klik nu op de knop "CleanUp!"
Als je firewall, of een ander beveiligingsprogramma, een waarschuwing geeft dat OTCleanIt.exe internettoegang wil, mag je dit toestaan, het programma heeft die connectie nodig.
OTCleanIt zal als laatste vragen of je de computer herstarten wilt, dit mag je toestaan, hiermee verwijdert het zichzelf ook.
Nota: Het gebruik van OTCleanIt zal alle gebruikte tools(inclusief bijbehorende logs en backupmappen) van je computer doen verwijderen.
3. Je mag ook alle losse bestanden die we hebben gebruikt verwijderen. Laat Hijackthis nog even staan.
4. Ga naar de Windows update site (http://windowsupdate.microsoft.com/) en haal alle updates op, dit ter bescherming van je pc.
5. Maak nu een nieuwe HijackThislog en post deze in je volgende bericht.
Clioke16V 24 February 2009, 13:29 Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:28:17, on 24/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent. exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files (x86)\Belkin\F5D7051\WLService.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: O&O Gateway Agent Service (GatewayAgentService) - O&O Software GmbH - C:\Program Files (x86)\OO Software\Shared\GatewayAgent\ooemcgats.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag - Unknown owner - C:\Windows\system32\oodag.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9146 bytes
ps sloeg net weeral vast ( explorer.... )
Black_Bird 24 February 2009, 15:14 Hoi,
Het lijkt mij niet aan malware te liggen.
Ik wil je aanraden je vraag hier eens te stellen: http://www.minatica.be/forumdisplay.php?f=189
Geef daar eventueel een linkje naar dit topic.
meld je even terug als je dat gedaan hebt. :)
Clioke16V 25 February 2009, 00:05 Hoi,
Het lijkt mij niet aan malware te liggen.
Ik wil je aanraden je vraag hier eens te stellen: http://www.minatica.be/forumdisplay.php?f=189
Geef daar eventueel een linkje naar dit topic.
meld je even terug als je dat gedaan hebt. :)
Ga nu eerst eens nieuwe chipset drivers proberen te installeren etc.
Als dit alles tegen donderdag nog niks uithaalt is het format.
Alvast bedankt voor al de moeite, hou u op de hoogte.
Black_Bird 25 February 2009, 11:50 Hoi,
Prima. Ik hoor het wel. ;)
Clioke16V 25 February 2009, 13:28 Hoi,
Prima. Ik hoor het wel. ;)
mss kom je hier ergens mee ?
ik kan er eigenlijk weinig over vinden. of ik zoek verkeerd.
Beschrijving
Een probleem heeft ervoor gezorgd dat dit programma niet meer met Windows communiceert.
Probleem met handtekening
Naam van probleemgebeurtenis: AppHangB1
Naam van de toepassing: Explorer.EXE
Toepassingsversie: 6.0.6001.18164
Tijdstempel van toepassing: 4907e791
Handtekening van vastlopen: da57
Type vastlopen: 513
Versie van besturingssysteem: 6.0.6001.2.1.0.256.1
Landinstelling-id: 2067
Aanvullende handtekening 1: 7e043e6dae2688b0a23dc482baf460e3
Aanvullende handtekening 2: aa14
Aanvullende handtekening 3: c7828c84a01618c8d5357a75d57623fa
Aanvullende handtekening 4: 0ca8
Aanvullende handtekening 5: 126749e79b509a6b70543c57129e088e
Aanvullende handtekening 6: 8106
Aanvullende handtekening 7: a5e30242a0404f69fd76c0e06acd9ed5
Extra informatie over het probleem
Bucket-id: 405826284
Black_Bird 25 February 2009, 14:37 Hoi,
Nee, ik kan je hiermee niet helpen. Dit houdt echter niet in dat er geen anderen zijn die je kunnen helpen.
Post daarom je vraag in de sectie warvan ik de link eerder gaf. Laat het even weten als je dat gedaan hebt, dan sluit ik hier het topic. :)
Succes.
Clioke16V 26 February 2009, 22:55 Sluit maar hoor, heb format gedaan.
bedankt voor al de hulp die je toch geboden hebt.
spijtig dat het niet anders kon.
Black_Bird 27 February 2009, 18:20 Spijtig ja... Uiteraard graag gedaan. :)
Omdat je vraag is opgelost sluit ik dit topic.
Je kunt dan niet meer reageren in dit topic. Wil je je topic heropend hebben, stuur mij of een van de andere Moderators een privébericht, met daarin de aanvraag tot de heropening van je topic.
Alle anderen kunnen hun eigen topic openen.
|
|