• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

Help-bij-logje

Status
Niet open voor verdere reacties.

Pablo2k1

Junior lid
Lid geworden
9 nov 2010
Berichten
67
Waarderingsscore
0
Hallo,

Ik zal proberen dit zo concreet mogelijk te maken. Ik heb n Toshiba Satellite P300-13M, Vista, 32 bit. Sinds een dag of 3 crasht MSN vrijwel meteen nadat ik ben ingelogd. Als ik e-buddy gebruik komen berichten vaak een paar minuten later aan en met Trillian krijg ik soms berichten helemaal niet. Tevens crasht mijn Bodog Poker en LuckyAcePoker software vrijwel direct na opstarten. Ik heb alles al opnieuw geinstalleerd (inclusief meerdere versies van MSN Messenger), heb Kasperky gedraaid en heb Anti-Malware gedraaid maar zonder resultaat.

HijackThis geeft het volgende:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:29:51, on 9-11-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Freecom\Freecom Internet Phone\Freecom Internet Phone.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Thuishelp\Zesko\Thuishelp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Roxio\Easy Media Creator 8\Creator Classic\Creator8.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=w....aspx&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Freecom] "C:\Program Files\Freecom\Freecom Internet Phone\Freecom Internet Phone.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Zesko_McciTrayApp] C:\Program Files\Thuishelp\Zesko\Thuishelp.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pablo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [UniblueRegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3173371087-2009597984-3177318452-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres')
O4 - S-1-5-21-3173371087-2009597984-3177318452-1002 User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'postgres')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Virtueel toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4 (file missing)
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Programs\EmpirePokerMaster\EmpirePoker\RunEPoker.exe
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Programs\EmpirePokerMaster\EmpirePoker\RunEPoker.exe
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/...k-21&site=home (file missing)
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Internetadressen c&ontrole - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe
O9 - Extra button: Cool Hand Poker - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\coolhandMPP\MPPoker.exe (HKCU)
O9 - Extra button: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (HKCU)
O9 - Extra 'Tools' menuitem: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (HKCU)
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CarbonPoker\CarbonPoker.lnk (HKCU)
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.adobe.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Update Service (gupdate1c9a02555337583) (gupdate1c9a02555337583) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Kan iemand aub helpen? Het is enorm frustrerend dat programma's crashen zonder duidelijke foutmelding.

Bedankt!!

Paul
 
Hoi Paul, welkom.

Doe als eerste dit:

Deaktiveer TeaTimer en SDHelper van Spybot tijdens de fix want deze onderdelen kunnen veranderingen ongedaan maken.
  • Start Spybot S&D
  • Ga naar het Mode menu en selecteer "Advanced Mode"
  • In de linker kolom kies "Tools" (of gereedschap ) en klik op > Resident
  • Uitvinken "Resident TeaTimer en SDHelper" en sluit Spybot S&D.

  • Omdat Teatimer aktief was, doe vervolgens ook nog dit[/b]:
    Download naar je bureaublad: ResetTeaTimer.exe (klik)
    • Klik/dubbelklik op ResetTeaTimer.exe
    • Hierdoor zullen de via Teatimer toegestane- of geblokkeerde items weer gereset worden naar de oorspronkelijke settings.
    • Start de computer hierna opnieuw op.


    Herstart MBAM.
    • Klik eerst op de tab 'Update'.
    • Klik vervolgens op de knop 'Controleer op updates'.
    • Indien een nieuwe versie van MBAM wordt aangeboden - ga hiermee akkoord.
    • Nadat MBAM vernieuwd is eerst weer de updatecyclus opstarten.
    • Daarna kies je voor 'Snelle Scan'
    • Indien de scan voltooid is, klik dan op de knop 'OK'.
    • Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.
    • Zorg ervoor, dat alles aangevinkt is.
    • Vervolgens klik je op: 'Verwijder geselecteerde'.
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    • Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door op de tab 'Logs' te klikken in 'MBAM'.
    • Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    • Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.
    Tevens een Uninstall-lijst posten:
    • start HijackThis,
    • klik op de knop Open the Misc Tools section,
    • klik op de knop Open Uninstall Manager,
    • Klik op de knop Save.
 
Bedankt voor je reactie. Ik heb precies de stappen gevolgd. MBAM heeft niks gevonden... Hier het uninstall lijstje van HJT. (IE geeft nu trouwens ook de "has stopped working" foutmelding.

888poker
abgx360 v0.9.4
ActionPoker.com
Ad-Aware
Ad-Aware
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Media Player
Adobe Reader 9.3 - Nederlands
Adobe Shockwave Player 11
Amsterdam Poker
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Betfair Poker
BitLord 1.1
Bluetooth Stack for Windows by Toshiba
Bodog Poker
Bonjour
bwin Poker (remove only)
Cake Poker
Cake Poker 2.0
Camera Assistant Software for Toshiba
Catalyst Control Center - Branding
CCleaner
CD/DVD Drive Acoustic Silencer
Celeb Poker
Cheetah IPod Video Converter
CloneCD
Conexant HD Audio
Configuratiescherm MobileMe
Cool Hand Poker
D3DX10
Data Lifeguard Diagnostic for Windows 1.22
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DriverAgent by eSupport.com
DVD MovieFactory for TOSHIBA
EmpirePoker
Eusing Free Registry Cleaner
Everest Poker (Remove Only)
Freecom Internet Phone V1.3.2.9
Full Tilt Poker
GoldWave v5.25
Google Chrome
Google Earth
Google Talk Plugin
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
HDMI Control Manager
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel Matrix Storage Manager
iTunes
Java(TM) 6 Update 20
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) 6 Update 7
Junk Mail filter update
Kaspersky Anti-Virus 2010
Kaspersky Anti-Virus 2010
LuckyAcePoker.com
Malwarebytes' Anti-Malware
Marvell Miniport Driver
Mermaid Poker
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Antimalware Service NL-NL Language Pack
Microsoft Office 2000 Premium
Microsoft Search Enhancement Pack
Microsoft Security Essentials
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.12)
MSVCRT
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
myphotobook 3.5
NetWaiting
NXPowerLite
O2Micro Flash Memory Card Reader Driver (x86)
Pacific Poker
Panda ActiveScan 2.0
ParadisePoker
PartyPoker
PKR
Poker at bet365
Pokerhuis
PokerRoom.com (remove only)
PokerStars
PokerTime
PokerTracker 3 (remove only)
PostgreSQL 8.3
QuickTime
RegTweaker version 3.2.1
Roxio Easy Media Creator 8 Suite
SAMSUNG Mobile USB Modem 1.0 Software
Samsung PC Studio
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Segoe UI
SendSpace Wizard
Skype™ 4.2
SopCast 3.2.4
SoulSeek 157 NS 13c
SpeedFan (remove only)
Spelling Dictionaries Support For Adobe Reader 8
Spybot - Search & Destroy
Synaptics Pointing Device Driver
Tony G Poker
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA Manuals
Toshiba Online Product Information
TOSHIBA Recovery Disc Creator
TOSHIBA SD Memory Utilities
TOSHIBA Supervisor Password
Toshiba TEMPRO
TOSHIBA Value Added Package
TRDCReminder
Trillian
TRORDCLauncher
TVAnts 1.0
Unibet Poker
Uniblue DriverScanner 2009
Uniblue DriverScanner 2009
Uniblue RegistryBooster 2009
Uniblue RegistryBooster 2009
Uniblue SpeedUpMyPC 2009
Uniblue SpeedUpMyPC 2009
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VC80CRTRedist - 8.0.50727.4053
Veetle TV 0.9.18
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.4
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mail
Windows Live Mesh
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
WinRAR archiver
WinZip 14.0
Ziggo Thuishelp

Wat nu? Problemen zijn nog altijd hetzelfde...
 
Hmmm, ik heb nog nooit een softwarelijst gezien, die zo vol staat met "pokerrotzooi".

En ik vermoed dat daardoor ook de problemen in jouw Windows zijn ontstaan.

In ieder geval dien je als eerst de veiligheid op te schroeven van jouw Windows door overbodige en oude Java's te gaan verwijderen!

Dat betreft dus:

Java(TM) 6 Update 20
Java(TM) 6 Update 3
Java(TM) 6 Update 7

De nieuwste versie heb je al (Java(TM) 6 Update 22).
Herstart je PC na de denstallatie van de oude Java's!


Download ComboFix van n van deze locaties:


Bleepingcomputer

ForoSpyware


Ook belangrijk: hoe Combofix goed te gebruiken? (KLIK)

Hier vindt je gegevens hoe antivirus te deaktiveren http://www.bleepingcomputer.com/forums/topic114351.html

  • Om Combofix te kunnen gebruiken geldt het volgende:
  • Vista- en Windows 7 gebruikers starten Combofix op met Administratorrechten!
  • En vergeet ook niet Windows Defender tijdelijk uit te schakelen: zie daarvoor http://windowshelp.microsoft.com/Windows/nl-NL/help/31d797aa-091d-4d67-a556-dbfaf21bf0dc1043.mspx
  • Beland Combofix in de downloadmap van Windows Vista/Windows 7, verplaats het bestand daarna naar het bureaublad!
  • Er mogen geen webbrowsers openstaan
  • Antivirus moet geheel gedeaktiveerd zijn
  • Actieve mal- en spywarescanners moeten gedeaktiveerd zijn
  • Niet in het actieve Combofixvnster klikken dit zal Combofix doen bevriezen!
  • Combofix sluit de internet verbinding probeer deze tussentijds niet te herstellen!
  • Post aansluitend het Combofix log via DDRMMR's kleurcodeerder.
 
Ik heb gedaan wat je zei, maar kan het logje niet posten omdat het teveel tekens bevat...
 
Haha ja ik dacht daar weer niet aan... Komt ie:

[hjt]
combofix 10-11-09.03 - pablo 10-11-2010 17:26:16.1.2 - x86
gestart vanuit: c:\users\pablo\desktop\combofix.exe
.
(((((((((((((((((((((((((((((((((( andere verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
e:\install.exe
.
(((((((((((((((((((( bestanden gemaakt van 2010-10-10 to 2010-11-10 ))))))))))))))))))))))))))))))
.
2010-11-10 14:01 . 2010-11-10 14:01 -------- d-----w- c:\program files\ccleaner
2010-11-10 02:31 . 2010-09-23 07:46 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-11-10 02:16 . 2010-11-10 02:25 -------- d-----w- c:\programdata\driverscanner
2010-11-10 02:15 . 2010-11-10 02:17 -------- dc-h--w- c:\programdata\{d5abffad-d592-4f98-b02b-587125b4801f}
2010-11-10 02:14 . 2010-11-10 02:14 -------- dc-h--w- c:\programdata\{51019853-129c-4ede-9030-d5fd7bbd9ad0}
2010-11-10 02:07 . 2010-11-10 02:16 -------- d-----w- c:\users\pablo\appdata\roaming\uniblue
2010-11-10 02:07 . 2010-11-10 02:16 -------- d-----w- c:\program files\uniblue
2010-11-10 02:06 . 2010-11-10 02:07 -------- dc-h--w- c:\programdata\{b46e1ef5-0b37-4db4-a4e2-9f2b41036185}
2010-11-09 22:38 . 2010-09-23 07:46 64288 ----a-w- c:\windows\system32\drivers\lbd.sys
2010-11-09 22:35 . 2010-11-09 22:35 -------- d-----w- c:\users\pablo\appdata\local\sunbelt software
2010-11-09 22:34 . 2010-11-09 22:34 -------- dc-h--w- c:\programdata\{e961ce1b-c3ea-4882-9f67-f859b555d097}
2010-11-09 16:27 . 2010-10-07 15:21 6146896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2010-11-09 16:27 . 2010-10-07 15:21 6146896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{64f030c3-a6b7-4f3b-91d9-9d045b60fbf1}\mpengine.dll
2010-11-09 13:41 . 2010-11-09 13:41 -------- d-----w- c:\program files\regtweaker
2010-11-09 12:52 . 2010-11-09 13:15 -------- d-----w- c:\users\pablo\appdata\local\yahoo
2010-11-09 12:43 . 2010-11-09 12:52 -------- d-----w- c:\users\pablo\appdata\roaming\yahoo!
2010-11-09 12:41 . 2010-11-09 13:15 -------- d-----w- c:\programdata\yahoo!
2010-11-09 12:30 . 2010-11-09 12:30 -------- d-----w- c:\windows\en
2010-11-09 12:29 . 2010-09-22 23:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-11-09 12:17 . 2010-11-09 12:17 469256 ----a-w- c:\program files\common files\windows live\.cache\1c280f6e1cb800803\installmanager_wle_wle.exe
2010-11-09 03:08 . 2010-11-09 03:08 -------- d-----w- c:\program files\microsoft sql server compact edition
2010-11-09 02:39 . 2010-11-09 02:39 -------- d-----w- c:\users\pablo\appdata\roaming\malwarebytes
2010-11-09 02:39 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-09 02:39 . 2010-11-09 02:39 -------- d-----w- c:\programdata\malwarebytes
2010-11-09 02:39 . 2010-11-09 02:39 -------- d-----w- c:\program files\malwarebytes' anti-malware
2010-11-09 02:39 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-09 01:19 . 2010-11-09 01:19 -------- d-----w- c:\users\pablo\appdata\local\packageaware
2010-11-08 14:40 . 2010-11-08 14:41 -------- d-----w- c:\program files\microsoft security essentials
2010-11-08 13:50 . 2010-11-09 22:45 -------- d-----w- c:\program files\everest poker
2010-11-08 13:45 . 2009-06-30 09:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-11-08 13:42 . 2010-11-08 13:42 -------- d-----w- c:\program files\panda security
2010-11-07 21:22 . 2010-11-08 22:00 -------- d-----w- c:\users\pablo\appdata\local\opencandy
2010-11-07 21:22 . 2010-11-08 21:59 -------- d-----w- c:\users\pablo\appdata\roaming\opencandy
2010-11-07 21:17 . 2010-11-08 00:33 -------- d-----w- c:\programdata\windowsliveinstaller
2010-11-05 18:59 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{9881d9fd-e0d0-4df1-b26a-dd93586c9825}\mpengine.dll
2010-11-01 03:00 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\xapofx1_3.dll
2010-11-01 03:00 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\xaudio2_5.dll
2010-11-01 03:00 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-11-01 02:53 . 2010-11-01 11:45 -------- d-----w- c:\users\pablo\appdata\local\manycam
2010-10-28 02:29 . 2010-10-28 02:32 -------- d-----w- c:\users\pablo\appdata\roaming\trillian
2010-10-28 02:29 . 2010-11-09 22:57 -------- d-----w- c:\program files\trillian
2010-10-27 11:04 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-27 11:04 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\apphlpdm.dll
2010-10-27 11:04 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\gameuxlegacygdfs.dll
2010-10-26 14:13 . 2010-11-08 22:31 -------- d-----w- c:\program files\eusing free registry cleaner
2010-10-26 13:56 . 2010-10-26 14:37 -------- d-----w- c:\program files\regdefense
2010-10-26 12:21 . 2010-10-26 12:21 -------- d-----w- c:\program files\western digital corporation
2010-10-20 10:12 . 2010-10-20 10:12 15712 ----a-w- c:\program files\common files\windows live\.cache\5283c1431cb703f08\meshbetaremover.exe
2010-10-20 10:12 . 2010-10-20 10:12 94040 ----a-w- c:\program files\common files\windows live\.cache\495ff8e31cb703f06\dsetup.dll
2010-10-20 10:12 . 2010-10-20 10:12 525656 ----a-w- c:\program files\common files\windows live\.cache\495ff8e31cb703f06\dxsetup.exe
2010-10-20 10:12 . 2010-10-20 10:12 1691480 ----a-w- c:\program files\common files\windows live\.cache\495ff8e31cb703f06\dsetup32.dll
2010-10-20 10:12 . 2010-10-20 10:12 94040 ----a-w- c:\program files\common files\windows live\.cache\44faca031cb703f04\dsetup.dll
2010-10-20 10:12 . 2010-10-20 10:12 525656 ----a-w- c:\program files\common files\windows live\.cache\44faca031cb703f04\dxsetup.exe
2010-10-20 10:12 . 2010-10-20 10:12 1691480 ----a-w- c:\program files\common files\windows live\.cache\44faca031cb703f04\dsetup32.dll
2010-10-20 10:11 . 2010-11-10 14:29 -------- d-----w- c:\users\pablo\appdata\local\windows live
2010-10-20 10:08 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2010-10-18 10:04 . 2010-10-18 10:04 40960 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\fst.exe
2010-10-18 10:03 . 2010-08-18 22:55 90112 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\uninst.exe
2010-10-18 10:02 . 2010-08-18 22:55 45056 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\switch.exe
2010-10-18 10:02 . 2010-08-18 22:55 185632 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\stmocx.dll
2010-10-18 09:58 . 2010-08-18 22:55 344169 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\libcurl.dll
2010-10-18 09:58 . 2010-08-18 22:55 20480 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\iecplus.dll
2010-10-18 09:55 . 2010-08-18 22:55 3960832 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\act.exe
2010-10-18 09:55 . 2010-08-18 22:55 278528 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\action.exe
2010-10-14 21:03 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-14 21:03 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-14 21:03 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-10-14 09:48 . 2010-10-14 09:48 -------- d-----w- c:\users\pablo\appdata\local\cpn
2010-10-14 09:47 . 2010-11-10 02:31 -------- d---a-w- c:\program files\cake poker 2.0
.
((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-09 22:38 . 2009-11-02 02:18 98392 ----a-w- c:\windows\system32\drivers\sbredrv.sys
2010-11-07 19:38 . 2009-06-12 04:07 44544 ----a-w- c:\windows\system32\agremove.exe
2010-10-19 20:51 . 2009-10-03 12:58 222080 ------w- c:\windows\system32\mpsigstub.exe
2010-09-22 23:47 . 2010-09-22 23:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 23:32 . 2010-09-22 23:32 301936 ----a-w- c:\windows\wlxpgss.scr
2010-09-15 03:50 . 2010-05-14 10:58 472808 ----a-w- c:\windows\system32\deployjava1.dll
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\quicktimevr.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\quicktime.qts
2010-08-26 16:33 . 2010-10-27 11:04 173056 ----a-w- c:\windows\apppatch\acxtrnal.dll
2010-08-26 16:33 . 2010-10-27 11:04 542720 ----a-w- c:\windows\apppatch\aclayers.dll
2010-08-26 16:33 . 2010-10-27 11:04 458752 ----a-w- c:\windows\apppatch\acspecfc.dll
2010-08-26 16:33 . 2010-10-27 11:04 2159616 ----a-w- c:\windows\apppatch\acgenral.dll
2010-08-23 09:34 . 2010-08-23 09:34 970504 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\spotlightresources.dll
2010-08-17 14:11 . 2010-09-15 10:07 128000 ----a-w- c:\windows\system32\spoolsv.exe
.
((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
regedit4
[hkey_current_user\software\microsoft\windows\currentversion\run]
"msnmsgr"=c:\program files\windows live\messenger\msnmsgr.exe [2010-09-22 4240760]
"daemon tools"=c:\program files\daemon tools\daemon.exe [2007-04-03 165784]
"google update"=c:\users\pablo\appdata\local\google\update\googleupdate.exe [2010-03-18 136176]
"ehtray.exe"=c:\windows\ehome\ehtray.exe [2008-01-21 125952]
"isuspm startup"=c:\progra~1\common~1\instal~1\update~1\isuspm.exe [2004-07-28 221184]
"uniblue registrybooster 2009"=c:\program files\uniblue\registrybooster\startregistrybooster.exe [2008-08-26 99624]
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"ndstray.exe"="ndstray.exe" [bu]
"itsecmng"=c:\program files\toshiba\bluetooth toshiba stack\itsecmng.exe [2007-09-28 75136]
"topi"=c:\program files\toshiba\toshiba online product information\topi.exe [2009-02-09 579488]
"startccc"=c:\program files\ati technologies\ati.ace\core-static\clistart.exe [2006-11-10 90112]
"syntpenh"=c:\program files\synaptics\syntp\syntpenh.exe [2007-11-29 1029416]
"camera assistant software"=c:\program files\camera assistant software for toshiba\traybar.exe [2007-10-25 413696]
"hdmictrlman"=c:\program files\toshiba\hdmictrlman\hdmictrlman.exe [2008-01-25 716800]
"tpwrmain"=c:\program files\toshiba\power saver\tpwrmain.exe [2008-01-17 431456]
"hson"=c:\program files\toshiba\tbs\hson.exe [2007-10-31 54608]
"smoothview"=c:\program files\toshiba\smoothview\smoothview.exe [2008-01-25 509816]
"00tcrdmain"=c:\program files\toshiba\flashcards\tcrdmain.exe [2008-01-22 712704]
"toshiba registration"=c:\program files\toshiba\registration\toshibaregistration.exe [2007-05-04 571024]
"freecom"=c:\program files\freecom\freecom internet phone\freecom internet phone.exe [2006-09-22 466944]
"roxiodragtodisc"=c:\program files\roxio\easy media creator 8\drag to disc\drgtodsc.exe [2005-09-19 1687552]
"roxwatchtray"=c:\program files\common files\roxio shared\sharedcom8\roxwatchtray.exe [2005-09-19 163840]
"toshiba tempo"=c:\program files\toshiba tempro\toshiba.tempo.ui.trayapplication.exe [2008-11-06 103824]
"applesyncnotifier"=c:\program files\common files\apple\mobile device support\bin\applesyncnotifier.exe [2008-09-03 111936]
"zesko_mccitrayapp"=c:\program files\thuishelp\zesko\thuishelp.exe [2008-04-14 1455104]
"clonecdtray"=c:\program files\slysoft\clonecd\clonecdtray.exe [2006-09-28 57344]
"avp"=c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe [2010-08-18 311680]
"adobe reader speed launcher"=c:\program files\adobe\reader 9.0\reader\reader_sl.exe [2009-12-21 35760]
"quicktime task"=c:\program files\quicktime\qttask.exe [2010-09-08 421888]
"ituneshelper"=c:\program files\itunes\ituneshelper.exe [2010-09-24 421160]
"divxupdate"=c:\program files\divx\divx update\divxupdate.exe [2010-09-01 1164584]
"msse"=c:\program files\microsoft security essentials\msseces.exe [2010-09-15 1094224]
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"enableuiadesktoptoggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll
[hkey_local_machine\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\lavasoft ad-aware service]
@="service"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\msmpsvc]
@="service"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\windefend]
@="service"
[hkey_local_machine\software\microsoft\security center\monitoring\kasperskyantivirus]
"disablemonitoring"=dword:00000001
[hkey_local_machine\software\microsoft\security center\monitoring\mcafeeantispyware]
"disablemonitoring"=dword:00000001
[hkey_local_machine\software\microsoft\security center\svc]
"antivirusoverride"=dword:00000001
r2 clr_optimization_v4.0.30319_32;microsoft .net framework ngen v4.0.30319_x86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
r2 gupdate1c9a02555337583;google update service (gupdate1c9a02555337583);c:\program files\google\update\googleupdate.exe [2009-03-08 133104]
r2 lavasoft ad-aware service;lavasoft ad-aware service;c:\program files\lavasoft\ad-aware\aawservice.exe [2010-11-09 1375992]
r2 pgsql-8.3;postgresql database server 8.3;c:\program files\postgresql\8.3\bin\pg_ctl.exe [2008-09-19 65536]
r3 intchdmiaddservice;intel(r) high definition audio hdmi service; [x]
r3 manycam;manycam virtual webcam, wdm video capture driver; [x]
r3 wdc_sam;wd scsi pass thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-05-06 11520]
r3 wpffontcache_v0400;windows presentation foundation font cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe [2010-03-18 753504]
r4 wlcrasvc;windows live mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-09-22 51040]
s0 klbg;kaspersky lab boot guard driver;c:\windows\system32\drivers\klbg.sys [2008-12-15 33808]
s0 lbd;lbd;c:\windows\system32\drivers\lbd.sys [2010-09-23 64288]
s0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]
s0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008-11-19 682232]
s1 klim6;kaspersky anti-virus ndis 6 filter;c:\windows\system32\drivers\klim6.sys [2009-05-15 21008]
s2 configfree service;configfree service;c:\program files\toshiba\configfree\cfsvcs.exe [2007-12-25 40960]
s2 tempomonitoringservice;notebook performance tuning service ;c:\program files\toshiba tempro\temposvc.exe [2008-11-06 99720]
s2 toshiba smart log service;toshiba smart log service;c:\program files\toshiba\smartlogservice\tosipcsrv.exe [2007-12-03 126976]
s3 klmouflt;kaspersky lab klmouflt;c:\windows\system32\drivers\klmouflt.sys [2009-05-16 19472]
s3 mpnwmon;microsoft malware protection network driver;c:\windows\system32\drivers\mpnwmon.sys [2010-03-25 42368]
s3 netw5v32;intel(r) wireless wifi link 5000 series adapter driver for windows vista 32 bit;c:\windows\system32\drivers\netw5v32.sys [2008-11-17 3668480]
s3 o2mdrdr;o2mdrdr;c:\windows\system32\drivers\o2media.sys [2008-01-15 48472]
s3 qiomem;generic io & memory access;c:\windows\system32\drivers\qiomem.sys [2007-04-09 8192]
[hkey_local_machine\software\microsoft\windows nt\currentversion\svchost]
localserviceandnoimpersonation reg_multi_sz fontcache
.
inhoud van de 'gedeelde taken' map
2010-11-10 c:\windows\tasks\googleupdatetaskmachinecore.job
- c:\program files\google\update\googleupdate.exe [2009-03-08 19:37]
2010-11-10 c:\windows\tasks\googleupdatetaskmachineua.job
- c:\program files\google\update\googleupdate.exe [2009-03-08 19:37]
2010-11-10 c:\windows\tasks\googleupdatetaskusers-1-5-21-3173371087-2009597984-3177318452-1000core.job
- c:\users\pablo\appdata\local\google\update\googleupdate.exe [2010-04-14 11:36]
2010-11-10 c:\windows\tasks\googleupdatetaskusers-1-5-21-3173371087-2009597984-3177318452-1000ua.job
- c:\users\pablo\appdata\local\google\update\googleupdate.exe [2010-04-14 11:36]
2010-11-10 c:\windows\tasks\user_feed_synchronization-{8115eaaf-0810-4a9c-b579-6413ec6b202d}.job
- c:\windows\system32\msfeedssync.exe [2010-10-14 04:25]
.
.
------- bijkomende scan -------
.
ustart page = about:blank
uinternet settings,proxyoverride = *.local
ie: {{76577871-04ec-495e-a12b-91f7c3600afa} - [noparse]http://rover.ebay.com/rover/1/710-44557-9400-3/4[/noparse]
ie: {{8a918c1d-e123-4e36-b562-5c1519e434ce} - [noparse]http://www.amazon.co.uk/exec/obidos/redirect-home?tag=toshibaukbholink-21&site=home[/noparse]
ie: {{a68fc757-51cf-4f3c-b13a-bfb8ca69bb99} - c:\poker\cdpoker\casino.exe
ie: {{c53bfcfc-7a54-4627-aeba-2cd4871fca97} - c:\microgaming\poker\unibetpokermpp\mppoker.exe
trusted zone: adobe.com\www
trusted zone: ziggo.nl\thuishelp
ff - profilepath - c:\users\pablo\appdata\roaming\mozilla\firefox\profiles\2mb6m3xu.default\
ff - prefs.js: browser.startup.homepage - hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1218137204&rver=4.5.2130.0&wp=mbi&wreply=http:%2f%2fmail.live.com%2fdefault.aspx&id=64855
ff - prefs.js: keyword.url - hxxp://search.sweetim.com/search.asp?src=2&q=
ff - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
ff - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
ff - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
ff - plugin: c:\program files\google\update\1.2.183.39\npgoogleoneclick8.dll
ff - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployjava1.dll
ff - plugin: c:\program files\veetle\player\npvlc.dll
ff - plugin: c:\program files\veetle\plugins\npveetle.dll
ff - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
ff - plugin: c:\program files\windows live\photo gallery\npwlpg.dll
ff - plugin: c:\users\pablo\appdata\local\google\update\1.2.183.39\npgoogleoneclick8.dll
ff - plugin: c:\users\pablo\appdata\roaming\mozilla\plugins\npgoogletalk.dll
ff - plugin: c:\users\pablo\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
ff - hiddenextension: microsoft .net framework assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
---- firefox policies ----
ff - user.js: yahoo.ytff.general.dontshowhpoffer - true
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--fiqz9s", true); // traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--fiqs8s", true); // simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--kpry57d", true); // traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--kprw13d", true); // simplified
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - orphans verwijderd - - - -
toolbar-{d4027c7f-154a-4066-a1ad-4243d8127440} - (no file)
webbrowser-{d4027c7f-154a-4066-a1ad-4243d8127440} - (no file)
hkcu-run-toscdspd - toscdspd.exe
**************************************************************************
catchme 0.3.1398 w2k/xp/vista - rootkit/stealth malware detector by gmer, [noparse]http://www.gmer.net[/noparse]
rootkit scan 2010-11-10 17:35
windows 6.0.6002 service pack 2 ntfs
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
[hkey_local_machine\system\controlset001\services\klim6]
"imagepath"="system32\drivers\klim6.sys"
[hkey_local_machine\system\controlset001\services\klmouflt]
"imagepath"="system32\drivers\klmouflt.sys"
[hkey_local_machine\system\controlset001\services\ksecdd]
"imagepath"="system32\drivers\ksecdd.sys"
[hkey_local_machine\system\controlset001\services\ktmrm]
"servicedll"=%systemroot%\system32\msdtckrm.dll
[hkey_local_machine\system\controlset001\services\lanmanserver]
"servicedll"=%systemroot%\system32\srvsvc.dll
[hkey_local_machine\system\controlset001\services\lanmanworkstation]
"servicedll"=%systemroot%\system32\wkssvc.dll
[hkey_local_machine\system\controlset001\services\lavasoft ad-aware service]
"imagepath"="\c:\program files\lavasoft\ad-aware\aawservice.exe\""
[hkey_local_machine\system\controlset001\services\lbd]
"imagepath"="system32\drivers\lbd.sys"
[hkey_local_machine\system\controlset001\services\ldap]
[hkey_local_machine\system\controlset001\services\lltdio]
"imagepath"="system32\drivers\lltdio.sys"
[hkey_local_machine\system\controlset001\services\lltdsvc]
"servicedll"=%systemroot%\system32\lltdsvc.dll
[hkey_local_machine\system\controlset001\services\lmhosts]
"servicedll"=%systemroot%\system32\lmhsvc.dll
[hkey_local_machine\system\controlset001\services\lsa]
[hkey_local_machine\system\controlset001\services\lsi_fc]
"imagepath"="\systemroot\system32\drivers\lsi_fc.sys"
[hkey_local_machine\system\controlset001\services\lsi_sas]
"imagepath"="\systemroot\system32\drivers\lsi_sas.sys"
[hkey_local_machine\system\controlset001\services\lsi_scsi]
"imagepath"="\systemroot\system32\drivers\lsi_scsi.sys"
[hkey_local_machine\system\controlset001\services\luafv]
"imagepath"="\systemroot\system32\drivers\luafv.sys"
[hkey_local_machine\system\controlset001\services\manycam]
[hkey_local_machine\system\controlset001\services\manycam_llc]
[hkey_local_machine\system\controlset001\services\mccicmservice]
"imagepath"="\c:\program files\common files\motive\mccicmservice.exe\""
[hkey_local_machine\system\controlset001\services\mcx2svc]
"servicedll"=%systemroot%\system32\mcx2svc.dll
[hkey_local_machine\system\controlset001\services\mdmxsdk]
"imagepath"="system32\drivers\mdmxsdk.sys"
[hkey_local_machine\system\controlset001\services\megasas]
"imagepath"="\systemroot\system32\drivers\megasas.sys"
[hkey_local_machine\system\controlset001\services\megasr]
"imagepath"="\systemroot\system32\drivers\megasr.sys"
[hkey_local_machine\system\controlset001\services\mmcss]
"servicedll"=%systemroot%\system32\mmcss.dll
[hkey_local_machine\system\controlset001\services\mmc_2k]
[hkey_local_machine\system\controlset001\services\modem]
"imagepath"="system32\drivers\modem.sys"
[hkey_local_machine\system\controlset001\services\monitor]
"imagepath"="system32\drivers\monitor.sys"
[hkey_local_machine\system\controlset001\services\mouclass]
"imagepath"="system32\drivers\mouclass.sys"
[hkey_local_machine\system\controlset001\services\mouhid]
"imagepath"="system32\drivers\mouhid.sys"
[hkey_local_machine\system\controlset001\services\mountmgr]
"imagepath"="system32\drivers\mountmgr.sys"
[hkey_local_machine\system\controlset001\services\mpfilter]
"imagepath"="system32\drivers\mpfilter.sys"
[hkey_local_machine\system\controlset001\services\mpio]
"imagepath"="\systemroot\system32\drivers\mpio.sys"
[hkey_local_machine\system\controlset001\services\mpnwmon]
"imagepath"="system32\drivers\mpnwmon.sys"
[hkey_local_machine\system\controlset001\services\mpsdrv]
"imagepath"="system32\drivers\mpsdrv.sys"
[hkey_local_machine\system\controlset001\services\mpssvc]
"servicedll"=%systemroot%\system32\mpssvc.dll
[hkey_local_machine\system\controlset001\services\mraid35x]
"imagepath"="\systemroot\system32\drivers\mraid35x.sys"
[hkey_local_machine\system\controlset001\services\mremp50]
"imagepath"="\??\c:\progra~1\common~1\motive\mremp50.sys
[hkey_local_machine\system\controlset001\services\mremp50a64]
"imagepath"="\??\c:\progra~1\common~1\motive\mremp50a64.sys
[hkey_local_machine\system\controlset001\services\mrempr5]
"imagepath"="\??\c:\progra~1\common~1\motive\mrempr5.sys
[hkey_local_machine\system\controlset001\services\mrendis5]
"imagepath"="\??\c:\progra~1\common~1\motive\mrendis5.sys
[hkey_local_machine\system\controlset001\services\mresp50]
"imagepath"="\??\c:\progra~1\common~1\motive\mresp50.sys
[hkey_local_machine\system\controlset001\services\mresp50a64]
"imagepath"="\??\c:\progra~1\common~1\motive\mresp50a64.sys
[hkey_local_machine\system\controlset001\services\mrxdav]
"imagepath"="\systemroot\system32\drivers\mrxdav.sys"
[hkey_local_machine\system\controlset001\services\mrxsmb]
"imagepath"="system32\drivers\mrxsmb.sys"
[hkey_local_machine\system\controlset001\services\mrxsmb10]
"imagepath"="system32\drivers\mrxsmb10.sys"
[hkey_local_machine\system\controlset001\services\mrxsmb20]
"imagepath"="system32\drivers\mrxsmb20.sys"
[hkey_local_machine\system\controlset001\services\msahci]
"imagepath"="system32\drivers\msahci.sys"
[hkey_local_machine\system\controlset001\services\msdsm]
"imagepath"="\systemroot\system32\drivers\msdsm.sys"
[hkey_local_machine\system\controlset001\services\msdtc]
"imagepath"=%systemroot%\system32\msdtc.exe
[hkey_local_machine\system\controlset001\services\msdtc bridge 3.0.0.0]
[hkey_local_machine\system\controlset001\services\msdtc bridge 4.0.0.0]
[hkey_local_machine\system\controlset001\services\msfs]
[hkey_local_machine\system\controlset001\services\msisadrv]
"imagepath"="system32\drivers\msisadrv.sys"
[hkey_local_machine\system\controlset001\services\msiscsi]
"servicedll"=%systemroot%\system32\iscsiexe.dll
[hkey_local_machine\system\controlset001\services\msiserver]
"imagepath"=%systemroot%\system32\msiexec.exe /v"
[hkey_local_machine\system\controlset001\services\mskssrv]
"imagepath"="system32\drivers\mskssrv.sys"
[hkey_local_machine\system\controlset001\services\msmpsvc]
"imagepath"="\c:\program files\microsoft security essentials\msmpeng.exe\""
[hkey_local_machine\system\controlset001\services\mspclock]
"imagepath"="system32\drivers\mspclock.sys"
[hkey_local_machine\system\controlset001\services\mspqm]
"imagepath"="system32\drivers\mspqm.sys"
[hkey_local_machine\system\controlset001\services\msrpc]
[hkey_local_machine\system\controlset001\services\msscntrs]
[hkey_local_machine\system\controlset001\services\mssmbios]
"imagepath"="system32\drivers\mssmbios.sys"
[hkey_local_machine\system\controlset001\services\mstee]
"imagepath"="system32\drivers\mstee.sys"
[hkey_local_machine\system\controlset001\services\mup]
"imagepath"="system32\drivers\mup.sys"
[hkey_local_machine\system\controlset001\services\napagent]
"servicedll"=%systemroot%\system32\qagentrt.dll
[hkey_local_machine\system\controlset001\services\nativewifip]
"imagepath"="system32\drivers\nwifi.sys"
[hkey_local_machine\system\controlset001\services\ndis]
"imagepath"="system32\drivers\ndis.sys"
[hkey_local_machine\system\controlset001\services\ndistapi]
"imagepath"="system32\drivers\ndistapi.sys"
[hkey_local_machine\system\controlset001\services\ndisuio]
"imagepath"="system32\drivers\ndisuio.sys"
[hkey_local_machine\system\controlset001\services\ndiswan]
"imagepath"="system32\drivers\ndiswan.sys"
[hkey_local_machine\system\controlset001\services\ndproxy]
[hkey_local_machine\system\controlset001\services\netbios]
"imagepath"="system32\drivers\netbios.sys"
[hkey_local_machine\system\controlset001\services\netbt]
"imagepath"="system32\drivers\netbt.sys"
[hkey_local_machine\system\controlset001\services\netlogon]
"imagepath"=%systemroot%\system32\lsass.exe
[hkey_local_machine\system\controlset001\services\netman]
"servicedll"=%systemroot%\system32\netman.dll
[hkey_local_machine\system\controlset001\services\netprofm]
"servicedll"=%systemroot%\system32\netprofm.dll
[hkey_local_machine\system\controlset001\services\nettcpportsharing]
"imagepath"="\%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe\""
[hkey_local_machine\system\controlset001\services\netw4v32]
"imagepath"="system32\drivers\netw4v32.sys"
[hkey_local_machine\system\controlset001\services\netw5v32]
"imagepath"="system32\drivers\netw5v32.sys"
[hkey_local_machine\system\controlset001\services\nfrd960]
"imagepath"="\systemroot\system32\drivers\nfrd960.sys"
[hkey_local_machine\system\controlset001\services\nlasvc]
"servicedll"=%systemroot%\system32\nlasvc.dll
[hkey_local_machine\system\controlset001\services\npfs]
[hkey_local_machine\system\controlset001\services\nsi]
"servicedll"=%systemroot%\system32\nsisvc.dll
[hkey_local_machine\system\controlset001\services\nsiproxy]
"imagepath"="system32\drivers\nsiproxy.sys"
[hkey_local_machine\system\controlset001\services\ntds]
[hkey_local_machine\system\controlset001\services\ntfs]
[hkey_local_machine\system\controlset001\services\ntrigdigi]
"imagepath"="\systemroot\system32\drivers\ntrigdigi.sys"
[hkey_local_machine\system\controlset001\services\null]
[hkey_local_machine\system\controlset001\services\nvraid]
"imagepath"="\systemroot\system32\drivers\nvraid.sys"
[hkey_local_machine\system\controlset001\services\nvstor]
"imagepath"="\systemroot\system32\drivers\nvstor.sys"
[hkey_local_machine\system\controlset001\services\nv_agp]
"imagepath"="\systemroot\system32\drivers\nv_agp.sys"
[hkey_local_machine\system\controlset001\services\nwlnkflt]
"imagepath"="system32\drivers\nwlnkflt.sys"
[hkey_local_machine\system\controlset001\services\nwlnkfwd]
"imagepath"="system32\drivers\nwlnkfwd.sys"
[hkey_local_machine\system\controlset001\services\o2flash]
"imagepath"="\c:\program files\o2micro flash memory card driver\o2flash.exe\""
[hkey_local_machine\system\controlset001\services\o2mdrdr]
"imagepath"="system32\drivers\o2media.sys"
[hkey_local_machine\system\controlset001\services\ohci1394]
"imagepath"="system32\drivers\ohci1394.sys"
[hkey_local_machine\system\controlset001\services\p2pimsvc]
"servicedll"=%systemroot%\system32\p2psvc.dll
[hkey_local_machine\system\controlset001\services\p2psvc]
"servicedll"=%systemroot%\system32\p2psvc.dll
[hkey_local_machine\system\controlset001\services\parport]
"imagepath"="\systemroot\system32\drivers\parport.sys"
[hkey_local_machine\system\controlset001\services\partmgr]
"imagepath"="system32\drivers\partmgr.sys"
[hkey_local_machine\system\controlset001\services\parvdm]
"imagepath"="\systemroot\system32\drivers\parvdm.sys"
[hkey_local_machine\system\controlset001\services\pavboot]
"imagepath"="system32\drivers\pavboot.sys"
[hkey_local_machine\system\controlset001\services\pcasvc]
"servicedll"=%systemroot%\system32\pcasvc.dll
[hkey_local_machine\system\controlset001\services\pci]
"imagepath"="system32\drivers\pci.sys"
[hkey_local_machine\system\controlset001\services\pciide]
"imagepath"="\systemroot\system32\drivers\pciide.sys"
[hkey_local_machine\system\controlset001\services\pcmcia]
"imagepath"="\systemroot\system32\drivers\pcmcia.sys"
[hkey_local_machine\system\controlset001\services\peauth]
"imagepath"="system32\drivers\peauth.sys"
[hkey_local_machine\system\controlset001\services\perfdisk]
[hkey_local_machine\system\controlset001\services\perfnet]
[hkey_local_machine\system\controlset001\services\perfos]
[hkey_local_machine\system\controlset001\services\perfproc]
[hkey_local_machine\system\controlset001\services\pgsql-8.3]
"imagepath"="\c:\program files\postgresql\8.3\bin\pg_ctl.exe\" runservice -w -n \"pgsql-8.3\" -d \"c:\program files\postgresql\8.3\data\\""
[hkey_local_machine\system\controlset001\services\pla]
"servicedll"=%systemroot%\system32\pla.dll
[hkey_local_machine\system\controlset001\services\plugplay]
"servicedll"=%systemroot%\system32\umpnpmgr.dll
[hkey_local_machine\system\controlset001\services\pnrpautoreg]
"servicedll"=%systemroot%\system32\p2psvc.dll
[hkey_local_machine\system\controlset001\services\pnrpsvc]
"servicedll"=%systemroot%\system32\p2psvc.dll
[hkey_local_machine\system\controlset001\services\policyagent]
"servicedll"=%systemroot%\system32\ipsecsvc.dll
[hkey_local_machine\system\controlset001\services\portproxy]
[hkey_local_machine\system\controlset001\services\pptpminiport]
"imagepath"="system32\drivers\raspptp.sys"
[hkey_local_machine\system\controlset001\services\processor]
"imagepath"="\systemroot\system32\drivers\processr.sys"
[hkey_local_machine\system\controlset001\services\profsvc]
"servicedll"=%systemroot%\system32\profsvc.dll
[hkey_local_machine\system\controlset001\services\protectedstorage]
"imagepath"=%systemroot%\system32\lsass.exe
[hkey_local_machine\system\controlset001\services\psched]
"imagepath"="system32\drivers\pacer.sys"
[hkey_local_machine\system\controlset001\services\pwd_2k]
 
Haha ja ik dacht daar weer niet aan... Komt ie:

[hjt]
combofix 10-11-09.03 - pablo 10-11-2010 17:26:16.1.2 - x86
gestart vanuit: c:\users\pablo\desktop\combofix.exe
.
(((((((((((((((((((((((((((((((((( andere verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
e:\install.exe
.
(((((((((((((((((((( bestanden gemaakt van 2010-10-10 to 2010-11-10 ))))))))))))))))))))))))))))))
.
2010-11-10 14:01 . 2010-11-10 14:01 -------- d-----w- c:\program files\ccleaner
2010-11-10 02:31 . 2010-09-23 07:46 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-11-10 02:16 . 2010-11-10 02:25 -------- d-----w- c:\programdata\driverscanner
2010-11-10 02:15 . 2010-11-10 02:17 -------- dc-h--w- c:\programdata\{d5abffad-d592-4f98-b02b-587125b4801f}
2010-11-10 02:14 . 2010-11-10 02:14 -------- dc-h--w- c:\programdata\{51019853-129c-4ede-9030-d5fd7bbd9ad0}
2010-11-10 02:07 . 2010-11-10 02:16 -------- d-----w- c:\users\pablo\appdata\roaming\uniblue
2010-11-10 02:07 . 2010-11-10 02:16 -------- d-----w- c:\program files\uniblue
2010-11-10 02:06 . 2010-11-10 02:07 -------- dc-h--w- c:\programdata\{b46e1ef5-0b37-4db4-a4e2-9f2b41036185}
2010-11-09 22:38 . 2010-09-23 07:46 64288 ----a-w- c:\windows\system32\drivers\lbd.sys
2010-11-09 22:35 . 2010-11-09 22:35 -------- d-----w- c:\users\pablo\appdata\local\sunbelt software
2010-11-09 22:34 . 2010-11-09 22:34 -------- dc-h--w- c:\programdata\{e961ce1b-c3ea-4882-9f67-f859b555d097}
2010-11-09 16:27 . 2010-10-07 15:21 6146896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2010-11-09 16:27 . 2010-10-07 15:21 6146896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{64f030c3-a6b7-4f3b-91d9-9d045b60fbf1}\mpengine.dll
2010-11-09 13:41 . 2010-11-09 13:41 -------- d-----w- c:\program files\regtweaker
2010-11-09 12:52 . 2010-11-09 13:15 -------- d-----w- c:\users\pablo\appdata\local\yahoo
2010-11-09 12:43 . 2010-11-09 12:52 -------- d-----w- c:\users\pablo\appdata\roaming\yahoo!
2010-11-09 12:41 . 2010-11-09 13:15 -------- d-----w- c:\programdata\yahoo!
2010-11-09 12:30 . 2010-11-09 12:30 -------- d-----w- c:\windows\en
2010-11-09 12:29 . 2010-09-22 23:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-11-09 12:17 . 2010-11-09 12:17 469256 ----a-w- c:\program files\common files\windows live\.cache\1c280f6e1cb800803\installmanager_wle_wle.exe
2010-11-09 03:08 . 2010-11-09 03:08 -------- d-----w- c:\program files\microsoft sql server compact edition
2010-11-09 02:39 . 2010-11-09 02:39 -------- d-----w- c:\users\pablo\appdata\roaming\malwarebytes
2010-11-09 02:39 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-09 02:39 . 2010-11-09 02:39 -------- d-----w- c:\programdata\malwarebytes
2010-11-09 02:39 . 2010-11-09 02:39 -------- d-----w- c:\program files\malwarebytes' anti-malware
2010-11-09 02:39 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-09 01:19 . 2010-11-09 01:19 -------- d-----w- c:\users\pablo\appdata\local\packageaware
2010-11-08 14:40 . 2010-11-08 14:41 -------- d-----w- c:\program files\microsoft security essentials
2010-11-08 13:50 . 2010-11-09 22:45 -------- d-----w- c:\program files\everest poker
2010-11-08 13:45 . 2009-06-30 09:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-11-08 13:42 . 2010-11-08 13:42 -------- d-----w- c:\program files\panda security
2010-11-07 21:22 . 2010-11-08 22:00 -------- d-----w- c:\users\pablo\appdata\local\opencandy
2010-11-07 21:22 . 2010-11-08 21:59 -------- d-----w- c:\users\pablo\appdata\roaming\opencandy
2010-11-07 21:17 . 2010-11-08 00:33 -------- d-----w- c:\programdata\windowsliveinstaller
2010-11-05 18:59 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{9881d9fd-e0d0-4df1-b26a-dd93586c9825}\mpengine.dll
2010-11-01 03:00 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\xapofx1_3.dll
2010-11-01 03:00 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\xaudio2_5.dll
2010-11-01 03:00 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-11-01 02:53 . 2010-11-01 11:45 -------- d-----w- c:\users\pablo\appdata\local\manycam
2010-10-28 02:29 . 2010-10-28 02:32 -------- d-----w- c:\users\pablo\appdata\roaming\trillian
2010-10-28 02:29 . 2010-11-09 22:57 -------- d-----w- c:\program files\trillian
2010-10-27 11:04 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-27 11:04 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\apphlpdm.dll
2010-10-27 11:04 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\gameuxlegacygdfs.dll
2010-10-26 14:13 . 2010-11-08 22:31 -------- d-----w- c:\program files\eusing free registry cleaner
2010-10-26 13:56 . 2010-10-26 14:37 -------- d-----w- c:\program files\regdefense
2010-10-26 12:21 . 2010-10-26 12:21 -------- d-----w- c:\program files\western digital corporation
2010-10-20 10:12 . 2010-10-20 10:12 15712 ----a-w- c:\program files\common files\windows live\.cache\5283c1431cb703f08\meshbetaremover.exe
2010-10-20 10:12 . 2010-10-20 10:12 94040 ----a-w- c:\program files\common files\windows live\.cache\495ff8e31cb703f06\dsetup.dll
2010-10-20 10:12 . 2010-10-20 10:12 525656 ----a-w- c:\program files\common files\windows live\.cache\495ff8e31cb703f06\dxsetup.exe
2010-10-20 10:12 . 2010-10-20 10:12 1691480 ----a-w- c:\program files\common files\windows live\.cache\495ff8e31cb703f06\dsetup32.dll
2010-10-20 10:12 . 2010-10-20 10:12 94040 ----a-w- c:\program files\common files\windows live\.cache\44faca031cb703f04\dsetup.dll
2010-10-20 10:12 . 2010-10-20 10:12 525656 ----a-w- c:\program files\common files\windows live\.cache\44faca031cb703f04\dxsetup.exe
2010-10-20 10:12 . 2010-10-20 10:12 1691480 ----a-w- c:\program files\common files\windows live\.cache\44faca031cb703f04\dsetup32.dll
2010-10-20 10:11 . 2010-11-10 14:29 -------- d-----w- c:\users\pablo\appdata\local\windows live
2010-10-20 10:08 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2010-10-18 10:04 . 2010-10-18 10:04 40960 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\fst.exe
2010-10-18 10:03 . 2010-08-18 22:55 90112 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\uninst.exe
2010-10-18 10:02 . 2010-08-18 22:55 45056 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\switch.exe
2010-10-18 10:02 . 2010-08-18 22:55 185632 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\stmocx.dll
2010-10-18 09:58 . 2010-08-18 22:55 344169 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\libcurl.dll
2010-10-18 09:58 . 2010-08-18 22:55 20480 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\iecplus.dll
2010-10-18 09:55 . 2010-08-18 22:55 3960832 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\act.exe
2010-10-18 09:55 . 2010-08-18 22:55 278528 ----a-w- c:\users\pablo\appdata\roaming\microsoft\windows\start menu\action poker\action.exe
2010-10-14 21:03 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-14 21:03 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-14 21:03 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-10-14 09:48 . 2010-10-14 09:48 -------- d-----w- c:\users\pablo\appdata\local\cpn
2010-10-14 09:47 . 2010-11-10 02:31 -------- d---a-w- c:\program files\cake poker 2.0
.
((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-09 22:38 . 2009-11-02 02:18 98392 ----a-w- c:\windows\system32\drivers\sbredrv.sys
2010-11-07 19:38 . 2009-06-12 04:07 44544 ----a-w- c:\windows\system32\agremove.exe
2010-10-19 20:51 . 2009-10-03 12:58 222080 ------w- c:\windows\system32\mpsigstub.exe
2010-09-22 23:47 . 2010-09-22 23:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 23:32 . 2010-09-22 23:32 301936 ----a-w- c:\windows\wlxpgss.scr
2010-09-15 03:50 . 2010-05-14 10:58 472808 ----a-w- c:\windows\system32\deployjava1.dll
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\quicktimevr.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\quicktime.qts
2010-08-26 16:33 . 2010-10-27 11:04 173056 ----a-w- c:\windows\apppatch\acxtrnal.dll
2010-08-26 16:33 . 2010-10-27 11:04 542720 ----a-w- c:\windows\apppatch\aclayers.dll
2010-08-26 16:33 . 2010-10-27 11:04 458752 ----a-w- c:\windows\apppatch\acspecfc.dll
2010-08-26 16:33 . 2010-10-27 11:04 2159616 ----a-w- c:\windows\apppatch\acgenral.dll
2010-08-23 09:34 . 2010-08-23 09:34 970504 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\spotlightresources.dll
2010-08-17 14:11 . 2010-09-15 10:07 128000 ----a-w- c:\windows\system32\spoolsv.exe
.
((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
regedit4
[hkey_current_user\software\microsoft\windows\currentversion\run]
"msnmsgr"=c:\program files\windows live\messenger\msnmsgr.exe [2010-09-22 4240760]
"daemon tools"=c:\program files\daemon tools\daemon.exe [2007-04-03 165784]
"google update"=c:\users\pablo\appdata\local\google\update\googleupdate.exe [2010-03-18 136176]
"ehtray.exe"=c:\windows\ehome\ehtray.exe [2008-01-21 125952]
"isuspm startup"=c:\progra~1\common~1\instal~1\update~1\isuspm.exe [2004-07-28 221184]
"uniblue registrybooster 2009"=c:\program files\uniblue\registrybooster\startregistrybooster.exe [2008-08-26 99624]
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"ndstray.exe"="ndstray.exe" [bu]
"itsecmng"=c:\program files\toshiba\bluetooth toshiba stack\itsecmng.exe [2007-09-28 75136]
"topi"=c:\program files\toshiba\toshiba online product information\topi.exe [2009-02-09 579488]
"startccc"=c:\program files\ati technologies\ati.ace\core-static\clistart.exe [2006-11-10 90112]
"syntpenh"=c:\program files\synaptics\syntp\syntpenh.exe [2007-11-29 1029416]
"camera assistant software"=c:\program files\camera assistant software for toshiba\traybar.exe [2007-10-25 413696]
"hdmictrlman"=c:\program files\toshiba\hdmictrlman\hdmictrlman.exe [2008-01-25 716800]
"tpwrmain"=c:\program files\toshiba\power saver\tpwrmain.exe [2008-01-17 431456]
"hson"=c:\program files\toshiba\tbs\hson.exe [2007-10-31 54608]
"smoothview"=c:\program files\toshiba\smoothview\smoothview.exe [2008-01-25 509816]
"00tcrdmain"=c:\program files\toshiba\flashcards\tcrdmain.exe [2008-01-22 712704]
"toshiba registration"=c:\program files\toshiba\registration\toshibaregistration.exe [2007-05-04 571024]
"freecom"=c:\program files\freecom\freecom internet phone\freecom internet phone.exe [2006-09-22 466944]
"roxiodragtodisc"=c:\program files\roxio\easy media creator 8\drag to disc\drgtodsc.exe [2005-09-19 1687552]
"roxwatchtray"=c:\program files\common files\roxio shared\sharedcom8\roxwatchtray.exe [2005-09-19 163840]
"toshiba tempo"=c:\program files\toshiba tempro\toshiba.tempo.ui.trayapplication.exe [2008-11-06 103824]
"applesyncnotifier"=c:\program files\common files\apple\mobile device support\bin\applesyncnotifier.exe [2008-09-03 111936]
"zesko_mccitrayapp"=c:\program files\thuishelp\zesko\thuishelp.exe [2008-04-14 1455104]
"clonecdtray"=c:\program files\slysoft\clonecd\clonecdtray.exe [2006-09-28 57344]
"avp"=c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe [2010-08-18 311680]
"adobe reader speed launcher"=c:\program files\adobe\reader 9.0\reader\reader_sl.exe [2009-12-21 35760]
"quicktime task"=c:\program files\quicktime\qttask.exe [2010-09-08 421888]
"ituneshelper"=c:\program files\itunes\ituneshelper.exe [2010-09-24 421160]
"divxupdate"=c:\program files\divx\divx update\divxupdate.exe [2010-09-01 1164584]
"msse"=c:\program files\microsoft security essentials\msseces.exe [2010-09-15 1094224]
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"enableuiadesktoptoggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll
[hkey_local_machine\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\lavasoft ad-aware service]
@="service"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\msmpsvc]
@="service"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\windefend]
@="service"
[hkey_local_machine\software\microsoft\security center\monitoring\kasperskyantivirus]
"disablemonitoring"=dword:00000001
[hkey_local_machine\software\microsoft\security center\monitoring\mcafeeantispyware]
"disablemonitoring"=dword:00000001
[hkey_local_machine\software\microsoft\security center\svc]
"antivirusoverride"=dword:00000001
r2 clr_optimization_v4.0.30319_32;microsoft .net framework ngen v4.0.30319_x86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
r2 gupdate1c9a02555337583;google update service (gupdate1c9a02555337583);c:\program files\google\update\googleupdate.exe [2009-03-08 133104]
r2 lavasoft ad-aware service;lavasoft ad-aware service;c:\program files\lavasoft\ad-aware\aawservice.exe [2010-11-09 1375992]
r2 pgsql-8.3;postgresql database server 8.3;c:\program files\postgresql\8.3\bin\pg_ctl.exe [2008-09-19 65536]
r3 intchdmiaddservice;intel(r) high definition audio hdmi service; [x]
r3 manycam;manycam virtual webcam, wdm video capture driver; [x]
r3 wdc_sam;wd scsi pass thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-05-06 11520]
r3 wpffontcache_v0400;windows presentation foundation font cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe [2010-03-18 753504]
r4 wlcrasvc;windows live mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-09-22 51040]
s0 klbg;kaspersky lab boot guard driver;c:\windows\system32\drivers\klbg.sys [2008-12-15 33808]
s0 lbd;lbd;c:\windows\system32\drivers\lbd.sys [2010-09-23 64288]
s0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]
s0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008-11-19 682232]
s1 klim6;kaspersky anti-virus ndis 6 filter;c:\windows\system32\drivers\klim6.sys [2009-05-15 21008]
s2 configfree service;configfree service;c:\program files\toshiba\configfree\cfsvcs.exe [2007-12-25 40960]
s2 tempomonitoringservice;notebook performance tuning service ;c:\program files\toshiba tempro\temposvc.exe [2008-11-06 99720]
s2 toshiba smart log service;toshiba smart log service;c:\program files\toshiba\smartlogservice\tosipcsrv.exe [2007-12-03 126976]
s3 klmouflt;kaspersky lab klmouflt;c:\windows\system32\drivers\klmouflt.sys [2009-05-16 19472]
s3 mpnwmon;microsoft malware protection network driver;c:\windows\system32\drivers\mpnwmon.sys [2010-03-25 42368]
s3 netw5v32;intel(r) wireless wifi link 5000 series adapter driver for windows vista 32 bit;c:\windows\system32\drivers\netw5v32.sys [2008-11-17 3668480]
s3 o2mdrdr;o2mdrdr;c:\windows\system32\drivers\o2media.sys [2008-01-15 48472]
s3 qiomem;generic io & memory access;c:\windows\system32\drivers\qiomem.sys [2007-04-09 8192]
[hkey_local_machine\software\microsoft\windows nt\currentversion\svchost]
localserviceandnoimpersonation reg_multi_sz fontcache
.
inhoud van de 'gedeelde taken' map
2010-11-10 c:\windows\tasks\googleupdatetaskmachinecore.job
- c:\program files\google\update\googleupdate.exe [2009-03-08 19:37]
2010-11-10 c:\windows\tasks\googleupdatetaskmachineua.job
- c:\program files\google\update\googleupdate.exe [2009-03-08 19:37]
2010-11-10 c:\windows\tasks\googleupdatetaskusers-1-5-21-3173371087-2009597984-3177318452-1000core.job
- c:\users\pablo\appdata\local\google\update\googleupdate.exe [2010-04-14 11:36]
2010-11-10 c:\windows\tasks\googleupdatetaskusers-1-5-21-3173371087-2009597984-3177318452-1000ua.job
- c:\users\pablo\appdata\local\google\update\googleupdate.exe [2010-04-14 11:36]
2010-11-10 c:\windows\tasks\user_feed_synchronization-{8115eaaf-0810-4a9c-b579-6413ec6b202d}.job
- c:\windows\system32\msfeedssync.exe [2010-10-14 04:25]
.
.
------- bijkomende scan -------
.
ustart page = about:blank
uinternet settings,proxyoverride = *.local
ie: {{76577871-04ec-495e-a12b-91f7c3600afa} - [noparse]http://rover.ebay.com/rover/1/710-44557-9400-3/4[/noparse]
ie: {{8a918c1d-e123-4e36-b562-5c1519e434ce} - [noparse]http://www.amazon.co.uk/exec/obidos/redirect-home?tag=toshibaukbholink-21&site=home[/noparse]
ie: {{a68fc757-51cf-4f3c-b13a-bfb8ca69bb99} - c:\poker\cdpoker\casino.exe
ie: {{c53bfcfc-7a54-4627-aeba-2cd4871fca97} - c:\microgaming\poker\unibetpokermpp\mppoker.exe
trusted zone: adobe.com\www
trusted zone: ziggo.nl\thuishelp
ff - profilepath - c:\users\pablo\appdata\roaming\mozilla\firefox\profiles\2mb6m3xu.default\
ff - prefs.js: browser.startup.homepage - hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1218137204&rver=4.5.2130.0&wp=mbi&wreply=http:%2f%2fmail.live.com%2fdefault.aspx&id=64855
ff - prefs.js: keyword.url - hxxp://search.sweetim.com/search.asp?src=2&q=
ff - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
ff - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
ff - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
ff - plugin: c:\program files\google\update\1.2.183.39\npgoogleoneclick8.dll
ff - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployjava1.dll
ff - plugin: c:\program files\veetle\player\npvlc.dll
ff - plugin: c:\program files\veetle\plugins\npveetle.dll
ff - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
ff - plugin: c:\program files\windows live\photo gallery\npwlpg.dll
ff - plugin: c:\users\pablo\appdata\local\google\update\1.2.183.39\npgoogleoneclick8.dll
ff - plugin: c:\users\pablo\appdata\roaming\mozilla\plugins\npgoogletalk.dll
ff - plugin: c:\users\pablo\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
ff - hiddenextension: microsoft .net framework assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
---- firefox policies ----
ff - user.js: yahoo.ytff.general.dontshowhpoffer - true
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--fiqz9s", true); // traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--fiqs8s", true); // simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--kpry57d", true); // traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--kprw13d", true); // simplified
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - orphans verwijderd - - - -
toolbar-{d4027c7f-154a-4066-a1ad-4243d8127440} - (no file)
webbrowser-{d4027c7f-154a-4066-a1ad-4243d8127440} - (no file)
hkcu-run-toscdspd - toscdspd.exe
**************************************************************************
catchme 0.3.1398 w2k/xp/vista - rootkit/stealth malware detector by gmer, [noparse]http://www.gmer.net[/noparse]
rootkit scan 2010-11-10 17:35
windows 6.0.6002 service pack 2 ntfs
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
[hkey_local_machine\system\controlset001\services\klim6]
"imagepath"="system32\drivers\klim6.sys"
[hkey_local_machine\system\controlset001\services\klmouflt]
"imagepath"="system32\drivers\klmouflt.sys"
[hkey_local_machine\system\controlset001\services\ksecdd]
"imagepath"="system32\drivers\ksecdd.sys"
[hkey_local_machine\system\controlset001\services\ktmrm]
"servicedll"=%systemroot%\system32\msdtckrm.dll
[hkey_local_machine\system\controlset001\services\lanmanserver]
"servicedll"=%systemroot%\system32\srvsvc.dll
[hkey_local_machine\system\controlset001\services\lanmanworkstation]
"servicedll"=%systemroot%\system32\wkssvc.dll
[hkey_local_machine\system\controlset001\services\lavasoft ad-aware service]
"imagepath"="\c:\program files\lavasoft\ad-aware\aawservice.exe\""
[hkey_local_machine\system\controlset001\services\lbd]
"imagepath"="system32\drivers\lbd.sys"
[hkey_local_machine\system\controlset001\services\ldap]
[hkey_local_machine\system\controlset001\services\lltdio]
"imagepath"="system32\drivers\lltdio.sys"
[hkey_local_machine\system\controlset001\services\lltdsvc]
"servicedll"=%systemroot%\system32\lltdsvc.dll
[hkey_local_machine\system\controlset001\services\lmhosts]
"servicedll"=%systemroot%\system32\lmhsvc.dll
[hkey_local_machine\system\controlset001\services\lsa]
[hkey_local_machine\system\controlset001\services\lsi_fc]
"imagepath"="\systemroot\system32\drivers\lsi_fc.sys"
[hkey_local_machine\system\controlset001\services\lsi_sas]
"imagepath"="\systemroot\system32\drivers\lsi_sas.sys"
[hkey_local_machine\system\controlset001\services\lsi_scsi]
"imagepath"="\systemroot\system32\drivers\lsi_scsi.sys"
[hkey_local_machine\system\controlset001\services\luafv]
"imagepath"="\systemroot\system32\drivers\luafv.sys"
[hkey_local_machine\system\controlset001\services\manycam]
[hkey_local_machine\system\controlset001\services\manycam_llc]
[hkey_local_machine\system\controlset001\services\mccicmservice]
"imagepath"="\c:\program files\common files\motive\mccicmservice.exe\""
[hkey_local_machine\system\controlset001\services\mcx2svc]
"servicedll"=%systemroot%\system32\mcx2svc.dll
[hkey_local_machine\system\controlset001\services\mdmxsdk]
"imagepath"="system32\drivers\mdmxsdk.sys"
[hkey_local_machine\system\controlset001\services\megasas]
"imagepath"="\systemroot\system32\drivers\megasas.sys"
[hkey_local_machine\system\controlset001\services\megasr]
"imagepath"="\systemroot\system32\drivers\megasr.sys"
[hkey_local_machine\system\controlset001\services\mmcss]
"servicedll"=%systemroot%\system32\mmcss.dll
[hkey_local_machine\system\controlset001\services\mmc_2k]
[hkey_local_machine\system\controlset001\services\modem]
"imagepath"="system32\drivers\modem.sys"
[hkey_local_machine\system\controlset001\services\monitor]
"imagepath"="system32\drivers\monitor.sys"
[hkey_local_machine\system\controlset001\services\mouclass]
"imagepath"="system32\drivers\mouclass.sys"
[hkey_local_machine\system\controlset001\services\mouhid]
"imagepath"="system32\drivers\mouhid.sys"
[hkey_local_machine\system\controlset001\services\mountmgr]
"imagepath"="system32\drivers\mountmgr.sys"
[hkey_local_machine\system\controlset001\services\mpfilter]
"imagepath"="system32\drivers\mpfilter.sys"
[hkey_local_machine\system\controlset001\services\mpio]
"imagepath"="\systemroot\system32\drivers\mpio.sys"
[hkey_local_machine\system\controlset001\services\mpnwmon]
"imagepath"="system32\drivers\mpnwmon.sys"
[hkey_local_machine\system\controlset001\services\mpsdrv]
"imagepath"="system32\drivers\mpsdrv.sys"
[hkey_local_machine\system\controlset001\services\mpssvc]
"servicedll"=%systemroot%\system32\mpssvc.dll
[hkey_local_machine\system\controlset001\services\mraid35x]
"imagepath"="\systemroot\system32\drivers\mraid35x.sys"
[hkey_local_machine\system\controlset001\services\mremp50]
"imagepath"="\??\c:\progra~1\common~1\motive\mremp50.sys
[hkey_local_machine\system\controlset001\services\mremp50a64]
"imagepath"="\??\c:\progra~1\common~1\motive\mremp50a64.sys
[hkey_local_machine\system\controlset001\services\mrempr5]
"imagepath"="\??\c:\progra~1\common~1\motive\mrempr5.sys
[hkey_local_machine\system\controlset001\services\mrendis5]
"imagepath"="\??\c:\progra~1\common~1\motive\mrendis5.sys
[hkey_local_machine\system\controlset001\services\mresp50]
"imagepath"="\??\c:\progra~1\common~1\motive\mresp50.sys
[hkey_local_machine\system\controlset001\services\mresp50a64]
"imagepath"="\??\c:\progra~1\common~1\motive\mresp50a64.sys
[hkey_local_machine\system\controlset001\services\mrxdav]
"imagepath"="\systemroot\system32\drivers\mrxdav.sys"
[hkey_local_machine\system\controlset001\services\mrxsmb]
"imagepath"="system32\drivers\mrxsmb.sys"
[hkey_local_machine\system\controlset001\services\mrxsmb10]
"imagepath"="system32\drivers\mrxsmb10.sys"
[hkey_local_machine\system\controlset001\services\mrxsmb20]
"imagepath"="system32\drivers\mrxsmb20.sys"
[hkey_local_machine\system\controlset001\services\msahci]
"imagepath"="system32\drivers\msahci.sys"
[hkey_local_machine\system\controlset001\services\msdsm]
"imagepath"="\systemroot\system32\drivers\msdsm.sys"
[hkey_local_machine\system\controlset001\services\msdtc]
"imagepath"=%systemroot%\system32\msdtc.exe
[hkey_local_machine\system\controlset001\services\msdtc bridge 3.0.0.0]
[hkey_local_machine\system\controlset001\services\msdtc bridge 4.0.0.0]
[hkey_local_machine\system\controlset001\services\msfs]
[hkey_local_machine\system\controlset001\services\msisadrv]
"imagepath"="system32\drivers\msisadrv.sys"
[hkey_local_machine\system\controlset001\services\msiscsi]
"servicedll"=%systemroot%\system32\iscsiexe.dll
[hkey_local_machine\system\controlset001\services\msiserver]
"imagepath"=%systemroot%\system32\msiexec.exe /v"
[hkey_local_machine\system\controlset001\services\mskssrv]
"imagepath"="system32\drivers\mskssrv.sys"
[hkey_local_machine\system\controlset001\services\msmpsvc]
"imagepath"="\c:\program files\microsoft security essentials\msmpeng.exe\""
[hkey_local_machine\system\controlset001\services\mspclock]
"imagepath"="system32\drivers\mspclock.sys"
[hkey_local_machine\system\controlset001\services\mspqm]
"imagepath"="system32\drivers\mspqm.sys"
[hkey_local_machine\system\controlset001\services\msrpc]
[hkey_local_machine\system\controlset001\services\msscntrs]
[hkey_local_machine\system\controlset001\services\mssmbios]
"imagepath"="system32\drivers\mssmbios.sys"
[hkey_local_machine\system\controlset001\services\mstee]
"imagepath"="system32\drivers\mstee.sys"
[hkey_local_machine\system\controlset001\services\mup]
"imagepath"="system32\drivers\mup.sys"
[hkey_local_machine\system\controlset001\services\napagent]
"servicedll"=%systemroot%\system32\qagentrt.dll
[hkey_local_machine\system\controlset001\services\nativewifip]
"imagepath"="system32\drivers\nwifi.sys"
[hkey_local_machine\system\controlset001\services\ndis]
"imagepath"="system32\drivers\ndis.sys"
[hkey_local_machine\system\controlset001\services\ndistapi]
"imagepath"="system32\drivers\ndistapi.sys"
[hkey_local_machine\system\controlset001\services\ndisuio]
"imagepath"="system32\drivers\ndisuio.sys"
[hkey_local_machine\system\controlset001\services\ndiswan]
"imagepath"="system32\drivers\ndiswan.sys"
[hkey_local_machine\system\controlset001\services\ndproxy]
[hkey_local_machine\system\controlset001\services\netbios]
"imagepath"="system32\drivers\netbios.sys"
[hkey_local_machine\system\controlset001\services\netbt]
"imagepath"="system32\drivers\netbt.sys"
[hkey_local_machine\system\controlset001\services\netlogon]
"imagepath"=%systemroot%\system32\lsass.exe
[hkey_local_machine\system\controlset001\services\netman]
"servicedll"=%systemroot%\system32\netman.dll
[hkey_local_machine\system\controlset001\services\netprofm]
"servicedll"=%systemroot%\system32\netprofm.dll
[hkey_local_machine\system\controlset001\services\nettcpportsharing]
"imagepath"="\%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe\""
[hkey_local_machine\system\controlset001\services\netw4v32]
"imagepath"="system32\drivers\netw4v32.sys"
[hkey_local_machine\system\controlset001\services\netw5v32]
"imagepath"="system32\drivers\netw5v32.sys"
[hkey_local_machine\system\controlset001\services\nfrd960]
"imagepath"="\systemroot\system32\drivers\nfrd960.sys"
[hkey_local_machine\system\controlset001\services\nlasvc]
"servicedll"=%systemroot%\system32\nlasvc.dll
[hkey_local_machine\system\controlset001\services\npfs]
[hkey_local_machine\system\controlset001\services\nsi]
"servicedll"=%systemroot%\system32\nsisvc.dll
[hkey_local_machine\system\controlset001\services\nsiproxy]
"imagepath"="system32\drivers\nsiproxy.sys"
[hkey_local_machine\system\controlset001\services\ntds]
[hkey_local_machine\system\controlset001\services\ntfs]
[hkey_local_machine\system\controlset001\services\ntrigdigi]
"imagepath"="\systemroot\system32\drivers\ntrigdigi.sys"
[hkey_local_machine\system\controlset001\services\null]
[hkey_local_machine\system\controlset001\services\nvraid]
"imagepath"="\systemroot\system32\drivers\nvraid.sys"
[hkey_local_machine\system\controlset001\services\nvstor]
"imagepath"="\systemroot\system32\drivers\nvstor.sys"
[hkey_local_machine\system\controlset001\services\nv_agp]
"imagepath"="\systemroot\system32\drivers\nv_agp.sys"
[hkey_local_machine\system\controlset001\services\nwlnkflt]
"imagepath"="system32\drivers\nwlnkflt.sys"
[hkey_local_machine\system\controlset001\services\nwlnkfwd]
"imagepath"="system32\drivers\nwlnkfwd.sys"
[hkey_local_machine\system\controlset001\services\o2flash]
"imagepath"="\c:\program files\o2micro flash memory card driver\o2flash.exe\""
[hkey_local_machine\system\controlset001\services\o2mdrdr]
"imagepath"="system32\drivers\o2media.sys"
[hkey_local_machine\system\controlset001\services\ohci1394]
"imagepath"="system32\drivers\ohci1394.sys"
[hkey_local_machine\system\controlset001\services\p2pimsvc]
"servicedll"=%systemroot%\system32\p2psvc.dll
[hkey_local_machine\system\controlset001\services\p2psvc]
"servicedll"=%systemroot%\system32\p2psvc.dll
[hkey_local_machine\system\controlset001\services\parport]
"imagepath"="\systemroot\system32\drivers\parport.sys"
[hkey_local_machine\system\controlset001\services\partmgr]
"imagepath"="system32\drivers\partmgr.sys"
[hkey_local_machine\system\controlset001\services\parvdm]
"imagepath"="\systemroot\system32\drivers\parvdm.sys"
[hkey_local_machine\system\controlset001\services\pavboot]
"imagepath"="system32\drivers\pavboot.sys"
[hkey_local_machine\system\controlset001\services\pcasvc]
"servicedll"=%systemroot%\system32\pcasvc.dll
[hkey_local_machine\system\controlset001\services\pci]
"imagepath"="system32\drivers\pci.sys"
[hkey_local_machine\system\controlset001\services\pciide]
"imagepath"="\systemroot\system32\drivers\pciide.sys"
[hkey_local_machine\system\controlset001\services\pcmcia]
"imagepath"="\systemroot\system32\drivers\pcmcia.sys"
[hkey_local_machine\system\controlset001\services\peauth]
"imagepath"="system32\drivers\peauth.sys"
[hkey_local_machine\system\controlset001\services\perfdisk]
[hkey_local_machine\system\controlset001\services\perfnet]
[hkey_local_machine\system\controlset001\services\perfos]
[hkey_local_machine\system\controlset001\services\perfproc]
[hkey_local_machine\system\controlset001\services\pgsql-8.3]
"imagepath"="\c:\program files\postgresql\8.3\bin\pg_ctl.exe\" runservice -w -n \"pgsql-8.3\" -d \"c:\program files\postgresql\8.3\data\\""
[hkey_local_machine\system\controlset001\services\pla]
"servicedll"=%systemroot%\system32\pla.dll
[hkey_local_machine\system\controlset001\services\plugplay]
"servicedll"=%systemroot%\system32\umpnpmgr.dll
[hkey_local_machine\system\controlset001\services\pnrpautoreg]
"servicedll"=%systemroot%\system32\p2psvc.dll
[hkey_local_machine\system\controlset001\services\pnrpsvc]
"servicedll"=%systemroot%\system32\p2psvc.dll
[hkey_local_machine\system\controlset001\services\policyagent]
"servicedll"=%systemroot%\system32\ipsecsvc.dll
[hkey_local_machine\system\controlset001\services\portproxy]
[hkey_local_machine\system\controlset001\services\pptpminiport]
"imagepath"="system32\drivers\raspptp.sys"
[hkey_local_machine\system\controlset001\services\processor]
"imagepath"="\systemroot\system32\drivers\processr.sys"
[hkey_local_machine\system\controlset001\services\profsvc]
"servicedll"=%systemroot%\system32\profsvc.dll
[hkey_local_machine\system\controlset001\services\protectedstorage]
"imagepath"=%systemroot%\system32\lsass.exe
[hkey_local_machine\system\controlset001\services\psched]
"imagepath"="system32\drivers\pacer.sys"
[hkey_local_machine\system\controlset001\services\pwd_2k]
 
[hkey_local_machine\system\controlset001\services\pxhelp20]
"imagepath"="system32\drivers\pxhelp20.sys"
[hkey_local_machine\system\controlset001\services\qiomem]
"imagepath"="system32\drivers\qiomem.sys"
[hkey_local_machine\system\controlset001\services\ql2300]
"imagepath"="\systemroot\system32\drivers\ql2300.sys"
[hkey_local_machine\system\controlset001\services\ql40xx]
"imagepath"="\systemroot\system32\drivers\ql40xx.sys"
[hkey_local_machine\system\controlset001\services\qwave]
"servicedll"=%windir%\system32\qwave.dll
[hkey_local_machine\system\controlset001\services\qwavedrv]
"imagepath"="\systemroot\system32\drivers\qwavedrv.sys"
[hkey_local_machine\system\controlset001\services\rasacd]
"imagepath"="system32\drivers\rasacd.sys"
[hkey_local_machine\system\controlset001\services\rasauto]
"servicedll"=%systemroot%\system32\rasauto.dll
[hkey_local_machine\system\controlset001\services\rasl2tp]
"imagepath"="system32\drivers\rasl2tp.sys"
[hkey_local_machine\system\controlset001\services\rasman]
"servicedll"=%systemroot%\system32\rasmans.dll
[hkey_local_machine\system\controlset001\services\raspppoe]
"imagepath"="system32\drivers\raspppoe.sys"
[hkey_local_machine\system\controlset001\services\rassstp]
"imagepath"="system32\drivers\rassstp.sys"
[hkey_local_machine\system\controlset001\services\rdbss]
"imagepath"="system32\drivers\rdbss.sys"
[hkey_local_machine\system\controlset001\services\rdpcdd]
"imagepath"="system32\drivers\rdpcdd.sys"
[hkey_local_machine\system\controlset001\services\rdpdd]
[hkey_local_machine\system\controlset001\services\rdpdr]
"imagepath"="\systemroot\system32\drivers\rdpdr.sys"
[hkey_local_machine\system\controlset001\services\rdpencdd]
"imagepath"="system32\drivers\rdpencdd.sys"
[hkey_local_machine\system\controlset001\services\rdpnp]
[hkey_local_machine\system\controlset001\services\rdpwd]
[hkey_local_machine\system\controlset001\services\remoteaccess]
"servicedll"=%systemroot%\system32\mprdim.dll
[hkey_local_machine\system\controlset001\services\remoteregistry]
"servicedll"=%systemroot%\system32\regsvc.dll
[hkey_local_machine\system\controlset001\services\roxliveshare]
"imagepath"="\c:\program files\common files\roxio shared\sharedcom8\roxliveshare.exe\""
[hkey_local_machine\system\controlset001\services\roxmediadb]
"imagepath"="\c:\program files\common files\roxio shared\sharedcom8\roxmediadb.exe\""
[hkey_local_machine\system\controlset001\services\roxupnprenderer]
"imagepath"="\c:\program files\common files\roxio shared\sharedcom\roxupnprenderer.exe\""
[hkey_local_machine\system\controlset001\services\roxupnpserver]
"imagepath"="\c:\program files\roxio\easy media creator 8\digital home\roxupnpserver.exe\""
[hkey_local_machine\system\controlset001\services\roxwatch]
"imagepath"="\c:\program files\common files\roxio shared\sharedcom8\roxwatch.exe\""
[hkey_local_machine\system\controlset001\services\rpclocator]
"imagepath"=%systemroot%\system32\locator.exe
[hkey_local_machine\system\controlset001\services\rpcnet]
[hkey_local_machine\system\controlset001\services\rpcss]
"servicedll"=%systemroot%\system32\rpcss.dll
[hkey_local_machine\system\controlset001\services\rspndr]
"imagepath"="system32\drivers\rspndr.sys"
[hkey_local_machine\system\controlset001\services\rxfilter]
"imagepath"="system32\drivers\rxfilter.sys"
[hkey_local_machine\system\controlset001\services\samss]
"imagepath"=%systemroot%\system32\lsass.exe
[hkey_local_machine\system\controlset001\services\sbp2port]
"imagepath"="\systemroot\system32\drivers\sbp2port.sys"
[hkey_local_machine\system\controlset001\services\sbsdwscservice]
[hkey_local_machine\system\controlset001\services\scardsvr]
"servicedll"=%systemroot%\system32\scardsvr.dll
[hkey_local_machine\system\controlset001\services\schedule]
"servicedll"=%systemroot%\system32\schedsvc.dll
[hkey_local_machine\system\controlset001\services\scpolicysvc]
"servicedll"=%systemroot%\system32\certprop.dll
[hkey_local_machine\system\controlset001\services\sdbus]
"imagepath"="system32\drivers\sdbus.sys"
[hkey_local_machine\system\controlset001\services\sdrsvc]
"servicedll"=%systemroot%\system32\sdrsvc.dll
[hkey_local_machine\system\controlset001\services\seaport]
"imagepath"="\c:\program files\microsoft\search enhancement pack\seaport\seaport.exe\""
[hkey_local_machine\system\controlset001\services\secdrv]
[hkey_local_machine\system\controlset001\services\seclogon]
"servicedll"=%windir%\system32\seclogon.dll
[hkey_local_machine\system\controlset001\services\sens]
"servicedll"=%systemroot%\system32\sens.dll
[hkey_local_machine\system\controlset001\services\serenum]
"imagepath"="\systemroot\system32\drivers\serenum.sys"
[hkey_local_machine\system\controlset001\services\serial]
"imagepath"="\systemroot\system32\drivers\serial.sys"
[hkey_local_machine\system\controlset001\services\sermouse]
"imagepath"="\systemroot\system32\drivers\sermouse.sys"
[hkey_local_machine\system\controlset001\services\servicemodelendpoint 3.0.0.0]
[hkey_local_machine\system\controlset001\services\servicemodeloperation 3.0.0.0]
[hkey_local_machine\system\controlset001\services\servicemodelservice 3.0.0.0]
[hkey_local_machine\system\controlset001\services\sessionenv]
"servicedll"=%systemroot%\system32\sessenv.dll
[hkey_local_machine\system\controlset001\services\sffdisk]
"imagepath"="\systemroot\system32\drivers\sffdisk.sys"
[hkey_local_machine\system\controlset001\services\sffp_mmc]
"imagepath"="\systemroot\system32\drivers\sffp_mmc.sys"
[hkey_local_machine\system\controlset001\services\sffp_sd]
"imagepath"="\systemroot\system32\drivers\sffp_sd.sys"
[hkey_local_machine\system\controlset001\services\sfloppy]
"imagepath"="\systemroot\system32\drivers\sfloppy.sys"
[hkey_local_machine\system\controlset001\services\sharedaccess]
"servicedll"=%systemroot%\system32\ipnathlp.dll
[hkey_local_machine\system\controlset001\services\shellhwdetection]
"servicedll"=%systemroot%\system32\shsvcs.dll
[hkey_local_machine\system\controlset001\services\sisagp]
"imagepath"="\systemroot\system32\drivers\sisagp.sys"
[hkey_local_machine\system\controlset001\services\sisraid2]
"imagepath"="\systemroot\system32\drivers\sisraid2.sys"
[hkey_local_machine\system\controlset001\services\sisraid4]
"imagepath"="\systemroot\system32\drivers\sisraid4.sys"
[hkey_local_machine\system\controlset001\services\slsvc]
"imagepath"=%systemroot%\system32\slsvc.exe
[hkey_local_machine\system\controlset001\services\sluinotify]
"servicedll"=%systemroot%\system32\sluinotify.dll
[hkey_local_machine\system\controlset001\services\smb]
"imagepath"="system32\drivers\smb.sys"
[hkey_local_machine\system\controlset001\services\smsvchost 3.0.0.0]
[hkey_local_machine\system\controlset001\services\smsvchost 4.0.0.0]
[hkey_local_machine\system\controlset001\services\snmptrap]
"imagepath"=%systemroot%\system32\snmptrap.exe
[hkey_local_machine\system\controlset001\services\speedfan]
"imagepath"="system32\speedfan.sys"
[hkey_local_machine\system\controlset001\services\spldr]
[hkey_local_machine\system\controlset001\services\spooler]
"imagepath"=%systemroot%\system32\spoolsv.exe
[hkey_local_machine\system\controlset001\services\sptd]
"imagepath"="system32\drivers\sptd.sys"
[hkey_local_machine\system\controlset001\services\srv]
"imagepath"="system32\drivers\srv.sys"
[hkey_local_machine\system\controlset001\services\srv2]
"imagepath"="system32\drivers\srv2.sys"
[hkey_local_machine\system\controlset001\services\srvnet]
"imagepath"="system32\drivers\srvnet.sys"
[hkey_local_machine\system\controlset001\services\ssdpsrv]
"servicedll"=%systemroot%\system32\ssdpsrv.dll
[hkey_local_machine\system\controlset001\services\sstpsvc]
"servicedll"=%systemroot%\system32\sstpsvc.dll
[hkey_local_machine\system\controlset001\services\ss_bus]
"imagepath"="system32\drivers\ss_bus.sys"
[hkey_local_machine\system\controlset001\services\ss_mdfl]
"imagepath"="system32\drivers\ss_mdfl.sys"
[hkey_local_machine\system\controlset001\services\ss_mdm]
"imagepath"="system32\drivers\ss_mdm.sys"
[hkey_local_machine\system\controlset001\services\stisvc]
"servicedll"=%systemroot%\system32\wiaservc.dll
[hkey_local_machine\system\controlset001\services\swenum]
"imagepath"="system32\drivers\swenum.sys"
[hkey_local_machine\system\controlset001\services\swprv]
"servicedll"=%systemroot%\system32\swprv.dll
[hkey_local_machine\system\controlset001\services\symc8xx]
"imagepath"="\systemroot\system32\drivers\symc8xx.sys"
[hkey_local_machine\system\controlset001\services\sym_hi]
"imagepath"="\systemroot\system32\drivers\sym_hi.sys"
[hkey_local_machine\system\controlset001\services\sym_u3]
"imagepath"="\systemroot\system32\drivers\sym_u3.sys"
[hkey_local_machine\system\controlset001\services\syntp]
"imagepath"="system32\drivers\syntp.sys"
[hkey_local_machine\system\controlset001\services\sysmain]
"servicedll"=%systemroot%\system32\sysmain.dll
[hkey_local_machine\system\controlset001\services\tabletinputservice]
"servicedll"=%systemroot%\system32\tabsvc.dll
[hkey_local_machine\system\controlset001\services\tapisrv]
"servicedll"=%systemroot%\system32\tapisrv.dll
[hkey_local_machine\system\controlset001\services\tbs]
"servicedll"=%systemroot%\system32\tbssvc.dll
[hkey_local_machine\system\controlset001\services\tcpip]
"imagepath"="system32\drivers\tcpip.sys"
[hkey_local_machine\system\controlset001\services\tcpip6]
"imagepath"="system32\drivers\tcpip.sys"
[hkey_local_machine\system\controlset001\services\tcpipreg]
"imagepath"="system32\drivers\tcpipreg.sys"
[hkey_local_machine\system\controlset001\services\tdcmdpst]
"imagepath"="system32\drivers\tdcmdpst.sys"
[hkey_local_machine\system\controlset001\services\tdpipe]
"imagepath"="system32\drivers\tdpipe.sys"
[hkey_local_machine\system\controlset001\services\tdtcp]
"imagepath"="system32\drivers\tdtcp.sys"
[hkey_local_machine\system\controlset001\services\tdx]
"imagepath"="system32\drivers\tdx.sys"
[hkey_local_machine\system\controlset001\services\tempomonitoringservice]
"imagepath"="\c:\program files\toshiba tempro\temposvc.exe\""
[hkey_local_machine\system\controlset001\services\termdd]
"imagepath"="system32\drivers\termdd.sys"
[hkey_local_machine\system\controlset001\services\termservice]
"servicedll"=%systemroot%\system32\termsrv.dll
[hkey_local_machine\system\controlset001\services\themes]
"servicedll"=%systemroot%\system32\shsvcs.dll
[hkey_local_machine\system\controlset001\services\threadorder]
"servicedll"=%systemroot%\system32\mmcss.dll
[hkey_local_machine\system\controlset001\services\tnavisrv]
"imagepath"=c:\program files\toshiba\toshiba dvd player\tnavisrv.exe
[hkey_local_machine\system\controlset001\services\toddsrv]
"imagepath"=c:\windows\system32\toddsrv.exe
[hkey_local_machine\system\controlset001\services\toscosrv]
"imagepath"="\c:\program files\toshiba\power saver\toscosrv.exe\""
[hkey_local_machine\system\controlset001\services\toshiba bluetooth service]
"imagepath"=c:\program files\toshiba\bluetooth toshiba stack\tosbtsrv.exe
[hkey_local_machine\system\controlset001\services\toshiba smart log service]
"imagepath"="\c:\program files\toshiba\smartlogservice\tosipcsrv.exe\""
[hkey_local_machine\system\controlset001\services\tosrfcom]
[hkey_local_machine\system\controlset001\services\tosrfec]
"imagepath"="system32\drivers\tosrfec.sys"
[hkey_local_machine\system\controlset001\services\tosrfusb]
[hkey_local_machine\system\controlset001\services\tos_sps32]
"imagepath"="system32\drivers\tos_sps32.sys"
[hkey_local_machine\system\controlset001\services\trkwks]
"servicedll"=%systemroot%\system32\trkwks.dll
--
[hkey_local_machine\system\controlset001\services\trustedinstaller]
"imagepath"=%systemroot%\servicing\trustedinstaller.exe
[hkey_local_machine\system\controlset001\services\tsddd]
[hkey_local_machine\system\controlset001\services\tssecsrv]
"imagepath"="system32\drivers\tssecsrv.sys"
[hkey_local_machine\system\controlset001\services\tunmp]
"imagepath"="system32\drivers\tunmp.sys"
[hkey_local_machine\system\controlset001\services\tunnel]
"imagepath"="system32\drivers\tunnel.sys"
[hkey_local_machine\system\controlset001\services\tvalz]
"imagepath"="system32\drivers\tvalz_o.sys"
[hkey_local_machine\system\controlset001\services\tvichw32]
"imagepath"="\??\c:\windows\system32\drivers\tvichw32.sys
[hkey_local_machine\system\controlset001\services\uagp35]
"imagepath"="\systemroot\system32\drivers\uagp35.sys"
[hkey_local_machine\system\controlset001\services\udfs]
"imagepath"="system32\drivers\udfs.sys"
[hkey_local_machine\system\controlset001\services\ugatherer]
[hkey_local_machine\system\controlset001\services\ugthrsvc]
[hkey_local_machine\system\controlset001\services\ui0detect]
"imagepath"=%systemroot%\system32\ui0detect.exe
[hkey_local_machine\system\controlset001\services\uleadburninghelper]
"imagepath"=c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe
[hkey_local_machine\system\controlset001\services\uliagpkx]
"imagepath"="\systemroot\system32\drivers\uliagpkx.sys"
[hkey_local_machine\system\controlset001\services\uliahci]
"imagepath"="\systemroot\system32\drivers\uliahci.sys"
[hkey_local_machine\system\controlset001\services\ulsata]
"imagepath"="\systemroot\system32\drivers\ulsata.sys"
[hkey_local_machine\system\controlset001\services\ulsata2]
"imagepath"="\systemroot\system32\drivers\ulsata2.sys"
[hkey_local_machine\system\controlset001\services\umbus]
"imagepath"="system32\drivers\umbus.sys"
[hkey_local_machine\system\controlset001\services\upnphost]
"servicedll"=%systemroot%\system32\upnphost.dll
[hkey_local_machine\system\controlset001\services\usb]
[hkey_local_machine\system\controlset001\services\usbaapl]
"imagepath"="system32\drivers\usbaapl.sys"
[hkey_local_machine\system\controlset001\services\usbaudio]
"imagepath"="system32\drivers\usbaudio.sys"
[hkey_local_machine\system\controlset001\services\usbccgp]
"imagepath"="system32\drivers\usbccgp.sys"
[hkey_local_machine\system\controlset001\services\usbcir]
"imagepath"="\systemroot\system32\drivers\usbcir.sys"
[hkey_local_machine\system\controlset001\services\usbehci]
"imagepath"="system32\drivers\usbehci.sys"
[hkey_local_machine\system\controlset001\services\usbhub]
"imagepath"="system32\drivers\usbhub.sys"
[hkey_local_machine\system\controlset001\services\usbohci]
"imagepath"="\systemroot\system32\drivers\usbohci.sys"
[hkey_local_machine\system\controlset001\services\usbprint]
"imagepath"="\systemroot\system32\drivers\usbprint.sys"
[hkey_local_machine\system\controlset001\services\usbstor]
"imagepath"="system32\drivers\usbstor.sys"
[hkey_local_machine\system\controlset001\services\usbuhci]
"imagepath"="system32\drivers\usbuhci.sys"
[hkey_local_machine\system\controlset001\services\usbvideo]
"imagepath"="system32\drivers\usbvideo.sys"
[hkey_local_machine\system\controlset001\services\uvcftr]
"imagepath"="system32\drivers\uvcftr_s.sys"
[hkey_local_machine\system\controlset001\services\uxsms]
"servicedll"=%systemroot%\system32\uxsms.dll
[hkey_local_machine\system\controlset001\services\vds]
"imagepath"=%systemroot%\system32\vds.exe
[hkey_local_machine\system\controlset001\services\vga]
"imagepath"="system32\drivers\vgapnp.sys"
[hkey_local_machine\system\controlset001\services\vgasave]
"imagepath"="\systemroot\system32\drivers\vga.sys"
[hkey_local_machine\system\controlset001\services\viaagp]
"imagepath"="\systemroot\system32\drivers\viaagp.sys"
[hkey_local_machine\system\controlset001\services\viac7]
"imagepath"="\systemroot\system32\drivers\viac7.sys"
[hkey_local_machine\system\controlset001\services\viaide]
"imagepath"="\systemroot\system32\drivers\viaide.sys"
[hkey_local_machine\system\controlset001\services\volmgr]
"imagepath"="system32\drivers\volmgr.sys"
[hkey_local_machine\system\controlset001\services\volmgrx]
"imagepath"="system32\drivers\volmgrx.sys"
[hkey_local_machine\system\controlset001\services\volsnap]
"imagepath"="system32\drivers\volsnap.sys"
[hkey_local_machine\system\controlset001\services\vsmraid]
"imagepath"="\systemroot\system32\drivers\vsmraid.sys"
[hkey_local_machine\system\controlset001\services\vss]
"imagepath"=%systemroot%\system32\vssvc.exe
[hkey_local_machine\system\controlset001\services\w32time]
"servicedll"=%systemroot%\system32\w32time.dll
[hkey_local_machine\system\controlset001\services\w3svc]
[hkey_local_machine\system\controlset001\services\wacompen]
"imagepath"="\systemroot\system32\drivers\wacompen.sys"
[hkey_local_machine\system\controlset001\services\wanarp]
"imagepath"="system32\drivers\wanarp.sys"
[hkey_local_machine\system\controlset001\services\wanarpv6]
"imagepath"="system32\drivers\wanarp.sys"
[hkey_local_machine\system\controlset001\services\wcncsvc]
"servicedll"=%systemroot%\system32\wcncsvc.dll
[hkey_local_machine\system\controlset001\services\wcspluginservice]
"servicedll"=%systemroot%\system32\wcspluginservice.dll
[hkey_local_machine\system\controlset001\services\wd]
"imagepath"="\systemroot\system32\drivers\wd.sys"
[hkey_local_machine\system\controlset001\services\wdc_sam]
"imagepath"="system32\drivers\wdcsam.sys"
[hkey_local_machine\system\controlset001\services\wdf01000]
"imagepath"="system32\drivers\wdf01000.sys"
[hkey_local_machine\system\controlset001\services\wdiservicehost]
"servicedll"=%systemroot%\system32\wdi.dll
[hkey_local_machine\system\controlset001\services\wdisystemhost]
"servicedll"=%systemroot%\system32\wdi.dll
[hkey_local_machine\system\controlset001\services\webclient]
"servicedll"=%systemroot%\system32\webclnt.dll
[hkey_local_machine\system\controlset001\services\wecsvc]
"servicedll"=%systemroot%\system32\wecsvc.dll
[hkey_local_machine\system\controlset001\services\wercplsupport]
"servicedll"=%systemroot%\system32\wercplsupport.dll
[hkey_local_machine\system\controlset001\services\wersvc]
"servicedll"=%systemroot%\system32\wersvc.dll
[hkey_local_machine\system\controlset001\services\winachsf]
"imagepath"="system32\drivers\hsx_cnxt.sys"
[hkey_local_machine\system\controlset001\services\windefend]
"servicedll"=%programfiles%\windows defender\mpsvc.dll
[hkey_local_machine\system\controlset001\services\windows workflow foundation 3.0.0.0]
[hkey_local_machine\system\controlset001\services\winhttpautoproxysvc]
"servicedll"="winhttp.dll"
[hkey_local_machine\system\controlset001\services\winmgmt]
"servicedll"=%systemroot%\system32\wbem\wmisvc.dll
[hkey_local_machine\system\controlset001\services\winrm]
"servicedll"=%systemroot%\system32\wsmsvc.dll
[hkey_local_machine\system\controlset001\services\winsock]
[hkey_local_machine\system\controlset001\services\winsock2]
[hkey_local_machine\system\controlset001\services\wlansvc]
"servicedll"=%systemroot%\system32\wlansvc.dll
[hkey_local_machine\system\controlset001\services\wlcrasvc]
"imagepath"="\c:\program files\windows live\mesh\wlcrasvc.exe\""
[hkey_local_machine\system\controlset001\services\wlidsvc]
"imagepath"="\c:\program files\common files\microsoft shared\windows live\wlidsvc.exe\""
[hkey_local_machine\system\controlset001\services\wmiacpi]
"imagepath"="system32\drivers\wmiacpi.sys"
[hkey_local_machine\system\controlset001\services\wmiaprpl]
[hkey_local_machine\system\controlset001\services\wmiapsrv]
"imagepath"=%systemroot%\system32\wbem\wmiapsrv.exe
[hkey_local_machine\system\controlset001\services\wmpnetworksvc]
"imagepath"="\%programfiles%\windows media player\wmpnetwk.exe\""
[hkey_local_machine\system\controlset001\services\wpcsvc]
"servicedll"=%systemroot%\system32\wpcsvc.dll
[hkey_local_machine\system\controlset001\services\wpdbusenum]
"servicedll"=%systemroot%\system32\wpdbusenum.dll
[hkey_local_machine\system\controlset001\services\wpffontcache_v0400]
"imagepath"=c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe
[hkey_local_machine\system\controlset001\services\ws2ifsl]
"imagepath"="\systemroot\system32\drivers\ws2ifsl.sys"
[hkey_local_machine\system\controlset001\services\wscsvc]
"servicedll"=%systemroot%\system32\wscsvc.dll
[hkey_local_machine\system\controlset001\services\wsearch]
"imagepath"=%systemroot%\system32\searchindexer.exe /embedding"
[hkey_local_machine\system\controlset001\services\wsearchidxpi]
[hkey_local_machine\system\controlset001\services\wuauserv]
"servicedll"=%systemroot%\system32\wuaueng.dll
[hkey_local_machine\system\controlset001\services\wudfrd]
"imagepath"="system32\drivers\wudfrd.sys"
[hkey_local_machine\system\controlset001\services\wudfsvc]
"servicedll"=%systemroot%\system32\wudfsvc.dll
[hkey_local_machine\system\controlset001\services\xaudio]
"imagepath"="system32\drivers\xaudio.sys"
[hkey_local_machine\system\controlset001\services\xaudioservice]
"imagepath"=%systemroot%\system32\drivers\xaudio.exe
[hkey_local_machine\system\controlset001\services\xmlprov]
[hkey_local_machine\system\controlset001\services\yukonwlh]
"imagepath"="system32\drivers\yk60x86.sys"
[hkey_local_machine\system\controlset001\services\{30e634d1-28b4-4480-afaf-028373e16047}]
[hkey_local_machine\system\controlset001\services\{7c3ebf25-fec4-4174-99bc-974baf5b8fac}]
.
--------------------- vergrendelde register sleutels ---------------------
[hkey_local_machine\system\controlset001\control\class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
"blinddial"=dword:00000000
[hkey_local_machine\system\controlset001\control\class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
"blinddial"=dword:00000000
.
voltooingstijd: 2010-11-10 17:40:06
combofix-quarantined-files.txt 2010-11-10 16:39
pre-run: 10.142.269.440 bytes free
post-run: 10.169.659.392 bytes free
- - end of file - - c07537f89430cac047b0ae198c4f0978

[/hjt]
 
[hkey_local_machine\system\controlset001\services\pxhelp20]
"imagepath"="system32\drivers\pxhelp20.sys"
[hkey_local_machine\system\controlset001\services\qiomem]
"imagepath"="system32\drivers\qiomem.sys"
[hkey_local_machine\system\controlset001\services\ql2300]
"imagepath"="\systemroot\system32\drivers\ql2300.sys"
[hkey_local_machine\system\controlset001\services\ql40xx]
"imagepath"="\systemroot\system32\drivers\ql40xx.sys"
[hkey_local_machine\system\controlset001\services\qwave]
"servicedll"=%windir%\system32\qwave.dll
[hkey_local_machine\system\controlset001\services\qwavedrv]
"imagepath"="\systemroot\system32\drivers\qwavedrv.sys"
[hkey_local_machine\system\controlset001\services\rasacd]
"imagepath"="system32\drivers\rasacd.sys"
[hkey_local_machine\system\controlset001\services\rasauto]
"servicedll"=%systemroot%\system32\rasauto.dll
[hkey_local_machine\system\controlset001\services\rasl2tp]
"imagepath"="system32\drivers\rasl2tp.sys"
[hkey_local_machine\system\controlset001\services\rasman]
"servicedll"=%systemroot%\system32\rasmans.dll
[hkey_local_machine\system\controlset001\services\raspppoe]
"imagepath"="system32\drivers\raspppoe.sys"
[hkey_local_machine\system\controlset001\services\rassstp]
"imagepath"="system32\drivers\rassstp.sys"
[hkey_local_machine\system\controlset001\services\rdbss]
"imagepath"="system32\drivers\rdbss.sys"
[hkey_local_machine\system\controlset001\services\rdpcdd]
"imagepath"="system32\drivers\rdpcdd.sys"
[hkey_local_machine\system\controlset001\services\rdpdd]
[hkey_local_machine\system\controlset001\services\rdpdr]
"imagepath"="\systemroot\system32\drivers\rdpdr.sys"
[hkey_local_machine\system\controlset001\services\rdpencdd]
"imagepath"="system32\drivers\rdpencdd.sys"
[hkey_local_machine\system\controlset001\services\rdpnp]
[hkey_local_machine\system\controlset001\services\rdpwd]
[hkey_local_machine\system\controlset001\services\remoteaccess]
"servicedll"=%systemroot%\system32\mprdim.dll
[hkey_local_machine\system\controlset001\services\remoteregistry]
"servicedll"=%systemroot%\system32\regsvc.dll
[hkey_local_machine\system\controlset001\services\roxliveshare]
"imagepath"="\c:\program files\common files\roxio shared\sharedcom8\roxliveshare.exe\""
[hkey_local_machine\system\controlset001\services\roxmediadb]
"imagepath"="\c:\program files\common files\roxio shared\sharedcom8\roxmediadb.exe\""
[hkey_local_machine\system\controlset001\services\roxupnprenderer]
"imagepath"="\c:\program files\common files\roxio shared\sharedcom\roxupnprenderer.exe\""
[hkey_local_machine\system\controlset001\services\roxupnpserver]
"imagepath"="\c:\program files\roxio\easy media creator 8\digital home\roxupnpserver.exe\""
[hkey_local_machine\system\controlset001\services\roxwatch]
"imagepath"="\c:\program files\common files\roxio shared\sharedcom8\roxwatch.exe\""
[hkey_local_machine\system\controlset001\services\rpclocator]
"imagepath"=%systemroot%\system32\locator.exe
[hkey_local_machine\system\controlset001\services\rpcnet]
[hkey_local_machine\system\controlset001\services\rpcss]
"servicedll"=%systemroot%\system32\rpcss.dll
[hkey_local_machine\system\controlset001\services\rspndr]
"imagepath"="system32\drivers\rspndr.sys"
[hkey_local_machine\system\controlset001\services\rxfilter]
"imagepath"="system32\drivers\rxfilter.sys"
[hkey_local_machine\system\controlset001\services\samss]
"imagepath"=%systemroot%\system32\lsass.exe
[hkey_local_machine\system\controlset001\services\sbp2port]
"imagepath"="\systemroot\system32\drivers\sbp2port.sys"
[hkey_local_machine\system\controlset001\services\sbsdwscservice]
[hkey_local_machine\system\controlset001\services\scardsvr]
"servicedll"=%systemroot%\system32\scardsvr.dll
[hkey_local_machine\system\controlset001\services\schedule]
"servicedll"=%systemroot%\system32\schedsvc.dll
[hkey_local_machine\system\controlset001\services\scpolicysvc]
"servicedll"=%systemroot%\system32\certprop.dll
[hkey_local_machine\system\controlset001\services\sdbus]
"imagepath"="system32\drivers\sdbus.sys"
[hkey_local_machine\system\controlset001\services\sdrsvc]
"servicedll"=%systemroot%\system32\sdrsvc.dll
[hkey_local_machine\system\controlset001\services\seaport]
"imagepath"="\c:\program files\microsoft\search enhancement pack\seaport\seaport.exe\""
[hkey_local_machine\system\controlset001\services\secdrv]
[hkey_local_machine\system\controlset001\services\seclogon]
"servicedll"=%windir%\system32\seclogon.dll
[hkey_local_machine\system\controlset001\services\sens]
"servicedll"=%systemroot%\system32\sens.dll
[hkey_local_machine\system\controlset001\services\serenum]
"imagepath"="\systemroot\system32\drivers\serenum.sys"
[hkey_local_machine\system\controlset001\services\serial]
"imagepath"="\systemroot\system32\drivers\serial.sys"
[hkey_local_machine\system\controlset001\services\sermouse]
"imagepath"="\systemroot\system32\drivers\sermouse.sys"
[hkey_local_machine\system\controlset001\services\servicemodelendpoint 3.0.0.0]
[hkey_local_machine\system\controlset001\services\servicemodeloperation 3.0.0.0]
[hkey_local_machine\system\controlset001\services\servicemodelservice 3.0.0.0]
[hkey_local_machine\system\controlset001\services\sessionenv]
"servicedll"=%systemroot%\system32\sessenv.dll
[hkey_local_machine\system\controlset001\services\sffdisk]
"imagepath"="\systemroot\system32\drivers\sffdisk.sys"
[hkey_local_machine\system\controlset001\services\sffp_mmc]
"imagepath"="\systemroot\system32\drivers\sffp_mmc.sys"
[hkey_local_machine\system\controlset001\services\sffp_sd]
"imagepath"="\systemroot\system32\drivers\sffp_sd.sys"
[hkey_local_machine\system\controlset001\services\sfloppy]
"imagepath"="\systemroot\system32\drivers\sfloppy.sys"
[hkey_local_machine\system\controlset001\services\sharedaccess]
"servicedll"=%systemroot%\system32\ipnathlp.dll
[hkey_local_machine\system\controlset001\services\shellhwdetection]
"servicedll"=%systemroot%\system32\shsvcs.dll
[hkey_local_machine\system\controlset001\services\sisagp]
"imagepath"="\systemroot\system32\drivers\sisagp.sys"
[hkey_local_machine\system\controlset001\services\sisraid2]
"imagepath"="\systemroot\system32\drivers\sisraid2.sys"
[hkey_local_machine\system\controlset001\services\sisraid4]
"imagepath"="\systemroot\system32\drivers\sisraid4.sys"
[hkey_local_machine\system\controlset001\services\slsvc]
"imagepath"=%systemroot%\system32\slsvc.exe
[hkey_local_machine\system\controlset001\services\sluinotify]
"servicedll"=%systemroot%\system32\sluinotify.dll
[hkey_local_machine\system\controlset001\services\smb]
"imagepath"="system32\drivers\smb.sys"
[hkey_local_machine\system\controlset001\services\smsvchost 3.0.0.0]
[hkey_local_machine\system\controlset001\services\smsvchost 4.0.0.0]
[hkey_local_machine\system\controlset001\services\snmptrap]
"imagepath"=%systemroot%\system32\snmptrap.exe
[hkey_local_machine\system\controlset001\services\speedfan]
"imagepath"="system32\speedfan.sys"
[hkey_local_machine\system\controlset001\services\spldr]
[hkey_local_machine\system\controlset001\services\spooler]
"imagepath"=%systemroot%\system32\spoolsv.exe
[hkey_local_machine\system\controlset001\services\sptd]
"imagepath"="system32\drivers\sptd.sys"
[hkey_local_machine\system\controlset001\services\srv]
"imagepath"="system32\drivers\srv.sys"
[hkey_local_machine\system\controlset001\services\srv2]
"imagepath"="system32\drivers\srv2.sys"
[hkey_local_machine\system\controlset001\services\srvnet]
"imagepath"="system32\drivers\srvnet.sys"
[hkey_local_machine\system\controlset001\services\ssdpsrv]
"servicedll"=%systemroot%\system32\ssdpsrv.dll
[hkey_local_machine\system\controlset001\services\sstpsvc]
"servicedll"=%systemroot%\system32\sstpsvc.dll
[hkey_local_machine\system\controlset001\services\ss_bus]
"imagepath"="system32\drivers\ss_bus.sys"
[hkey_local_machine\system\controlset001\services\ss_mdfl]
"imagepath"="system32\drivers\ss_mdfl.sys"
[hkey_local_machine\system\controlset001\services\ss_mdm]
"imagepath"="system32\drivers\ss_mdm.sys"
[hkey_local_machine\system\controlset001\services\stisvc]
"servicedll"=%systemroot%\system32\wiaservc.dll
[hkey_local_machine\system\controlset001\services\swenum]
"imagepath"="system32\drivers\swenum.sys"
[hkey_local_machine\system\controlset001\services\swprv]
"servicedll"=%systemroot%\system32\swprv.dll
[hkey_local_machine\system\controlset001\services\symc8xx]
"imagepath"="\systemroot\system32\drivers\symc8xx.sys"
[hkey_local_machine\system\controlset001\services\sym_hi]
"imagepath"="\systemroot\system32\drivers\sym_hi.sys"
[hkey_local_machine\system\controlset001\services\sym_u3]
"imagepath"="\systemroot\system32\drivers\sym_u3.sys"
[hkey_local_machine\system\controlset001\services\syntp]
"imagepath"="system32\drivers\syntp.sys"
[hkey_local_machine\system\controlset001\services\sysmain]
"servicedll"=%systemroot%\system32\sysmain.dll
[hkey_local_machine\system\controlset001\services\tabletinputservice]
"servicedll"=%systemroot%\system32\tabsvc.dll
[hkey_local_machine\system\controlset001\services\tapisrv]
"servicedll"=%systemroot%\system32\tapisrv.dll
[hkey_local_machine\system\controlset001\services\tbs]
"servicedll"=%systemroot%\system32\tbssvc.dll
[hkey_local_machine\system\controlset001\services\tcpip]
"imagepath"="system32\drivers\tcpip.sys"
[hkey_local_machine\system\controlset001\services\tcpip6]
"imagepath"="system32\drivers\tcpip.sys"
[hkey_local_machine\system\controlset001\services\tcpipreg]
"imagepath"="system32\drivers\tcpipreg.sys"
[hkey_local_machine\system\controlset001\services\tdcmdpst]
"imagepath"="system32\drivers\tdcmdpst.sys"
[hkey_local_machine\system\controlset001\services\tdpipe]
"imagepath"="system32\drivers\tdpipe.sys"
[hkey_local_machine\system\controlset001\services\tdtcp]
"imagepath"="system32\drivers\tdtcp.sys"
[hkey_local_machine\system\controlset001\services\tdx]
"imagepath"="system32\drivers\tdx.sys"
[hkey_local_machine\system\controlset001\services\tempomonitoringservice]
"imagepath"="\c:\program files\toshiba tempro\temposvc.exe\""
[hkey_local_machine\system\controlset001\services\termdd]
"imagepath"="system32\drivers\termdd.sys"
[hkey_local_machine\system\controlset001\services\termservice]
"servicedll"=%systemroot%\system32\termsrv.dll
[hkey_local_machine\system\controlset001\services\themes]
"servicedll"=%systemroot%\system32\shsvcs.dll
[hkey_local_machine\system\controlset001\services\threadorder]
"servicedll"=%systemroot%\system32\mmcss.dll
[hkey_local_machine\system\controlset001\services\tnavisrv]
"imagepath"=c:\program files\toshiba\toshiba dvd player\tnavisrv.exe
[hkey_local_machine\system\controlset001\services\toddsrv]
"imagepath"=c:\windows\system32\toddsrv.exe
[hkey_local_machine\system\controlset001\services\toscosrv]
"imagepath"="\c:\program files\toshiba\power saver\toscosrv.exe\""
[hkey_local_machine\system\controlset001\services\toshiba bluetooth service]
"imagepath"=c:\program files\toshiba\bluetooth toshiba stack\tosbtsrv.exe
[hkey_local_machine\system\controlset001\services\toshiba smart log service]
"imagepath"="\c:\program files\toshiba\smartlogservice\tosipcsrv.exe\""
[hkey_local_machine\system\controlset001\services\tosrfcom]
[hkey_local_machine\system\controlset001\services\tosrfec]
"imagepath"="system32\drivers\tosrfec.sys"
[hkey_local_machine\system\controlset001\services\tosrfusb]
[hkey_local_machine\system\controlset001\services\tos_sps32]
"imagepath"="system32\drivers\tos_sps32.sys"
[hkey_local_machine\system\controlset001\services\trkwks]
"servicedll"=%systemroot%\system32\trkwks.dll
--
[hkey_local_machine\system\controlset001\services\trustedinstaller]
"imagepath"=%systemroot%\servicing\trustedinstaller.exe
[hkey_local_machine\system\controlset001\services\tsddd]
[hkey_local_machine\system\controlset001\services\tssecsrv]
"imagepath"="system32\drivers\tssecsrv.sys"
[hkey_local_machine\system\controlset001\services\tunmp]
"imagepath"="system32\drivers\tunmp.sys"
[hkey_local_machine\system\controlset001\services\tunnel]
"imagepath"="system32\drivers\tunnel.sys"
[hkey_local_machine\system\controlset001\services\tvalz]
"imagepath"="system32\drivers\tvalz_o.sys"
[hkey_local_machine\system\controlset001\services\tvichw32]
"imagepath"="\??\c:\windows\system32\drivers\tvichw32.sys
[hkey_local_machine\system\controlset001\services\uagp35]
"imagepath"="\systemroot\system32\drivers\uagp35.sys"
[hkey_local_machine\system\controlset001\services\udfs]
"imagepath"="system32\drivers\udfs.sys"
[hkey_local_machine\system\controlset001\services\ugatherer]
[hkey_local_machine\system\controlset001\services\ugthrsvc]
[hkey_local_machine\system\controlset001\services\ui0detect]
"imagepath"=%systemroot%\system32\ui0detect.exe
[hkey_local_machine\system\controlset001\services\uleadburninghelper]
"imagepath"=c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe
[hkey_local_machine\system\controlset001\services\uliagpkx]
"imagepath"="\systemroot\system32\drivers\uliagpkx.sys"
[hkey_local_machine\system\controlset001\services\uliahci]
"imagepath"="\systemroot\system32\drivers\uliahci.sys"
[hkey_local_machine\system\controlset001\services\ulsata]
"imagepath"="\systemroot\system32\drivers\ulsata.sys"
[hkey_local_machine\system\controlset001\services\ulsata2]
"imagepath"="\systemroot\system32\drivers\ulsata2.sys"
[hkey_local_machine\system\controlset001\services\umbus]
"imagepath"="system32\drivers\umbus.sys"
[hkey_local_machine\system\controlset001\services\upnphost]
"servicedll"=%systemroot%\system32\upnphost.dll
[hkey_local_machine\system\controlset001\services\usb]
[hkey_local_machine\system\controlset001\services\usbaapl]
"imagepath"="system32\drivers\usbaapl.sys"
[hkey_local_machine\system\controlset001\services\usbaudio]
"imagepath"="system32\drivers\usbaudio.sys"
[hkey_local_machine\system\controlset001\services\usbccgp]
"imagepath"="system32\drivers\usbccgp.sys"
[hkey_local_machine\system\controlset001\services\usbcir]
"imagepath"="\systemroot\system32\drivers\usbcir.sys"
[hkey_local_machine\system\controlset001\services\usbehci]
"imagepath"="system32\drivers\usbehci.sys"
[hkey_local_machine\system\controlset001\services\usbhub]
"imagepath"="system32\drivers\usbhub.sys"
[hkey_local_machine\system\controlset001\services\usbohci]
"imagepath"="\systemroot\system32\drivers\usbohci.sys"
[hkey_local_machine\system\controlset001\services\usbprint]
"imagepath"="\systemroot\system32\drivers\usbprint.sys"
[hkey_local_machine\system\controlset001\services\usbstor]
"imagepath"="system32\drivers\usbstor.sys"
[hkey_local_machine\system\controlset001\services\usbuhci]
"imagepath"="system32\drivers\usbuhci.sys"
[hkey_local_machine\system\controlset001\services\usbvideo]
"imagepath"="system32\drivers\usbvideo.sys"
[hkey_local_machine\system\controlset001\services\uvcftr]
"imagepath"="system32\drivers\uvcftr_s.sys"
[hkey_local_machine\system\controlset001\services\uxsms]
"servicedll"=%systemroot%\system32\uxsms.dll
[hkey_local_machine\system\controlset001\services\vds]
"imagepath"=%systemroot%\system32\vds.exe
[hkey_local_machine\system\controlset001\services\vga]
"imagepath"="system32\drivers\vgapnp.sys"
[hkey_local_machine\system\controlset001\services\vgasave]
"imagepath"="\systemroot\system32\drivers\vga.sys"
[hkey_local_machine\system\controlset001\services\viaagp]
"imagepath"="\systemroot\system32\drivers\viaagp.sys"
[hkey_local_machine\system\controlset001\services\viac7]
"imagepath"="\systemroot\system32\drivers\viac7.sys"
[hkey_local_machine\system\controlset001\services\viaide]
"imagepath"="\systemroot\system32\drivers\viaide.sys"
[hkey_local_machine\system\controlset001\services\volmgr]
"imagepath"="system32\drivers\volmgr.sys"
[hkey_local_machine\system\controlset001\services\volmgrx]
"imagepath"="system32\drivers\volmgrx.sys"
[hkey_local_machine\system\controlset001\services\volsnap]
"imagepath"="system32\drivers\volsnap.sys"
[hkey_local_machine\system\controlset001\services\vsmraid]
"imagepath"="\systemroot\system32\drivers\vsmraid.sys"
[hkey_local_machine\system\controlset001\services\vss]
"imagepath"=%systemroot%\system32\vssvc.exe
[hkey_local_machine\system\controlset001\services\w32time]
"servicedll"=%systemroot%\system32\w32time.dll
[hkey_local_machine\system\controlset001\services\w3svc]
[hkey_local_machine\system\controlset001\services\wacompen]
"imagepath"="\systemroot\system32\drivers\wacompen.sys"
[hkey_local_machine\system\controlset001\services\wanarp]
"imagepath"="system32\drivers\wanarp.sys"
[hkey_local_machine\system\controlset001\services\wanarpv6]
"imagepath"="system32\drivers\wanarp.sys"
[hkey_local_machine\system\controlset001\services\wcncsvc]
"servicedll"=%systemroot%\system32\wcncsvc.dll
[hkey_local_machine\system\controlset001\services\wcspluginservice]
"servicedll"=%systemroot%\system32\wcspluginservice.dll
[hkey_local_machine\system\controlset001\services\wd]
"imagepath"="\systemroot\system32\drivers\wd.sys"
[hkey_local_machine\system\controlset001\services\wdc_sam]
"imagepath"="system32\drivers\wdcsam.sys"
[hkey_local_machine\system\controlset001\services\wdf01000]
"imagepath"="system32\drivers\wdf01000.sys"
[hkey_local_machine\system\controlset001\services\wdiservicehost]
"servicedll"=%systemroot%\system32\wdi.dll
[hkey_local_machine\system\controlset001\services\wdisystemhost]
"servicedll"=%systemroot%\system32\wdi.dll
[hkey_local_machine\system\controlset001\services\webclient]
"servicedll"=%systemroot%\system32\webclnt.dll
[hkey_local_machine\system\controlset001\services\wecsvc]
"servicedll"=%systemroot%\system32\wecsvc.dll
[hkey_local_machine\system\controlset001\services\wercplsupport]
"servicedll"=%systemroot%\system32\wercplsupport.dll
[hkey_local_machine\system\controlset001\services\wersvc]
"servicedll"=%systemroot%\system32\wersvc.dll
[hkey_local_machine\system\controlset001\services\winachsf]
"imagepath"="system32\drivers\hsx_cnxt.sys"
[hkey_local_machine\system\controlset001\services\windefend]
"servicedll"=%programfiles%\windows defender\mpsvc.dll
[hkey_local_machine\system\controlset001\services\windows workflow foundation 3.0.0.0]
[hkey_local_machine\system\controlset001\services\winhttpautoproxysvc]
"servicedll"="winhttp.dll"
[hkey_local_machine\system\controlset001\services\winmgmt]
"servicedll"=%systemroot%\system32\wbem\wmisvc.dll
[hkey_local_machine\system\controlset001\services\winrm]
"servicedll"=%systemroot%\system32\wsmsvc.dll
[hkey_local_machine\system\controlset001\services\winsock]
[hkey_local_machine\system\controlset001\services\winsock2]
[hkey_local_machine\system\controlset001\services\wlansvc]
"servicedll"=%systemroot%\system32\wlansvc.dll
[hkey_local_machine\system\controlset001\services\wlcrasvc]
"imagepath"="\c:\program files\windows live\mesh\wlcrasvc.exe\""
[hkey_local_machine\system\controlset001\services\wlidsvc]
"imagepath"="\c:\program files\common files\microsoft shared\windows live\wlidsvc.exe\""
[hkey_local_machine\system\controlset001\services\wmiacpi]
"imagepath"="system32\drivers\wmiacpi.sys"
[hkey_local_machine\system\controlset001\services\wmiaprpl]
[hkey_local_machine\system\controlset001\services\wmiapsrv]
"imagepath"=%systemroot%\system32\wbem\wmiapsrv.exe
[hkey_local_machine\system\controlset001\services\wmpnetworksvc]
"imagepath"="\%programfiles%\windows media player\wmpnetwk.exe\""
[hkey_local_machine\system\controlset001\services\wpcsvc]
"servicedll"=%systemroot%\system32\wpcsvc.dll
[hkey_local_machine\system\controlset001\services\wpdbusenum]
"servicedll"=%systemroot%\system32\wpdbusenum.dll
[hkey_local_machine\system\controlset001\services\wpffontcache_v0400]
"imagepath"=c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe
[hkey_local_machine\system\controlset001\services\ws2ifsl]
"imagepath"="\systemroot\system32\drivers\ws2ifsl.sys"
[hkey_local_machine\system\controlset001\services\wscsvc]
"servicedll"=%systemroot%\system32\wscsvc.dll
[hkey_local_machine\system\controlset001\services\wsearch]
"imagepath"=%systemroot%\system32\searchindexer.exe /embedding"
[hkey_local_machine\system\controlset001\services\wsearchidxpi]
[hkey_local_machine\system\controlset001\services\wuauserv]
"servicedll"=%systemroot%\system32\wuaueng.dll
[hkey_local_machine\system\controlset001\services\wudfrd]
"imagepath"="system32\drivers\wudfrd.sys"
[hkey_local_machine\system\controlset001\services\wudfsvc]
"servicedll"=%systemroot%\system32\wudfsvc.dll
[hkey_local_machine\system\controlset001\services\xaudio]
"imagepath"="system32\drivers\xaudio.sys"
[hkey_local_machine\system\controlset001\services\xaudioservice]
"imagepath"=%systemroot%\system32\drivers\xaudio.exe
[hkey_local_machine\system\controlset001\services\xmlprov]
[hkey_local_machine\system\controlset001\services\yukonwlh]
"imagepath"="system32\drivers\yk60x86.sys"
[hkey_local_machine\system\controlset001\services\{30e634d1-28b4-4480-afaf-028373e16047}]
[hkey_local_machine\system\controlset001\services\{7c3ebf25-fec4-4174-99bc-974baf5b8fac}]
.
--------------------- vergrendelde register sleutels ---------------------
[hkey_local_machine\system\controlset001\control\class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
"blinddial"=dword:00000000
[hkey_local_machine\system\controlset001\control\class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
"blinddial"=dword:00000000
.
voltooingstijd: 2010-11-10 17:40:06
combofix-quarantined-files.txt 2010-11-10 16:39
pre-run: 10.142.269.440 bytes free
post-run: 10.169.659.392 bytes free
- - end of file - - c07537f89430cac047b0ae198c4f0978

[/hjt]
 
Hoi Pablo, hoe heeft jouw Windows gereageerd op de ComboFix-scan?
 
Wat bedoel je? Of het geholpen heeft?

Ik merk iig geen verschil met voorheen, maar wellicht is mn laptop iets sneller en reageert zoals je zou verwachten ipv af en toe n klein haperingetje.
 
Wat betreft MSN, er zijn op dit forum de laatste dagen meer problemen met MSN gemeld!

Voorzover ik kan zien is met jouw Windows niks aan de hand!


Maar je mag een ander uitgebreid log gaan posten, zien of daar wat meer uitlomt?


download RSIT naar jouw bureaublad
  • Gebruikers van Windows Vista en Windows 7 starten het tool middels rechtsklik en daarbij dan kiezend voor 'Als administrator uitvoeren'!
  • Denk eraan, dat RSIT vanaf het bureaublad gestart dient te worden.
  • Klik\dubbelklik op 'RSIT.exe' om het tool te starten.
  • Klik op 'Continue' in het disclaimer venster.

  • Nadat de scan beindigd is, zullen twee logs openen.
  • Post aansluitend via DDRMMR's kleurcodeerder de inhoud van 'log.txt' (deze zal gemaximaliseerd zijn) en dito van 'info.txt(deze hoeft niet via DDRMMR's kleurcodeerder en zal eerst geminimaliseerd zijn)
 
Dus nu heb ik pech en moet ik hopen dat vanzelf weggaat?
 
[hjt]
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pablo at 2010-11-10 19:55:16
Microsoft Windows Vista™ Home Premium Service Pack 2
System drive C: has 5 GB (5%) free of 120 GB
Total RAM: 3070 MB (29% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:57:06, on 10-11-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
c:\windows\system32\dwm.exe
c:\windows\explorer.exe
c:\windows\system32\taskeng.exe
c:\program files\toshiba\configfree\ndstray.exe
c:\program files\toshiba\toshiba online product information\topi.exe
c:\program files\synaptics\syntp\syntpenh.exe
c:\program files\camera assistant software for toshiba\traybar.exe
c:\program files\toshiba\hdmictrlman\hdmictrlman.exe
c:\program files\toshiba\power saver\tpwrmain.exe
c:\program files\ati technologies\ati.ace\core-static\mom.exe
c:\program files\toshiba\smoothview\smoothview.exe
c:\program files\toshiba\flashcards\tcrdmain.exe
c:\program files\freecom\freecom internet phone\freecom internet phone.exe
c:\program files\roxio\easy media creator 8\drag to disc\drgtodsc.exe
c:\program files\common files\roxio shared\sharedcom8\roxwatchtray.exe
c:\program files\toshiba tempro\toshiba.tempo.ui.trayapplication.exe
c:\program files\thuishelp\zesko\thuishelp.exe
c:\program files\camera assistant software for toshiba\cec_main.exe
c:\program files\itunes\ituneshelper.exe
c:\program files\divx\divx update\divxupdate.exe
c:\program files\microsoft security essentials\msseces.exe
c:\program files\daemon tools\daemon.exe
c:\windows\ehome\ehtray.exe
c:\windows\ehome\ehmsas.exe
c:\program files\toshiba\configfree\cfswmgr.exe
c:\program files\common files\roxio shared\sharedcom8\cpshelprunner.exe
c:\program files\ati technologies\ati.ace\core-static\ccc.exe
c:\program files\synaptics\syntp\syntphelper.exe
c:\program files\uniblue\registrybooster\registrybooster.exe
c:\program files\lavasoft\ad-aware\aawtray.exe
c:\program files\mozilla firefox\firefox.exe
c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtblfs.exe
c:\betfair\betfair.exe
c:\action poker\act.exe
c:\program files\full tilt poker\fulltiltpoker.exe
c:\programs\partygaming\partygaming.exe
c:\program files\bitlord\bitlord.exe
c:\program files\mozilla firefox\plugin-container.exe
c:\microgaming\poker\unibetpokermpp\mppoker.exe
c:\program files\trillian\trillian.exe
c:\program files\soulseekns\slsk.exe
c:\windows\system32\wuauclt.exe
c:\users\pablo\desktop\rsit.exe
c:\users\pablo\downloads\pablo.exe

r0 - hkcu\software\microsoft\internet explorer\main,start page = about:blank
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,local page =
r0 - hklm\software\microsoft\internet explorer\main,local page =
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = *.local
o2 - bho: (no name) - {02478d38-c3f9-4efb-9b51-7695eca05670} - (no file)
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: spybot-s&d ie protection - {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\sdhelper.dll
o2 - bho: ievkbdbho - {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\ievkbd.dll
o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
o2 - bho: windows live id sign-in helper - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: windows live messenger companion helper - {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: link filter bho - {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
o4 - hklm\..\run: [ndstray.exe] ndstray.exe
o4 - hklm\..\run: [itsecmng] %programfiles%\toshiba\bluetooth toshiba stack\itsecmng.exe /start
o4 - hklm\..\run: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup
o4 - hklm\..\run: [startccc] c:\program files\ati technologies\ati.ace\core-static\clistart.exe
o4 - hklm\..\run: [syntpenh] c:\program files\synaptics\syntp\syntpenh.exe
o4 - hklm\..\run: [camera assistant software] c:\program files\camera assistant software for toshiba\traybar.exe /start
o4 - hklm\..\run: [hdmictrlman] c:\program files\toshiba\hdmictrlman\hdmictrlman.exe
o4 - hklm\..\run: [tpwrmain] %programfiles%\toshiba\power saver\tpwrmain.exe
o4 - hklm\..\run: [hson] %programfiles%\toshiba\tbs\hson.exe
o4 - hklm\..\run: [smoothview] %programfiles%\toshiba\smoothview\smoothview.exe
o4 - hklm\..\run: [00tcrdmain] %programfiles%\toshiba\flashcards\tcrdmain.exe
o4 - hklm\..\run: [toshiba registration] c:\program files\toshiba\registration\toshibaregistration.exe
o4 - hklm\..\run: [freecom] c:\program files\freecom\freecom internet phone\freecom internet phone.exe
o4 - hklm\..\run: [roxiodragtodisc] c:\program files\roxio\easy media creator 8\drag to disc\drgtodsc.exe
o4 - hklm\..\run: [roxwatchtray] c:\program files\common files\roxio shared\sharedcom8\roxwatchtray.exe
o4 - hklm\..\run: [toshiba tempo] c:\program files\toshiba tempro\toshiba.tempo.ui.trayapplication.exe
o4 - hklm\..\run: [applesyncnotifier] c:\program files\common files\apple\mobile device support\bin\applesyncnotifier.exe
o4 - hklm\..\run: [zesko_mccitrayapp] c:\program files\thuishelp\zesko\thuishelp.exe
o4 - hklm\..\run: [clonecdtray] c:\program files\slysoft\clonecd\clonecdtray.exe /s
o4 - hklm\..\run: [avp] c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe
o4 - hklm\..\run: [adobe reader speed launcher] c:\program files\adobe\reader 9.0\reader\reader_sl.exe
o4 - hklm\..\run: [quicktime task] c:\program files\quicktime\qttask.exe -atboottime
o4 - hklm\..\run: [ituneshelper] c:\program files\itunes\ituneshelper.exe
o4 - hklm\..\run: [divxupdate] c:\program files\divx\divx update\divxupdate.exe /checknow
o4 - hklm\..\run: [msse] c:\program files\microsoft security essentials\msseces.exe -hide -runkey
o4 - hkcu\..\run: [msnmsgr] c:\program files\windows live\messenger\msnmsgr.exe /background
o4 - hkcu\..\run: [daemon tools] c:\program files\daemon tools\daemon.exe -lang 1033
o4 - hkcu\..\run: [google update] c:\users\pablo\appdata\local\google\update\googleupdate.exe /c
o4 - hkcu\..\run: [ehtray.exe] c:\windows\ehome\ehtray.exe
o4 - hkcu\..\run: [isuspm startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
o4 - hkcu\..\run: [uniblue registrybooster 2009] c:\program files\uniblue\registrybooster\startregistrybooster.exe
o4 - .default user startup: trdcreminder.lnk = c:\program files\toshiba\trdcreminder\trdcreminder.exe (user 'default user')
o4 - startup: trillian.lnk = c:\program files\trillian\trillian.exe
o4 - global startup: microsoft office.lnk = c:\program files\microsoft office\office\osa9.exe
o9 - extra button: @c:\program files\windows live\companion\companionlang.dll,-600 - {0000036b-c524-4050-81a0-243669a86b9f} - c:\program files\windows live\companion\companioncore.dll
o9 - extra button: @c:\program files\windows live\writer\windowslivewritershortcuts.dll,-1004 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: @c:\program files\windows live\writer\windowslivewritershortcuts.dll,-1003 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra button: pokerstars - {3ad14f0c-ed16-4e43-b6d8-661b03f6a1ef} - c:\program files\pokerstars\pokerstarsupdate.exe
o9 - extra button: &virtueel toetsenbord - {4248fe82-7fcb-46ac-b270-339f08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
o9 - extra button: titan poker - {49783ed4-258d-4f9f-be11-137c18d3e543} - c:\poker\titan poker\casino.exe
o9 - extra 'tools' menuitem: titan poker - {49783ed4-258d-4f9f-be11-137c18d3e543} - c:\poker\titan poker\casino.exe
o9 - extra button: ebay.co.uk - buy it sell it love it - {76577871-04ec-495e-a12b-91f7c3600afa} - [noparse]http://rover.ebay.com/rover/1/710-44557-9400-3/4[/noparse] (file missing)
o9 - extra button: empirepoker - {77e68763-4284-41d6-b7e7-b6e1f053a9e7} - c:\programs\empirepokermaster\empirepoker\runepoker.exe
o9 - extra 'tools' menuitem: empirepoker - {77e68763-4284-41d6-b7e7-b6e1f053a9e7} - c:\programs\empirepokermaster\empirepoker\runepoker.exe
o9 - extra button: amazon.co.uk - {8a918c1d-e123-4e36-b562-5c1519e434ce} - [noparse]http://www.amazon.co.uk/exec/obidos/redirect-home?tag=toshibaukbholink-21&site=home[/noparse] (file missing)
o9 - extra button: cdpoker - {a68fc757-51cf-4f3c-b13a-bfb8ca69bb99} - c:\poker\cdpoker\casino.exe
o9 - extra 'tools' menuitem: cdpoker - {a68fc757-51cf-4f3c-b13a-bfb8ca69bb99} - c:\poker\cdpoker\casino.exe
o9 - extra button: partypoker.com - {b7fe5d70-9aa2-40f1-9c6b-12a255f085e1} - c:\programs\partygaming\partypoker\runapp.exe
o9 - extra 'tools' menuitem: partypoker.com - {b7fe5d70-9aa2-40f1-9c6b-12a255f085e1} - c:\programs\partygaming\partypoker\runapp.exe
o9 - extra button: unibet poker - {c53bfcfc-7a54-4627-aeba-2cd4871fca97} - c:\microgaming\poker\unibetpokermpp\mppoker.exe
o9 - extra button: internetadressen c&ontrole - {ccf151d8-d089-449f-a5a4-d9909053f20f} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
o9 - extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\program files\spybot - search & destroy\sdhelper.dll
o9 - extra 'tools' menuitem: spybot - search && destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\program files\spybot - search & destroy\sdhelper.dll
o9 - extra button: bodog poker - {f47c1db5-ed21-4dc1-853e-d1495792d4c5} - c:\program files\bodog poker\bpgame.exe
o9 - extra button: cool hand poker - {00000000-0000-0000-0000-000000000000} - c:\microgaming\poker\coolhandmpp\mppoker.exe (hkcu)
o9 - extra button: ub - {1fba04ee-3024-11d2-8f1f-0000f87abd16} - c:\users\pablo\appdata\roaming\microsoft\windows\start menu\programs\ub\ub.lnk (hkcu)
o9 - extra 'tools' menuitem: ub - {1fba04ee-3024-11d2-8f1f-0000f87abd16} - c:\users\pablo\appdata\roaming\microsoft\windows\start menu\programs\ub\ub.lnk (hkcu)
o9 - extra button: carbonpoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - c:\users\pablo\appdata\roaming\microsoft\windows\start menu\programs\carbonpoker\carbonpoker.lnk (hkcu)
o15 - trusted zone: [noparse]http://www.adobe.com[/noparse]
o18 - protocol: skype4com - {ffc8b962-9b40-4dff-9458-1830c7dd7f5d} - c:\progra~1\common~1\skype\skype4~1.dll
o18 - protocol: wlpg - {e43ef6cd-a37a-4a9b-9e6f-83f89b8e6324} - c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll
o20 - appinit_dlls: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll
o22 - sharedtaskscheduler: component categories cache daemon - {8c7461ef-2b13-11d2-be35-3078302c2030} - c:\windows\system32\browseui.dll
o23 - service: mobiel apple apparaat (apple mobile device) - apple inc. - c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe
o23 - service: ati external event utility - ati technologies inc. - c:\windows\system32\ati2evxx.exe
o23 - service: kaspersky anti-virus (avp) - kaspersky lab - c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe
o23 - service: bonjour-service (bonjour service) - apple inc. - c:\program files\bonjour\mdnsresponder.exe
o23 - service: configfree service - toshiba corporation - c:\program files\toshiba\configfree\cfsvcs.exe
o23 - service: google update service (gupdate1c9a02555337583) (gupdate1c9a02555337583) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe
o23 - service: ipod-service (ipod service) - apple inc. - c:\program files\ipod\bin\ipodservice.exe
o23 - service: lavasoft ad-aware service - lavasoft - c:\program files\lavasoft\ad-aware\aawservice.exe
o23 - service: mccicmservice - motive communications, inc. - c:\program files\common files\motive\mccicmservice.exe
o23 - service: o2micro flash memory card service (o2flash) - o2micro international - c:\program files\o2micro flash memory card driver\o2flash.exe
o23 - service: postgresql database server 8.3 (pgsql-8.3) - postgresql global development group - c:\program files\postgresql\8.3\bin\pg_ctl.exe
o23 - service: liveshare p2p server (roxliveshare) - sonic solutions - c:\program files\common files\roxio shared\sharedcom8\roxliveshare.exe
o23 - service: roxmediadb - sonic solutions - c:\program files\common files\roxio shared\sharedcom8\roxmediadb.exe
o23 - service: roxupnprenderer (roxupnprenderer) - sonic solutions - c:\program files\common files\roxio shared\sharedcom\roxupnprenderer.exe
o23 - service: roxupnpserver - sonic solutions - c:\program files\roxio\easy media creator 8\digital home\roxupnpserver.exe
o23 - service: roxio hard drive watcher (roxwatch) - sonic solutions - c:\program files\common files\roxio shared\sharedcom8\roxwatch.exe
o23 - service: notebook performance tuning service (tempomonitoringservice) - toshiba europe gmbh - c:\program files\toshiba tempro\temposvc.exe
o23 - service: toshiba navi support service (tnavisrv) - toshiba corporation - c:\program files\toshiba\toshiba dvd player\tnavisrv.exe
o23 - service: toshiba optical disc drive service (toddsrv) - toshiba corporation - c:\windows\system32\toddsrv.exe
o23 - service: toshiba power saver (toscosrv) - toshiba corporation - c:\program files\toshiba\power saver\toscosrv.exe
o23 - service: toshiba bluetooth service - toshiba corporation - c:\program files\toshiba\bluetooth toshiba stack\tosbtsrv.exe
o23 - service: toshiba smart log service - toshiba corporation - c:\program files\toshiba\smartlogservice\tosipcsrv.exe
o23 - service: ulead burning helper (uleadburninghelper) - ulead systems, inc. - c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe
o23 - service: xaudioservice - conexant systems, inc. - c:\windows\system32\drivers\xaudio.exe
--
end of file - 14776 bytes
======scheduled tasks folder======
c:\windows\tasks\ad-aware update (weekly).job
c:\windows\tasks\googleupdatetaskmachinecore.job
c:\windows\tasks\googleupdatetaskmachineua.job
c:\windows\tasks\googleupdatetaskusers-1-5-21-3173371087-2009597984-3177318452-1000core.job
c:\windows\tasks\googleupdatetaskusers-1-5-21-3173371087-2009597984-3177318452-1000ua.job
c:\windows\tasks\user_feed_synchronization-{8115eaaf-0810-4a9c-b579-6413ec6b202d}.job
======registry dump======
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{18df081c-e8ad-4283-a596-fa578c2ebdc3}]
adobe pdf link helper - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll [2009-12-21 75200]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6f74-2d53-2644-206d7942484f}]
spybot-s&d ie protection - c:\program files\spybot - search & destroy\sdhelper.dll [2009-01-26 1879896]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{59273ab4-e7d3-40f9-a1a8-6fa9cca1862c}]
ievkbdbho class - c:\program files\kaspersky lab\kaspersky anti-virus 2010\ievkbd.dll [2009-05-25 68112]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{6ebf7485-159f-4bff-a14f-b9e3aac4465b}]
search helper - c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll [2010-09-22 191792]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030d464-4c02-4abf-8ecc-5164760863c6}]
windows live id sign-in helper - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll [2010-09-21 439168]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{9fdde16b-836f-4806-ab1f-1455cbeff289}]
windows live messenger companion helper - c:\program files\windows live\companion\companioncore.dll [2010-09-23 393600]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{dbc80044-a445-435b-bc74-9c25c1c588a9}]
java(tm) plug-in 2 ssv helper - c:\program files\java\jre6\bin\jp2ssv.dll [2010-09-15 41760]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{e33cf602-d945-461a-83f0-819f76a199f8}]
filterbho class - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll [2009-08-25 264720]
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"ndstray.exe"=ndstray.exe []
"itsecmng"=c:\program files\toshiba\bluetooth toshiba stack\itsecmng.exe [2007-09-28 75136]
"topi"=c:\program files\toshiba\toshiba online product information\topi.exe [2009-02-09 579488]
"startccc"=c:\program files\ati technologies\ati.ace\core-static\clistart.exe [2006-11-10 90112]
"syntpenh"=c:\program files\synaptics\syntp\syntpenh.exe [2007-11-29 1029416]
"camera assistant software"=c:\program files\camera assistant software for toshiba\traybar.exe [2007-10-25 413696]
"hdmictrlman"=c:\program files\toshiba\hdmictrlman\hdmictrlman.exe [2008-01-25 716800]
"tpwrmain"=c:\program files\toshiba\power saver\tpwrmain.exe [2008-01-17 431456]
"hson"=c:\program files\toshiba\tbs\hson.exe [2007-10-31 54608]
"smoothview"=c:\program files\toshiba\smoothview\smoothview.exe [2008-01-25 509816]
"00tcrdmain"=c:\program files\toshiba\flashcards\tcrdmain.exe [2008-01-22 712704]
"toshiba registration"=c:\program files\toshiba\registration\toshibaregistration.exe [2007-05-04 571024]
"freecom"=c:\program files\freecom\freecom internet phone\freecom internet phone.exe [2006-09-22 466944]
"roxiodragtodisc"=c:\program files\roxio\easy media creator 8\drag to disc\drgtodsc.exe [2005-09-19 1687552]
"roxwatchtray"=c:\program files\common files\roxio shared\sharedcom8\roxwatchtray.exe [2005-09-19 163840]
"toshiba tempo"=c:\program files\toshiba tempro\toshiba.tempo.ui.trayapplication.exe [2008-11-06 103824]
"applesyncnotifier"=c:\program files\common files\apple\mobile device support\bin\applesyncnotifier.exe [2008-09-03 111936]
"zesko_mccitrayapp"=c:\program files\thuishelp\zesko\thuishelp.exe [2008-04-14 1455104]
"clonecdtray"=c:\program files\slysoft\clonecd\clonecdtray.exe [2006-09-28 57344]
"avp"=c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe [2010-08-18 311680]
"adobe reader speed launcher"=c:\program files\adobe\reader 9.0\reader\reader_sl.exe [2009-12-22 35760]
"quicktime task"=c:\program files\quicktime\qttask.exe [2010-09-08 421888]
"ituneshelper"=c:\program files\itunes\ituneshelper.exe [2010-09-24 421160]
"divxupdate"=c:\program files\divx\divx update\divxupdate.exe [2010-09-01 1164584]
"msse"=c:\program files\microsoft security essentials\msseces.exe [2010-09-15 1094224]
[hkey_current_user\software\microsoft\windows\currentversion\run]
"msnmsgr"=c:\program files\windows live\messenger\msnmsgr.exe [2010-09-23 4240760]
"daemon tools"=c:\program files\daemon tools\daemon.exe [2007-04-03 165784]
"google update"=c:\users\pablo\appdata\local\google\update\googleupdate.exe [2010-03-18 136176]
"ehtray.exe"=c:\windows\ehome\ehtray.exe [2008-01-21 125952]
"isuspm startup"=c:\progra~1\common~1\instal~1\update~1\isuspm.exe [2004-07-28 221184]
"uniblue registrybooster 2009"=c:\program files\uniblue\registrybooster\startregistrybooster.exe [2008-08-26 99624]
c:\programdata\microsoft\windows\start menu\programs\startup
microsoft office.lnk - c:\program files\microsoft office\office\osa9.exe
c:\users\pablo\appdata\roaming\microsoft\windows\start menu\programs\startup
trillian.lnk - c:\program files\trillian\trillian.exe
[hkey_local_machine\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll
[hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]
igfxdev.dll []
[hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon\notify\klogon]
c:\windows\system32\klogon.dll [2009-05-25 219664]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{aeb6717e-7e19-11d0-97ee-00c04fd91972}"= []
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\lavasoft ad-aware service]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\msmpsvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\lavasoft ad-aware service]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\msmpsvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\wudfpf]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\wudfrd]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\wudfsvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\wudfusbcciddriver]
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"enableuiadesktoptoggle"=0
[hkey_current_user\software\microsoft\windows\currentversion\policies\explorer]
"nodrives"=0
[hkey_local_machine\software\microsoft\windows\currentversion\policies\explorer]
"binddirectlytopropertysetstorage"=0
"nodrives"=0
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======file associations======
.js - edit - c:\windows\system32\notepad.exe %1
======list of files/folders created in the last 1 months======
2010-11-10 19:55:16 ----d---- c:\rsit
2010-11-10 17:40:16 ----shd---- c:\$recycle.bin
2010-11-10 17:40:06 ----a---- c:\combofix.txt
2010-11-10 17:24:12 ----a---- c:\windows\zip.exe
2010-11-10 17:24:12 ----a---- c:\windows\swsc.exe
2010-11-10 17:24:12 ----a---- c:\windows\swreg.exe
2010-11-10 17:24:12 ----a---- c:\windows\sed.exe
2010-11-10 17:24:12 ----a---- c:\windows\pev.exe
2010-11-10 17:24:12 ----a---- c:\windows\nircmd.exe
2010-11-10 17:24:12 ----a---- c:\windows\mbr.exe
2010-11-10 17:24:12 ----a---- c:\windows\grep.exe
2010-11-10 17:24:05 ----d---- c:\windows\erdnt
2010-11-10 17:24:04 ----d---- c:\combofix
2010-11-10 17:23:42 ----a---- c:\windows\swxcacls.exe
2010-11-10 17:23:09 ----ad---- c:\qoobox
2010-11-10 17:07:02 ----a---- c:\windows\system32\javaws.exe
2010-11-10 17:07:02 ----a---- c:\windows\system32\javaw.exe
2010-11-10 17:07:02 ----a---- c:\windows\system32\java.exe
2010-11-10 15:01:22 ----d---- c:\program files\ccleaner
2010-11-10 03:31:39 ----a---- c:\windows\system32\lsdelete.exe
2010-11-10 03:16:51 ----d---- c:\programdata\driverscanner
2010-11-10 03:15:23 ----hdc---- c:\programdata\{d5abffad-d592-4f98-b02b-587125b4801f}
2010-11-10 03:14:02 ----hdc---- c:\programdata\{51019853-129c-4ede-9030-d5fd7bbd9ad0}
2010-11-10 03:07:55 ----d---- c:\users\pablo\appdata\roaming\uniblue
2010-11-10 03:07:01 ----d---- c:\program files\uniblue
2010-11-10 03:06:42 ----hdc---- c:\programdata\{b46e1ef5-0b37-4db4-a4e2-9f2b41036185}
2010-11-09 23:38:11 ----a---- c:\windows\system32\drivers\lbd.sys
2010-11-09 23:34:26 ----hdc---- c:\programdata\{e961ce1b-c3ea-4882-9f67-f859b555d097}
2010-11-09 14:41:14 ----d---- c:\program files\regtweaker
2010-11-09 13:43:10 ----d---- c:\users\pablo\appdata\roaming\yahoo!
2010-11-09 13:41:49 ----d---- c:\programdata\yahoo!
2010-11-09 13:30:27 ----d---- c:\windows\en
2010-11-09 13:29:48 ----a---- c:\windows\system32\drivers\fssfltr.sys
2010-11-09 04:08:09 ----d---- c:\program files\microsoft sql server compact edition
2010-11-09 03:39:36 ----d---- c:\users\pablo\appdata\roaming\malwarebytes
2010-11-09 03:39:21 ----a---- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-09 03:39:20 ----d---- c:\programdata\malwarebytes
2010-11-09 03:39:19 ----d---- c:\program files\malwarebytes' anti-malware
2010-11-09 03:39:19 ----a---- c:\windows\system32\drivers\mbam.sys
2010-11-08 15:40:41 ----d---- c:\program files\microsoft security essentials
2010-11-08 14:50:31 ----d---- c:\program files\everest poker
2010-11-08 14:45:04 ----a---- c:\windows\system32\drivers\pavboot.sys
2010-11-08 14:42:54 ----d---- c:\program files\panda security
2010-11-07 22:22:46 ----d---- c:\users\pablo\appdata\roaming\opencandy
2010-11-07 22:17:38 ----d---- c:\programdata\windowsliveinstaller
2010-11-01 04:00:51 ----a---- c:\windows\system32\xaudio2_5.dll
2010-11-01 04:00:51 ----a---- c:\windows\system32\xapofx1_3.dll
2010-11-01 04:00:50 ----a---- c:\windows\system32\d3dx10_42.dll
2010-10-28 03:29:49 ----d---- c:\users\pablo\appdata\roaming\trillian
2010-10-28 03:29:42 ----d---- c:\program files\trillian
2010-10-27 12:04:29 ----a---- c:\windows\system32\gameux.dll
2010-10-27 12:04:29 ----a---- c:\windows\system32\apphlpdm.dll
2010-10-27 12:04:28 ----a---- c:\windows\system32\gameuxlegacygdfs.dll
2010-10-26 15:13:40 ----d---- c:\program files\eusing free registry cleaner
2010-10-26 14:56:17 ----d---- c:\program files\regdefense
2010-10-26 13:21:03 ----d---- c:\program files\western digital corporation
2010-10-20 11:08:48 ----a---- c:\windows\system32\webservices.dll
2010-10-14 22:04:59 ----a---- c:\windows\system32\wmp.dll
2010-10-14 22:04:57 ----a---- c:\windows\system32\wmploc.dll
2010-10-14 22:04:36 ----a---- c:\windows\system32\srvsvc.dll
2010-10-14 22:04:36 ----a---- c:\windows\system32\drivers\srvnet.sys
2010-10-14 22:04:36 ----a---- c:\windows\system32\drivers\srv.sys
2010-10-14 22:04:35 ----a---- c:\windows\system32\netevent.dll
2010-10-14 22:04:35 ----a---- c:\windows\system32\drivers\srv2.sys
2010-10-14 22:04:19 ----a---- c:\windows\system32\schannel.dll
2010-10-14 22:04:15 ----a---- c:\windows\system32\ole32.dll
2010-10-14 22:04:13 ----a---- c:\windows\system32\t2embed.dll
2010-10-14 22:04:07 ----a---- c:\windows\system32\mshtml.dll
2010-10-14 22:04:06 ----a---- c:\windows\system32\ieframe.dll
2010-10-14 22:04:05 ----a---- c:\windows\system32\urlmon.dll
2010-10-14 22:04:05 ----a---- c:\windows\system32\msfeeds.dll
2010-10-14 22:04:05 ----a---- c:\windows\system32\licmgr10.dll
2010-10-14 22:04:04 ----a---- c:\windows\system32\wininet.dll
2010-10-14 22:04:04 ----a---- c:\windows\system32\mshtmled.dll
2010-10-14 22:04:03 ----a---- c:\windows\system32\mstime.dll
2010-10-14 22:04:03 ----a---- c:\windows\system32\iertutil.dll
2010-10-14 22:04:03 ----a---- c:\windows\system32\iedkcs32.dll
2010-10-14 22:04:02 ----a---- c:\windows\system32\occache.dll
2010-10-14 22:04:02 ----a---- c:\windows\system32\msfeedssync.exe
2010-10-14 22:04:02 ----a---- c:\windows\system32\msfeedsbs.dll
2010-10-14 22:04:02 ----a---- c:\windows\system32\jsproxy.dll
2010-10-14 22:04:02 ----a---- c:\windows\system32\ieunatt.exe
2010-10-14 22:04:02 ----a---- c:\windows\system32\ieui.dll
2010-10-14 22:04:02 ----a---- c:\windows\system32\iesysprep.dll
2010-10-14 22:04:02 ----a---- c:\windows\system32\iesetup.dll
2010-10-14 22:04:02 ----a---- c:\windows\system32\iernonce.dll
2010-10-14 22:04:02 ----a---- c:\windows\system32\iepeers.dll
2010-10-14 22:04:02 ----a---- c:\windows\system32\ie4uinit.exe
2010-10-14 22:04:01 ----a---- c:\windows\system32\mfc40u.dll
2010-10-14 22:04:01 ----a---- c:\windows\system32\mfc40.dll
2010-10-14 22:04:00 ----a---- c:\windows\system32\win32k.sys
2010-10-14 22:03:59 ----a---- c:\windows\system32\msshsq.dll
2010-10-14 22:03:57 ----a---- c:\windows\system32\wmpmde.dll
2010-10-14 22:03:56 ----a---- c:\windows\system32\comctl32.dll
2010-10-14 10:47:26 ----ad---- c:\program files\cake poker 2.0
======list of files/folders modified in the last 1 months======
2010-11-10 19:56:35 ----d---- c:\windows\temp
2010-11-10 19:33:20 ----d---- c:\windows\system32\catroot
2010-11-10 19:33:13 ----d---- c:\windows\winsxs
2010-11-10 19:29:55 ----d---- c:\programdata\soulseek
2010-11-10 19:16:18 ----d---- c:\users\pablo\appdata\roaming\microgaming
2010-11-10 18:51:03 ----d---- c:\pablo's music, movies and more
2010-11-10 18:26:55 ----d---- c:\action poker
2010-11-10 18:21:41 ----shd---- c:\system volume information
2010-11-10 17:54:51 ----d---- c:\windows\tasks
2010-11-10 17:52:24 ----d---- c:\programdata\kaspersky lab
2010-11-10 17:35:46 ----d---- c:\windows
2010-11-10 17:35:45 ----a---- c:\windows\system.ini
2010-11-10 17:35:33 ----d---- c:\windows\system32\drivers\etc
2010-11-10 17:31:38 ----d---- c:\windows\system32\drivers
2010-11-10 17:31:38 ----d---- c:\windows\apppatch
2010-11-10 17:31:38 ----ad---- c:\windows\system32
2010-11-10 17:31:37 ----d---- c:\program files\common files
2010-11-10 17:19:03 ----d---- c:\windows\system32\tasks
2010-11-10 17:07:06 ----shd---- c:\windows\installer
2010-11-10 17:04:52 ----d---- c:\program files\java
2010-11-10 17:04:51 ----d---- c:\program files\common files\java
2010-11-10 16:22:32 ----d---- c:\program files\full tilt poker
2010-11-10 16:16:19 ----d---- c:\programdata\spybot - search & destroy
2010-11-10 15:10:31 ----d---- c:\users\pablo\appdata\roaming\amsterdams poker
2010-11-10 15:06:25 ----d---- c:\windows\debug
2010-11-10 15:01:22 ----rd---- c:\program files
2010-11-10 12:55:44 ----d---- c:\windows\system32\logfiles
2010-11-10 03:52:30 ----d---- c:\windows\system32\config
2010-11-10 03:29:55 ----d---- c:\users\pablo\appdata\roaming\utorrent
2010-11-10 03:16:51 ----d---- c:\programdata
2010-11-10 03:07:35 ----d---- c:\windows\prefetch
2010-11-10 02:18:16 ----d---- c:\program files\carbonpoker
2010-11-09 23:38:11 ----dc---- c:\windows\system32\drvstore
2010-11-09 23:33:17 ----d---- c:\programdata\lavasoft
2010-11-09 23:12:00 ----d---- c:\windows\system32\catroot2
2010-11-09 15:01:35 ----d---- c:\windows\microsoft.net
2010-11-09 15:00:02 ----rsd---- c:\windows\assembly
2010-11-09 14:17:24 ----d---- c:\program files\windows live
2010-11-09 13:24:59 ----sd---- c:\programdata\microsoft
2010-11-09 13:22:58 ----d---- c:\program files\common files\microsoft shared
2010-11-09 12:50:34 ----rsd---- c:\windows\media
2010-11-09 04:05:24 ----d---- c:\windows\pchealth
2010-11-08 17:58:03 ----a---- c:\windows\win.ini
2010-11-08 14:12:20 ----d---- c:\windows\inf
2010-11-08 14:12:20 ----a---- c:\windows\system32\perfstringbackup.ini
2010-11-08 13:54:56 ----d---- c:\program files\spybot - search & destroy
2010-11-08 13:40:46 ----d---- c:\program files\luckyacepoker.com
2010-11-08 13:40:15 ----d---- c:\users\pablo\appdata\roaming\luckyacepoker.com
2010-11-07 22:17:21 ----d---- c:\programdata\wlinstaller
2010-11-07 20:38:30 ----a---- c:\windows\system32\agremove.exe
2010-11-06 19:42:28 ----d---- c:\users\pablo\appdata\roaming\vlc
 
2010-11-05 21:23:33 ----rd---- c:\nai's documents
2010-11-04 13:00:21 ----d---- c:\microgaming
2010-11-03 13:19:27 ----d---- c:\users\pablo\appdata\roaming\pacificpoker
2010-11-03 13:17:34 ----d---- c:\program files\pacificpoker
2010-11-02 19:51:40 ----d---- c:\betfair
2010-11-01 04:13:45 ----hd---- c:\program files\installshield installation information
2010-11-01 04:13:44 ----d---- c:\program files\ubisoft
2010-10-28 23:01:14 ----d---- c:\program files\mozilla firefox
2010-10-25 02:02:17 ----d---- c:\users\pablo\appdata\roaming\skype
2010-10-24 23:03:37 ----d---- c:\users\pablo\appdata\roaming\skypepm
2010-10-22 16:41:51 ----d---- c:\users\pablo\appdata\roaming\mozilla
2010-10-21 13:11:43 ----d---- c:\windows\rescache
2010-10-21 12:56:44 ----d---- c:\program files\bwin
2010-10-20 11:20:40 ----rsd---- c:\windows\fonts
2010-10-20 11:09:46 ----d---- c:\windows\system32\en-us
2010-10-19 21:51:33 ----n---- c:\windows\system32\mpsigstub.exe
2010-10-17 17:06:19 ----d---- c:\temp
2010-10-16 13:14:49 ----d---- c:\program files\bodog poker
2010-10-15 03:04:07 ----d---- c:\program files\windows media player
2010-10-15 03:04:06 ----d---- c:\windows\system32\migration
2010-10-15 03:04:06 ----d---- c:\program files\internet explorer
2010-10-14 10:43:44 ----ad---- c:\program files\cake poker
2010-10-12 20:35:52 ----ad---- c:\program files\amsterdampoker
======list of drivers (r=running, s=stopped, 0=boot, 1=system, 2=auto, 3=demand, 4=disabled)======
r0 giveio;giveio; c:\windows\system32\giveio.sys [1996-04-03 5248]
r0 iastor;intel ahci controller; c:\windows\system32\drivers\iastor.sys [2007-09-29 308248]
r0 klbg;kaspersky lab boot guard driver; c:\windows\system32\drivers\klbg.sys [2008-12-15 33808]
r0 lbd;lbd; c:\windows\system32\drivers\lbd.sys [2010-09-23 64288]
r0 pavboot;pavboot; c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]
r0 pxhelp20;pxhelp20; c:\windows\system32\drivers\pxhelp20.sys [2005-08-19 46080]
r0 speedfan;speedfan; c:\windows\system32\speedfan.sys [2006-09-24 5248]
r0 sptd;sptd; c:\windows\system32\drivers\sptd.sys [2008-11-19 682232]
r0 tos_sps32;toshiba tos_sps32 service; c:\windows\system32\drivers\tos_sps32.sys [2008-01-21 285184]
r0 tvalz;toshiba acpi-based value added logical and general purpose device driver; c:\windows\system32\drivers\tvalz_o.sys [2007-11-09 23640]
r1 cdudf_xp;cdudf_xp; c:\windows\system32\drivers\cdudf_xp.sys [2005-09-19 309632]
r1 elbycdio;elbycdio driver; c:\windows\system32\drivers\elbycdio.sys [2007-08-07 25160]
r1 kl1;kl1; c:\windows\system32\drivers\kl1.sys [2009-08-12 128016]
r1 klif;kaspersky lab driver; c:\windows\system32\drivers\klif.sys [2009-08-12 280592]
r1 klim6;kaspersky anti-virus ndis 6 filter; c:\windows\system32\drivers\klim6.sys [2009-05-15 21008]
r1 mpfilter;microsoft malware protection driver; c:\windows\system32\drivers\mpfilter.sys [2010-03-25 151216]
r1 pwd_2k;pwd_2k; c:\windows\system32\drivers\pwd_2k.sys [2005-09-19 119168]
r1 rxfilter;rxfilter; c:\windows\system32\drivers\rxfilter.sys [2005-09-19 50176]
r2 mdmxsdk;mdmxsdk; c:\windows\system32\drivers\mdmxsdk.sys [2006-06-18 12672]
r2 xaudio;xaudio; c:\windows\system32\drivers\xaudio.sys [2007-10-17 8704]
r3 atikmdag;atikmdag; c:\windows\system32\drivers\atikmdag.sys [2008-01-30 3483648]
r3 cnxthdaudservice;conexant uaa function driver for high definition audio service; c:\windows\system32\drivers\chdrt32.sys [2008-03-04 188416]
r3 dvd_2k;dvd_2k; c:\windows\system32\drivers\dvd_2k.sys [2005-09-19 27264]
r3 elbycdfl;elbycdfl; c:\windows\system32\drivers\elbycdfl.sys [2007-02-16 34760]
r3 gearaspiwdm;gear aspi filter driver; c:\windows\system32\drivers\gearaspiwdm.sys [2009-05-18 26600]
r3 hdaudaddservice;microsoft 1.1 uaa function driver for high definition audio service; c:\windows\system32\drivers\hdaudio.sys [2009-04-11 236544]
r3 hsf_dpv;hsf_dpv; c:\windows\system32\drivers\hsx_dpv.sys [2007-11-01 985600]
r3 hsxhwazl;hsxhwazl; c:\windows\system32\drivers\hsxhwazl.sys [2007-11-01 208896]
r3 klmouflt;kaspersky lab klmouflt; c:\windows\system32\drivers\klmouflt.sys [2009-05-16 19472]
r3 mpnwmon;microsoft malware protection network driver; c:\windows\system32\drivers\mpnwmon.sys [2010-03-25 42368]
r3 netw5v32;intel(r) wireless wifi link 5000 series adapter driver for windows vista 32 bit; c:\windows\system32\drivers\netw5v32.sys [2008-11-17 3668480]
r3 o2mdrdr;o2mdrdr; c:\windows\system32\drivers\o2media.sys [2008-01-15 48472]
r3 qiomem;generic io & memory access; c:\windows\system32\drivers\qiomem.sys [2007-04-09 8192]
r3 sdbus;sdbus; c:\windows\system32\drivers\sdbus.sys [2009-04-11 89088]
r3 syntp;synaptics touchpad driver; c:\windows\system32\drivers\syntp.sys [2007-11-29 196144]
r3 tdcmdpst;toshiba writing engine filter driver; c:\windows\system32\drivers\tdcmdpst.sys [2006-10-18 16128]
r3 tosrfec;bluetooth acpi; c:\windows\system32\drivers\tosrfec.sys [2006-10-23 9216]
r3 usbvideo;chicony usb 2.0 camera; c:\windows\system32\drivers\usbvideo.sys [2008-01-21 134016]
r3 uvcftr;uvcftr; c:\windows\system32\drivers\uvcftr_s.sys [2007-12-17 18432]
r3 winachsf;winachsf; c:\windows\system32\drivers\hsx_cnxt.sys [2007-11-01 661504]
r3 yukonwlh;ndis6.0 miniport driver for marvell yukon ethernet controller; c:\windows\system32\drivers\yk60x86.sys [2007-12-06 298496]
s2 adfs;adfs; c:\windows\system32\drivers\adfs.sys []
s3 athr;atheros extensible wireless lan device driver; c:\windows\system32\drivers\athr.sys [2006-11-02 467456]
s3 azyuwwtd;azyuwwtd; c:\windows\system32\drivers\azyuwwtd.sys []
s3 catchme;catchme; \??\c:\users\pablo\appdata\local\temp\catchme.sys []
s3 drmkaud;microsoft kernel drm audio descrambler; c:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
s3 fssfltr;fssfltr; c:\windows\system32\drivers\fssfltr.sys [2010-09-23 39272]
s3 igfx;igfx; c:\windows\system32\drivers\igfx.sys []
s3 intchdmiaddservice;intel(r) high definition audio hdmi service; c:\windows\system32\drivers\intchdmiaddservice.sys []
s3 manycam;manycam virtual webcam, wdm video capture driver; c:\windows\system32\drivers\manycam.sys []
s3 mmc_2k;mmc_2k; c:\windows\system32\drivers\mmc_2k.sys [2005-09-19 27136]
s3 mremp50;mremp50 ndis protocol driver; \??\c:\progra~1\common~1\motive\mremp50.sys [2008-04-11 21248]
s3 mremp50a64;mremp50a64 ndis protocol driver; \??\c:\progra~1\common~1\motive\mremp50a64.sys []
s3 mrempr5;mrempr5 ndis protocol driver; \??\c:\progra~1\common~1\motive\mrempr5.sys []
s3 mrendis5;mrendis5 ndis protocol driver; \??\c:\progra~1\common~1\motive\mrendis5.sys []
s3 mresp50;mresp50 ndis protocol driver; \??\c:\progra~1\common~1\motive\mresp50.sys [2008-04-11 20096]
s3 mresp50a64;mresp50a64 ndis protocol driver; \??\c:\progra~1\common~1\motive\mresp50a64.sys []
s3 mskssrv;microsoft streaming service proxy; c:\windows\system32\drivers\mskssrv.sys [2008-01-21 8192]
s3 mspclock;microsoft streaming clock proxy; c:\windows\system32\drivers\mspclock.sys [2008-01-21 5888]
s3 mspqm;microsoft streaming quality manager proxy; c:\windows\system32\drivers\mspqm.sys [2008-01-21 5504]
s3 mstee;microsoft streaming tee/sink-to-sink converter; c:\windows\system32\drivers\mstee.sys [2008-01-21 6016]
s3 netw4v32;intel(r) wireless wifi link adapter driver for windows vista 32 bit; c:\windows\system32\drivers\netw4v32.sys [2007-09-26 2251776]
s3 ss_bus;samsung mobile usb device 1.0 driver (wdm); c:\windows\system32\drivers\ss_bus.sys [2005-01-24 52384]
s3 ss_mdfl;samsung mobile usb modem 1.0 filter; c:\windows\system32\drivers\ss_mdfl.sys [2005-01-24 6064]
s3 ss_mdm;samsung mobile usb modem 1.0 drivers; c:\windows\system32\drivers\ss_mdm.sys [2005-01-24 84512]
s3 tosrfcom;tosrfcom; c:\windows\system32\drivers\tosrfcom.sys []
s3 tvichw32;tvichw32; \??\c:\windows\system32\drivers\tvichw32.sys [2009-01-03 23600]
s3 usbaapl;apple mobile usb driver; c:\windows\system32\drivers\usbaapl.sys [2010-04-19 41984]
s3 usbaudio;usb audio driver (wdm); c:\windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
s3 wdc_sam;wd scsi pass thru driver; c:\windows\system32\drivers\wdcsam.sys [2008-05-06 11520]
s3 wudfrd;wudfrd; c:\windows\system32\drivers\wudfrd.sys [2008-01-21 83328]
s4 errdev;microsoft hardware error device driver; c:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
s4 megasr;megasr; c:\windows\system32\drivers\megasr.sys [2008-01-21 386616]
======list of services (r=running, s=stopped, 0=boot, 1=system, 2=auto, 3=demand, 4=disabled)======
r2 apple mobile device;mobiel apple apparaat; c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe [2010-08-13 144672]
r2 ati external event utility;ati external event utility; c:\windows\system32\ati2evxx.exe [2008-01-30 643072]
r2 avp;kaspersky anti-virus; c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe [2010-08-18 311680]
r2 bonjour service;bonjour-service; c:\program files\bonjour\mdnsresponder.exe [2010-07-27 345376]
r2 configfree service;configfree service; c:\program files\toshiba\configfree\cfsvcs.exe [2007-12-25 40960]
r2 lavasoft ad-aware service;lavasoft ad-aware service; c:\program files\lavasoft\ad-aware\aawservice.exe [2010-11-09 1375992]
r2 mccicmservice;mccicmservice; c:\program files\common files\motive\mccicmservice.exe [2007-11-28 303104]
r2 msmpsvc;microsoft antimalware service; c:\program files\microsoft security essentials\msmpeng.exe [2010-03-25 17904]
r2 o2flash;o2micro flash memory card service; c:\program files\o2micro flash memory card driver\o2flash.exe [2007-02-12 65536]
r2 roxwatch;roxio hard drive watcher; c:\program files\common files\roxio shared\sharedcom8\roxwatch.exe [2005-09-19 155648]
r2 seaport;seaport; c:\program files\microsoft\search enhancement pack\seaport\seaport.exe [2010-09-22 249136]
r2 tempomonitoringservice;notebook performance tuning service ; c:\program files\toshiba tempro\temposvc.exe [2008-11-06 99720]
r2 tnavisrv;toshiba navi support service; c:\program files\toshiba\toshiba dvd player\tnavisrv.exe [2008-01-21 83312]
r2 toddsrv;toshiba optical disc drive service; c:\windows\system32\toddsrv.exe [2007-11-21 129632]
r2 toscosrv;toshiba power saver; c:\program files\toshiba\power saver\toscosrv.exe [2008-01-17 431456]
r2 toshiba bluetooth service;toshiba bluetooth service; c:\program files\toshiba\bluetooth toshiba stack\tosbtsrv.exe [2007-09-28 128360]
r2 toshiba smart log service;toshiba smart log service; c:\program files\toshiba\smartlogservice\tosipcsrv.exe [2007-12-03 126976]
r2 uleadburninghelper;ulead burning helper; c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe [2006-08-23 49152]
r2 wlidsvc;windows live id sign-in assistant; c:\program files\common files\microsoft shared\windows live\wlidsvc.exe [2010-09-21 1710464]
r2 xaudioservice;xaudioservice; c:\windows\system32\drivers\xaudio.exe [2007-10-17 386560]
r3 fontcache;@%systemroot%\system32\fntcache.dll,-100; c:\windows\system32\svchost.exe [2008-01-21 21504]
r3 ipod service;ipod-service; c:\program files\ipod\bin\ipodservice.exe [2010-09-24 820008]
r3 roxmediadb;roxmediadb; c:\program files\common files\roxio shared\sharedcom8\roxmediadb.exe [2005-09-19 856064]
s2 clr_optimization_v4.0.30319_32;microsoft .net framework ngen v4.0.30319_x86; c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
s2 gupdate1c9a02555337583;google update service (gupdate1c9a02555337583); c:\program files\google\update\googleupdate.exe [2009-03-08 133104]
s2 pgsql-8.3;postgresql database server 8.3; c:\program files\postgresql\8.3\bin\pg_ctl.exe [2008-09-19 65536]
s2 roxliveshare;liveshare p2p server; c:\program files\common files\roxio shared\sharedcom8\roxliveshare.exe [2005-09-19 229376]
s2 roxupnpserver;roxupnpserver; c:\program files\roxio\easy media creator 8\digital home\roxupnpserver.exe [2005-09-19 401408]
s3 fsssvc;windows live family safety service; c:\program files\windows live\family safety\fsssvc.exe [2010-09-23 1493352]
s3 idrivert;installdriver table manager; c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe [2004-10-22 73728]
s3 roxupnprenderer;roxupnprenderer; c:\program files\common files\roxio shared\sharedcom\roxupnprenderer.exe [2005-09-19 45056]
s3 wpffontcache_v0400;@c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe,-100; c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe [2010-03-18 753504]
s4 wlcrasvc;windows live mesh remote connections service; c:\program files\windows live\mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------eof-----------------

[/hjt]
--- automatische edit ---
En

2010-11-05 21:23:33 ----rd---- c:\nai's documents
2010-11-04 13:00:21 ----d---- c:\microgaming
2010-11-03 13:19:27 ----d---- c:\users\pablo\appdata\roaming\pacificpoker
2010-11-03 13:17:34 ----d---- c:\program files\pacificpoker
2010-11-02 19:51:40 ----d---- c:\betfair
2010-11-01 04:13:45 ----hd---- c:\program files\installshield installation information
2010-11-01 04:13:44 ----d---- c:\program files\ubisoft
2010-10-28 23:01:14 ----d---- c:\program files\mozilla firefox
2010-10-25 02:02:17 ----d---- c:\users\pablo\appdata\roaming\skype
2010-10-24 23:03:37 ----d---- c:\users\pablo\appdata\roaming\skypepm
2010-10-22 16:41:51 ----d---- c:\users\pablo\appdata\roaming\mozilla
2010-10-21 13:11:43 ----d---- c:\windows\rescache
2010-10-21 12:56:44 ----d---- c:\program files\bwin
2010-10-20 11:20:40 ----rsd---- c:\windows\fonts
2010-10-20 11:09:46 ----d---- c:\windows\system32\en-us
2010-10-19 21:51:33 ----n---- c:\windows\system32\mpsigstub.exe
2010-10-17 17:06:19 ----d---- c:\temp
2010-10-16 13:14:49 ----d---- c:\program files\bodog poker
2010-10-15 03:04:07 ----d---- c:\program files\windows media player
2010-10-15 03:04:06 ----d---- c:\windows\system32\migration
2010-10-15 03:04:06 ----d---- c:\program files\internet explorer
2010-10-14 10:43:44 ----ad---- c:\program files\cake poker
2010-10-12 20:35:52 ----ad---- c:\program files\amsterdampoker
======list of drivers (r=running, s=stopped, 0=boot, 1=system, 2=auto, 3=demand, 4=disabled)======
r0 giveio;giveio; c:\windows\system32\giveio.sys [1996-04-03 5248]
r0 iastor;intel ahci controller; c:\windows\system32\drivers\iastor.sys [2007-09-29 308248]
r0 klbg;kaspersky lab boot guard driver; c:\windows\system32\drivers\klbg.sys [2008-12-15 33808]
r0 lbd;lbd; c:\windows\system32\drivers\lbd.sys [2010-09-23 64288]
r0 pavboot;pavboot; c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]
r0 pxhelp20;pxhelp20; c:\windows\system32\drivers\pxhelp20.sys [2005-08-19 46080]
r0 speedfan;speedfan; c:\windows\system32\speedfan.sys [2006-09-24 5248]
r0 sptd;sptd; c:\windows\system32\drivers\sptd.sys [2008-11-19 682232]
r0 tos_sps32;toshiba tos_sps32 service; c:\windows\system32\drivers\tos_sps32.sys [2008-01-21 285184]
r0 tvalz;toshiba acpi-based value added logical and general purpose device driver; c:\windows\system32\drivers\tvalz_o.sys [2007-11-09 23640]
r1 cdudf_xp;cdudf_xp; c:\windows\system32\drivers\cdudf_xp.sys [2005-09-19 309632]
r1 elbycdio;elbycdio driver; c:\windows\system32\drivers\elbycdio.sys [2007-08-07 25160]
r1 kl1;kl1; c:\windows\system32\drivers\kl1.sys [2009-08-12 128016]
r1 klif;kaspersky lab driver; c:\windows\system32\drivers\klif.sys [2009-08-12 280592]
r1 klim6;kaspersky anti-virus ndis 6 filter; c:\windows\system32\drivers\klim6.sys [2009-05-15 21008]
r1 mpfilter;microsoft malware protection driver; c:\windows\system32\drivers\mpfilter.sys [2010-03-25 151216]
r1 pwd_2k;pwd_2k; c:\windows\system32\drivers\pwd_2k.sys [2005-09-19 119168]
r1 rxfilter;rxfilter; c:\windows\system32\drivers\rxfilter.sys [2005-09-19 50176]
r2 mdmxsdk;mdmxsdk; c:\windows\system32\drivers\mdmxsdk.sys [2006-06-18 12672]
r2 xaudio;xaudio; c:\windows\system32\drivers\xaudio.sys [2007-10-17 8704]
r3 atikmdag;atikmdag; c:\windows\system32\drivers\atikmdag.sys [2008-01-30 3483648]
r3 cnxthdaudservice;conexant uaa function driver for high definition audio service; c:\windows\system32\drivers\chdrt32.sys [2008-03-04 188416]
r3 dvd_2k;dvd_2k; c:\windows\system32\drivers\dvd_2k.sys [2005-09-19 27264]
r3 elbycdfl;elbycdfl; c:\windows\system32\drivers\elbycdfl.sys [2007-02-16 34760]
r3 gearaspiwdm;gear aspi filter driver; c:\windows\system32\drivers\gearaspiwdm.sys [2009-05-18 26600]
r3 hdaudaddservice;microsoft 1.1 uaa function driver for high definition audio service; c:\windows\system32\drivers\hdaudio.sys [2009-04-11 236544]
r3 hsf_dpv;hsf_dpv; c:\windows\system32\drivers\hsx_dpv.sys [2007-11-01 985600]
r3 hsxhwazl;hsxhwazl; c:\windows\system32\drivers\hsxhwazl.sys [2007-11-01 208896]
r3 klmouflt;kaspersky lab klmouflt; c:\windows\system32\drivers\klmouflt.sys [2009-05-16 19472]
r3 mpnwmon;microsoft malware protection network driver; c:\windows\system32\drivers\mpnwmon.sys [2010-03-25 42368]
r3 netw5v32;intel(r) wireless wifi link 5000 series adapter driver for windows vista 32 bit; c:\windows\system32\drivers\netw5v32.sys [2008-11-17 3668480]
r3 o2mdrdr;o2mdrdr; c:\windows\system32\drivers\o2media.sys [2008-01-15 48472]
r3 qiomem;generic io & memory access; c:\windows\system32\drivers\qiomem.sys [2007-04-09 8192]
r3 sdbus;sdbus; c:\windows\system32\drivers\sdbus.sys [2009-04-11 89088]
r3 syntp;synaptics touchpad driver; c:\windows\system32\drivers\syntp.sys [2007-11-29 196144]
r3 tdcmdpst;toshiba writing engine filter driver; c:\windows\system32\drivers\tdcmdpst.sys [2006-10-18 16128]
r3 tosrfec;bluetooth acpi; c:\windows\system32\drivers\tosrfec.sys [2006-10-23 9216]
r3 usbvideo;chicony usb 2.0 camera; c:\windows\system32\drivers\usbvideo.sys [2008-01-21 134016]
r3 uvcftr;uvcftr; c:\windows\system32\drivers\uvcftr_s.sys [2007-12-17 18432]
r3 winachsf;winachsf; c:\windows\system32\drivers\hsx_cnxt.sys [2007-11-01 661504]
r3 yukonwlh;ndis6.0 miniport driver for marvell yukon ethernet controller; c:\windows\system32\drivers\yk60x86.sys [2007-12-06 298496]
s2 adfs;adfs; c:\windows\system32\drivers\adfs.sys []
s3 athr;atheros extensible wireless lan device driver; c:\windows\system32\drivers\athr.sys [2006-11-02 467456]
s3 azyuwwtd;azyuwwtd; c:\windows\system32\drivers\azyuwwtd.sys []
s3 catchme;catchme; \??\c:\users\pablo\appdata\local\temp\catchme.sys []
s3 drmkaud;microsoft kernel drm audio descrambler; c:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
s3 fssfltr;fssfltr; c:\windows\system32\drivers\fssfltr.sys [2010-09-23 39272]
s3 igfx;igfx; c:\windows\system32\drivers\igfx.sys []
s3 intchdmiaddservice;intel(r) high definition audio hdmi service; c:\windows\system32\drivers\intchdmiaddservice.sys []
s3 manycam;manycam virtual webcam, wdm video capture driver; c:\windows\system32\drivers\manycam.sys []
s3 mmc_2k;mmc_2k; c:\windows\system32\drivers\mmc_2k.sys [2005-09-19 27136]
s3 mremp50;mremp50 ndis protocol driver; \??\c:\progra~1\common~1\motive\mremp50.sys [2008-04-11 21248]
s3 mremp50a64;mremp50a64 ndis protocol driver; \??\c:\progra~1\common~1\motive\mremp50a64.sys []
s3 mrempr5;mrempr5 ndis protocol driver; \??\c:\progra~1\common~1\motive\mrempr5.sys []
s3 mrendis5;mrendis5 ndis protocol driver; \??\c:\progra~1\common~1\motive\mrendis5.sys []
s3 mresp50;mresp50 ndis protocol driver; \??\c:\progra~1\common~1\motive\mresp50.sys [2008-04-11 20096]
s3 mresp50a64;mresp50a64 ndis protocol driver; \??\c:\progra~1\common~1\motive\mresp50a64.sys []
s3 mskssrv;microsoft streaming service proxy; c:\windows\system32\drivers\mskssrv.sys [2008-01-21 8192]
s3 mspclock;microsoft streaming clock proxy; c:\windows\system32\drivers\mspclock.sys [2008-01-21 5888]
s3 mspqm;microsoft streaming quality manager proxy; c:\windows\system32\drivers\mspqm.sys [2008-01-21 5504]
s3 mstee;microsoft streaming tee/sink-to-sink converter; c:\windows\system32\drivers\mstee.sys [2008-01-21 6016]
s3 netw4v32;intel(r) wireless wifi link adapter driver for windows vista 32 bit; c:\windows\system32\drivers\netw4v32.sys [2007-09-26 2251776]
s3 ss_bus;samsung mobile usb device 1.0 driver (wdm); c:\windows\system32\drivers\ss_bus.sys [2005-01-24 52384]
s3 ss_mdfl;samsung mobile usb modem 1.0 filter; c:\windows\system32\drivers\ss_mdfl.sys [2005-01-24 6064]
s3 ss_mdm;samsung mobile usb modem 1.0 drivers; c:\windows\system32\drivers\ss_mdm.sys [2005-01-24 84512]
s3 tosrfcom;tosrfcom; c:\windows\system32\drivers\tosrfcom.sys []
s3 tvichw32;tvichw32; \??\c:\windows\system32\drivers\tvichw32.sys [2009-01-03 23600]
s3 usbaapl;apple mobile usb driver; c:\windows\system32\drivers\usbaapl.sys [2010-04-19 41984]
s3 usbaudio;usb audio driver (wdm); c:\windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
s3 wdc_sam;wd scsi pass thru driver; c:\windows\system32\drivers\wdcsam.sys [2008-05-06 11520]
s3 wudfrd;wudfrd; c:\windows\system32\drivers\wudfrd.sys [2008-01-21 83328]
s4 errdev;microsoft hardware error device driver; c:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
s4 megasr;megasr; c:\windows\system32\drivers\megasr.sys [2008-01-21 386616]
======list of services (r=running, s=stopped, 0=boot, 1=system, 2=auto, 3=demand, 4=disabled)======
r2 apple mobile device;mobiel apple apparaat; c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe [2010-08-13 144672]
r2 ati external event utility;ati external event utility; c:\windows\system32\ati2evxx.exe [2008-01-30 643072]
r2 avp;kaspersky anti-virus; c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe [2010-08-18 311680]
r2 bonjour service;bonjour-service; c:\program files\bonjour\mdnsresponder.exe [2010-07-27 345376]
r2 configfree service;configfree service; c:\program files\toshiba\configfree\cfsvcs.exe [2007-12-25 40960]
r2 lavasoft ad-aware service;lavasoft ad-aware service; c:\program files\lavasoft\ad-aware\aawservice.exe [2010-11-09 1375992]
r2 mccicmservice;mccicmservice; c:\program files\common files\motive\mccicmservice.exe [2007-11-28 303104]
r2 msmpsvc;microsoft antimalware service; c:\program files\microsoft security essentials\msmpeng.exe [2010-03-25 17904]
r2 o2flash;o2micro flash memory card service; c:\program files\o2micro flash memory card driver\o2flash.exe [2007-02-12 65536]
r2 roxwatch;roxio hard drive watcher; c:\program files\common files\roxio shared\sharedcom8\roxwatch.exe [2005-09-19 155648]
r2 seaport;seaport; c:\program files\microsoft\search enhancement pack\seaport\seaport.exe [2010-09-22 249136]
r2 tempomonitoringservice;notebook performance tuning service ; c:\program files\toshiba tempro\temposvc.exe [2008-11-06 99720]
r2 tnavisrv;toshiba navi support service; c:\program files\toshiba\toshiba dvd player\tnavisrv.exe [2008-01-21 83312]
r2 toddsrv;toshiba optical disc drive service; c:\windows\system32\toddsrv.exe [2007-11-21 129632]
r2 toscosrv;toshiba power saver; c:\program files\toshiba\power saver\toscosrv.exe [2008-01-17 431456]
r2 toshiba bluetooth service;toshiba bluetooth service; c:\program files\toshiba\bluetooth toshiba stack\tosbtsrv.exe [2007-09-28 128360]
r2 toshiba smart log service;toshiba smart log service; c:\program files\toshiba\smartlogservice\tosipcsrv.exe [2007-12-03 126976]
r2 uleadburninghelper;ulead burning helper; c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe [2006-08-23 49152]
r2 wlidsvc;windows live id sign-in assistant; c:\program files\common files\microsoft shared\windows live\wlidsvc.exe [2010-09-21 1710464]
r2 xaudioservice;xaudioservice; c:\windows\system32\drivers\xaudio.exe [2007-10-17 386560]
r3 fontcache;@%systemroot%\system32\fntcache.dll,-100; c:\windows\system32\svchost.exe [2008-01-21 21504]
r3 ipod service;ipod-service; c:\program files\ipod\bin\ipodservice.exe [2010-09-24 820008]
r3 roxmediadb;roxmediadb; c:\program files\common files\roxio shared\sharedcom8\roxmediadb.exe [2005-09-19 856064]
s2 clr_optimization_v4.0.30319_32;microsoft .net framework ngen v4.0.30319_x86; c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
s2 gupdate1c9a02555337583;google update service (gupdate1c9a02555337583); c:\program files\google\update\googleupdate.exe [2009-03-08 133104]
s2 pgsql-8.3;postgresql database server 8.3; c:\program files\postgresql\8.3\bin\pg_ctl.exe [2008-09-19 65536]
s2 roxliveshare;liveshare p2p server; c:\program files\common files\roxio shared\sharedcom8\roxliveshare.exe [2005-09-19 229376]
s2 roxupnpserver;roxupnpserver; c:\program files\roxio\easy media creator 8\digital home\roxupnpserver.exe [2005-09-19 401408]
s3 fsssvc;windows live family safety service; c:\program files\windows live\family safety\fsssvc.exe [2010-09-23 1493352]
s3 idrivert;installdriver table manager; c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe [2004-10-22 73728]
s3 roxupnprenderer;roxupnprenderer; c:\program files\common files\roxio shared\sharedcom\roxupnprenderer.exe [2005-09-19 45056]
s3 wpffontcache_v0400;@c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe,-100; c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe [2010-03-18 753504]
s4 wlcrasvc;windows live mesh remote connections service; c:\program files\windows live\mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------eof-----------------

[/hjt]
 
Laatst bewerkt door een moderator:
Oh ik heb 2x hetzelfde logje gepost. Komt ie!

Logfile of random's system information tool 1.08 (written by random/random)
Run by Pablo at 2010-11-10 20:25:14
Microsoft Windows Vista™ Home Premium Service Pack 2
System drive C: has 5 GB (4%) free of 120 GB
Total RAM: 3070 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:25:44, on 10-11-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Freecom\Freecom Internet Phone\Freecom Internet Phone.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Thuishelp\Zesko\Thuishelp.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
C:\Betfair\Betfair.exe
C:\Action Poker\act.exe
C:\Program Files\Full Tilt Poker\FullTiltPoker.exe
C:\Programs\PartyGaming\PartyGaming.exe
C:\Program Files\BitLord\BitLord.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\SoulseekNS\slsk.exe
C:\Users\Pablo\Desktop\RSIT.exe
C:\Users\Pablo\Downloads\Pablo.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Freecom] "C:\Program Files\Freecom\Freecom Internet Phone\Freecom Internet Phone.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Zesko_McciTrayApp] C:\Program Files\Thuishelp\Zesko\Thuishelp.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pablo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Virtueel toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4 (file missing)
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Programs\EmpirePokerMaster\EmpirePoker\RunEPoker.exe
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Programs\EmpirePokerMaster\EmpirePoker\RunEPoker.exe
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing)
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Internetadressen c&ontrole - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe
O9 - Extra button: Cool Hand Poker - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\coolhandMPP\MPPoker.exe (HKCU)
O9 - Extra button: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (HKCU)
O9 - Extra 'Tools' menuitem: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (HKCU)
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CarbonPoker\CarbonPoker.lnk (HKCU)
O15 - Trusted Zone: http://www.adobe.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Update Service (gupdate1c9a02555337583) (gupdate1c9a02555337583) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 14785 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3173371087-2009597984-3177318452-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3173371087-2009597984-3177318452-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{8115EAAF-0810-4A9C-B579-6413EC6B202D}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll [2009-05-25 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll [2009-08-25 264720]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NDSTray.exe"=NDSTray.exe []
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2009-02-09 579488]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-10-25 413696]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-01-25 716800]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024]
"Freecom"=C:\Program Files\Freecom\Freecom Internet Phone\Freecom Internet Phone.exe [2006-09-22 466944]
"RoxioDragToDisc"=C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-09-19 1687552]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe [2005-09-19 163840]
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-11-06 103824]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"Zesko_McciTrayApp"=C:\Program Files\Thuishelp\Zesko\Thuishelp.exe [2008-04-14 1455104]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2010-08-18 311680]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-24 421160]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2010-09-23 4240760]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-04-03 165784]
"Google Update"=C:\Users\Pablo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-18 136176]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-28 221184]
"Uniblue RegistryBooster 2009"=c:\program files\uniblue\registrybooster\StartRegistryBooster.exe [2008-08-26 99624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Trillian.lnk - C:\Program Files\Trillian\trillian.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2009-05-25 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-11-10 19:55:16 ----D---- C:\rsit
2010-11-10 17:40:16 ----SHD---- C:\$RECYCLE.BIN
2010-11-10 17:40:06 ----A---- C:\ComboFix.txt
2010-11-10 17:24:12 ----A---- C:\Windows\zip.exe
2010-11-10 17:24:12 ----A---- C:\Windows\SWSC.exe
2010-11-10 17:24:12 ----A---- C:\Windows\SWREG.exe
2010-11-10 17:24:12 ----A---- C:\Windows\sed.exe
2010-11-10 17:24:12 ----A---- C:\Windows\PEV.exe
2010-11-10 17:24:12 ----A---- C:\Windows\NIRCMD.exe
2010-11-10 17:24:12 ----A---- C:\Windows\MBR.exe
2010-11-10 17:24:12 ----A---- C:\Windows\grep.exe
2010-11-10 17:24:05 ----D---- C:\Windows\ERDNT
2010-11-10 17:24:04 ----D---- C:\ComboFix
2010-11-10 17:23:42 ----A---- C:\Windows\SWXCACLS.exe
2010-11-10 17:23:09 ----AD---- C:\Qoobox
2010-11-10 17:07:02 ----A---- C:\Windows\system32\javaws.exe
2010-11-10 17:07:02 ----A---- C:\Windows\system32\javaw.exe
2010-11-10 17:07:02 ----A---- C:\Windows\system32\java.exe
2010-11-10 15:01:22 ----D---- C:\Program Files\CCleaner
2010-11-10 03:31:39 ----A---- C:\Windows\system32\lsdelete.exe
2010-11-10 03:16:51 ----D---- C:\ProgramData\DriverScanner
2010-11-10 03:15:23 ----HDC---- C:\ProgramData\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2010-11-10 03:14:02 ----HDC---- C:\ProgramData\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2010-11-10 03:07:55 ----D---- C:\Users\Pablo\AppData\Roaming\Uniblue
2010-11-10 03:07:01 ----D---- C:\Program Files\Uniblue
2010-11-10 03:06:42 ----HDC---- C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2010-11-09 23:38:11 ----A---- C:\Windows\system32\drivers\Lbd.sys
2010-11-09 23:34:26 ----HDC---- C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097}
2010-11-09 14:41:14 ----D---- C:\Program Files\RegTweaker
2010-11-09 13:43:10 ----D---- C:\Users\Pablo\AppData\Roaming\Yahoo!
2010-11-09 13:41:49 ----D---- C:\ProgramData\Yahoo!
2010-11-09 13:30:27 ----D---- C:\Windows\en
2010-11-09 13:29:48 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2010-11-09 04:08:09 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-11-09 03:39:36 ----D---- C:\Users\Pablo\AppData\Roaming\Malwarebytes
2010-11-09 03:39:21 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-11-09 03:39:20 ----D---- C:\ProgramData\Malwarebytes
2010-11-09 03:39:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-09 03:39:19 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-11-08 15:40:41 ----D---- C:\Program Files\Microsoft Security Essentials
2010-11-08 14:50:31 ----D---- C:\Program Files\Everest Poker
2010-11-08 14:45:04 ----A---- C:\Windows\system32\drivers\pavboot.sys
2010-11-08 14:42:54 ----D---- C:\Program Files\Panda Security
2010-11-07 22:22:46 ----D---- C:\Users\Pablo\AppData\Roaming\OpenCandy
2010-11-07 22:17:38 ----D---- C:\ProgramData\WindowsLiveInstaller
2010-11-01 04:00:51 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-11-01 04:00:51 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-11-01 04:00:50 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-10-28 03:29:49 ----D---- C:\Users\Pablo\AppData\Roaming\Trillian
2010-10-28 03:29:42 ----D---- C:\Program Files\Trillian
2010-10-27 12:04:29 ----A---- C:\Windows\system32\gameux.dll
2010-10-27 12:04:29 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-10-27 12:04:28 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-10-26 15:13:40 ----D---- C:\Program Files\Eusing Free Registry Cleaner
2010-10-26 14:56:17 ----D---- C:\Program Files\RegDefense
2010-10-26 13:21:03 ----D---- C:\Program Files\Western Digital Corporation
2010-10-20 11:08:48 ----A---- C:\Windows\system32\webservices.dll
2010-10-14 22:04:59 ----A---- C:\Windows\system32\wmp.dll
2010-10-14 22:04:57 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-14 22:04:36 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-14 22:04:36 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-14 22:04:36 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-14 22:04:35 ----A---- C:\Windows\system32\netevent.dll
2010-10-14 22:04:35 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-14 22:04:19 ----A---- C:\Windows\system32\schannel.dll
2010-10-14 22:04:15 ----A---- C:\Windows\system32\ole32.dll
2010-10-14 22:04:13 ----A---- C:\Windows\system32\t2embed.dll
2010-10-14 22:04:07 ----A---- C:\Windows\system32\mshtml.dll
2010-10-14 22:04:06 ----A---- C:\Windows\system32\ieframe.dll
2010-10-14 22:04:05 ----A---- C:\Windows\system32\urlmon.dll
2010-10-14 22:04:05 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-14 22:04:05 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-14 22:04:04 ----A---- C:\Windows\system32\wininet.dll
2010-10-14 22:04:04 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-14 22:04:03 ----A---- C:\Windows\system32\mstime.dll
2010-10-14 22:04:03 ----A---- C:\Windows\system32\iertutil.dll
2010-10-14 22:04:03 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\occache.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-14 22:04:02 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\ieUnatt.exe
2010-10-14 22:04:02 ----A---- C:\Windows\system32\ieui.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\iesysprep.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\iesetup.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\iernonce.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\iepeers.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\ie4uinit.exe
2010-10-14 22:04:01 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-14 22:04:01 ----A---- C:\Windows\system32\mfc40.dll
2010-10-14 22:04:00 ----A---- C:\Windows\system32\win32k.sys
2010-10-14 22:03:59 ----A---- C:\Windows\system32\msshsq.dll
2010-10-14 22:03:57 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-14 22:03:56 ----A---- C:\Windows\system32\comctl32.dll
2010-10-14 10:47:26 ----AD---- C:\Program Files\Cake Poker 2.0

======List of files/folders modified in the last 1 months======

2010-11-10 20:25:44 ----D---- C:\Windows\Temp
2010-11-10 20:13:03 ----D---- C:\Windows\system32\catroot
2010-11-10 20:12:56 ----D---- C:\Windows\winsxs
2010-11-10 20:12:56 ----D---- C:\Program Files\Windows Mail
2010-11-10 20:07:56 ----D---- C:\Windows\Debug
2010-11-10 20:07:42 ----A---- C:\Windows\system32\mrt.exe
2010-11-10 20:07:08 ----SHD---- C:\System Volume Information
2010-11-10 19:29:55 ----D---- C:\ProgramData\Soulseek
2010-11-10 19:19:30 ----D---- C:\Pablo's music, movies and more
2010-11-10 19:16:18 ----D---- C:\Users\Pablo\AppData\Roaming\Microgaming
2010-11-10 18:26:55 ----D---- C:\Action Poker
2010-11-10 17:54:51 ----D---- C:\Windows\Tasks
2010-11-10 17:52:24 ----D---- C:\ProgramData\Kaspersky Lab
2010-11-10 17:35:46 ----D---- C:\Windows
2010-11-10 17:35:45 ----A---- C:\Windows\system.ini
2010-11-10 17:35:33 ----D---- C:\Windows\system32\drivers\etc
2010-11-10 17:31:38 ----D---- C:\Windows\system32\drivers
2010-11-10 17:31:38 ----D---- C:\Windows\AppPatch
2010-11-10 17:31:38 ----AD---- C:\Windows\System32
2010-11-10 17:31:37 ----D---- C:\Program Files\Common Files
2010-11-10 17:19:03 ----D---- C:\Windows\system32\Tasks
2010-11-10 17:07:06 ----SHD---- C:\Windows\Installer
2010-11-10 17:04:52 ----D---- C:\Program Files\Java
2010-11-10 17:04:51 ----D---- C:\Program Files\Common Files\Java
2010-11-10 16:22:32 ----D---- C:\Program Files\Full Tilt Poker
2010-11-10 16:16:19 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-11-10 15:10:31 ----D---- C:\Users\Pablo\AppData\Roaming\Amsterdams Poker
2010-11-10 15:01:22 ----RD---- C:\Program Files
2010-11-10 12:55:44 ----D---- C:\Windows\system32\LogFiles
2010-11-10 03:52:30 ----D---- C:\Windows\system32\config
2010-11-10 03:29:55 ----D---- C:\Users\Pablo\AppData\Roaming\uTorrent
2010-11-10 03:16:51 ----D---- C:\ProgramData
2010-11-10 03:07:35 ----D---- C:\Windows\Prefetch
2010-11-10 02:18:16 ----D---- C:\Program Files\CarbonPoker
2010-11-09 23:38:11 ----DC---- C:\Windows\system32\DRVSTORE
2010-11-09 23:33:17 ----D---- C:\ProgramData\Lavasoft
2010-11-09 23:12:00 ----D---- C:\Windows\system32\catroot2
2010-11-09 15:01:35 ----D---- C:\Windows\Microsoft.NET
2010-11-09 15:00:02 ----RSD---- C:\Windows\assembly
2010-11-09 14:17:24 ----D---- C:\Program Files\Windows Live
2010-11-09 13:24:59 ----SD---- C:\ProgramData\Microsoft
2010-11-09 13:22:58 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-09 12:50:34 ----RSD---- C:\Windows\Media
2010-11-09 04:05:24 ----D---- C:\Windows\PCHealth
2010-11-08 17:58:03 ----A---- C:\Windows\win.ini
2010-11-08 14:12:20 ----D---- C:\Windows\inf
2010-11-08 14:12:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-08 13:54:56 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-11-08 13:40:46 ----D---- C:\Program Files\LuckyAcePoker.com
2010-11-08 13:40:15 ----D---- C:\Users\Pablo\AppData\Roaming\LuckyAcePoker.com
2010-11-07 22:17:21 ----D---- C:\ProgramData\WLInstaller
2010-11-07 20:38:30 ----A---- C:\Windows\system32\agremove.exe
2010-11-06 19:42:28 ----D---- C:\Users\Pablo\AppData\Roaming\vlc
2010-11-05 21:23:33 ----RD---- C:\Nai's Documents
2010-11-04 13:00:21 ----D---- C:\Microgaming
2010-11-03 13:19:27 ----D---- C:\Users\Pablo\AppData\Roaming\PacificPoker
2010-11-03 13:17:34 ----D---- C:\Program Files\PacificPoker
2010-11-02 19:51:40 ----D---- C:\Betfair
2010-11-01 04:13:45 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-01 04:13:44 ----D---- C:\Program Files\Ubisoft
2010-10-28 23:01:14 ----D---- C:\Program Files\Mozilla Firefox
2010-10-25 02:02:17 ----D---- C:\Users\Pablo\AppData\Roaming\Skype
2010-10-24 23:03:37 ----D---- C:\Users\Pablo\AppData\Roaming\skypePM
2010-10-22 16:41:51 ----D---- C:\Users\Pablo\AppData\Roaming\Mozilla
2010-10-21 13:11:43 ----D---- C:\Windows\rescache
2010-10-21 12:56:44 ----D---- C:\Program Files\bwin
2010-10-20 11:20:40 ----RSD---- C:\Windows\Fonts
2010-10-20 11:09:46 ----D---- C:\Windows\system32\en-US
2010-10-19 21:51:33 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-17 17:06:19 ----D---- C:\Temp
2010-10-16 13:14:49 ----D---- C:\Program Files\Bodog Poker
2010-10-15 03:04:07 ----D---- C:\Program Files\Windows Media Player
2010-10-15 03:04:06 ----D---- C:\Windows\system32\migration
2010-10-15 03:04:06 ----D---- C:\Program Files\Internet Explorer
2010-10-14 10:43:44 ----AD---- C:\Program Files\Cake Poker
2010-10-12 20:35:52 ----AD---- C:\Program Files\AmsterdamPoker

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]
R0 klbg;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\drivers\klbg.sys [2008-12-15 33808]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288]
R0 pavboot;pavboot; C:\Windows\system32\drivers\pavboot.sys [2009-06-30 28552]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2005-08-19 46080]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-11-19 682232]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-01-21 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 cdudf_xp;cdudf_xp; C:\Windows\system32\drivers\cdudf_xp.sys [2005-09-19 309632]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-08-12 128016]
R1 klif;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-08-12 280592]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-05-15 21008]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 pwd_2k;pwd_2k; C:\Windows\system32\drivers\pwd_2k.sys [2005-09-19 119168]
R1 RxFilter;RxFilter; C:\Windows\system32\DRIVERS\RxFilter.sys [2005-09-19 50176]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-30 3483648]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 dvd_2K;dvd_2K; C:\Windows\system32\drivers\dvd_2K.sys [2005-09-19 27264]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2010-11-09 15264]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-01-15 48472]
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-29 196144]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 azyuwwtd;azyuwwtd; C:\Windows\system32\drivers\azyuwwtd.sys []
S3 catchme;catchme; \??\C:\Users\Pablo\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 igfx;igfx; C:\Windows\system32\drivers\igfx.sys []
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\Windows\system32\drivers\IntcHdmiAddService.sys []
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\drivers\ManyCam.sys []
S3 mmc_2K;mmc_2K; C:\Windows\system32\drivers\mmc_2K.sys [2005-09-19 27136]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-04-11 21248]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-04-11 20096]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2005-01-24 52384]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2005-01-24 6064]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2005-01-24 84512]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2009-01-03 23600]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-01-30 643072]
R2 avp;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2010-08-18 311680]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-11-09 1375992]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-11-28 303104]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-09-19 155648]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-11-06 99720]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 128360]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008]
R3 RoxMediaDB;RoxMediaDB; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-09-19 856064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9a02555337583;Google Update Service (gupdate1c9a02555337583); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-08 133104]
S2 pgsql-8.3;PostgreSQL Database Server 8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [2008-09-19 65536]
S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-09-19 229376]
S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-09-19 401408]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-09-19 45056]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------
 
Oh ik heb 2x hetzelfde logje gepost. Komt ie!

Logfile of random's system information tool 1.08 (written by random/random)
Run by Pablo at 2010-11-10 20:25:14
Microsoft Windows Vista Home Premium Service Pack 2
System drive C: has 5 GB (4%) free of 120 GB
Total RAM: 3070 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:25:44, on 10-11-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Freecom\Freecom Internet Phone\Freecom Internet Phone.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Thuishelp\Zesko\Thuishelp.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
C:\Betfair\Betfair.exe
C:\Action Poker\act.exe
C:\Program Files\Full Tilt Poker\FullTiltPoker.exe
C:\Programs\PartyGaming\PartyGaming.exe
C:\Program Files\BitLord\BitLord.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\SoulseekNS\slsk.exe
C:\Users\Pablo\Desktop\RSIT.exe
C:\Users\Pablo\Downloads\Pablo.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Freecom] "C:\Program Files\Freecom\Freecom Internet Phone\Freecom Internet Phone.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Zesko_McciTrayApp] C:\Program Files\Thuishelp\Zesko\Thuishelp.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pablo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Virtueel toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4 (file missing)
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Programs\EmpirePokerMaster\EmpirePoker\RunEPoker.exe
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Programs\EmpirePokerMaster\EmpirePoker\RunEPoker.exe
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing)
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Internetadressen c&ontrole - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe
O9 - Extra button: Cool Hand Poker - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\coolhandMPP\MPPoker.exe (HKCU)
O9 - Extra button: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (HKCU)
O9 - Extra 'Tools' menuitem: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (HKCU)
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CarbonPoker\CarbonPoker.lnk (HKCU)
O15 - Trusted Zone: http://www.adobe.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Update Service (gupdate1c9a02555337583) (gupdate1c9a02555337583) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 14785 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3173371087-2009597984-3177318452-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3173371087-2009597984-3177318452-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{8115EAAF-0810-4A9C-B579-6413EC6B202D}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll [2009-05-25 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll [2009-08-25 264720]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NDSTray.exe"=NDSTray.exe []
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2009-02-09 579488]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-10-25 413696]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-01-25 716800]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024]
"Freecom"=C:\Program Files\Freecom\Freecom Internet Phone\Freecom Internet Phone.exe [2006-09-22 466944]
"RoxioDragToDisc"=C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-09-19 1687552]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe [2005-09-19 163840]
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-11-06 103824]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"Zesko_McciTrayApp"=C:\Program Files\Thuishelp\Zesko\Thuishelp.exe [2008-04-14 1455104]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2010-08-18 311680]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-24 421160]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2010-09-23 4240760]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-04-03 165784]
"Google Update"=C:\Users\Pablo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-18 136176]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-28 221184]
"Uniblue RegistryBooster 2009"=c:\program files\uniblue\registrybooster\StartRegistryBooster.exe [2008-08-26 99624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Trillian.lnk - C:\Program Files\Trillian\trillian.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2009-05-25 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-11-10 19:55:16 ----D---- C:\rsit
2010-11-10 17:40:16 ----SHD---- C:\$RECYCLE.BIN
2010-11-10 17:40:06 ----A---- C:\ComboFix.txt
2010-11-10 17:24:12 ----A---- C:\Windows\zip.exe
2010-11-10 17:24:12 ----A---- C:\Windows\SWSC.exe
2010-11-10 17:24:12 ----A---- C:\Windows\SWREG.exe
2010-11-10 17:24:12 ----A---- C:\Windows\sed.exe
2010-11-10 17:24:12 ----A---- C:\Windows\PEV.exe
2010-11-10 17:24:12 ----A---- C:\Windows\NIRCMD.exe
2010-11-10 17:24:12 ----A---- C:\Windows\MBR.exe
2010-11-10 17:24:12 ----A---- C:\Windows\grep.exe
2010-11-10 17:24:05 ----D---- C:\Windows\ERDNT
2010-11-10 17:24:04 ----D---- C:\ComboFix
2010-11-10 17:23:42 ----A---- C:\Windows\SWXCACLS.exe
2010-11-10 17:23:09 ----AD---- C:\Qoobox
2010-11-10 17:07:02 ----A---- C:\Windows\system32\javaws.exe
2010-11-10 17:07:02 ----A---- C:\Windows\system32\javaw.exe
2010-11-10 17:07:02 ----A---- C:\Windows\system32\java.exe
2010-11-10 15:01:22 ----D---- C:\Program Files\CCleaner
2010-11-10 03:31:39 ----A---- C:\Windows\system32\lsdelete.exe
2010-11-10 03:16:51 ----D---- C:\ProgramData\DriverScanner
2010-11-10 03:15:23 ----HDC---- C:\ProgramData\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2010-11-10 03:14:02 ----HDC---- C:\ProgramData\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2010-11-10 03:07:55 ----D---- C:\Users\Pablo\AppData\Roaming\Uniblue
2010-11-10 03:07:01 ----D---- C:\Program Files\Uniblue
2010-11-10 03:06:42 ----HDC---- C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2010-11-09 23:38:11 ----A---- C:\Windows\system32\drivers\Lbd.sys
2010-11-09 23:34:26 ----HDC---- C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097}
2010-11-09 14:41:14 ----D---- C:\Program Files\RegTweaker
2010-11-09 13:43:10 ----D---- C:\Users\Pablo\AppData\Roaming\Yahoo!
2010-11-09 13:41:49 ----D---- C:\ProgramData\Yahoo!
2010-11-09 13:30:27 ----D---- C:\Windows\en
2010-11-09 13:29:48 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2010-11-09 04:08:09 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-11-09 03:39:36 ----D---- C:\Users\Pablo\AppData\Roaming\Malwarebytes
2010-11-09 03:39:21 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-11-09 03:39:20 ----D---- C:\ProgramData\Malwarebytes
2010-11-09 03:39:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-09 03:39:19 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-11-08 15:40:41 ----D---- C:\Program Files\Microsoft Security Essentials
2010-11-08 14:50:31 ----D---- C:\Program Files\Everest Poker
2010-11-08 14:45:04 ----A---- C:\Windows\system32\drivers\pavboot.sys
2010-11-08 14:42:54 ----D---- C:\Program Files\Panda Security
2010-11-07 22:22:46 ----D---- C:\Users\Pablo\AppData\Roaming\OpenCandy
2010-11-07 22:17:38 ----D---- C:\ProgramData\WindowsLiveInstaller
2010-11-01 04:00:51 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-11-01 04:00:51 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-11-01 04:00:50 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-10-28 03:29:49 ----D---- C:\Users\Pablo\AppData\Roaming\Trillian
2010-10-28 03:29:42 ----D---- C:\Program Files\Trillian
2010-10-27 12:04:29 ----A---- C:\Windows\system32\gameux.dll
2010-10-27 12:04:29 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-10-27 12:04:28 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-10-26 15:13:40 ----D---- C:\Program Files\Eusing Free Registry Cleaner
2010-10-26 14:56:17 ----D---- C:\Program Files\RegDefense
2010-10-26 13:21:03 ----D---- C:\Program Files\Western Digital Corporation
2010-10-20 11:08:48 ----A---- C:\Windows\system32\webservices.dll
2010-10-14 22:04:59 ----A---- C:\Windows\system32\wmp.dll
2010-10-14 22:04:57 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-14 22:04:36 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-14 22:04:36 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-14 22:04:36 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-14 22:04:35 ----A---- C:\Windows\system32\netevent.dll
2010-10-14 22:04:35 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-14 22:04:19 ----A---- C:\Windows\system32\schannel.dll
2010-10-14 22:04:15 ----A---- C:\Windows\system32\ole32.dll
2010-10-14 22:04:13 ----A---- C:\Windows\system32\t2embed.dll
2010-10-14 22:04:07 ----A---- C:\Windows\system32\mshtml.dll
2010-10-14 22:04:06 ----A---- C:\Windows\system32\ieframe.dll
2010-10-14 22:04:05 ----A---- C:\Windows\system32\urlmon.dll
2010-10-14 22:04:05 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-14 22:04:05 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-14 22:04:04 ----A---- C:\Windows\system32\wininet.dll
2010-10-14 22:04:04 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-14 22:04:03 ----A---- C:\Windows\system32\mstime.dll
2010-10-14 22:04:03 ----A---- C:\Windows\system32\iertutil.dll
2010-10-14 22:04:03 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\occache.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-14 22:04:02 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\ieUnatt.exe
2010-10-14 22:04:02 ----A---- C:\Windows\system32\ieui.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\iesysprep.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\iesetup.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\iernonce.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\iepeers.dll
2010-10-14 22:04:02 ----A---- C:\Windows\system32\ie4uinit.exe
2010-10-14 22:04:01 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-14 22:04:01 ----A---- C:\Windows\system32\mfc40.dll
2010-10-14 22:04:00 ----A---- C:\Windows\system32\win32k.sys
2010-10-14 22:03:59 ----A---- C:\Windows\system32\msshsq.dll
2010-10-14 22:03:57 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-14 22:03:56 ----A---- C:\Windows\system32\comctl32.dll
2010-10-14 10:47:26 ----AD---- C:\Program Files\Cake Poker 2.0

======List of files/folders modified in the last 1 months======

2010-11-10 20:25:44 ----D---- C:\Windows\Temp
2010-11-10 20:13:03 ----D---- C:\Windows\system32\catroot
2010-11-10 20:12:56 ----D---- C:\Windows\winsxs
2010-11-10 20:12:56 ----D---- C:\Program Files\Windows Mail
2010-11-10 20:07:56 ----D---- C:\Windows\Debug
2010-11-10 20:07:42 ----A---- C:\Windows\system32\mrt.exe
2010-11-10 20:07:08 ----SHD---- C:\System Volume Information
2010-11-10 19:29:55 ----D---- C:\ProgramData\Soulseek
2010-11-10 19:19:30 ----D---- C:\Pablo's music, movies and more
2010-11-10 19:16:18 ----D---- C:\Users\Pablo\AppData\Roaming\Microgaming
2010-11-10 18:26:55 ----D---- C:\Action Poker
2010-11-10 17:54:51 ----D---- C:\Windows\Tasks
2010-11-10 17:52:24 ----D---- C:\ProgramData\Kaspersky Lab
2010-11-10 17:35:46 ----D---- C:\Windows
2010-11-10 17:35:45 ----A---- C:\Windows\system.ini
2010-11-10 17:35:33 ----D---- C:\Windows\system32\drivers\etc
2010-11-10 17:31:38 ----D---- C:\Windows\system32\drivers
2010-11-10 17:31:38 ----D---- C:\Windows\AppPatch
2010-11-10 17:31:38 ----AD---- C:\Windows\System32
2010-11-10 17:31:37 ----D---- C:\Program Files\Common Files
2010-11-10 17:19:03 ----D---- C:\Windows\system32\Tasks
2010-11-10 17:07:06 ----SHD---- C:\Windows\Installer
2010-11-10 17:04:52 ----D---- C:\Program Files\Java
2010-11-10 17:04:51 ----D---- C:\Program Files\Common Files\Java
2010-11-10 16:22:32 ----D---- C:\Program Files\Full Tilt Poker
2010-11-10 16:16:19 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-11-10 15:10:31 ----D---- C:\Users\Pablo\AppData\Roaming\Amsterdams Poker
2010-11-10 15:01:22 ----RD---- C:\Program Files
2010-11-10 12:55:44 ----D---- C:\Windows\system32\LogFiles
2010-11-10 03:52:30 ----D---- C:\Windows\system32\config
2010-11-10 03:29:55 ----D---- C:\Users\Pablo\AppData\Roaming\uTorrent
2010-11-10 03:16:51 ----D---- C:\ProgramData
2010-11-10 03:07:35 ----D---- C:\Windows\Prefetch
2010-11-10 02:18:16 ----D---- C:\Program Files\CarbonPoker
2010-11-09 23:38:11 ----DC---- C:\Windows\system32\DRVSTORE
2010-11-09 23:33:17 ----D---- C:\ProgramData\Lavasoft
2010-11-09 23:12:00 ----D---- C:\Windows\system32\catroot2
2010-11-09 15:01:35 ----D---- C:\Windows\Microsoft.NET
2010-11-09 15:00:02 ----RSD---- C:\Windows\assembly
2010-11-09 14:17:24 ----D---- C:\Program Files\Windows Live
2010-11-09 13:24:59 ----SD---- C:\ProgramData\Microsoft
2010-11-09 13:22:58 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-09 12:50:34 ----RSD---- C:\Windows\Media
2010-11-09 04:05:24 ----D---- C:\Windows\PCHealth
2010-11-08 17:58:03 ----A---- C:\Windows\win.ini
2010-11-08 14:12:20 ----D---- C:\Windows\inf
2010-11-08 14:12:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-08 13:54:56 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-11-08 13:40:46 ----D---- C:\Program Files\LuckyAcePoker.com
2010-11-08 13:40:15 ----D---- C:\Users\Pablo\AppData\Roaming\LuckyAcePoker.com
2010-11-07 22:17:21 ----D---- C:\ProgramData\WLInstaller
2010-11-07 20:38:30 ----A---- C:\Windows\system32\agremove.exe
2010-11-06 19:42:28 ----D---- C:\Users\Pablo\AppData\Roaming\vlc
2010-11-05 21:23:33 ----RD---- C:\Nai's Documents
2010-11-04 13:00:21 ----D---- C:\Microgaming
2010-11-03 13:19:27 ----D---- C:\Users\Pablo\AppData\Roaming\PacificPoker
2010-11-03 13:17:34 ----D---- C:\Program Files\PacificPoker
2010-11-02 19:51:40 ----D---- C:\Betfair
2010-11-01 04:13:45 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-01 04:13:44 ----D---- C:\Program Files\Ubisoft
2010-10-28 23:01:14 ----D---- C:\Program Files\Mozilla Firefox
2010-10-25 02:02:17 ----D---- C:\Users\Pablo\AppData\Roaming\Skype
2010-10-24 23:03:37 ----D---- C:\Users\Pablo\AppData\Roaming\skypePM
2010-10-22 16:41:51 ----D---- C:\Users\Pablo\AppData\Roaming\Mozilla
2010-10-21 13:11:43 ----D---- C:\Windows\rescache
2010-10-21 12:56:44 ----D---- C:\Program Files\bwin
2010-10-20 11:20:40 ----RSD---- C:\Windows\Fonts
2010-10-20 11:09:46 ----D---- C:\Windows\system32\en-US
2010-10-19 21:51:33 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-17 17:06:19 ----D---- C:\Temp
2010-10-16 13:14:49 ----D---- C:\Program Files\Bodog Poker
2010-10-15 03:04:07 ----D---- C:\Program Files\Windows Media Player
2010-10-15 03:04:06 ----D---- C:\Windows\system32\migration
2010-10-15 03:04:06 ----D---- C:\Program Files\Internet Explorer
2010-10-14 10:43:44 ----AD---- C:\Program Files\Cake Poker
2010-10-12 20:35:52 ----AD---- C:\Program Files\AmsterdamPoker

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]
R0 klbg;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\drivers\klbg.sys [2008-12-15 33808]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288]
R0 pavboot;pavboot; C:\Windows\system32\drivers\pavboot.sys [2009-06-30 28552]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2005-08-19 46080]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-11-19 682232]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-01-21 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 cdudf_xp;cdudf_xp; C:\Windows\system32\drivers\cdudf_xp.sys [2005-09-19 309632]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-08-12 128016]
R1 klif;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-08-12 280592]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-05-15 21008]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 pwd_2k;pwd_2k; C:\Windows\system32\drivers\pwd_2k.sys [2005-09-19 119168]
R1 RxFilter;RxFilter; C:\Windows\system32\DRIVERS\RxFilter.sys [2005-09-19 50176]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-30 3483648]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 dvd_2K;dvd_2K; C:\Windows\system32\drivers\dvd_2K.sys [2005-09-19 27264]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2010-11-09 15264]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-01-15 48472]
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-29 196144]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 azyuwwtd;azyuwwtd; C:\Windows\system32\drivers\azyuwwtd.sys []
S3 catchme;catchme; \??\C:\Users\Pablo\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 igfx;igfx; C:\Windows\system32\drivers\igfx.sys []
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\Windows\system32\drivers\IntcHdmiAddService.sys []
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\drivers\ManyCam.sys []
S3 mmc_2K;mmc_2K; C:\Windows\system32\drivers\mmc_2K.sys [2005-09-19 27136]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-04-11 21248]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-04-11 20096]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2005-01-24 52384]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2005-01-24 6064]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2005-01-24 84512]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2009-01-03 23600]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-01-30 643072]
R2 avp;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2010-08-18 311680]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-11-09 1375992]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-11-28 303104]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-09-19 155648]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-11-06 99720]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 128360]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008]
R3 RoxMediaDB;RoxMediaDB; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-09-19 856064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9a02555337583;Google Update Service (gupdate1c9a02555337583); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-08 133104]
S2 pgsql-8.3;PostgreSQL Database Server 8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [2008-09-19 65536]
S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-09-19 229376]
S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-09-19 401408]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-09-19 45056]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan