divermickey

Lid

Bekijk profiel Bekijk hun activiteit

Items
46
Registratiedatum
10 augustus 2011
Laatst bezocht
20 februari 2017

Inhoudstype

Alle activiteit

Profielen

Forums

Store

Product Reviews

Alles dat geplaatst werd door divermickey

storende reclame

divermickey reageerde op divermickey's topic in Archief Windows 7

Alvast bedankt voor je snelle reactie. in bijlage het log bestand. log.txt
- 5 februari 2015
- 19 antwoorden
storende reclame

divermickey plaatste een topic in Archief Windows 7

Hallo, ik zit verveeld met reclame op mijn computer iedere keer als ik google chrome opstart en iets wil zoeken of ergens op klik ga ik naar reclame toe. heb al verschillende dingen geprobeerd maar krijg het niet weg. Hoop dat jullie me hierbij kunnen helpen. alvast bedankt.
- 5 februari 2015
- 19 antwoorden
Qone8

divermickey reageerde op divermickey's topic in Archief Bestrijding malware & virussen

Ik wou je nog bedanken voor je hulp
- 11 november 2013
- 11 antwoorden
Qone8

divermickey reageerde op divermickey's topic in Archief Bestrijding malware & virussen

lukt niet kan het niet installeren.
- 7 november 2013
- 11 antwoorden
Qone8

divermickey reageerde op divermickey's topic in Archief Bestrijding malware & virussen

ok ga ik proberen thx - - - Updated - - -
- 7 november 2013
- 11 antwoorden
Qone8

divermickey reageerde op divermickey's topic in Archief Bestrijding malware & virussen

Probleem met de startpagina is opgelost Kan ik de computer ook sneller laten opstarten ? Alvast bedankt voor je hulp.
- 7 november 2013
- 11 antwoorden
Qone8

divermickey reageerde op divermickey's topic in Archief Bestrijding malware & virussen

Zoek.exe Version 4.0.0.5 Updated 05-November-2013 Tool run by Michel on do 07/11/2013 at 16:30:36,13. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Michel\Desktop\zoek\zoek.scr [script inserted] [Checkboxes used] ==== System Restore Info ====================== 7/11/2013 16:32:48 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Garmin deleted successfully C:\PROGRA~2\GUMC436.tmp deleted successfully C:\PROGRA~2\Nokia deleted successfully C:\PROGRA~2\Samsung deleted successfully C:\PROGRA~2\Whilokii deleted successfully C:\PROGRA~2\WinZip Registry Optimizer deleted successfully C:\ProgramData\Browser Manager deleted successfully C:\ProgramData\Nokia deleted successfully C:\ProgramData\Oracle deleted successfully C:\ProgramData\pcdfdata deleted successfully C:\ProgramData\ZoomBrowser deleted successfully C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\Users\Michel\AppData\Roaming\ExpressFiles deleted successfully C:\Users\Michel\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\Michel\AppData\Roaming\Nokia deleted successfully C:\Users\Michel\AppData\Roaming\Nokia Suite deleted successfully C:\Users\Michel\AppData\Roaming\SUPERAntiSpyware.com deleted successfully C:\Users\Michel\AppData\Roaming\ZoomBrowser EX deleted successfully C:\Users\Michel\AppData\Local\Conduit deleted successfully C:\Users\Michel\AppData\Local\Lollipop deleted successfully ==== Creating Sample_20130711_1636.zip ====================== Process iexplore.exe killed Copied file C:\Users\Michel\AppData\Local\patchYDG.exe to sample\patchYDG.exe sample\patchYDG.exe renamed to 943F1E446C1AD33D6310979C861B7780 C:\Users\Public\Desktop\sample_20130711_1636.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E60A195C-F67C-40E6-8F37-D320EE1E1F26} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\j3c18b04.default\prefs.js: Added to C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\j3c18b04.default\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command] @="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Users\Michel\AppData\Roaming\ExpressFiles not found C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found C:\ProgramData\eSafe deleted C:\PROGRA~2\FreeRIP deleted C:\PROGRA~2\Conduit deleted C:\ProgramData\FreeRIP deleted C:\Users\Michel\AppData\Local\CRE deleted C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\Michel\AppData\LocalLow\DataMngr deleted C:\Users\Michel\AppData\LocalLow\PriceGong deleted C:\Users\Michel\AppData\LocalLow\Conduit deleted C:\windows\SysNative\Tasks\Express FilesUpdate deleted C:\Users\Michel\AppData\Local\patchYDG.exe deleted "C:\Users\Michel\AppData\Local\gnptuior" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Michel\AppData\Local\Temp ==== 2013-11-06 20:04:19 B0900C9BD9166147E1A9CD4567FE595F 20208024 ----a-w- C:\Users\Michel\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.181_NetStorage.exe 2013-11-05 13:28:16 FBB458117F5687922C57249F179BD6B5 1706136 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\eGdpSvc.exe 2013-11-05 13:28:16 AA023839E9DFBB84A6F446889994344F 116608 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\Baofeng.exe 2013-11-05 13:28:16 227C1B3A29E5EA61EBA240E2C3C4A1D9 92672 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\UpDate.dll 2013-11-05 09:43:16 077C56205D5820840D05635335E51C38 6554208 ----a-w- C:\Users\Michel\AppData\Local\Temp\uninstall1237290.exe 2013-11-05 09:37:56 AA023839E9DFBB84A6F446889994344F 116608 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\Baofeng.exe 2013-11-05 09:37:56 227C1B3A29E5EA61EBA240E2C3C4A1D9 92672 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\UpDate.dll 2013-11-05 09:37:21 4E86B643656D58C32E14CF59C598933B 152608 ----a-w- C:\Users\Michel\AppData\Local\Temp\toolbar882731.exe 2013-11-05 09:37:10 9AF0B38E19FFB4CE1CF1B86C70306A58 249440 ----a-w- C:\Users\Michel\AppData\Local\Temp\uninstall1245028.exe 2013-11-05 09:36:51 A55B82103A202C20717F45C201EC4553 936960 ----a-w- C:\Users\Michel\AppData\Local\Temp\htmlayout.dll 2013-11-02 09:47:42 75F096B5FE78062288DCF6171F89D4CB 20206504 ----a-w- C:\Users\Michel\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.180_NetStorage.exe ====== Java Cache ===== 2013-10-29 08:44:49 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Michel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-7caff65b 2013-10-29 08:44:42 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Michel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-495da58c 2013-10-29 08:44:42 0D84C512149D7C5F8F47B3BE33CCEC09 99 ----a-w- C:\Users\Michel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap 2013-10-29 08:44:41 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Michel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-23990500 2013-10-29 08:44:42 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Michel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-2f6a2273 ====== C:\Windows\SysWOW64 ===== 2013-10-29 08:42:02 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2013-10-29 08:41:59 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2013-10-29 08:41:59 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-29 08:41:59 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\SysWOW64\java.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-10-11 16:45:48 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2013-10-11 16:45:47 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2013-10-11 16:45:46 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys 2013-10-11 16:45:46 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2013-10-11 16:45:46 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2013-10-11 16:45:46 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2013-10-11 16:45:45 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-10-11 16:45:45 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-10-11 16:45:38 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-11-07 12:29:50 -------- d-----w- C:\Program Files\trend micro 2013-10-13 21:45:44 -------- d-----w- C:\Program Files\Microsoft.NET ======= C:\PROGRA~2 ===== 2013-11-05 15:51:27 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2013-10-29 08:42:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2013-10-13 12:48:42 -------- d-----w- C:\PROGRA~2\VideoLAN 2013-10-13 09:27:09 -------- d-----w- C:\PROGRA~2\COMMON~1\LightScribe ======= C: ===== ====== C:\Users\Michel\AppData\Roaming ====== 2013-11-07 12:23:31 407AAB8C27CF7081EECE071C90A65B83 17 ----a-w- C:\Users\Michel\AppData\Local\resmon.resmoncfg 2013-11-05 18:12:37 AAC1C0B4B7D727782765CDDCA275C71D 588708 ----a-w- C:\Users\Michel\AppData\Local\meta.txt 2013-11-05 15:51:36 -------- d-----w- C:\Users\Michel\AppData\Local\Mozilla 2013-10-13 12:50:34 -------- d-----w- C:\Users\Michel\AppData\Roaming\vlc 2013-10-13 08:10:22 -------- d-----w- C:\Users\Michel\AppData\Local\Programs ====== C:\Users\Michel ====== 2013-11-07 12:29:30 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michel\Desktop\RSITx64.exe 2013-11-05 15:51:27 -------- d-----w- C:\ProgramData\Mozilla 2013-10-29 08:41:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2013-10-13 12:48:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2013-10-13 09:27:09 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling 2013-10-13 08:15:33 -------- d-----w- C:\ProgramData\TEMP ====== C: exe-files == 2013-11-07 12:29:54 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Michel.exe 2013-11-07 12:29:30 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michel\Desktop\RSITx64.exe 2013-11-06 20:04:33 6E0105823B4FE91632C9DA8314418417 655536 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe 2013-11-06 20:04:19 B0900C9BD9166147E1A9CD4567FE595F 20208024 ----a-w- C:\Users\Michel\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.181_NetStorage.exe 2013-11-05 18:10:14 74669728AAAF3EC7A0EF3BCF4E6015CC 2631680 ----a-w- C:\Users\Michel\Desktop\tomtom\FastTools_Lite\FastTools_Lite.exe 2013-11-05 18:07:15 98E77A70744D82727BA026CC655FFD42 3157504 ----a-w- C:\Users\Michel\Desktop\tomtom\FastTools_Pro\FastTools_Pro.exe 2013-11-05 15:51:29 18E3F5AC9079735B1FB5C09340AA1797 106212 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2013-11-05 15:51:27 5D494509432897338AFC19DB78A76DCB 119408 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 2013-11-05 15:51:11 903B1F210485F680B7B4AFDCFD06F3B1 283112 ----a-w- C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z9WPSJ5J\Firefox Setup Stub 25.0.exe 2013-11-05 13:28:16 FBB458117F5687922C57249F179BD6B5 1706136 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\eGdpSvc.exe 2013-11-05 13:28:16 AA023839E9DFBB84A6F446889994344F 116608 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\Baofeng.exe 2013-11-05 09:50:08 EA089EB4E0DD6A440BB65E860C920BD9 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3624815036-1722546690-1708832409-1000\$IFG265I.exe 2013-11-05 09:49:53 2D6FEAAEF99914543445990513D2D97E 311592 ----a-w- C:\$Recycle.Bin\S-1-5-21-3624815036-1722546690-1708832409-1000\$RFG265I.exe 2013-11-05 09:43:16 077C56205D5820840D05635335E51C38 6554208 ----a-w- C:\Users\Michel\AppData\Local\Temp\uninstall1237290.exe 2013-11-05 09:37:56 AA023839E9DFBB84A6F446889994344F 116608 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\Baofeng.exe 2013-11-05 09:37:21 4E86B643656D58C32E14CF59C598933B 152608 ----a-w- C:\Users\Michel\AppData\Local\Temp\toolbar882731.exe 2013-11-05 09:37:10 9AF0B38E19FFB4CE1CF1B86C70306A58 249440 ----a-w- C:\Users\Michel\AppData\Local\Temp\uninstall1245028.exe 2013-11-05 09:36:37 077C56205D5820840D05635335E51C38 6554208 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom_Maps_Central_and_Eastern_Europe_905.4800_downloader_be_99271.exe 2013-11-04 18:16:17 D152F927E2C0830C7AD8126065E8652F 1388544 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom Mio Menu 2 planners\TomTom Navigator.exe 2013-11-04 18:16:17 A0CFEB5579F8CE2D53D3C11DD5A77589 8192 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom Mio Menu 2 planners\GPSSwitchToNMEA.exe 2013-11-04 18:16:17 90EBA299650B61C13A85B33999540CA2 50176 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom Mio Menu 2 planners\MortScript.exe 2013-11-04 18:16:17 69BF241E7DF4570BAE7C6418781E2C92 7680 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom Mio Menu 2 planners\TT7 Navigator.exe 2013-11-04 18:16:17 69BF241E7DF4570BAE7C6418781E2C92 7680 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom Mio Menu 2 planners\TT7 Navigator 268.exe 2013-11-04 18:10:06 E1DD8C33A5D98905ED435A72370A1A51 8192 ----a-w- C:\Users\Michel\Desktop\tomtom\TT7_WinCe6.0_op_Chinese_kloon\TomTom\TT7 Navigator.exe 2013-11-04 18:10:06 9308DC14A05BC06E410EA596FF1E1F98 1395200 ----a-w- C:\Users\Michel\Desktop\tomtom\TT7_WinCe6.0_op_Chinese_kloon\TomTom\TomTom Navigator.exe 2013-11-04 18:10:06 3BA9F247DFF11499C793B9BE843154F6 50176 ----a-w- C:\Users\Michel\Desktop\tomtom\TT7_WinCe6.0_op_Chinese_kloon\TomTom\MortScript.exe 2013-11-04 18:10:06 2F8B724ACB110415F8983905426589FE 26624 ----a-w- C:\Users\Michel\Desktop\tomtom\TT7_WinCe6.0_op_Chinese_kloon\TomTom\Setmem.exe 2013-11-04 17:11:49 F4BBBE08C63A5F1DE2478948FA451CC6 35764 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_WindowsLive_v101_9000_E66_E71.exe 2013-11-04 17:11:49 EDD4999AF237211F2C92C85EB04A9448 259067 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\TopHitsSolitaires.exe 2013-11-04 17:11:49 DE979CAE08FCD9FABD26EE41E0513D5A 6658 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\MMIOServer.exe 2013-11-04 17:11:49 D643AD515A0932715ECC8BA425D92354 157063 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\wipres.exe 2013-11-04 17:11:49 CF801CAFB14CE2F5F88DDC0D048D645D 35736 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_YahooGO_v2_0_82_E66.exe 2013-11-04 17:11:49 C1778F5F26C342BFCAC0431F85F1AAF1 36066 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\DRMCommonLicSrv.exe 2013-11-04 17:11:49 B8415C6DDA76617DE920DAA602A50A06 22186 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Flashlight20030F55.exe 2013-11-04 17:11:49 AC3E615609EA8E93882583D43B8022A7 4900 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\ACMServer0x20000133.exe 2013-11-04 17:11:49 99B396999BF368F281568A7EB8796621 35844 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_NokiaSportsTracker_180_E66_E71_PrePR1.exe 2013-11-04 17:11:49 94F698E4E4A516AE48D47AF6E6FB5953 35785 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_MobileMagnifierLite_E66_v1103.exe 2013-11-04 17:11:49 7895F66D831713A24562B188138350F4 35783 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_WorldMate_v600_E66_PrePR1.exe 2013-11-04 17:11:49 37A33CEA9D82EACBC1866428B09BF02E 288428 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\RagingThunderGR.exe 2013-11-04 17:11:49 19D691F8DFEE1D3A9DB5143F360E7F66 35821 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_Top_Hit_Solit_v1_30_E66_E71_PrePR1.exe 2013-11-04 17:11:49 159F5947E47A0378F09F0873A1F39B6D 4777 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\DRMCommonProcessor.exe 2013-11-04 17:11:49 085CB538CEEADB9651B47A738F05FDFA 33618 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Scanner.exe 2013-11-04 17:11:49 0661FE5047F3F0092999A32EA4AFD9D2 68229 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\ACM0x20000131.exe 2013-11-03 18:18:45 C52F3B378B5041DCC607B29285579F99 7680 ----a-w- C:\Users\Michel\Desktop\tomtom\Menuutje Standaard 320x240\Apps\Off.exe 2013-11-03 18:18:45 88B3EEC184CD6813B60BC490E565F688 337920 ----a-w- C:\Users\Michel\Desktop\tomtom\Menuutje Standaard 320x240\Apps\CECMD.EXE 2013-11-03 18:18:45 6FD2146261C4B02E28FC958BDA55A048 66048 ----a-w- C:\Users\Michel\Desktop\tomtom\Menuutje Standaard 320x240\autorunce.exe 2013-11-03 18:18:29 B7B412A2E7D705819CF75B231B71DBC4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3624815036-1722546690-1708832409-1000\$ITV2A39.exe 2013-11-03 18:18:03 C52F3B378B5041DCC607B29285579F99 7680 ----a-w- C:\Users\Michel\Desktop\tomtom\Apps\Off.exe 2013-11-03 18:18:03 88B3EEC184CD6813B60BC490E565F688 337920 ----a-w- C:\Users\Michel\Desktop\tomtom\Apps\CECMD.EXE 2013-11-03 18:18:03 6FD2146261C4B02E28FC958BDA55A048 66048 ----a-w- C:\$Recycle.Bin\S-1-5-21-3624815036-1722546690-1708832409-1000\$RTV2A39.exe 2013-11-03 18:15:25 8B5EC890E63402346D8614457D7D9E55 121344 ----a-w- C:\Users\Michel\Desktop\backup navigon\NAVIGON\autorunce.exe 2013-11-03 18:11:47 23227770946AD0D0646F018EB3A4FA4E 152064 ----a-w- C:\Users\Michel\Desktop\backup navigon\NAVIGON\NAVIGON\ScreenShot.exe 2013-11-03 18:11:47 1F029CCF7B5256567F6F2E78194680A7 7381504 ----a-w- C:\Users\Michel\Desktop\backup navigon\NAVIGON\NAVIGON\navigon.exe 2013-11-02 09:47:42 75F096B5FE78062288DCF6171F89D4CB 20206504 ----a-w- C:\Users\Michel\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.180_NetStorage.exe === C: other files == 2013-11-07 15:36:56 A0E9965FE6DAD0929332CE1376A144C2 91323 ----a-w- C:\Users\Public\Desktop\sample_20130711_1636.zip 2013-11-05 13:28:16 36A4AA76737A3835B67AF4A0012CBE46 38849 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\ep.zip 2013-11-05 13:28:16 2D0E258C08354FA84E5CB5D312B8E83F 416279 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\newtab.crx 2013-11-05 09:37:58 3456E5AEC0B3DCCD26D5A3CDED8880E3 1703069 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\package2.zip 2013-11-05 09:37:56 D50C8B807883EA28E849257905C2EF2A 1394998 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\package1.zip 2013-11-05 09:37:56 36A4AA76737A3835B67AF4A0012CBE46 38849 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\ep.zip 2013-11-05 09:37:56 2D0E258C08354FA84E5CB5D312B8E83F 416279 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\1.1.6.6.crx 2013-11-05 09:37:47 D50C8B807883EA28E849257905C2EF2A 1394998 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\package1.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background" "uTorrent"="C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AVG_TRAY"="C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" "TrayServer"="C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" "USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background" "uTorrent"="C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0] "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Acrotray.exe\"" "hkey"="HKLM" "item"="Acrobat Assistant 8.0" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager] "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin" "hkey"="HKLM" "item"="AdobeCS6ServiceManager" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe" "hkey"="HKLM" "item"="KiesTrayAgent" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE] "command"="C:\\Program Files (x86)\\PowerISO\\PWRISOVM.EXE -startup" "hkey"="HKLM" "item"="PWRISOVM.EXE" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WinampAgent" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ASGT] ==== Startup Folders ====================== 2013-03-06 15:08:31 2099 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk 2012-11-06 21:47:13 1318 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk 2012-11-06 21:47:13 1373 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 11:53] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/05/2013 21:54] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/05/2013 21:54] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [09/06/2013 20:28] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn" [30/06/2013 23:13] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/03/2013 16:09] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\j3c18b04.default 472DAEA6EEE84240DEA132C95C57EB68 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer 7D04E74E8B63FF93F26C6A2EC14A4EE7 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Michel\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[] jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx[26/07/2012 03:23] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Michel\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] YouTube - Michel - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Extended Protection - Michel - Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml uTorrentBar_NL - Michel - Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb Google Search - Michel - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Select City - Michel - Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo Google Wallet - Michel - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Michel - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentbarnl.ourtoolbar.com_0.localstorage deleted successfully C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentbarnl.ourtoolbar.com_0.localstorage-journal deleted successfully C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0.localstorage deleted successfully C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0.localstorage-journal deleted successfully C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0 deleted successfully C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage deleted successfully C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" "Default_Page_URL"="Start.qone8.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Search}" "Default_Page_URL"="Start.qone8.com" "Start Page"="Start.qone8.com" "Search Page"="Search}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Search}" "Default_Page_URL"="Start.qone8.com" "Start Page"="Start.qone8.com" "Search Page"="Search}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="Google" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Bing" "Search Page"="Bing" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Bing" "Search Page"="Bing" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Reset Google Chrome ====================== C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Michel\Desktop\Magic Photo Editor.lnk - C:\Program Files (x86)\Magic Photo Editor\MagicPhoto.exe C:\Users\Michel\Desktop\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe C:\Users\Michel\Desktop\WBFS Manager 3.0.lnk - C:\Program Files (x86)\WBFS\WBFS Manager 3.0\WBFSManager.exe C:\Users\Michel\Desktop\µTorrent.lnk - C:\Users\Michel\Desktop\tomtom\fast tool pro\Benelux_915_5074 - Snelkoppeling.lnk - C:\Users\Michel\Desktop\tomtom\Benelux_915_5074 C:\Users\UpdatusUser\Desktop\Magic Photo Editor Website.lnk - C:\Program Files (x86)\Magic Photo Editor\website.htm C:\Users\UpdatusUser\Desktop\Magic Photo Editor.lnk - C:\Program Files (x86)\Magic Photo Editor\MagicPhoto.exe C:\Users\UpdatusUser\Desktop\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\ASUS GPU Tweak.lnk - C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe C:\Users\Public\Desktop\AVG 2012.lnk - C:\Program Files (x86)\AVG\AVG2012\avgui.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\Digital Photo Professional.lnk - C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe C:\Users\Public\Desktop\EOS Utility.lnk - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Start.qone8.com C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe C:\Users\Public\Desktop\HP Solution Center.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe C:\Users\Public\Desktop\MAGIX Video deluxe 16 Plus Download-versie.lnk - C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\Videodeluxe.exe C:\Users\Public\Desktop\Media Go.lnk - C:\Program Files (x86)\Sony\Media Go\MediaGo.exe C:\Users\Public\Desktop\Morpheus Photo Animation Suite.lnk - C:\Program Files (x86)\Morpheus Photo Animation Suite\Morpheus.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Nitro Pro 8.lnk - C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe C:\Users\Public\Desktop\Picture Style Editor.lnk - C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe C:\Users\Public\Desktop\PowerISO.lnk - C:\Program Files (x86)\PowerISO\PowerISO.exe C:\Users\Public\Desktop\ProShow Gold.lnk - C:\Program Files (x86)\Photodex\ProShowGold\proshow.exe C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk - C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Users\Public\Desktop\Tux Paint.lnk - C:\Program Files (x86)\TuxPaint\tuxpaint.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe C:\Users\Public\Desktop\Winkel voor HP-benodigheden.lnk - C:\Program Files (x86)\HP\HPSSUPPLY\hpqSSupply.exe C:\Users\Public\Desktop\ZoomBrowser EX.lnk - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Start.qone8.com C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe Start.qone8.com ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Start.qone8.com C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Getting Started.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe 1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Control Panel.lnk - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Website.lnk - C:\Program Files (x86)\Common Files\LightScribe\shortcuts\LightScribe Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Quick Demo.lnk - C:\Program Files (x86)\Common Files\LightScribe\shortcuts\Quick Demo.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Verwijderen.lnk - C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe -uninst -runfromtemp C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\TomTom HOME 2.lnk - C:\Windows\Installer\{99072AB4-D795-44D5-9D65-E3C9F8322C97}\NewShortcut1_BB5D96B1D05B428EBAD4A437B7244768.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\Verwijder TomTom HOME 2.lnk - C:\Windows\SysWOW64\msiexec.exe /x {99072AB4-D795-44D5-9D65-E3C9F8322C97} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Start.qone8.com C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Start.qone8.com C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE /recycle C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Start.qone8.com C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Photosmart Essential 3.5.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Start.qone8.com C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\outicon.exe C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [TrayServer] C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background O4 - HKCU\..\Run: [uTorrent] "C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Download met MiPony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1259.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SAS Core Service (SASCORE) - Unknown owner - C:\Program Files (x86)\SUPERAntiSpyware\SASCore.exe (file missing) O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8MGZXG will be deleted at reboot C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TNHH1IP2 will be deleted at reboot C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z9WPSJ5J will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Michel\AppData\Local\Mozilla\Firefox\Profiles\j3c18b04.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Michel\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8MGZXG" not found "C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TNHH1IP2" not found "C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z9WPSJ5J" not found ==== EOF on do 07/11/2013 at 16:42:42,48 ======================
- 7 november 2013
- 11 antwoorden
Qone8

divermickey reageerde op divermickey's topic in Archief Bestrijding malware & virussen

Hieronder dan het logbestandje. Bedankt alvast. Logfile of random's system information tool 1.09 (written by random/random) Run by Michel at 2013-11-07 13:29:50 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 218 GB (49%) free of 450 GB Total RAM: 16350 MB (83% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:29:59, on 7/11/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16720) Boot mode: Normal Running processes: C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Michel.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Start.qone8.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Start.qone8.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Start.qone8.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [TrayServer] C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background O4 - HKCU\..\Run: [uTorrent] "C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Download met MiPony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1259.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SAS Core Service (SASCORE) - Unknown owner - C:\Program Files (x86)\SUPERAntiSpyware\SASCore.exe (file missing) O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16112 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=07bc1637-6bea-4636-b39c-5f47f167bf0d /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\12e26b14-bf8b-437d-96d6-7e58a84e8d1a-278-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\AVG\AVG2012\avgfws.exe" "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files\Intel\iCLS Client\HeciServer.exe" C:\Windows\system32\IProsetMonitor.exe "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" C:\Windows\System32\svchost.exe -k HPZ12 "C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe" C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\locator.exe "C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe" "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" "C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe" "C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe" "C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Windows\WindowsMobile\wmdc.exe" "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background "C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" "C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe" "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe" View=show_in_tray "C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=f9445731-d736-487f-9f92-8c249e89d808 /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\fb4ca56c-61a0-450b-b04f-48670f29d302-b40-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\" "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe" C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b5f3a786-4712-4165-81d4-7afe8fb8dafe -SystemEventPortName:HostProcess-5a4515bf-cb8a-4fd4-b14a-28e44334c2e8 -IoCancelEventPortName:HostProcess-fbb835cb-8d7c-4bd9-88a0-a00eda57a513 -NonStateChangingEventPortName:HostProcess-66da9b60-3ac9-4400-9051-3c17f75286c2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:54c69d9d-8ed7-4419-a02a-bab005116ef0 -DeviceGroupId:WpdFsGroup "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files\Internet Explorer\iexplore.exe" Start.qone8.com C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5188 CREDAT:4134288 /prefetch:2 "C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding C:\Windows\system32\msiexec.exe /V "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540 "C:\Users\Michel\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HP Photo Creations Communicator.job =========Mozilla firefox========= ProfilePath - C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\j3c18b04.default [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/MycameraPlugin] "Description"=Canon MycameraPlugin "Path"=C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59] "Description"=Intel IPT WebApi plugin "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] "Description"=This plugin updates Intel WebAPI component "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0] "Description"=Microsoft Lync Plug-in for Firefox "Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nitropdf.com/NitroPDF] "Description"=NitroPDF Web Browser Plugin "Path"=C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter] "Description"=Photodex Presenter Plugin "Path"=C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5] "Description"=A component of your photo software powered by RocketLife "Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0] "Description"= "Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.10.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL C:\Program Files (x86)\Mozilla Firefox\plugins\ npMeetingJoinPluginOC.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-06-13 205472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2012-10-15 1968248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-19 551400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-06 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2013-09-13 878296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-09-13 2328264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-19 209384] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2012-10-15 1417336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-06 194640] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2013-09-13 705240] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2013-09-13 1724616] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-06 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-06 194640] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-12-13 13374568] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760] "Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-05-29 449248] "uTorrent"=C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe [2013-10-24 902736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-12-09 336992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-08-27 248208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-11-19 2598520] "TrayServer"=C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe [2008-09-10 90112] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "USB3MON"=C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-26 291608] "Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760] ""= [] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SASCORE] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutorun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 month====== 2013-11-07 13:29:50 ----D---- C:\rsit 2013-11-07 13:29:50 ----D---- C:\Program Files\trend micro 2013-11-05 16:51:27 ----D---- C:\ProgramData\Mozilla 2013-11-05 16:51:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-05 10:38:14 ----D---- C:\ProgramData\eSafe 2013-11-05 10:37:10 ----D---- C:\Users\Michel\AppData\Roaming\ExpressFiles 2013-10-29 09:44:22 ----D---- C:\ProgramData\Oracle 2013-10-29 09:42:02 ----A---- C:\Windows\SYSWOW64\javaws.exe 2013-10-29 09:41:59 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2013-10-29 09:41:59 ----A---- C:\Windows\SYSWOW64\javaw.exe 2013-10-29 09:41:59 ----A---- C:\Windows\SYSWOW64\java.exe 2013-10-13 22:45:44 ----D---- C:\Program Files\Microsoft.NET 2013-10-13 13:50:34 ----D---- C:\Users\Michel\AppData\Roaming\vlc 2013-10-13 13:48:42 ----D---- C:\Program Files (x86)\VideoLAN 2013-10-13 10:26:47 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll 2013-10-13 10:26:32 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll 2013-10-13 10:26:14 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll 2013-10-13 10:25:58 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll 2013-10-13 10:25:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll 2013-10-13 09:15:33 ----D---- C:\ProgramData\TEMP 2013-10-13 09:10:25 ----D---- C:\Program Files (x86)\Whilokii 2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-10-11 22:28:09 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-11 22:28:09 ----A---- C:\Windows\system32\ieui.dll 2013-10-11 22:28:09 ----A---- C:\Windows\system32\iesysprep.dll 2013-10-11 22:28:09 ----A---- C:\Windows\system32\iesetup.dll 2013-10-11 22:28:09 ----A---- C:\Windows\system32\iernonce.dll 2013-10-11 22:28:09 ----A---- C:\Windows\system32\ie4uinit.exe 2013-10-11 22:28:08 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-10-11 22:28:08 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-10-11 22:28:08 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-11 22:28:08 ----A---- C:\Windows\system32\jscript.dll 2013-10-11 22:28:08 ----A---- C:\Windows\system32\iertutil.dll 2013-10-11 22:28:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-10-11 22:28:07 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-10-11 22:28:07 ----A---- C:\Windows\system32\urlmon.dll 2013-10-11 22:28:07 ----A---- C:\Windows\system32\jscript9.dll 2013-10-11 22:28:06 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-10-11 22:28:06 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-10-11 22:28:06 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-10-11 22:28:06 ----A---- C:\Windows\system32\wininet.dll 2013-10-11 22:28:06 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-11 22:28:05 ----A---- C:\Windows\system32\ieframe.dll 2013-10-11 22:28:04 ----A---- C:\Windows\system32\mshtml.dll 2013-10-11 22:28:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-10-11 17:45:55 ----A---- C:\Windows\system32\comctl32.dll 2013-10-11 17:45:54 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-11 17:45:49 ----A---- C:\Windows\SYSWOW64\lpk.dll 2013-10-11 17:45:49 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2013-10-11 17:45:49 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2013-10-11 17:45:49 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-11 17:45:49 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-11 17:45:49 ----A---- C:\Windows\system32\lpk.dll 2013-10-11 17:45:49 ----A---- C:\Windows\system32\fontsub.dll 2013-10-11 17:45:49 ----A---- C:\Windows\system32\dciman32.dll 2013-10-11 17:45:49 ----A---- C:\Windows\system32\atmlib.dll 2013-10-11 17:45:49 ----A---- C:\Windows\system32\atmfd.dll 2013-10-11 17:45:48 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-11 17:45:47 ----A---- C:\Windows\system32\drivers\usbcir.sys 2013-10-11 17:45:46 ----A---- C:\Windows\SYSWOW64\WebClnt.dll 2013-10-11 17:45:46 ----A---- C:\Windows\SYSWOW64\davclnt.dll 2013-10-11 17:45:46 ----A---- C:\Windows\system32\WebClnt.dll 2013-10-11 17:45:46 ----A---- C:\Windows\system32\drivers\usbscan.sys 2013-10-11 17:45:46 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2013-10-11 17:45:46 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-11 17:45:46 ----A---- C:\Windows\system32\drivers\hidclass.sys 2013-10-11 17:45:46 ----A---- C:\Windows\system32\davclnt.dll 2013-10-11 17:45:45 ----A---- C:\Windows\SYSWOW64\mswsock.dll 2013-10-11 17:45:45 ----A---- C:\Windows\system32\win32k.sys 2013-10-11 17:45:45 ----A---- C:\Windows\system32\mswsock.dll 2013-10-11 17:45:45 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-10-11 17:45:45 ----A---- C:\Windows\system32\drivers\afd.sys 2013-10-11 17:45:43 ----A---- C:\Windows\SYSWOW64\tdh.dll 2013-10-11 17:45:43 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-10-11 17:45:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-10-11 17:45:43 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-10-11 17:45:43 ----A---- C:\Windows\SYSWOW64\advapi32.dll 2013-10-11 17:45:43 ----A---- C:\Windows\system32\tdh.dll 2013-10-11 17:45:43 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-10-11 17:45:43 ----A---- C:\Windows\system32\ntdll.dll 2013-10-11 17:45:43 ----A---- C:\Windows\system32\advapi32.dll 2013-10-11 17:45:42 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-10-11 17:45:42 ----A---- C:\Windows\SYSWOW64\user.exe 2013-10-11 17:45:42 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-10-11 17:45:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-10-11 17:45:42 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-10-11 17:45:42 ----A---- C:\Windows\system32\wow64.dll 2013-10-11 17:45:38 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-11 17:45:38 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-11 17:45:38 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2013-10-11 17:45:37 ----A---- C:\Windows\system32\scavengeui.dll ======List of files/folders modified in the last 1 month====== 2013-11-07 13:29:55 ----D---- C:\Windows\Temp 2013-11-07 13:29:50 ----RD---- C:\Program Files 2013-11-07 13:29:37 ----D---- C:\Users\Michel\AppData\Roaming\uTorrent 2013-11-07 13:28:30 ----SHD---- C:\Windows\Installer 2013-11-07 13:28:25 ----A---- C:\Windows\win.ini 2013-11-07 13:28:24 ----SHD---- C:\Config.Msi 2013-11-07 13:23:32 ----D---- C:\Windows\Prefetch 2013-11-07 12:37:17 ----D---- C:\Windows\System32 2013-11-07 12:37:17 ----D---- C:\Windows\inf 2013-11-07 12:37:17 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-11-07 12:35:53 ----D---- C:\Windows\system32\drivers\AVG 2013-11-07 12:34:53 ----A---- C:\Windows\SYSWOW64\log.txt 2013-11-07 12:32:25 ----D---- C:\ProgramData\NVIDIA 2013-11-07 00:15:42 ----D---- C:\Windows\system32\config 2013-11-06 21:04:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2013-11-06 21:03:46 ----RD---- C:\Program Files (x86) 2013-11-05 16:51:29 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-11-05 16:51:27 ----HD---- C:\ProgramData 2013-11-05 11:36:28 ----RSD---- C:\Windows\assembly 2013-11-05 11:36:27 ----D---- C:\Program Files (x86)\Sony 2013-11-05 11:36:08 ----SHD---- C:\System Volume Information 2013-11-05 11:35:25 ----RD---- C:\Users 2013-11-05 11:34:57 ----D---- C:\Windows\system32\catroot2 2013-11-05 11:33:10 ----D---- C:\Windows\system32\Tasks 2013-11-05 11:33:08 ----D---- C:\Windows\Tasks 2013-11-03 22:18:09 ----D---- C:\Windows\system32\FxsTmp 2013-10-29 09:42:06 ----D---- C:\Program Files (x86)\Common Files 2013-10-29 09:42:02 ----D---- C:\Windows\SysWOW64 2013-10-29 09:41:59 ----D---- C:\Program Files (x86)\Java 2013-10-28 16:19:11 ----D---- C:\Program Files (x86)\TomTom HOME 2 2013-10-27 15:15:33 ----D---- C:\Users\Michel\AppData\Roaming\Mipony 2013-10-14 22:57:31 ----D---- C:\Windows\winsxs 2013-10-14 22:57:23 ----AD---- C:\Windows 2013-10-13 22:45:44 ----D---- C:\Program Files (x86)\Microsoft.NET 2013-10-13 22:44:52 ----D---- C:\ProgramData\Microsoft Help 2013-10-13 11:15:58 ----D---- C:\Users\Michel\AppData\Roaming\SUPERAntiSpyware.com 2013-10-13 11:15:53 ----D---- C:\Program Files (x86)\SUPERAntiSpyware 2013-10-13 10:27:28 ----D---- C:\Program Files (x86)\MSXML 4.0 2013-10-13 10:25:09 ----D---- C:\Windows\Logs 2013-10-13 10:13:22 ----D---- C:\ProgramData\Nero 2013-10-13 02:11:49 ----D---- C:\Windows\Microsoft.NET 2013-10-12 15:55:50 ----D---- C:\Windows\rescache 2013-10-12 08:56:41 ----D---- C:\Windows\system32\drivers 2013-10-12 08:56:22 ----D---- C:\Program Files (x86)\Internet Explorer 2013-10-12 08:56:21 ----D---- C:\Program Files\Internet Explorer 2013-10-12 08:56:18 ----D---- C:\Windows\AppPatch 2013-10-12 08:56:13 ----D---- C:\Windows\system32\DriverStore 2013-10-12 08:56:10 ----D---- C:\Windows\SYSWOW64\drivers 2013-10-12 08:55:45 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-12 08:55:44 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-11 22:28:22 ----D---- C:\Windows\system32\catroot 2013-10-11 22:26:49 ----D---- C:\Windows\system32\MRT 2013-10-11 22:25:39 ----A---- C:\Windows\system32\MRT.exe 2013-10-11 22:24:45 ----D---- C:\Windows\system32\nl-NL 2013-10-09 11:53:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] R0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-11-08 307040] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-04-11 384800] R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-12-09 126944] R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-12-10 127328] R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-01-11 358576] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-13 4718952] R3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120] R3 iusb3xhc;Intel® USB 3.0 uitbreidbare hostcontroller-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736] R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-18 189288] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-12-19 14448] S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-12-19 27760] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-21 32768] S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464] S3 WinUsb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-12-05 2321560] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-01-10 627936] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2011-11-09 189608] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-01-20 161560] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-01-20 277784] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-06-17 230408] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe [2012-11-07 186760] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-01-20 363800] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 WDDMService;WD SmartWare Drive Manager Service; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048] R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-21 116648] S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320] S2 SASCORE;SAS Core Service; C:\Program Files (x86)\SUPERAntiSpyware\SASCore.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-21 116648] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-05-21 194032] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-26 119408] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400] S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-06 1255736] S4 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296] -----------------EOF-----------------
- 7 november 2013
- 11 antwoorden
Qone8

divermickey plaatste een topic in Archief Bestrijding malware & virussen

Hallo, sinds enkele dagen heb ik als opstart pagina qone8. Weet er iemand hoe ik deze kan verwijderen ? Alvast bedankt.
- 7 november 2013
- 11 antwoorden
probleem

divermickey reageerde op divermickey's topic in Archief Windows Algemeen

Toch vind ik het raar, computer kan de ganse dag aanstaan en alles loopt vlotjes. Speel ik poker op facebook of governerpoker valt het scherm meestal uit. Vandaag kwam er deze melding bijstaan : mode not supported. H26.9khz v:42.8hz. Wat kan dit betekenen en hoe kan ik dit oplossen? Alvast bedankt.
- 30 augustus 2011
- 22 antwoorden
probleem

divermickey reageerde op divermickey's topic in Archief Windows Algemeen

Computerscherm valt toch nog altijd uit ik heb de drivers allemaal geupdate en het resultaat is nog altijd hetzelfde. Alvast bedankt.
- 26 augustus 2011
- 22 antwoorden
probleem

divermickey reageerde op divermickey's topic in Archief Windows Algemeen

computerscherm is niet meer uitgevallen maar de computer heeft zich wel 1x volledig opgehangen. kon niks meer ook niet met ctrl alt del. terug moeten opstarten toen ging ie weer. . Welke antivirus raden jullie aan ? heb nu avast erop staan. Alvast bedankt.
- 15 augustus 2011
- 22 antwoorden
probleem

divermickey reageerde op divermickey's topic in Archief Windows Algemeen

Ik heb firefox erop gezet en met wel dat het laden van de pagina's veel sneller gaat dan bij internet explorer. Als het scherm nog gaat uitvallen zal ik later wel ondervinden. Moet ik nu bij software internetexplorer verwijderen of moet ik deze laten staan. Alvast bedankt voor jullie hulp.
- 15 augustus 2011
- 22 antwoorden
probleem

divermickey reageerde op divermickey's topic in Archief Windows Algemeen

Computer kan de ganse dag bollen kom ik een ongeveer een half uurtje op facebook valt het scherm uit ?
- 14 augustus 2011
- 22 antwoorden
probleem

divermickey reageerde op divermickey's topic in Archief Windows Algemeen

scandisk heeft geen beschadigde sectoren gevonden maar computerscherm valt wel nog soms uit.
- 14 augustus 2011
- 22 antwoorden
probleem

divermickey reageerde op divermickey's topic in Archief Windows Algemeen

computerscherm zojuist nog uitgevallen. mischien ligt dit aan facebook want gisteren was dit ook toen ik op facebook zat. Kweet niet of dat er iets mee te maken heeft of dit was toeval. computer is wel al iets sneller. ---------- Post toegevoegd om 14:27 ---------- Vorige post was om 14:18 ----------
- 12 augustus 2011
- 22 antwoorden
probleem

divermickey reageerde op divermickey's topic in Archief Windows Algemeen

Hieronder dan het combofix logbestand : ComboFix 11-08-11.06 - michel 12/08/2011 11:25:01.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1023.297 [GMT 2:00] Gestart vanuit: C:\Documents and Settings\michel\Bureaublad\ComboFix.exe AV: avast! antivirus 4.8.1368 [VPS 110811-1] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} 　 (((((((((((((((((((( Bestanden Gemaakt van 2011-07-12 to 2011-08-12 )))))))))))))))))))))))))))))) 　 2011-08-11 20:00:59 . 2011-08-11 20:00:59 -------- d-----w- C:\Documents and Settings\michel\Application Data\Malwarebytes 2011-08-11 20:00:50 . 2011-08-11 20:00:50 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2011-08-11 20:00:50 . 2011-07-06 17:52:42 41272 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2011-08-11 20:00:46 . 2011-07-06 17:52:42 22712 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys 2011-08-11 20:00:45 . 2011-08-11 20:00:52 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware 2011-08-11 19:55:47 . 2011-08-11 19:55:47 -------- d-----w- C:\Program Files\Common Files\Java 2011-08-11 19:55:35 . 2011-08-11 19:55:21 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl 2011-08-11 19:55:35 . 2011-08-11 19:55:21 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll 2011-08-11 19:55:17 . 2011-08-11 19:55:17 -------- d-----w- C:\Program Files\Java 2011-08-11 14:26:05 . 2010-08-22 11:48:54 114176 ----a-w- C:\WINDOWS\system32\PCWizard.cpl 2011-08-11 14:26:00 . 2011-08-11 14:26:00 -------- d-----w- C:\Program Files\CPUID 2011-08-11 13:41:53 . 2011-08-11 13:41:53 388096 ----a-r- C:\Documents and Settings\michel\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-08-11 13:41:52 . 2011-08-11 13:41:52 -------- d-----w- C:\Program Files\Trend Micro 2011-08-10 22:22:19 . 2011-08-10 22:22:19 -------- d-----w- C:\Documents and Settings\michel\Application Data\ElevatedDiagnostics 2011-08-10 18:24:04 . 2011-08-10 18:24:04 -------- d-----w- C:\Documents and Settings\michel\Application Data\SUPERAntiSpyware.com 2011-08-10 18:18:57 . 2011-08-10 18:18:57 -------- d-----w- C:\Documents and Settings\All Users\Application Data\!SASCORE 2011-08-10 18:18:53 . 2011-08-10 18:22:36 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2011-08-10 18:18:53 . 2011-08-10 18:18:53 -------- d-----w- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2011-08-10 18:18:30 . 2011-08-10 18:18:30 -------- d-----w- C:\Documents and Settings\All Users\Application Data\SUPERSetup 2011-08-10 18:10:18 . 2011-08-10 18:18:12 -------- d-----w- C:\Documents and Settings\michel\Application Data\Sammsoft 2011-08-10 17:49:12 . 2011-06-24 14:10:39 139656 -c----w- C:\WINDOWS\system32\dllcache\rdpwd.sys 2011-08-10 17:48:56 . 2011-07-08 14:02:00 10496 -c----w- C:\WINDOWS\system32\dllcache\ndistapi.sys 2011-08-08 15:35:39 . 2011-08-10 19:23:39 -------- d-----w- C:\Program Files\Spybot - Search & Destroy 2011-08-08 10:05:33 . 2011-08-08 10:06:24 -------- d-----w- C:\Documents and Settings\michel\Application Data\vlc 2011-08-06 15:02:03 . 2011-08-06 15:02:03 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Premium 2011-08-06 15:02:01 . 2011-08-06 15:02:34 -------- d-----w- C:\Documents and Settings\All Users\Application Data\InstallMate . 　 ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2011-07-15 13:29:31 . 2001-09-07 12:00:00 456320 ------w- C:\WINDOWS\system32\drivers\mrxsmb.sys 2011-07-08 14:02:00 . 2001-09-07 12:00:00 10496 ------w- C:\WINDOWS\system32\drivers\ndistapi.sys 2011-06-28 20:43:03 . 2011-06-28 20:38:50 404640 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2011-06-24 14:10:39 . 2005-11-06 19:54:11 139656 ------w- C:\WINDOWS\system32\drivers\rdpwd.sys 2011-06-23 18:31:52 . 2004-08-23 17:17:36 916480 ----a-w- C:\WINDOWS\system32\wininet.dll 2011-06-23 18:31:52 . 2001-09-07 12:00:00 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll 2011-06-23 18:31:52 . 2001-09-07 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl 2011-06-23 12:21:13 . 2011-06-23 12:21:13 155 ----a-w- C:\Documents and Settings\michel\Local Settings\Application Data\GLF49.tmp 2011-06-23 12:05:34 . 2004-08-04 07:55:23 385024 ----a-w- C:\WINDOWS\system32\html.iec 2011-06-20 17:44:48 . 2001-09-07 12:00:00 293888 ----a-w- C:\WINDOWS\system32\winsrv.dll 2011-06-06 11:35:33 . 2001-09-07 12:00:00 1859072 ------w- C:\WINDOWS\system32\win32k.sys 　 ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. [-] 2008-04-14 17:02:58 . 8ADBAC36ADE84BE3489DA6AF74178833 . 1544192 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\explorer.exe [-] 2008-04-14 17:02:58 . 8ADBAC36ADE84BE3489DA6AF74178833 . 1544192 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\explorer.exe [-] 2007-06-13 13:24:02 . 147E95A42A58CE99E403F7F57656BBEB . 1036800 . . [6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] . . C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [-] 2007-06-13 13:12:27 . 1D6245AFBD3FAABC16A885116BE1874D . 1036800 . . [6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)] . . C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [7] 2004-08-04 08:03:28 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [-] 2008-04-14 17:03:12 . 5DF5E814E36C4E304C7C08AA90174760 . 282624 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\regedit.exe [-] 2008-04-14 17:03:12 . 5DF5E814E36C4E304C7C08AA90174760 . 282624 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\regedit.exe [7] 2004-08-04 08:03:34 . 39C7FA0F39376599CFA59888816F477B . 153088 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\regedit.exe ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) 　 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 14:28:06 401491] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 18:03:40 152872] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 19:42:26 95632] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-06-28 20:41:01 39408] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-07-29 01:09:07 4599680] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2006-06-13 04:20:00 127036] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57:24 153136] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 23:51:40 81000] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-11-25 19:42:24 54672] "MaxMenuMgr"="C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-25 21:31:32 185640] "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 21:07:44 932288] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 10:44:34 31072] "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 10:59:52 254696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 17:02:53 15360] C:\Documents and Settings\michel\Menu Start\Programma's\Opstarten\ OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2057536] WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 00:02:18 113024] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54:14 551296 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"= R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [5/11/2006 12:32:38 639224] R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [17/02/2009 21:32:54 114768] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 18:27:02 12880] R1 SAS***IL;SAS***IL;C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS [12/07/2011 23:55:22 67664] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore.exe [19/07/2011 2:02:03 123264] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [17/02/2009 21:32:54 20560] R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [25/09/2009 23:32:18 189736] R2 WDDMService;WD SmartWare Drive Manager;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [21/01/2010 17:24:08 110592] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16/06/2009 9:58:08 20480] R3 hxctlflt;hxctlflt;C:\WINDOWS\system32\drivers\hxctlflt.sys [25/10/2010 14:41:34 99968] R3 vaxscsi;vaxscsi;C:\WINDOWS\system32\drivers\vaxscsi.sys [5/11/2006 21:02:39 223128] S2 gupdate;Google Updateservice (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [28/06/2011 22:41:05 136176] S3 cpuz134;cpuz134;C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys [11/08/2011 16:26:03 20328] S3 gupdatem;Google Update-service (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [28/06/2011 22:41:05 136176] S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\system32\drivers\mbamswissarmy.sys [11/08/2011 22:00:50 41272] S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;"C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe" --> C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\system32\drivers\wdcsam.sys [10/11/2010 14:59:19 11520] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp Inhoud van de 'Gedeelde Taken' map 2011-08-12 C:\WINDOWS\Tasks\1-klik Onderhoud.job - C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-03 16:48:46 . 2008-12-03 16:48:46] 2011-08-12 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-28 20:41:05 . 2011-06-28 20:41:02] 2011-08-12 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-28 20:41:05 . 2011-06-28 20:41:02] 2011-08-12 C:\WINDOWS\Tasks\OGALogon.job - C:\WINDOWS\system32\OGAEXEC.exe [2009-08-03 13:07:42 . 2009-08-03 13:07:42] 　 ------- Bijkomende Scan ------- uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchAssistant = hxxp://www.google.com/ie IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.0.1 DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} - hxxp://www.extrafilm.be/ExtraFilmUploader6.cab DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://vvwnp.jfk.be/activex/AMC.cab - - - - ORPHANS VERWIJDERD - - - - AddRemove-LMS - C:\C_DILLA\setup\cdunin16.exe 　　 ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-08-12 11:33:48 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1056) C:\WINDOWS\system32\SETUPAPI.dll C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL C:\WINDOWS\SYSTEM32\Ati2evxx.dll - - - - - - - > 'lsass.exe'(1144) C:\WINDOWS\system32\SETUPAPI.dll - - - - - - - > 'explorer.exe'(1860) C:\Program Files\Common Files\Ahead\Lib\NeroSearchBar.dll C:\Program Files\Common Files\Ahead\Lib\MFC71U.DLL C:\Program Files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll C:\WINDOWS\system32\msls31.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\netshell.dll C:\WINDOWS\system32\credui.dll C:\WINDOWS\system32\webcheck.dll C:\WINDOWS\system32\WPDShServiceObj.dll C:\WINDOWS\system32\PortableDeviceTypes.dll C:\WINDOWS\system32\PortableDeviceApi.dll Voltooingstijd: 2011-08-12 11:36:49 ComboFix-quarantined-files.txt 2011-08-12 09:36:41 ComboFix2.txt 2011-08-12 09:20:25 Pre-Run: 10.182.189.056 bytes beschikbaar Post-Run: 10.155.679.744 bytes beschikbaar - - End Of File - - D817BB2DB50FB423E1D46461E8CBC815 alvast bedankt,
- 12 augustus 2011
- 22 antwoorden
probleem

divermickey reageerde op divermickey's topic in Archief Windows Algemeen

alvast bedankt voor je hulp. Hieronder dan de logfilles : mbam-log-2011-08-11 (22-21-26) : Malwarebytes' Anti-Malware 1.51.1.1800 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 7437 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 11/08/2011 22:21:26 mbam-log-2011-08-11 (22-21-26).txt Scantype: Snelle scan Objecten gescand: 184102 Verstreken tijd: 7 minuut/minuten, 18 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 1 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\documents and settings\all users\application data\microsoft\id.txt (Malware.Trace) -> Quarantined and deleted successfully. logfille hijackthis : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:36:39, on 11/08/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Toevoegen aan Mobiele favorieten - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Toevoegen aan Mobiele favorieten... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1188738175500 O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - Personalised Photobooks Calendars Greeting Cards Notebooks Notepads O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.be/ExtraFilmUploader6.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://vvwnp.jfk.be/activex/AMC.cab O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Roxio UPnP Renderer 11 - Unknown owner - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe (file missing) O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe (file missing) O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe (file missing) O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing) O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing) O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- End of file - 14899 bytes Ik hoop dat ik het goed gedaan heb. thx
- 11 augustus 2011
- 22 antwoorden
probleem

divermickey reageerde op divermickey's topic in Archief Windows Algemeen

ok alvast bedankt.
- 11 augustus 2011
- 22 antwoorden
probleem

divermickey reageerde op divermickey's topic in Archief Windows Algemeen

hijackthis log : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:42:25, on 11/08/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\PROGRA~1\Bandoo\Bandoo.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\Bandoo\BndCore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: UrlHelper Class - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O3 - Toolbar: Support.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Toevoegen aan Mobiele favorieten - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Toevoegen aan Mobiele favorieten... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1188738175500 O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - Personalised Photobooks Calendars Greeting Cards Notebooks Notepads O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.be/ExtraFilmUploader6.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://vvwnp.jfk.be/activex/AMC.cab O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\wi371a~1\datamngr\datamngr.dll c:\progra~1\wi371a~1\datamngr\iebho.dll c:\progra~1\bandoo\bndhook.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Roxio UPnP Renderer 11 - Unknown owner - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe (file missing) O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe (file missing) O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe (file missing) O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing) O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe O24 - Desktop Component 0: (no name) - http://www.babygrafix.be/Loading image ... -- End of file - 16363 bytes
- 11 augustus 2011
- 22 antwoorden
probleem

divermickey plaatste een topic in Archief Windows Algemeen

hallo, Ik heb wat problemen met mijn computer. ik kan soms de programma's niet sluiten, computerscherm valt soms op zwart beeld maar toch werken de programma's, internetexplorer doet dikwijls raar. Hoop dat iemand me hiermee kan helpen. Alvast bedankt.
- 11 augustus 2011
- 22 antwoorden

Inloggen

divermickey

Items

Registratiedatum

Laatst bezocht

Inhoudstype

Profielen

Forums

Store

Alles dat geplaatst werd door divermickey

storende reclame

storende reclame

Qone8

Qone8

Qone8

Qone8

Qone8

Qone8

Qone8

probleem

probleem

probleem

probleem

probleem

probleem

probleem

probleem

probleem

probleem

probleem

probleem

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie