Ga naar inhoud

Borre1487

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    16

  • Registratiedatum

  • Laatst bezocht

Borre1487's prestaties

Leerling

Leerling (3/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. Borre1487
    Met de Defraggler is alles redelijk vlot gegaan, het enige probleem is nu nog dat de windows security service-center niet meer ingeschakeld kan worden. Mvg, Nick
  2. Borre1487
    Beste, De Java-versie heb ik verwijderd en de UAC is ook terug ingeschakeld. Als ik mijn twee schijven defragmenteer, zie ik wel dat de defragmentatie aan de gang is in de 'Voortgang'-gang, maar als dat stopt staat bij beide schijven 0% gefragmenteerd. Ik heb hiervoor de gewone windows 7 defragmentatie gebruikt.
  3. Borre1487
    Dit is de inhoud van de log : Results of screen317's Security Check version 0.99.74 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 45 Java version out of Date! Adobe Flash Player 11.9.900.117 Adobe Reader XI Mozilla Firefox (24.0) ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: 20% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log`````````````````````` Mvg, Nick
  4. Borre1487
    Ik krijg nu ook steeds meldingen dat Java security issues heeft. Ik heb nochtans de laatste update geïnstalleerd. Wat kan ik hier aan doen ?
  5. Borre1487
    Hallo, Ik heb de stappen in bovenstaand bericht nog niet gedaan, want ik krijg terug het bericht dat de Windows Security Center-service weer uitgeschakeld is en niet meer terug kan ingeschakeld worden. Moet ik bovenstaande stappen eerst proberen en dan kijken of het nog steeds het geval is ? Mvg, Nick
  6. Borre1487
    Ik heb bovenstaande geprobeerd en de Windows Security Center-service ziet er terug goed uit. Het enige waar nu nog last van heb is dat ik verschillende keren moet proberen in te loggen op Steam voordat de applicatie kan connecten met internet. Maar dat is maar een klein ongemak. Heel erg bedankt voor alle hulp. Mvg, Nick
  7. Borre1487
    Ja, de Windows Security Center-service is nog steeds uitgeschakeld en kan niet terug ingeschakeld worden. Als ik updates voor java probeer te downloaded, krijg ik altijd de boodschap 'Problem loading page. The connection was reset'.
  8. Borre1487
    Dit is de inhoud van het logje : Zoek.exe Version 4.0.0.5 Updated 13-October-2013 Tool run by Gebruiker on zo 13-10-2013 at 18:45:25,92. Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results2013-10-12-175413.log 35570 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\Users\Gebruiker\AppData\Local\Temp\7z920.exe" not found "C:\ProgramData\frheqodv.pff" deleted "C:\ProgramData\frheqodv.ctrl" deleted "C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300.exe" deleted "C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi" deleted "C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\frheqodv.lnk" deleted ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash ADC539F67D3198679F480974EE203678 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [EADM] "D:\Program Files\Origin\Origin.exe" -AutoStart O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?') O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing) O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\muv8sqwg.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on zo 13-10-2013 at 18:55:33,41 ======================
  9. Borre1487
    Dit is de inhoud van de log : Zoek.exe Version 4.0.0.5 Updated 09-October-2013 Tool run by Gebruiker on za 12-10-2013 at 19:41:56,13. Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== Failed to create System Restore Point ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bdfdhbdg deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bdfdhbdg deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Epvpxbfk deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Epvpxbfk deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pgleboel deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\pgleboel deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\qfjujdqz deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\qfjujdqz deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sicaqqtb deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sicaqqtb deleted successfully ==== FireFox Fix ====================== Deleted from C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default\prefs.js: Added to C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default user.js not found ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "141ad64c0dd6a4f997fac01147f981f5"); ---- Lines crossrider modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_12-10-2013_1947_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411391105}] ==== Deleting Files \ Folders ====================== "C:\ProgramData\wavav0bdtzbtb43b.reg" deleted "C:\ProgramData\wavav0bdtzbtb43b.bat" deleted "C:\Users\Gebruiker\Downloads\FreeYouTubeToMP3Converter.exe" deleted "C:\Windows\_dsFFF0.tmp" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted "C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers" deleted "C:\ProgramData\Package Cache" deleted "C:\Users\Gebruiker\AppData\Local\Bundled software uninstaller" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== 2013-10-12 15:58:50 B3FDF6E7B0AECD48CA7E4921773FB606 1110476 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\7z920.exe ====== Java Cache ===== 2013-10-11 20:59:13 45934F387A40FF82C60D36E3C936F8A8 698 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\65627e8a-6eec92dd 2013-10-11 20:50:02 FD59EE7E427EF2CAA0B8EA38EA4183E2 2762 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\660b204a-426153ed 2013-10-11 20:52:25 3A9E87DDADB915817E8AEF772D69FA92 699 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\3a6c4fce-1c20e9ca 2013-10-11 20:50:02 CEA388349490FA5290948F6D550C0AFE 223082 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\7fbc6151-44a8efb4 2013-10-12 13:11:53 EB75E2C7A2B53F682637D4E69D18BE5D 8622 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\7460ac52-4dae7bc7 2013-10-11 20:58:53 A9E4AE31D5FC9D0C113CD01DF9DFAC60 705 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\36ea9355-6e8914c0 2013-10-12 12:30:22 17344FEB4DCA982172BC7514AA0E17C0 1067 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\3ccfde59-5160fcab 2013-10-11 20:57:50 B9616B8A66E92815482F5ED9722EA1C6 1117 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\2e9f95e1-5b01876f 2013-10-11 21:10:54 BCDC3B75E4B76B2DC9373A6849401D87 941 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\3b9a2de1-5fe5072d 2013-10-11 21:19:17 AAA769F0E7F94B327C9E4343CC24BD3F 1162 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\50e8b764-2420d118 2013-10-11 20:57:00 5AAB20FD392D721E3AA6A09D8731056F 1214 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\2502c825-65e79f48 2013-10-11 21:06:34 02727403E772A7BB71E521495C5B2DA4 946 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\2158206a-786584c7 2013-10-11 20:50:04 5AA47C3729595FF261CB63FD84269453 3285 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\2c716770-709e6e51 2013-10-11 21:19:53 43CB1DD81743DEC54945E7BFD73973A3 553 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\4fa12930-5f0c6796 2013-10-11 20:58:08 24737EB5D2EBBC9081B8E63B51515849 696 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\743b163a-2d46defd 2013-10-11 20:50:12 81E92BE530F6E985D07766DAA1EE8150 100 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\1719977e-72dbe104 2013-10-11 20:58:25 571E01434B3A8E5BAE25C47BFEA28B91 696 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\491705be-713bbbd2 2013-10-12 10:53:51 FB2D399D260A0E64C8D7D100350F51A3 1146 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\5753657e-6b2365cb 2013-10-11 21:11:43 05D7102FDD0F96501D82CA8408E72B21 2494 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\1b21aa7f-15f59f62 2013-10-11 20:57:48 41213F3A31D75E3E457B76E223C974E4 435 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\56565007-23c6c545 2013-10-11 20:57:14 EA3D72BE02FAF3AE3AF537F4B216653C 1136 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\60621588-7ab6adcf 2013-10-11 20:57:07 2815C88AEA6783CE7AD34640852D8E2E 671 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\5baf1ec9-222fa573 ====== C:\Windows\SysWOW64 ===== 2013-10-10 21:03:36 D9F8C3F763EF4CCEA8A6DD2540760817 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-10-10 21:03:36 4F97C454AF1718AE51696D9AD6A2F9AB 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2013-10-10 21:03:36 327FE5AB6905642AB9FC34F912B6C264 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-10-10 21:03:35 FF3E0BA38DB8561CB97B0FBF6C3B3F9E 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-10-10 21:03:35 C8ADAA6948993D839D14524847EA5B75 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-10-10 21:03:35 3B2EFBBC78DA786391B5A49614DF56C0 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-10-10 21:03:34 DE4C23B8F2F277ECF9692428DC9B5A22 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-10-10 21:03:34 AF0FEB5AEFE8440F78DDCFDAA742EE63 231936 ----a-w- C:\Windows\SysWOW64\url.dll 2013-10-10 21:03:33 EB311F8C0DBE714A4A6E63AD22245A28 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2013-10-10 21:03:33 D2A365FCB3492C01F7A6273F747BDD0A 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-10-10 21:03:33 8CDB5EC48867F571455B1C6875E033D3 1104896 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-10-10 21:03:32 D71C425BBC059CBFEE99328AF6D4D340 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-10-10 21:03:32 9CE9B5DDE7017DF600DC29EFC3E832A7 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-10-10 21:03:32 3B0B665ECDC46A32395FF2F430B8680E 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-10-10 21:03:31 F46A58EC9183CB2B24326A41CDDE1FAE 12336128 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-10-10 21:03:29 9C5CC7677B63F939D980D16953438B45 9739264 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-10-10 18:52:37 75F5E1FE8D55CF8E577E0EC5F2290D3F 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll 2013-10-10 18:52:34 CC23295DA8F7B5C53F93804D2F5D30EB 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll 2013-10-10 18:52:34 8CC4638FA7B5B921B9080CF962582C0B 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2013-10-10 18:52:34 7D27E63B54DB093BB0D9E95F81094D75 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2013-10-10 18:52:34 5C6B44F9CAAC475B7B9EBBC29CB7F065 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2013-10-10 18:52:34 2342EC9254F4C60CA98441BD65C89E12 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll 2013-10-10 18:52:27 EAF4712B706936C0B10D3B5319B37E81 81920 ----a-w- C:\Windows\SysWOW64\davclnt.dll 2013-10-10 18:52:27 75E8EBD7040CE238684333F97014762A 205824 ----a-w- C:\Windows\SysWOW64\WebClnt.dll 2013-10-10 18:52:25 E94C583CDE2348950155F2AF2876F34D 231424 ----a-w- C:\Windows\SysWOW64\mswsock.dll 2013-10-10 18:52:23 D67472125471784DE7147946EDA25FEB 640512 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2013-10-10 18:52:23 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-10 18:52:23 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-10 18:52:23 401D25136E26B237D77DA1BF1198B3BD 619520 ----a-w- C:\Windows\SysWOW64\tdh.dll 2013-10-10 18:52:22 DEE3A05EB88EAFE9C5FF9643676ECC60 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-10-10 18:52:22 DA1340AC8B22D0719F47222C8D508393 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-10-10 18:52:22 D37B27C1F5FE8CFFCCA80FFD4F91149B 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-10-10 18:52:22 A2B0924D50F4435FD389499047CE553A 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2013-10-10 18:52:22 8C3D064E7B7C0F3685A441A37A93C5D1 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-10-10 18:52:22 5244D544B022E70881794563D657B5EF 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-10-10 18:52:10 2A01B40C8334A8124001CFAC256FCA83 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 18:52:09 F50EC0B39521D098373137E5E3CB4405 1077760 ----a-w- C:\Windows\SysWOW64\DWrite.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-10-10 21:03:36 D4372C2CFEF849676ECE9747EEE92A32 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-10-10 21:03:36 4CC24784CB8D1BD9DBB35E4C055BD052 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-10-10 21:03:35 B73439C148710919E18321C487E4C885 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2013-10-10 21:03:35 67926CE246B1C4080AD8DE7626965059 248320 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-10-10 21:03:34 A9B0F7A6C9839F931829CD0FF34D82F8 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-10-10 21:03:34 6431F1042CEE8BD0197200EDCDF10B4F 237056 ----a-w- C:\Windows\Sysnative\url.dll 2013-10-10 21:03:34 61DB16986A5561DE7929C1BEE64BFF11 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-10-10 21:03:34 3CD6F07E6416ED6E18A1965CD2B9144A 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-10-10 21:03:33 F45A1C24BC50B41659F6318C4F7C4533 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-10-10 21:03:33 83A99C79BA5980FB187CCE825C5AECDE 1346560 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-10-10 21:03:33 26FCE63F15EADEFCB0E1D37A6CD6939B 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2013-10-10 21:03:33 224FF6EA2D15F6D808AE25D869DED005 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-10-10 21:03:32 FB20289B5331AE4D36EB39F3762C6527 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll 2013-10-10 21:03:32 BA4EAF171692FEC3F22DC8ED588C125E 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-10-10 21:03:31 88664D38A94CDBD372ABB617E2928C37 17833984 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-10-10 21:03:30 F210546A7E54361B4E26B07A1959DBD1 10926080 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-10-10 18:52:37 9028D1621C43DF8DFBD1C76860412A11 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll 2013-10-10 18:52:34 E1BB958681BE311E7CFF06CFEC5F1F2B 368128 ----a-w- C:\Windows\Sysnative\atmfd.dll 2013-10-10 18:52:34 D6BAE9B4B210D71CDDADC224CEFCDB5F 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2013-10-10 18:52:34 A5ED9421B8D09ED4F57CDA386307713E 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll 2013-10-10 18:52:34 796B47A4B82EF1C39F13435B88834C48 41472 ----a-w- C:\Windows\Sysnative\lpk.dll 2013-10-10 18:52:34 142671F462619CB64BA74F5B70136CB4 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2013-10-10 18:52:27 B32AB94A432289AC2DF77A3DCAD32EED 102400 ----a-w- C:\Windows\Sysnative\davclnt.dll 2013-10-10 18:52:27 0EB0E5D22B1760F2DBCE632F2DD7A54D 259584 ----a-w- C:\Windows\Sysnative\WebClnt.dll 2013-10-10 18:52:25 9A9F9F1A77D6A80EE28B57664F00013E 327168 ----a-w- C:\Windows\Sysnative\mswsock.dll 2013-10-10 18:52:24 5B9A6A310326D9C438F2C19FBBE97C97 5549504 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-10-10 18:52:24 19320B121BFE7462EADD50A42C81AFD0 3155968 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-10-10 18:52:23 CAAAC014C5C56A69F710B5F1B836DE22 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll 2013-10-10 18:52:23 A3FCC4F97551087D65F8FEE879FEF736 859648 ----a-w- C:\Windows\Sysnative\tdh.dll 2013-10-10 18:52:23 63A580C88CFAF72A92550940054569EF 878080 ----a-w- C:\Windows\Sysnative\advapi32.dll 2013-10-10 18:52:22 70833F5A59F65908698093889C34BCA2 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2013-10-10 18:52:10 764DF431D13537A575752009E7740F18 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 18:52:09 79BEC88D21DB3611C2A0B453D4846A8E 1545728 ----a-w- C:\Windows\Sysnative\DWrite.dll 2013-10-10 18:52:09 76C196B109E4BFA50132EF50AF6A1C1B 1143296 ----a-w- C:\Windows\Sysnative\FntCache.dll 2013-10-10 18:52:08 56661BB55AE4633677F846FFCD080ECA 461312 ----a-w- C:\Windows\Sysnative\scavengeui.dll ====== C:\Windows\Sysnative\drivers ===== 2013-10-10 18:52:32 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2013-10-10 18:52:30 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2013-10-10 18:52:29 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2013-10-10 18:52:29 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2013-10-10 18:52:27 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2013-10-10 18:52:26 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-10-10 18:52:25 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-10-10 18:52:09 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2013-09-12 18:06:50 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-10-12 17:10:20 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2013-10-12 15:59:24 -------- d-----w- C:\Program Files (x86)\7-Zip ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== ====== C:\Users\Gebruiker ====== 2013-10-12 17:09:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2013-10-12 16:00:59 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-12 15:59:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2013-10-12 13:13:48 A58A36F56DF6901DE51A0F86F2D42EB7 1117511 ----a-w- C:\ProgramData\frheqodv.pff 2013-10-12 13:12:01 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\ProgramData\frheqodv.ctrl ====== C: exe-files == 2013-10-12 17:10:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2013-10-12 17:09:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2013-10-12 16:00:59 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-12 15:59:25 78E662D435A8E1F5B9CED236FD331856 58641 ----a-w- C:\Program Files (x86)\7-Zip\Uninstall.exe 2013-10-12 15:58:50 B3FDF6E7B0AECD48CA7E4921773FB606 1110476 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\7z920.exe 2013-10-10 21:03:35 B73439C148710919E18321C487E4C885 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-10-10 21:03:35 3B2EFBBC78DA786391B5A49614DF56C0 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-10-10 21:03:34 F980F2E95E0434C8E0559B6504FE1D10 763544 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-10-10 21:03:34 45BDA923BE52906D1460BCB13AC2AB7A 757400 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-10-10 18:52:24 5B9A6A310326D9C438F2C19FBBE97C97 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-10-10 18:52:23 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-10 18:52:23 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-10 18:52:22 DA1340AC8B22D0719F47222C8D508393 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-10-10 18:52:22 8C3D064E7B7C0F3685A441A37A93C5D1 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-10-10 18:52:22 5244D544B022E70881794563D657B5EF 2048 ----a-w- C:\Windows\SysWOW64\user.exe === C: other files == 2013-10-12 16:37:00 3FE51813290A0D7103B620E2813A8C0E 915554 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2013-10-10 18:52:32 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-10-10 18:52:30 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys 2013-10-10 18:52:29 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2013-10-10 18:52:29 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2013-10-10 18:52:27 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2013-10-10 18:52:26 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-10-10 18:52:25 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-10-10 18:52:24 19320B121BFE7462EADD50A42C81AFD0 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-10-10 18:52:09 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3022008148-1341554004-2509797194-1000\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Steam"="D:\Steam\steam.exe -silent" "DAEMON Tools Lite"="D:\DAEMON Tools Lite\DTLite.exe -autorun" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "EADM"="D:\Program Files\Origin\Origin.exe -AutoStart" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "ASUSGamerOSD"="C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Steam"="D:\Steam\steam.exe -silent" "DAEMON Tools Lite"="D:\DAEMON Tools Lite\DTLite.exe -autorun" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "EADM"="D:\Program Files\Origin\Origin.exe -AutoStart" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized" ==== Startup Folders ====================== 2013-10-12 13:12:01 1037 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\frheqodv.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-10-2013 22:37] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\{3DCE0556-47E2-4789-B425-8E207792C25B}" [D:\Program Files\Blitzkrieg 2\EXE\bin\GAME.EXE] "C:\Windows\SysNative\tasks\{5955D7F0-FF47-4D82-8EC8-ADAEE1C80683}" [D:\Program Files\Blitzkrieg 2\EXE\bin\GAME.EXE] "C:\Windows\SysNative\tasks\{6D1C29AA-F87A-4858-88BC-F870CF21298B}" [D:\Program Files\Blitzkrieg 2\EXE\bin\GAME.EXE] "C:\Windows\SysNative\tasks\{7D7210A0-A217-4745-85C4-5E7881D54B37}" [D:\Program Files\Blitzkrieg 2\EXE\bin\GAME.EXE] "C:\Windows\SysNative\tasks\{854DF2F2-FF27-472D-860E-485F765073E2}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{ACAA314B-EEBA-48e4-AD47-84E31C44796C}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash ADC539F67D3198679F480974EE203678 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" "Search Page"="http://www.google.nl" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.nl/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [EADM] "D:\Program Files\Origin\Origin.exe" -AutoStart O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?') O4 - S-1-5-21-3022008148-1341554004-2509797194-1000 Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe (User '?') O4 - Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing) O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\muv8sqwg.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on za 12-10-2013 at 19:54:13,81 ======================
  10. Borre1487
    Dit is de inhoud van de log : Logfile of random's system information tool 1.09 (written by random/random) Run by Gebruiker at 2013-10-12 19:09:50 WIN_7 Service Pack 1 System drive C: has 7 GB (8%) free of 86 GB Total RAM: 12279 MB (79% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:12:51, on 12-10-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16514) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe D:\Steam\steam.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\Gebruiker.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [EADM] "D:\Program Files\Origin\Origin.exe" -AutoStart O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?') O4 - S-1-5-21-3022008148-1341554004-2509797194-1000 Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe (User '?') O4 - Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing) O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9109 bytes ======Listing Processes====== ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job =========Mozilla firefox========= ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411391105}] a2zLyrics-15 - C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-bho64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-01-15 347424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-01-15 49440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-16 462752] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-16 171424] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-12-12 7560296] "MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 1356240] "Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2012-07-24 6900024] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-03-19 2363392] "Steam"=D:\Steam\steam.exe [2013-10-09 1813928] "DAEMON Tools Lite"=D:\DAEMON Tools Lite\DTLite.exe [2012-01-24 3478336] "GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2013-03-12 1099608] "EADM"=D:\Program Files\Origin\Origin.exe [2013-10-02 3551576] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632] "NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288] "ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2009-07-30 380928] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup frheqodv.lnk - C:\Windows\System32\rundll32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=0 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "VIDC.XFR1"=xfcodec64.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2013-10-12 19:10:20 ----D---- C:\Program Files\trend micro 2013-10-12 19:09:50 ----D---- C:\rsit 2013-10-12 17:59:24 ----D---- C:\Program Files (x86)\7-Zip 2013-10-10 23:03:36 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2013-10-10 23:03:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2013-10-10 23:03:36 ----A---- C:\Windows\system32\mshtmled.dll 2013-10-10 23:03:35 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-10-10 23:03:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2013-10-10 23:03:35 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-10-10 23:03:35 ----A---- C:\Windows\system32\ieUnatt.exe 2013-10-10 23:03:35 ----A---- C:\Windows\system32\ieui.dll 2013-10-10 23:03:34 ----A---- C:\Windows\SYSWOW64\url.dll 2013-10-10 23:03:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-10-10 23:03:34 ----A---- C:\Windows\system32\wininet.dll 2013-10-10 23:03:34 ----A---- C:\Windows\system32\url.dll 2013-10-10 23:03:34 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-10 23:03:34 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-10 23:03:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-10-10 23:03:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-10-10 23:03:33 ----A---- C:\Windows\system32\urlmon.dll 2013-10-10 23:03:33 ----A---- C:\Windows\system32\jscript9.dll 2013-10-10 23:03:33 ----A---- C:\Windows\system32\iertutil.dll 2013-10-10 23:03:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-10-10 23:03:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-10-10 23:03:32 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-10-10 23:03:32 ----A---- C:\Windows\system32\vbscript.dll 2013-10-10 23:03:32 ----A---- C:\Windows\system32\jscript.dll 2013-10-10 23:03:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-10-10 23:03:31 ----A---- C:\Windows\system32\mshtml.dll 2013-10-10 23:03:30 ----A---- C:\Windows\system32\ieframe.dll 2013-10-10 23:03:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-10-10 20:52:37 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-10 20:52:37 ----A---- C:\Windows\system32\comctl32.dll 2013-10-10 20:52:34 ----A---- C:\Windows\SYSWOW64\lpk.dll 2013-10-10 20:52:34 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2013-10-10 20:52:34 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2013-10-10 20:52:34 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-10 20:52:34 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-10 20:52:34 ----A---- C:\Windows\system32\lpk.dll 2013-10-10 20:52:34 ----A---- C:\Windows\system32\fontsub.dll 2013-10-10 20:52:34 ----A---- C:\Windows\system32\dciman32.dll 2013-10-10 20:52:34 ----A---- C:\Windows\system32\atmlib.dll 2013-10-10 20:52:34 ----A---- C:\Windows\system32\atmfd.dll 2013-10-10 20:52:32 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-10 20:52:30 ----A---- C:\Windows\system32\drivers\usbcir.sys 2013-10-10 20:52:29 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-10 20:52:29 ----A---- C:\Windows\system32\drivers\hidclass.sys 2013-10-10 20:52:27 ----A---- C:\Windows\SYSWOW64\WebClnt.dll 2013-10-10 20:52:27 ----A---- C:\Windows\SYSWOW64\davclnt.dll 2013-10-10 20:52:27 ----A---- C:\Windows\system32\WebClnt.dll 2013-10-10 20:52:27 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2013-10-10 20:52:27 ----A---- C:\Windows\system32\davclnt.dll 2013-10-10 20:52:26 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-10-10 20:52:25 ----A---- C:\Windows\SYSWOW64\mswsock.dll 2013-10-10 20:52:25 ----A---- C:\Windows\system32\mswsock.dll 2013-10-10 20:52:25 ----A---- C:\Windows\system32\drivers\afd.sys 2013-10-10 20:52:24 ----A---- C:\Windows\system32\win32k.sys 2013-10-10 20:52:24 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-10-10 20:52:23 ----A---- C:\Windows\SYSWOW64\tdh.dll 2013-10-10 20:52:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-10-10 20:52:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-10-10 20:52:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll 2013-10-10 20:52:23 ----A---- C:\Windows\system32\tdh.dll 2013-10-10 20:52:23 ----A---- C:\Windows\system32\ntdll.dll 2013-10-10 20:52:23 ----A---- C:\Windows\system32\advapi32.dll 2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\user.exe 2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-10-10 20:52:22 ----A---- C:\Windows\system32\wow64.dll 2013-10-10 20:52:10 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 20:52:10 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 20:52:09 ----A---- C:\Windows\SYSWOW64\DWrite.dll 2013-10-10 20:52:09 ----A---- C:\Windows\system32\FntCache.dll 2013-10-10 20:52:09 ----A---- C:\Windows\system32\DWrite.dll 2013-10-10 20:52:09 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2013-10-10 20:52:08 ----A---- C:\Windows\system32\scavengeui.dll 2013-10-03 20:34:36 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-09-12 20:06:50 ----A---- C:\Windows\system32\drivers\ataport.sys 2013-09-12 20:06:49 ----A---- C:\Windows\SYSWOW64\KernelBase.dll 2013-09-12 20:06:49 ----A---- C:\Windows\SYSWOW64\kernel32.dll 2013-09-12 20:06:49 ----A---- C:\Windows\system32\winsrv.dll 2013-09-12 20:06:49 ----A---- C:\Windows\system32\smss.exe 2013-09-12 20:06:49 ----A---- C:\Windows\system32\KernelBase.dll 2013-09-12 20:06:49 ----A---- C:\Windows\system32\kernel32.dll 2013-09-12 20:06:49 ----A---- C:\Windows\system32\csrsrv.dll 2013-09-12 20:06:49 ----A---- C:\Windows\system32\conhost.exe 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-12 20:06:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll 2013-09-12 20:06:48 ----A---- C:\Windows\system32\apisetschema.dll 2013-09-12 20:06:41 ----A---- C:\Windows\SYSWOW64\shell32.dll 2013-09-12 20:06:41 ----A---- C:\Windows\SYSWOW64\shdocvw.dll 2013-09-12 20:06:41 ----A---- C:\Windows\system32\shell32.dll 2013-09-12 20:06:41 ----A---- C:\Windows\system32\shdocvw.dll 2013-08-15 23:17:51 ----D---- C:\Users\Gebruiker\AppData\Roaming\TS3Client 2013-08-13 20:52:10 ----D---- C:\Users\Gebruiker\AppData\Roaming\3909 LLC 2013-08-13 20:09:05 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2013-08-13 20:09:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2013-08-13 20:09:05 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2013-08-13 20:09:05 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-08-13 20:09:05 ----A---- C:\Windows\system32\wintrust.dll 2013-08-13 20:09:05 ----A---- C:\Windows\system32\cryptsvc.dll 2013-08-13 20:09:05 ----A---- C:\Windows\system32\cryptnet.dll 2013-08-13 20:09:05 ----A---- C:\Windows\system32\crypt32.dll 2013-08-13 20:09:01 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-08-13 20:09:01 ----A---- C:\Windows\system32\tzres.dll 2013-08-13 20:08:59 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL 2013-08-13 20:08:59 ----A---- C:\Windows\system32\WMVDECOD.DLL 2013-08-13 20:08:57 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2013-08-13 20:08:57 ----A---- C:\Windows\system32\rpcrt4.dll 2013-08-13 20:08:55 ----A---- C:\Windows\system32\rdpcorets.dll 2013-08-13 20:08:55 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2013-07-23 17:46:50 ----A---- C:\ProgramData\wavav0bdtzbtb43b.bat 2013-07-14 09:33:29 ----D---- C:\Windows\system32\MRT ======List of files/folders modified in the last 3 months====== 2013-10-12 19:10:20 ----RD---- C:\Program Files 2013-10-12 19:09:11 ----D---- C:\Windows\Temp 2013-10-12 18:24:44 ----D---- C:\Windows\system32\config 2013-10-12 18:09:22 ----D---- C:\ProgramData\NVIDIA 2013-10-12 18:09:17 ----HD---- C:\ProgramData 2013-10-12 18:07:23 ----RD---- C:\Program Files (x86) 2013-10-12 18:07:22 ----D---- C:\Windows\Tasks 2013-10-12 18:07:22 ----D---- C:\Windows\system32\Tasks 2013-10-12 18:01:27 ----D---- C:\Windows\system32\drivers 2013-10-12 14:13:29 ----D---- C:\Users\Gebruiker\AppData\Roaming\Omerta 2013-10-12 13:28:43 ----D---- C:\Windows\Prefetch 2013-10-12 10:37:16 ----D---- C:\Windows\rescache 2013-10-12 10:25:26 ----RSD---- C:\Windows\assembly 2013-10-12 10:25:26 ----D---- C:\Windows\Microsoft.NET 2013-10-12 09:57:09 ----D---- C:\Windows\System32 2013-10-12 09:57:09 ----D---- C:\Windows\inf 2013-10-12 09:57:09 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-11 20:39:25 ----SHD---- C:\System Volume Information 2013-10-11 20:19:41 ----D---- C:\Windows\winsxs 2013-10-11 20:18:39 ----D---- C:\Windows\SYSWOW64\migration 2013-10-11 20:18:39 ----D---- C:\Windows\SysWOW64 2013-10-11 20:18:39 ----D---- C:\Windows\system32\migration 2013-10-11 20:18:39 ----D---- C:\Program Files (x86)\Internet Explorer 2013-10-11 20:18:38 ----D---- C:\Windows\AppPatch 2013-10-11 20:18:38 ----D---- C:\Program Files\Internet Explorer 2013-10-11 20:18:37 ----D---- C:\Windows\system32\DriverStore 2013-10-11 20:18:18 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-11 20:18:18 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-10 23:04:42 ----SHD---- C:\Windows\Installer 2013-10-10 23:03:44 ----D---- C:\Windows\system32\catroot 2013-10-10 23:03:43 ----D---- C:\Windows\system32\catroot2 2013-10-10 23:03:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2013-10-10 23:00:09 ----A---- C:\Windows\system32\MRT.exe 2013-10-10 22:58:18 ----D---- C:\Windows\system32\nl-NL 2013-10-08 22:54:29 ----D---- C:\Windows 2013-10-08 22:54:29 ----D---- C:\Program Files\Microsoft Security Client 2013-10-08 22:54:29 ----D---- C:\Program Files (x86)\Microsoft Security Client 2013-10-08 22:37:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-10-07 20:19:00 ----A---- C:\Windows\NeroDigital.ini 2013-10-06 12:15:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-12 22:06:10 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-09-03 21:39:06 ----D---- C:\Users\Gebruiker\AppData\Roaming\The Creative Assembly 2013-07-31 22:40:34 ----D---- C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoft 2013-07-31 22:40:34 ----D---- C:\Program Files (x86)\Common Files 2013-07-31 22:40:31 ----D---- C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-08-10 120920] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216] R0 mv91xx;mv91xx; C:\Windows\system32\DRIVERS\mv91xx.sys [2009-12-25 297512] R0 nvrd64;NVIDIA nForce RAID Driver; C:\Windows\system32\DRIVERS\nvrd64.sys [2009-08-04 175648] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2007-10-03 22056] R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2007-10-03 17448] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-02-13 564792] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552] R1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2012-07-17 2639976] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560] R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys [2012-03-05 16384] R1 MpKsl80e52099;MpKsl80e52099; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D9485D16-FB85-4ED0-86B1-852FCC307266}\MpKsl80e52099.sys [2013-10-12 46768] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-10-20 314016] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-10-20 43680] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616] R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792] R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2009-02-17 39424] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-13 4718952] R3 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2010-02-22 23680] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408] R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2012-02-07 66328] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848] R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\DRIVERS\nvstusb.sys [2013-06-21 448288] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928] S0 johci;JMicron 1394 Filter Driver; C:\Windows\system32\DRIVERS\johci.sys [2008-10-09 18784] S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [] S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [] S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [] S1 bdfdhbdg;bdfdhbdg; \??\C:\Windows\system32\drivers\bdfdhbdg.sys [] S1 epvpxbfk;epvpxbfk; \??\C:\Windows\system32\drivers\epvpxbfk.sys [] S1 pgleboel;pgleboel; \??\C:\Windows\system32\drivers\pgleboel.sys [] S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [] S1 qfjujdqz;qfjujdqz; \??\C:\Windows\system32\drivers\qfjujdqz.sys [] S1 sicaqqtb;sicaqqtb; \??\C:\Windows\system32\drivers\sicaqqtb.sys [] S3 ahcix64s;ahcix64s; C:\Windows\system32\DRIVERS\ahcix64s.sys [2009-05-18 231224] S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304] S3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2007-05-11 70424] S3 hptmv;hptmv; C:\Windows\system32\DRIVERS\hptmv.sys [2006-09-18 93472] S3 IAMTVE;Stuurprogramma voor Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTVE.sys [2007-04-11 43416] S3 IAMTXPE;Stuurprogramma voor Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTXPE.sys [2007-04-11 51096] S3 iaStor;iaStor; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 537112] S3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976] S3 ioatdma1;ioatdma1; C:\Windows\System32\Drivers\qd162x64.sys [2009-11-16 40144] S3 ioatdma2;Intel® QuickData Technology device ver.2; C:\Windows\System32\Drivers\qd262x64.sys [2009-11-16 42192] S3 iteraid;iteraid; C:\Windows\system32\DRIVERS\iteraid.sys [2007-05-02 32768] S3 MegaSR1;MegaSR1; C:\Windows\system32\DRIVERS\MegaSR1.sys [2009-04-16 461320] S3 nvamacpi;nvamacpi; C:\Windows\system32\DRIVERS\NVAMACPI.sys [2009-07-17 28192] S3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 28704] S3 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696] S3 Pnp680;Pnp680; C:\Windows\system32\DRIVERS\pnp680.sys [2007-11-13 80424] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992] S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR64.SYS [2009-03-11 71168] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656] S3 Ser2at;ATEN USB to Serial port driver; C:\Windows\system32\DRIVERS\ser2at64.sys [2007-06-08 90112] S3 SI3112r;SI3112r; C:\Windows\system32\DRIVERS\SI3112r.sys [2007-02-01 164656] S3 SI3114;SI3114; C:\Windows\system32\DRIVERS\SI3114.sys [2006-11-10 99120] S3 SI3114r;SI3114r; C:\Windows\system32\DRIVERS\SI3114R.sys [2007-04-11 163632] S3 SI3124;SI3124; C:\Windows\system32\DRIVERS\SI3124.sys [2006-11-02 113456] S3 Si3124r5;Si3124r5; C:\Windows\system32\DRIVERS\Si3124r5.sys [2006-09-20 334640] S3 SI3132;SI3132; C:\Windows\system32\DRIVERS\SI3132.sys [2007-10-03 90664] S3 Si3531;Si3531; C:\Windows\system32\DRIVERS\Si3531.sys [2007-06-01 330544] S3 SISAGP;SiS AGP Filter; C:\Windows\system32\DRIVERS\SISAGPX.sys [2009-08-01 67104] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 vcrdrx64;VIA MSP Card Reader Host Controller; C:\Windows\system32\DRIVERS\vcrdrx64.sys [2009-09-15 123544] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp1;VIA AGP Filter; C:\Windows\system32\DRIVERS\viaagp1.sys [2005-09-23 59392] S3 viamrx64;viamrx64; C:\Windows\system32\DRIVERS\viamrx64.sys [2008-04-21 157336] S3 ViBusX64;ViBusX64; C:\Windows\system32\DRIVERS\ViBusX64.sys [2008-04-15 25240] S3 ViPrtX64;ViPrtX64; C:\Windows\system32\DRIVERS\ViPrtX64.sys [2008-04-15 67224] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760] S3 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2008-05-15 28208] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2009-07-27 61440] R2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe [2009-12-01 63488] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-03-12 185688] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-03-19 73728] R2 MBAMScheduler;MBAMScheduler; D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 23808] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-05-18 935208] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-10 76888] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472] R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 366600] S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2012-07-17 538000] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-03 118680] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-08-28 563624] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-04 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------
  11. Borre1487
    Hier zijn de twee logs : Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.10.12.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Gebruiker :: GEBRUIK-YXSGZML [administrator] 12-10-2013 18:02:11 mbam-log-2013-10-12 (18-02-11).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 223484 Verstreken tijd: 3 minuut/minuten, 59 seconde(n) Geheugenprocessen gedetecteerd: 1 C:\Users\Gebruiker\AppData\Local\FilesFrog Update Checker\update_checker.exe (PUP.Optional.FilesFrog.A) -> 4932 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 14 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0043905.BHO (PUP.Optional.CrossRider.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0043905.BHO.1 (PUP.Optional.CrossRider.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0043905.Sandbox (PUP.Optional.CrossRider.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0043905.Sandbox.1 (PUP.Optional.CrossRider.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\BI (PUP.Optional.FilesFrog.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\SOMOTO\SDP (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\Software\a2zLyrics-15 (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{11111111-1111-1111-1111-110411391105} (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{44444444-4444-4444-4444-440444394405} (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{55555555-5555-5555-5555-550455395505} (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411391105} (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411391105} (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a2zLyrics-15 (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 3 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SDP (PUP.Optional.FilesFrog.A) -> Data: C:\Users\Gebruiker\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\BI|ui_path_filesfrog (PUP.Optional.FilesFrog.A) -> Data: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Somoto\SDP|affid (PUP.Optional.Somoto.A) -> Data: awbe7zip55480 -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 3 C:\Users\Gebruiker\AppData\Local\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> Zal worden verwijderd tijdens het herstarten. C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15 (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 36 C:\ProgramData\vdoqehrf.plz (Trojan.Ransom.ED) -> Zal worden verwijderd tijdens het herstarten. C:\Users\Gebruiker\AppData\Local\FilesFrog Update Checker\update_checker.exe (PUP.Optional.FilesFrog.A) -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\frheqodv.pzz (Trojan.FakeMS) -> Zal worden verwijderd tijdens het herstarten. C:\Users\Gebruiker\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe (Heuristics.Shuriken) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\biclient.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\MoviesToolbarSetup_Somoto29_9_13.exe (PUP.Optional.MoviesToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\UpdateCheckerSetup.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\~tmf2210712375808886953.dll (Trojan.Ransom.ED) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Downloads\7ZipSetup.exe (PUP.Optional.Somoto) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Bundled software uninstaller\biclient.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\FilesFrog Update Checker\uninstall.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Tasks\a2zLyrics-15-codedownloader.job (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Tasks\a2zLyrics-15-enabler.job (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Tasks\a2zLyrics-15-firefoxinstaller.job (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Tasks\a2zLyrics-15-updater.job (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk (PUP.Optional.FilesFrog.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk (PUP.Optional.FilesFrog.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\43905.xpi (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-bg.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-bho.dll (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-bho64.dll (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-buttonutil.dll (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-buttonutil.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-buttonutil64.dll (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-buttonutil64.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-codedownloader.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-enabler.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-firefoxinstaller.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-helper.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-updater.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15.ico (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\background.html (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\Installer.log (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\Uninstall.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\a2zLyrics-15\utils.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:16:46, on 12-10-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16514) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe D:\Program Files\Origin\Origin.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe G:\TXT\HijackThis.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [EADM] "D:\Program Files\Origin\Origin.exe" -AutoStart O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?') O4 - S-1-5-21-3022008148-1341554004-2509797194-1000 Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe (User '?') O4 - Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing) O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9104 bytes Bij het opstarten kreeg ik ook het volgende RunDLL-bericht : "Er is een probleem opgetreden tijdens het starten van C:\PROGRA~3\vdoqehrf.plz. Kan opgegeven module niet vinden." Bedankt, Nick - - - Updated - - - De Windows Security Center-service is ook uitgeschakeld en geeft steeds een foutmelding als ik deze terug wil inschakelen --> "De Windows Security Center-service kan niet worden gestart." Mvg, Nick
  12. Borre1487
    Hallo, vorig jaar had ik al eens last van hetzelfde probleem, deze keer ben ik weer getroffen. Hieronder kan je het logje vinden : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:48:21, on 12-10-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16514) Boot mode: Normal Running processes: D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe G:\TXT\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: Shell=C:\PROGRA~3\wavav0bdtzbtb43b.bat F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing) O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [EADM] "D:\Program Files\Origin\Origin.exe" -AutoStart O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?') O4 - S-1-5-21-3022008148-1341554004-2509797194-1000 Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe (User '?') O4 - Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing) O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing) O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9993 bytes Kunnen jullie hierbij helpen ? Alvast bedankt en vriendelijke groet, Nick
  13. Borre1487
    Alles is vlot verlopen, bedankt voor de snelle hulp !
  14. Borre1487
    Alles lijkt terug normaal te werken, hier zijn de 2 logs : Malwarebytes Anti-Malware (-evaluatieversie-) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.04.04.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Gebruiker :: GEBRUIK-YXSGZML [administrator] Realtime bescherming: Uitgeschakeld 4-4-2012 21:19:58 mbam-log-2012-04-04 (21-19-58).txt Scantype: Volledige scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 498734 Verstreken tijd: 25 minuut/minuten, 2 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Slecht: (1) Goed: (0) -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Users\Gebruiker\AppData\Local\Temp\ch8l0.exe (Spyware.Passwords) -> Zal worden verwijderd tijdens het herstarten. (einde) --- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:53:37, on 4-4-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe D:\Steam\steam.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe G:\TXT\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [RGSC] D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8790 bytes
  15. Borre1487
    Had vergeten om Hijack in administrator mode te laten runnen, hier is de correcte log : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:48:17, on 4-4-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe D:\Steam\steam.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\WerFault.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe G:\TXT\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [RGSC] D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: ch8l0.exe.lnk = C:\Windows\System32\rundll32.exe O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9224 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.