Have0
-
Items
408 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Have0
-
Hieronder vind u de 2 logfiles. Zoek.exe v5.0.0.0 Updated 16-June-2014 Tool run by Have0 on vr 20-06-2014 at 16:25:14,65. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Have0\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-06-19-194645.log 13094 bytes ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default user.js not found ---- Lines {b8a90375-3b37-4954-86de-f96c458c4ce2}.xpi modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"avg@igeared\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\AVG\ ---- FireFox user.js and prefs.js backups ---- prefs_20-06-2014_1655_.backup prefs_23-10-2013_1719_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Avg_Update_0414b deleted C:\PROGRA~3\Package Cache deleted C:\Users\Have0\Downloads\avg_free_stb_all_2014_4577_cnet.exe deleted "C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default\extensions\{b8a90375-3b37-4954-86de-f96c458c4ce2}.xpi" deleted ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2014-05-16 12:34:02 -------- dc----w- C:\PROGRA~3\Apple Computer 2014-06-14 12:51:56 -------- dc----w- C:\PROGRA~3\McAfee ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "avg@igeared"="C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared" [20-09-2011 22:42] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default 738C29EAC995029E13333034C1402F56 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll - Shockwave Flash 5B0F6A8F086D3220272919A3023EF180 - C:\Users\Have0\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 2C82D753EF779945977C82A3908DA20A - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.90.5 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== {page b.html}content_scripts:[{all_frames:falsejs:[c.js]matches:[http://*/*https://*/*]run_at:document_end}]description:icons:{16:icon16.png48:icon48.png128:icon128.png}manifest_version:2name:Re-markitpermissions:[cookiesstorageunlimitedStoragehttp://*/*https://*/*tabswebRequestwebRequestBlocking]version:1.161.0.0author:} - Have0\AppData\Local\Google\Chrome\User Data\default\Extensions\lphmhoddjhmehbbpmkhhmepfhpmjigfk ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdAwareTray deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Have0\AppData\Local\Mozilla\Firefox\Profiles\7uw19joy.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=265 folders=58 22646297 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Have0\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Have0\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on vr 20-06-2014 at 17:18:08,18 ====================== Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes | Free Anti-Malware & Internet Security Software Databaseversie: v2014.06.20.07 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 Have0 :: HAVE0-PC [administrator] 20-6-2014 17:20:32 mbam-log-2014-06-20 (17-20-32).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 259120 Verstreken tijd: 19 minuut/minuten, 51 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
-
Laptop reageert ook traag, ook traag met opstarten en afsluiten. Of moet ik hiervoor een aparte item maken ? Hieronder logfile. Zoek.exe v5.0.0.0 Updated 16-June-2014 Tool run by Have0 on do 19-06-2014 at 21:33:59,84. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Have0\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 19-6-2014 21:36:53 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== File Information Results ====================== ==== Folders Found In C:\Windows\PCHEALTH ====================== 2014-05-22 17:23:42 dc----w- C:\Windows\PCHEALTH\ERRORREP 2014-05-22 17:23:42 dc----w- C:\Windows\PCHEALTH\ERRORREP\QHEADLES 2014-05-22 17:23:42 dc----w- C:\Windows\PCHEALTH\ERRORREP\QSIGNOFF ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Have0\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2014-06-19 17:18:41 88654413033C98D8838583C89725375C 3486 -c--a-w- C:\Windows\Sysnative\Tasks\AutoKMS 2014-06-18 19:54:12 FF97F051802480C7A23F5AE26C711962 3170 -c--a-w- C:\Windows\Sysnative\Tasks\P4GIntlCtrl ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-05-22 17:17:23 -------- dc----w- C:\Program Files\Microsoft Office ======= C:\PROGRA~2 ===== 2014-05-24 07:42:42 -------- dc----w- C:\PROGRA~2\COMMON~1\DESIGNER 2014-05-22 17:24:52 -------- dc----w- C:\PROGRA~2\Microsoft Synchronization Services 2014-05-22 17:18:50 -------- dc----w- C:\PROGRA~2\Microsoft Visual Studio 8 2014-05-22 17:17:00 -------- dc----w- C:\PROGRA~2\Microsoft Analysis Services ======= C: ===== 2014-06-14 13:10:03 A6799D0F42122C0D1E28655C10DB2707 30 -c--a-w- C:\AVScanner.ini ====== C:\Users\Have0\AppData\Roaming ====== 2014-06-17 14:21:32 -------- dc----w- C:\Users\Have0\AppData\Local\Adobe 2014-06-07 16:00:56 -------- dc----w- C:\Users\Have0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2014-06-07 16:00:23 -------- dc----w- C:\Users\Have0\AppData\Roaming\.minecraft 2014-06-07 15:47:35 -------- dc----w- C:\Users\Have0\AppData\Locallow\Unity 2014-06-07 15:47:35 -------- dc----w- C:\Users\Have0\AppData\Local\Unity ====== C:\Users\Have0 ====== 2014-06-19 15:30:22 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 -c--a-w- C:\Users\Have0\Downloads\RSITx64(1).exe 2014-06-19 15:29:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 -c--a-w- C:\Users\Have0\Downloads\RSITx64.exe 2014-06-14 13:02:29 A61A24E28CE5E961941D61C1D342AC39 4748896 -c--a-w- C:\Users\Have0\Downloads\ccsetup414.exe 2014-06-14 12:17:22 42F24559E8C472F6FF745BB7C5465FB2 1333465 -c--a-w- C:\Users\Have0\Desktop\adwcleaner_3.212(1).exe 2014-06-07 15:47:19 D35B2DF8D65BA715D159D679FF7B22F0 1080944 -c--a-w- C:\Users\Have0\Downloads\UnityWebPlayer.exe 2014-06-06 14:45:01 42F24559E8C472F6FF745BB7C5465FB2 1333465 -c--a-w- C:\Users\Have0\Downloads\adwcleaner_3.212.exe 2014-05-22 17:27:44 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint ====== C: exe-files == 2014-06-19 15:30:22 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 -c--a-w- C:\Documents and Settings\Have0\Downloads\RSITx64(1).exe 2014-06-19 15:29:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 -c--a-w- C:\Documents and Settings\Have0\Downloads\RSITx64.exe 2014-06-14 13:02:29 A61A24E28CE5E961941D61C1D342AC39 4748896 -c--a-w- C:\Documents and Settings\Have0\Downloads\ccsetup414.exe 2014-06-14 12:17:22 42F24559E8C472F6FF745BB7C5465FB2 1333465 -c--a-w- C:\Documents and Settings\Have0\Desktop\adwcleaner_3.212(1).exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5" "UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EeeStorageBackup"="C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe" "ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdAwareTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdAwareTray" "hkey"="HKLM" "command"="\"C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.1.5354.0\\AdAwareTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EEventManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HDAudDeck" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Have0\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Xvid] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Xvid" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Xvid\\CheckUpdate.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\NewShortcut1.lnk" "backup"="C:\\Windows\\pss\\NewShortcut1.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\USB_VI~1\\Utility\\REMOTE~1\\BDAREM~1.EXE " "item"="NewShortcut1" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a--c--- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-06-2014 14:51] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate 2" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe] "C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\P4GIntlCtrl" [C:\Program Files\P4G\IntlCtrl.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\{A43D4B78-0311-4C53-983B-3317133FAC60}" [C:\Program Files (x86)\LG Software Innovations\1Click DVD Copy Pro\1ClickDvdCopyPro.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "avg@igeared"="C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared" [20-09-2011 22:42] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default - Fortunitas - %ProfilePath%\extensions\{b8a90375-3b37-4954-86de-f96c458c4ce2}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default 738C29EAC995029E13333034C1402F56 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll - Shockwave Flash 5B0F6A8F086D3220272919A3023EF180 - C:\Users\Have0\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 2C82D753EF779945977C82A3908DA20A - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.90.5 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== {page b.html}content_scripts:[{all_frames:falsejs:[c.js]matches:[http://*/*https://*/*]run_at:document_end}]description:icons:{16:icon16.png48:icon48.png128:icon128.png}manifest_version:2name:Re-markitpermissions:[cookiesstorageunlimitedStoragehttp://*/*https://*/*tabswebRequestwebRequestBlocking]version:1.161.0.0author:} - Have0\AppData\Local\Google\Chrome\User Data\default\Extensions\lphmhoddjhmehbbpmkhhmepfhpmjigfk ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=257 folders=54 11295515 bytes) ==== EOF on do 19-06-2014 at 21:46:45,33 ======================
-
Wie kan mij helpen ? Ik heb hieronder een logfile neergezet. Alvast bedankt voor uw aandacht. Logfile of random's system information tool 1.10 (written by random/random) Run by Have0 at 2014-06-19 17:31:07 Microsoft Windows 7 Home Premium System drive C: has 29 GB (38%) free of 76 GB Total RAM: 4095 MB (56% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:31:37, on 19-6-2014 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe C:\Program Files\trend micro\Have0.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8194 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=6e53aa65-cead-4e0e-bd56-3164dd470f14 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\1044322e-51ea-4140-94c6-0170ee1a7e1b-144-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\AUDIODG.EXE 0x24c C:\Windows\system32\svchost.exe -k LocalService atieclxx C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe" "C:\Program Files\ATKGFNEX\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" "C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe" Atouch64.exe "taskhost.exe" ATKOSD.exe taskeng.exe {0C383E0E-9457-4EDC-BD94-FAABACC36F3D} "C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe" "C:\Program Files\P4G\BatteryLife.exe" "C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe" "C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe" "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation KBFiltr.exe "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" WDC.exe "C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding C:\Windows\Explorer.EXE "C:\Windows\system32\Dwm.exe" C:\Windows\servicing\TrustedInstaller.exe "C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe" "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" ctfmon.exe "C:\Windows\system32\wuauclt.exe" C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3528.8db4ab0.198941629 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3528 "\\.\pipe\gecko-crash-server-pipe.3528" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe" --proxy-stub-channel=Flash5020.6D14A378.26565 --host-broker-channel=Flash5020.6D14A378.929 --host-pid=5020 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe" --channel=3428.0045F7C4.904411708 --proxy-stub-channel=Flash5020.6D14A378.26565 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll" --host-npapi-version=27 --type=renderer C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Users\Have0\Downloads\RSITx64(1).exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =========Mozilla firefox========= ProfilePath - C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default prefs.js - "browser.search.useDBForOrder" - "false" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 14.0.0.125 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3] "Description"=Office Live Update v1.3 "Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 14.0.0.125 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0] "Description"= "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll QuickTimePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default\searchplugins\ google-.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "EeeStorageBackup"=C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [2009-08-25 947472] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856] "AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe [2009-12-19 3058304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-11 2244608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-15 1268560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk] C:\PROGRA~2\USB_VI~1\Utility\REMOTE~1\BDAREM~1.EXE [2005-08-19 77908] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] "UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408] "HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016] "ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392] "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-30 98304] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-05-13 5181456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=16 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "vidc.XVID"=xvidvfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-06-19 17:31:07 ----DC---- C:\rsit 2014-06-18 22:35:05 ----DC---- C:\Windows\system32\SPReview 2014-06-18 17:32:44 ----DC---- C:\Program Files (x86)\Mozilla Firefox 2014-06-14 15:10:03 ----AC---- C:\AVScanner.ini 2014-06-14 14:51:56 ----DC---- C:\ProgramData\McAfee 2014-06-07 18:00:23 ----DC---- C:\Users\Have0\AppData\Roaming\.minecraft 2014-05-22 19:24:52 ----DC---- C:\Program Files (x86)\Microsoft Synchronization Services 2014-05-22 19:23:42 ----DC---- C:\Windows\PCHEALTH 2014-05-22 19:18:50 ----DC---- C:\Program Files (x86)\Microsoft Visual Studio 8 2014-05-22 19:17:23 ----DC---- C:\Program Files\Microsoft Office 2014-05-22 19:17:00 ----DC---- C:\Program Files (x86)\Microsoft Analysis Services ======List of files/folders modified in the last 1 month====== 2014-06-19 17:31:26 ----DC---- C:\Program Files\trend micro 2014-06-19 17:30:08 ----DC---- C:\Windows\Temp 2014-06-19 17:20:12 ----DC---- C:\Windows\system32\Tasks 2014-06-19 17:13:04 ----DC---- C:\ProgramData\MFAData 2014-06-19 17:06:58 ----DC---- C:\Windows\system32\config 2014-06-19 17:06:04 ----DC---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-18 22:35:05 ----DC---- C:\Windows\System32 2014-06-18 22:34:59 ----SHD---- C:\System Volume Information 2014-06-18 21:56:27 ----RDC---- C:\Program Files (x86) 2014-06-18 15:53:20 ----DC---- C:\Config.Msi 2014-06-17 20:29:33 ----DC---- C:\Windows\system32\FxsTmp 2014-06-17 20:20:48 ----SDC---- C:\Users\Have0\AppData\Roaming\Microsoft 2014-06-17 19:29:36 ----DC---- C:\Windows 2014-06-17 15:38:53 ----SHDC---- C:\Windows\Installer 2014-06-16 17:23:03 ----DC---- C:\Users\Have0\AppData\Roaming\uTorrent 2014-06-16 17:22:44 ----DC---- C:\Windows\inf 2014-06-16 16:10:35 ----RDC---- C:\Program Files 2014-06-16 16:09:57 ----DC---- C:\Windows\system32\drivers 2014-06-14 15:10:04 ----DC---- C:\ProgramData 2014-06-14 15:03:34 ----DC---- C:\Windows\debug 2014-06-14 15:03:06 ----DC---- C:\Program Files (x86)\CCleaner 2014-06-14 15:01:39 ----DC---- C:\Windows\Prefetch 2014-06-14 14:51:46 ----AC---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-06-14 14:19:50 ----DC---- C:\AdwCleaner 2014-06-14 09:35:02 ----AC---- C:\Windows\system32\acovcnt.exe 2014-06-11 22:22:10 ----DC---- C:\Windows\system32\MRT 2014-06-11 22:21:58 ----AC---- C:\Windows\system32\MRT.exe 2014-06-11 22:21:05 ----DC---- C:\ProgramData\Microsoft Help 2014-06-10 18:07:45 ----DC---- C:\Windows\system32\catroot2 2014-06-06 09:17:42 ----DC---- C:\Users\Have0\AppData\Roaming\vlc 2014-06-05 22:12:16 ----DC---- C:\Users\Have0\AppData\Roaming\Epson 2014-05-31 11:07:07 ----AC---- C:\Windows\system32\PerfStringBackup.INI 2014-05-24 09:42:42 ----DC---- C:\Program Files (x86)\Common Files 2014-05-24 09:34:48 ----AC---- C:\Windows\win.ini 2014-05-24 09:11:40 ----DC---- C:\Windows\Microsoft.NET 2014-05-24 08:43:54 ----RSDC---- C:\Windows\assembly 2014-05-22 19:33:18 ----D---- C:\Windows\winsxs 2014-05-22 19:27:04 ----DC---- C:\Windows\SysWOW64 2014-05-22 19:26:52 ----RSDC---- C:\Windows\Fonts 2014-05-22 19:26:40 ----DC---- C:\Windows\ShellNew 2014-05-22 19:26:05 ----DC---- C:\Program Files (x86)\MSBuild 2014-05-22 19:23:46 ----DC---- C:\Program Files (x86)\Microsoft Office 2014-05-22 19:23:42 ----SDC---- C:\ProgramData\Microsoft 2014-05-22 19:23:41 ----DC---- C:\Program Files (x86)\Microsoft.NET 2014-05-22 19:23:41 ----DC---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-05-22 19:20:20 ----DC---- C:\Program Files\Common Files\Microsoft Shared ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440] R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-05-13 191768] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-05-13 323352] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-05-13 130328] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-05-13 31512] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-05-13 152344] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-05-13 236312] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-05-13 235800] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-05-13 273176] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2012-11-08 30568] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904] R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6038016] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416] R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-09 55296] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-12-28 82816] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-01-23 552448] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] S3 USB28xxBGA;DVBT Hybrid TV Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2007-08-31 581120] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2007-08-31 54400] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 203264] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-05-13 3644432] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-05-13 292424] R2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-14 262320] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-04-22 984392] S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-18 119408] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] -----------------EOF-----------------
-
U heeft gelijk probleem opgelost thanks.
-
Beste lezer, ik had mappen aangemaakt in outlook en daarin mailtjes naartoe verplaatst. Nu zie ik mijn mappen niet meer terug. Ik weet niet zeker ben ik ze nu kwijt of moet ik ergens een vinkje aanzetten of zo om ze weer te kunnen zien ? Alvast bedankt
-
Ik wil iemand een e-mail sturen maar ik krijg de e-mail terug. Ik heb dit vanaf mijn werk gedaan en vanaf privécomputer thuis. Eerst dacht ik dit komt omdat er in zijn e-mailadres geen @hotmail.nl, @ziggio.nl staat. Toch is dit niet het probleem omdat hij van anderen wel e-mail krijgt. Ik mail vanaf programma Outlook. En zowel op mijn werk als op mijn privecomputer krijg ik onderstaand bericht. Wie kan mijn helpen ? Uw bericht heeft enkele of alle geadresseerden niet bereikt. Onderwerp: Check Verzonden: 23-5-2014 16:00 De volgende geadresseerde(n) zijn niet bereikt: xxxxxapestaartjebezooijen-schreuders.nl op 23-5-2014 16:00 Serverfout: 501 <xxxxxapestaatjebezooijen-schreuders.nl?>: malformed address: ?> may not follow <xxxxxapestaartjebezooijen-schreuders.nl Alvast bedankt voor jullie reactie.
-
Beste lezer, ik heb mijn oude p.c. weggedaan. De e-mailadressen heb ik in Word uitgeprint. Wie weet hoe ik deze makkelijk in één keer naar Outlook kan brengen zodat ik niet hele lange lijst hoeft over te typen met kans op fouten ? Moet ik ze dan eerst van Word naar Excel kopiëren ? Hoe ? En dan naar Outlook hoe ? Of kan dit rechtstreeks van Word naar Outlook ? Bedankt alvast
-
Sorry na nog een keer uitgezet te hebben doet hij het toch weer zonder veilige modus.
-
Beste lezer/lezeres, mijn laptop stond vast ik heb hem uitgezet omdat hij volledig blokkeerde. Hij start nu niet meer op behalve in de veilige modus. Wie kan mij helpen ? Wat voor soort logfile moet ik plaatsen ? Alvast bedankt.
-
Een heel stuk beter thanks.
-
# AdwCleaner v3.023 - Report created 11/04/2014 at 18:17:01 # Updated 01/04/2014 by Xplode # Operating System : Windows 7 Home Premium (64 bits) # Username : Have0 - HAVE0-PC # Running from : C:\Users\Have0\Downloads\adwcleaner(1).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\AVG Secure Search ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7600.17267 -\\ Mozilla Firefox v28.0 (en-GB) [ File : C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default\prefs.js ] ************************* AdwCleaner[R0].txt - [1200 octets] - [23/12/2013 19:56:10] AdwCleaner[R1].txt - [977 octets] - [11/04/2014 18:13:50] AdwCleaner[s0].txt - [1224 octets] - [23/12/2013 19:56:59] AdwCleaner[s1].txt - [850 octets] - [11/04/2014 18:17:01] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [909 octets] ##########
-
# AdwCleaner v3.023 - Report created 11/04/2014 at 18:17:01 # Updated 01/04/2014 by Xplode # Operating System : Windows 7 Home Premium (64 bits) # Username : Have0 - HAVE0-PC # Running from : C:\Users\Have0\Downloads\adwcleaner(1).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\AVG Secure Search ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7600.17267 -\\ Mozilla Firefox v28.0 (en-GB) [ File : C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default\prefs.js ] ************************* AdwCleaner[R0].txt - [1200 octets] - [23/12/2013 19:56:10] AdwCleaner[R1].txt - [977 octets] - [11/04/2014 18:13:50] AdwCleaner[s0].txt - [1224 octets] - [23/12/2013 19:56:59] AdwCleaner[s1].txt - [850 octets] - [11/04/2014 18:17:01] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [909 octets] ##########
-
Beste Kape zie hieronder de nieuwe logfile. Ik hoop dat het goed is gegaan. Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Have0 on do 10-04-2014 at 16:33:37,04. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Have0\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-04-09-151132.log 11647 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== "C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default\extensions\add-to-searchbox@maltekraus.de.xpi" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "avg@igeared"="C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared" [20-09-2011 22:42] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default 95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash 2C82D753EF779945977C82A3908DA20A - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.90.5 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Have0\AppData\Local\Mozilla\Firefox\Profiles\7uw19joy.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=257 folders=54 11295515 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Have0\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Have0\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on do 10-04-2014 at 17:19:23,13 ======================
-
Als het goed is vind u hier de logfile Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Have0 on wo 09-04-2014 at 16:29:32,19. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Have0\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 9-4-2014 16:31:40 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Trend Micro deleted successfully C:\Users\Have0\AppData\Roaming\Vso deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2578091034-2730396283-2997144666-1001\Software\Microsoft\Internet Explorer\SearchScopes\{208FD7D7-E822-4AA6-8419-2B4C5ACC1D2B} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Have0\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Have0\AppData\Roaming ====== ====== C:\Users\Have0 ====== 2014-04-04 17:49:04 662C39FC1E27131551D557862CEC47F0 935175 -c--a-w- C:\Users\Have0\Downloads\RSITx64(1).exe 2014-04-04 17:43:22 662C39FC1E27131551D557862CEC47F0 935175 -c--a-w- C:\Users\Have0\Downloads\RSITx64.exe ====== C: exe-files == === C: other files == ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5" "UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\progra~3\\browse~1\\261519~1.190\\{c16c1~1\\browse~1.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EeeStorageBackup"="C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe" "ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "AdAwareTray"="C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HDAudDeck" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Xvid] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Xvid" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Xvid\\CheckUpdate.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\NewShortcut1.lnk" "backup"="C:\\Windows\\pss\\NewShortcut1.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\USB_VI~1\\Utility\\REMOTE~1\\BDAREM~1.EXE " "item"="NewShortcut1" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a--c--- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17-03-2014 22:02] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate 2" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\P4GIntlCtrl" [C:\Program Files\P4G\IntlCtrl.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\{A43D4B78-0311-4C53-983B-3317133FAC60}" [C:\Program Files (x86)\LG Software Innovations\1Click DVD Copy Pro\1ClickDvdCopyPro.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "avg@igeared"="C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared" [20-09-2011 22:42] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default - Add to Search Bar - %ProfilePath%\extensions\add-to-searchbox@maltekraus.de.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default 95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash 2C82D753EF779945977C82A3908DA20A - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.90.5 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Have0\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Have0\AppData\Local\Mozilla\Firefox\Profiles\7uw19joy.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=256 folders=54 11271351 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Have0\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot
-
Logfile of random's system information tool 1.09 (written by random/random) Run by Have0 at 2014-04-04 19:49:31 Microsoft Windows 7 Home Premium System drive C: has 28 GB (36%) free of 76 GB Total RAM: 4095 MB (44% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:49:37, on 4-4-2014 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe C:\Program Files\trend micro\Have0.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O18 - Protocol: linkscanner - (no CLSID) - (no file) O20 - AppInit_DLLs: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7555 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=3c3e4f02-fb7d-4904-aff5-c714f8170d4c /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\297a082e-a010-4069-8cb4-6c2cd8110d5a-13c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe" winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService atieclxx C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe" "C:\Program Files\ATKGFNEX\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "taskhost.exe" "C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe" "C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service Atouch64.exe ATKOSD.exe taskeng.exe {AF303CF1-D989-4811-A89B-E3CD272F4882} "C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe" "C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" "C:\Program Files\P4G\BatteryLife.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe" "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe" "C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" KBFiltr.exe WDC.exe "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" C:\Windows\Explorer.EXE "C:\Windows\system32\Dwm.exe" "C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe" "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe" "C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k SDRSVC "C:\Windows\system32\wuauclt.exe" "taskhost.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" C:\Windows\system32\AUDIODG.EXE 0x43c "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4088.116e0b00.1961024555 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4088 "\\.\pipe\gecko-crash-server-pipe.4088" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe" --proxy-stub-channel=Flash3096.6C0AC768.21415 --host-broker-channel=Flash3096.6C0AC768.80 --host-pid=3096 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe" --channel=5896.0033F224.2054290285 --proxy-stub-channel=Flash3096.6C0AC768.21415 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll" --host-npapi-version=27 --type=renderer C:\Windows\system32\wbem\wmiprvse.exe "C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt C:\Windows\system32\sppsvc.exe "C:\Users\Have0\Downloads\RSITx64(1).exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job =========Mozilla firefox========= ProfilePath - C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default prefs.js - "browser.search.useDBForOrder" - "false" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.77 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3] "Description"=Office Live Update v1.3 "Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.77 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0] "Description"= "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll C:\Program Files (x86)\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll NPOFFICE.DLL nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll QuickTimePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\7uw19joy.default\searchplugins\ google-.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "EeeStorageBackup"=C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [2009-08-25 947472] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856] "AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000] ""= [] "AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe [2013-10-18 2493272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe [2009-12-19 3058304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-11 2244608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk] C:\PROGRA~2\USB_VI~1\Utility\REMOTE~1\BDAREM~1.EXE [2005-08-19 77908] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] "UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408] "HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016] "ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392] "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-30 98304] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-03-19 4971024] "EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=16 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "vidc.XVID"=xvidvfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-04-04 19:43:51 ----DC---- C:\rsit 2014-03-18 21:38:59 ----DC---- C:\Program Files (x86)\Mozilla Firefox ======List of files/folders modified in the last 1 month====== 2014-04-04 19:49:34 ----DC---- C:\Program Files\trend micro 2014-04-04 19:42:39 ----DC---- C:\Windows 2014-04-04 19:42:37 ----DC---- C:\Windows\Temp 2014-04-04 18:13:23 ----DC---- C:\Windows\system32\Tasks 2014-04-04 17:59:12 ----DC---- C:\Windows\inf 2014-04-04 17:59:12 ----DC---- C:\Windows\debug 2014-04-04 17:57:56 ----DC---- C:\ProgramData\MFAData 2014-04-04 11:33:33 ----DC---- C:\Windows\system32\config 2014-04-04 10:44:56 ----DC---- C:\Windows\System32 2014-04-04 10:44:56 ----AC---- C:\Windows\system32\PerfStringBackup.INI 2014-04-02 20:48:29 ----DC---- C:\Windows\Prefetch 2014-03-31 21:07:31 ----SHDC---- C:\Windows\Installer 2014-03-31 21:07:21 ----DC---- C:\Config.Msi 2014-03-31 21:06:57 ----DC---- C:\Windows\system32\drivers 2014-03-31 21:02:13 ----SHD---- C:\System Volume Information 2014-03-25 21:52:01 ----DC---- C:\Windows\system32\MRT 2014-03-24 21:38:21 ----DC---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-23 20:33:05 ----RDC---- C:\Program Files (x86) 2014-03-23 20:30:58 ----DC---- C:\Windows\system32\catroot2 2014-03-18 21:32:01 ----DC---- C:\Program Files\Microsoft Silverlight 2014-03-18 21:31:55 ----DC---- C:\Program Files (x86)\Microsoft Silverlight 2014-03-17 22:02:59 ----DC---- C:\Windows\SysWOW64 2014-03-17 22:02:39 ----AC---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-03-17 21:05:43 ----DC---- C:\Windows\system32\NDF ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440] R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-11-25 196376] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-25 150808] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 243480] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-11-01 212280] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2012-11-08 30568] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904] R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6038016] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416] R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-09 55296] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-12-28 82816] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400] R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2013-07-17 329800] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-01-23 552448] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] S3 USB28xxBGA;DVBT Hybrid TV Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2007-08-31 581120] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2007-08-31 54400] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 203264] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-02-23 3782672] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008] R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe [2013-10-18 517344] S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-17 257928] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-04-22 984392] S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-18 118896] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1255736] -----------------EOF-----------------
-
Beste lezer/lezeres, kan ik hier een logfile plaatsen die iemand nakijkt ? Ik heb het idee dat mijn laptop op internet trager aan het reageren is. Ik weet niet via welk link ook al weer een logfile kan plaatsen. Alvast bedankt voor jullie aandacht.
-
Beste Kape, zoals ik van u gewend ben de afgelopen jaren, heeft u mij weer uitstekend geholpen. Heer hartelijk bedankt !!!
-
Beste Kape, zie hieronder de logfile. # AdwCleaner v3.019 - Report created 22/02/2014 at 07:55:38 # Updated 17/02/2014 by Xplode # Operating System : Microsoft Windows XP Service Pack 3 (32 bits) # Username : Fam. Haverkamp - FAM-8CE7DC89595 # Running from : C:\Documents and Settings\Fam. Haverkamp\Bureaublad\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Deleted : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\z55pe2gy.default-1380897096312\user.js ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\Documents and Settings\Fam. Haverkamp\Bureaublad\Google Chrome.lnk Shortcut Disinfected : C:\Documents and Settings\Fam. Haverkamp\Bureaublad\Mozilla Firefox.lnk ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} Key Deleted : HKLM\Software\Desksvc Key Deleted : HKLM\Software\hdcode Key Deleted : HKLM\Software\supWPM Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9 ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Mozilla Firefox v4.0 (nl) [ File : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\z55pe2gy.default-1380897096312\prefs.js ] -\\ Google Chrome v32.0.1700.107 [ File : C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] Deleted : homepage Deleted : search_url Deleted : keyword Deleted : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [7100 octets] - [29/09/2013 12:31:26] AdwCleaner[R10].txt - [377 octets] - [09/10/2013 15:55:46] AdwCleaner[R11].txt - [392 octets] - [09/10/2013 16:00:10] AdwCleaner[R12].txt - [6640 octets] - [09/10/2013 19:19:13] AdwCleaner[R13].txt - [2620 octets] - [14/10/2013 18:14:22] AdwCleaner[R14].txt - [2284 octets] - [17/10/2013 19:20:53] AdwCleaner[R15].txt - [2387 octets] - [24/10/2013 16:20:59] AdwCleaner[R16].txt - [2418 octets] - [25/10/2013 15:57:02] AdwCleaner[R17].txt - [2569 octets] - [27/10/2013 20:17:58] AdwCleaner[R18].txt - [2601 octets] - [28/10/2013 19:11:05] AdwCleaner[R19].txt - [2723 octets] - [01/11/2013 21:14:51] AdwCleaner[R1].txt - [7145 octets] - [29/09/2013 18:57:04] AdwCleaner[R20].txt - [2845 octets] - [02/11/2013 20:12:00] AdwCleaner[R21].txt - [9917 octets] - [28/11/2013 16:13:30] AdwCleaner[R22].txt - [392 octets] - [11/12/2013 17:46:21] AdwCleaner[R23].txt - [392 octets] - [11/12/2013 17:46:53] AdwCleaner[R24].txt - [4733 octets] - [11/12/2013 18:05:14] AdwCleaner[R25].txt - [3332 octets] - [13/12/2013 15:37:12] AdwCleaner[R26].txt - [3454 octets] - [20/12/2013 15:05:39] AdwCleaner[R27].txt - [3762 octets] - [05/01/2014 19:29:35] AdwCleaner[R28].txt - [5253 octets] - [22/02/2014 07:38:59] AdwCleaner[R2].txt - [1139 octets] - [29/09/2013 19:26:50] AdwCleaner[R3].txt - [1137 octets] - [29/09/2013 19:33:21] AdwCleaner[R4].txt - [1257 octets] - [29/09/2013 19:40:08] AdwCleaner[R5].txt - [1377 octets] - [29/09/2013 19:47:17] AdwCleaner[R6].txt - [1467 octets] - [04/10/2013 15:41:48] AdwCleaner[R7].txt - [2593 octets] - [06/10/2013 19:17:17] AdwCleaner[R8].txt - [2808 octets] - [06/10/2013 21:15:11] AdwCleaner[R9].txt - [1692 octets] - [06/10/2013 21:21:18] AdwCleaner[s0].txt - [7348 octets] - [29/09/2013 18:59:22] AdwCleaner[s10].txt - [2635 octets] - [27/10/2013 20:40:16] AdwCleaner[s11].txt - [2663 octets] - [28/10/2013 19:12:49] AdwCleaner[s12].txt - [2785 octets] - [01/11/2013 21:19:05] AdwCleaner[s13].txt - [2907 octets] - [02/11/2013 20:14:43] AdwCleaner[s14].txt - [10053 octets] - [28/11/2013 16:15:31] AdwCleaner[s15].txt - [4837 octets] - [11/12/2013 19:55:25] AdwCleaner[s16].txt - [3394 octets] - [13/12/2013 15:39:10] AdwCleaner[s17].txt - [3516 octets] - [20/12/2013 15:07:32] AdwCleaner[s18].txt - [3824 octets] - [05/01/2014 19:32:42] AdwCleaner[s19].txt - [4509 octets] - [22/02/2014 07:55:38] AdwCleaner[s1].txt - [1205 octets] - [29/09/2013 19:28:29] AdwCleaner[s2].txt - [1199 octets] - [29/09/2013 19:35:38] AdwCleaner[s3].txt - [1319 octets] - [29/09/2013 19:42:39] AdwCleaner[s4].txt - [2765 octets] - [06/10/2013 21:16:55] AdwCleaner[s5].txt - [1753 octets] - [06/10/2013 21:24:19] AdwCleaner[s6].txt - [6745 octets] - [09/10/2013 19:40:43] AdwCleaner[s7].txt - [2696 octets] - [14/10/2013 18:16:14] AdwCleaner[s8].txt - [2348 octets] - [17/10/2013 19:22:49] AdwCleaner[s9].txt - [2451 octets] - [24/10/2013 16:22:57] ########## EOF - C:\AdwCleaner\AdwCleaner[s19].txt - [5110 octets] ##########
-
Beste Kape, zie hieronder de logfile. Zoek.exe v5.0.0.0 Updated 19-February-2014 Tool run by Fam. Haverkamp on vr 21-02-2014 at 19:27:39,79. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Fam. Haverkamp\Bureaublad\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-01-03-163125.log 45675 bytes C:\zoek-results2014-01-05-102710.log 1295 bytes C:\zoek-results2014-02-21-171321.log 65463 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desk 365] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Torntv Downloader] ==== Deleting Files \ Folders ====================== C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} not found C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\z55pe2gy.default-1380897096312\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384...5838c5b707.com not found C:\Program Files\Desk 365 not found C:\Program Files\TornTV.com not found C:\Program Files\Common Files\337 not found C:\Program Files\Mobogenie not found C:\Documents and Settings\All Users\Application Data\WPM not found ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\FAM~1.HAV\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-01-27 21:27:35 -------- dc----w- C:\Program Files\SABnzbd ======= C: ===== ====== C:\Documents and Settings\Fam. Haverkamp\Application Data ====== 2014-01-27 21:28:37 -------- dc----w- C:\Documents and Settings\FAM~1.HAV\Local Settings\Application Data\sabnzbd 2014-01-27 21:28:37 -------- dc----w- C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\sabnzbd 2014-01-27 21:27:59 -------- dc----w- C:\Documents and Settings\FAM~1.HAV\Menu Start\Programma's\SABnzbd 2014-01-27 21:27:59 -------- dc----w- C:\Documents and Settings\Fam. Haverkamp\Menu Start\Programma's\SABnzbd ====== C:\Documents and Settings\Fam. Haverkamp ====== 2014-02-21 10:22:03 69CA82A7482A00D8EE063D2B97FC4338 781383 -c--a-w- C:\Documents and Settings\FAM~1.HAV\Bureaublad\RSIT.exe 2014-02-21 10:22:03 69CA82A7482A00D8EE063D2B97FC4338 781383 -c--a-w- C:\Documents and Settings\Fam. Haverkamp\Bureaublad\RSIT.exe 2014-02-20 18:02:19 -------- dc-h--r- C:\Documents and Settings\FAM~1.HAV\Onlangs geopend 2014-02-20 18:02:19 -------- dc-h--r- C:\Documents and Settings\Fam. Haverkamp\Onlangs geopend ====== C: exe-files == 2014-02-21 10:22:03 69CA82A7482A00D8EE063D2B97FC4338 781383 -c--a-w- C:\Documents and Settings\Fam. Haverkamp\Bureaublad\RSIT.exe 2014-02-20 17:54:17 755246A3D44BFDB8A66DB8C19122724B 4721920 -c--a-w- C:\Documents and Settings\Fam. Haverkamp\Mijn documenten\Downloads\ccsetup410.exe 2014-02-15 15:10:36 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 -c--atw- C:\Program Files\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe 2014-02-15 15:10:36 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 -c--atw- C:\Program Files\Google\Update\1.3.22.5\GoogleUpdateBroker.exe 2014-02-15 15:10:34 BA5C08130D2EFBD4E546912646DC4461 847640 -c--a-w- C:\Program Files\Google\Update\1.3.22.5\GoogleUpdateSetup.exe 2014-02-15 15:10:25 EA8B5B41163A06FFA8930F5316473035 273800 -c--atw- C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler64.exe 2014-02-15 15:10:25 C98ACDE22458C8F46FD0503CB9E2D01F 223112 -c--atw- C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe 2014-02-15 15:10:25 506708142BC63DABA64F2D3AD1DCD5BF 116648 -c--atw- C:\Program Files\Google\Update\1.3.22.5\GoogleUpdate.exe 2014-02-15 15:10:10 BA5C08130D2EFBD4E546912646DC4461 847640 -c--a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-1123561945-299502267-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "uTorrent"="C:\Documents and Settings\Fam. Haverkamp\Application Data\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WUAppSetup"="C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WUAppSetup"="C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "nmctxth"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY" "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "uTorrent"="C:\Documents and Settings\Fam. Haverkamp\Application Data\uTorrent\uTorrent.exe /MINIMIZED" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BluetoothAuthenticationAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BluetoothAuthenticationAgent" "hkey"="HKLM" "command"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ChkAdmin] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CHKADMIN" "hkey"="HKLM" "command"="C:\\PROGRA~1\\Compaq\\COMPAQ~1\\CHKADMIN.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXMediaServer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DivXMediaServer" "hkey"="HKLM" "command"="C:\\Program Files\\DivX\\DivX Media Server\\DivXMediaServer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DivXUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\dvd43] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dvd43_tray" "hkey"="HKLM" "command"="C:\\Program Files\\dvd43\\dvd43_tray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Easy Driver Pro] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DPLauncher" "hkey"="HKCU" "command"="C:\\Program Files\\Probit Software\\Easy Driver Pro\\DPLauncher.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EEventManager" "hkey"="HKLM" "command"="\"C:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPSON SX440 Series] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EPSON SX440 Series" "hkey"="HKCU" "command"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIHBE.EXE /FU \"C:\\DOCUME~1\\FAM~1.HAV\\LOCALS~1\\Temp\\E_SB7.tmp\" /EF \"HKCU\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nmapp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nmapp" "hkey"="HKLM" "command"="\"C:\\Program Files\\Pure Networks\\Network Magic\\nmapp.exe\" -autorun -nosplash" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SSBkgdUpdate] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SSBkgdupdate" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" -Embedding -boot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="jusched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Documents and Settings\\Fam. Haverkamp\\Application Data\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Bluetooth Manager.lnk" "backup"="C:\\WINDOWS\\pss\\Bluetooth Manager.lnkCommon Startup" "command"="C:\\PROGRA~1\\Toshiba\\BLUETO~1\\TosBtMng.exe " "item"="Bluetooth Manager" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Statusvenster.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Statusvenster.lnk" "backup"="C:\\WINDOWS\\pss\\Statusvenster.lnkCommon Startup" "command"="C:\\PROGRA~1\\Brother\\Brmfcmon\\BrMfcWnd.exe Brother DCP-115C /STARTUP" "item"="Statusvenster" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a--c--- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [21-02-2014 15:37] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a--c--- C:\Program Files\Google\Update\GoogleUpdate.exe [28-12-2013 18:57] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a--c--- C:\Program Files\Google\Update\GoogleUpdate.exe [28-12-2013 18:57] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5" [07-12-2012 17:16] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\z55pe2gy.default-1380897096312 D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash A9C86900D2A61728C8326FE7147617C5 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update AC987EE8037531807C5D7E6217A23501 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat EB41064BC07017F5694CF16B4DEF6B10 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In 8830A12FA2B2F7B9B1D7B04B56E7469F - C:\Program Files\Java\jre7\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.0.147 C617E32F8BA7EAF1245290CE70FA3568 - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll - Java Platform SE 7 A66A630E101E7B5CF0946F34935660CC - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in D8A3FDE47CBDC2D6DFAC14243050526B - C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll - WPI Detector 1.4 EE1EDEB16C357AACFE1188E599F2F793 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.9 C41576CBD076B6895C20B465CDC26958 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.9 D8F8E45ACC404661CF0787F2A0888180 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.9 7B55FEF2BA47A2420BB49CD93320077A - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.9 D9F5A433758BC151850E53690D57663A - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.9 2FE95733EB36CD762EAE54BBE9D8B11C - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.9 8FD41344CB62DDB06E2A339F2C5F1947 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.9 AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12-12-2011 14:13] Google Docs - Fam. Haverkamp\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Fam. Haverkamp\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Fam. Haverkamp\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Fam. Haverkamp\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Fam. Haverkamp\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda DivX Plus Web Player HTML5 \u003Cvideo\u003E - Fam. Haverkamp\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - Fam. Haverkamp\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - FAM~1.HAV\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - FAM~1.HAV\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - FAM~1.HAV\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - FAM~1.HAV\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - FAM~1.HAV\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda DivX Plus Web Player HTML5 \u003Cvideo\u003E - FAM~1.HAV\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - FAM~1.HAV\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Fam. Haverkamp\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\FAM~1.HAV\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Fam. Haverkamp\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\FAM~1.HAV\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\Mozilla\Firefox\Profiles\z55pe2gy.default-1380897096312\Cache emptied successfully C:\Documents and Settings\FAM~1.HAV\Local Settings\Application Data\Mozilla\Firefox\Profiles\z55pe2gy.default-1380897096312\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\FAM~1.HAV\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1402 folders=163 122486380 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\Fam. Haverkamp\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\Documents and Settings\FAM~1.HAV\Local Settings\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\FAM~1.HAV\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Fam. Haverkamp\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\FAM~1.HAV\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\Fam. Haverkamp\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\FAM~1.HAV\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on vr 21-02-2014 at 20:40:38,39 ======================
-
Beste Kape, als het goed is, is dit de logfile. Logfile of random's system information tool 1.09 (written by random/random) Run by Fam. Haverkamp at 2014-02-21 11:23:52 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 15 GB (43%) free of 34 GB Total RAM: 2039 MB (52% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:24:20, on 21-2-2014 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2014\avgrsx.exe C:\Program Files\AVG\AVG2014\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\AVG\AVG2014\avgui.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AVG\AVG2014\avgidsagent.exe C:\Program Files\AVG\AVG2014\avgwdsvc.exe C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe C:\Program Files\AVG\AVG2014\avgnsx.exe C:\Program Files\AVG\AVG2014\avgemcx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AVG\AVG2014\avgcsrvx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Fam. Haverkamp\Mijn documenten\Downloads\RSIT.exe C:\Program Files\trend micro\Fam. Haverkamp.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1390737131&from=ild&uid=ST360012A_3KC22LSL&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Fam. Haverkamp\Application Data\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1375002329359 O18 - Protocol: linkscanner - (no CLSID) - (no file) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Compaq Local Alerter (CPQALERT) - Hewlett-Packard Company - C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe -- End of file - 7697 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\z55pe2gy.default-1380897096312 prefs.js - "browser.search.useDBForOrder" - "false" prefs.js - "browser.startup.homepage" - "www.nu.nl" "{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.44 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0] "Description"=DivX Plus Web Player "Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] "Description"=DivX VOD Helper Plug-in "Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/wpi,version=1.4] "Description"= "Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt C:\Program Files\Mozilla Firefox\plugins\ np-mswmp.dll npdeployJava1.dll NPOFFICE.DLL nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll QuickTimePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\z55pe2gy.default-1380897096312\extensions\ e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\z55pe2gy.default-1380897096312\searchplugins\ Google.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}] DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 319488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-28 56712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 319488] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-18 57393] "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-18 40960] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240] "nmctxth"=C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [2009-07-07 647216] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-21 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-21 126976] "AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-11-07 4956176] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360] "uTorrent"=C:\Documents and Settings\Fam. Haverkamp\Application Data\uTorrent\uTorrent.exe [2013-11-17 904272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] bthprops.cpl,,BluetoothAuthenticationAgent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE [2002-08-13 81920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desk 365] C:\Program Files\Desk 365\desk365.exe /autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2012-11-13 450560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2012-11-30 1263512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43] C:\Program Files\dvd43\dvd43_tray.exe [2009-10-23 827904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy Driver Pro] C:\Program Files\Probit Software\Easy Driver Pro\DPLauncher.exe [2013-05-05 198960] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX440 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBE.EXE [2011-01-21 212480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe [2009-07-08 472112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-05-04 252136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Torntv Downloader] C:\Program Files\TornTV.com\Torntv Downloader.exe /c=startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] C:\Documents and Settings\Fam. Haverkamp\Application Data\uTorrent\uTorrent.exe [2013-11-17 904272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk] C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2005-07-07 487424] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Statusvenster.lnk] C:\PROGRA~1\Brother\Brmfcmon\BrMfcWnd.exe Brother DCP-115C /STARTUP [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "vToolbarUpdater"=2 "AdvancedSystemCareService5"=2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2005-06-21 348160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoInstrumentation"=1 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoResolveSearch"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" "C:\Documents and Settings\Fam. Haverkamp\Mijn documenten\Downloads\solutoinstaller-j7SRa5z2T4.exe"="C:\Documents and Settings\Fam. Haverkamp\Mijn documenten\Downloads\solutoinstaller-j7SRa5z2T4.exe:*:Enabled:SolutoInstaller" "C:\Documents and Settings\Fam. Haverkamp\Mijn documenten\Downloads\solutoinstaller-Xc32NqTd17.exe"="C:\Documents and Settings\Fam. Haverkamp\Mijn documenten\Downloads\solutoinstaller-Xc32NqTd17.exe:*:Enabled:SolutoInstaller" "C:\Program Files\EPSON Software\Event Manager\EEventManager.exe"="C:\Program Files\EPSON Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application" "C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Installer voor AVG" "C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Installer voor AVG" "C:\Documents and Settings\Fam. Haverkamp\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Fam. Haverkamp\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield" "C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014" "C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Persoonlijke e-mailscanner" "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "VIDC.I420"=lvcodec2.dll "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "VIDC.YVYU"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "MSVideo"=vfwwdm32.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux2"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux3"=wdmaud.drv "vidc.DIVX"=DivX.dll "vidc.yv12"=DivX.dll "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "aux4"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2014-02-15 10:42:09 ----DC---- C:\Program Files\Mozilla Firefox 2014-02-14 18:50:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$ 2014-01-27 22:27:35 ----DC---- C:\Program Files\SABnzbd 2014-01-26 12:56:14 ----DC---- C:\Program Files\Common Files\337 2014-01-26 12:55:42 ----DC---- C:\Program Files\Mobogenie 2014-01-26 12:54:24 ----DC---- C:\Documents and Settings\All Users\Application Data\WPM ======List of files/folders modified in the last 1 month====== 2014-02-21 11:24:03 ----DC---- C:\Program Files\Trend Micro 2014-02-21 11:23:44 ----DC---- C:\WINDOWS\Temp 2014-02-21 10:18:31 ----DC---- C:\Documents and Settings\Fam. Haverkamp\Application Data\uTorrent 2014-02-21 09:31:43 ----DC---- C:\WINDOWS\system32\CatRoot2 2014-02-21 09:31:26 ----DC---- C:\Documents and Settings\All Users\Application Data\MFAData 2014-02-21 09:25:11 ----DC---- C:\WINDOWS 2014-02-20 23:28:45 ----AC---- C:\WINDOWS\SchedLgU.Txt 2014-02-20 19:02:20 ----DC---- C:\WINDOWS\Debug 2014-02-20 18:57:30 ----DC---- C:\Program Files\CCleaner 2014-02-19 22:20:25 ----DC---- C:\WINDOWS\system32\drivers 2014-02-16 19:58:58 ----RDC---- C:\WINDOWS\Web 2014-02-15 20:16:32 ----RDC---- C:\Program Files 2014-02-15 16:15:05 ----SHDC---- C:\WINDOWS\Installer 2014-02-15 16:15:04 ----DC---- C:\Config.Msi 2014-02-14 20:36:30 ----RSDC---- C:\WINDOWS\assembly 2014-02-14 19:59:50 ----DC---- C:\WINDOWS\Microsoft.NET 2014-02-14 19:39:25 ----DC---- C:\WINDOWS\system32 2014-02-14 18:50:45 ----HDC---- C:\WINDOWS\inf 2014-02-14 18:50:41 ----RSHDC---- C:\WINDOWS\system32\dllcache 2014-02-14 18:34:04 ----DC---- C:\WINDOWS\WinSxS 2014-02-14 18:33:32 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2014-02-14 18:19:45 ----DC---- C:\WINDOWS\system32\MRT 2014-02-14 18:12:05 ----AC---- C:\WINDOWS\system32\MRT.exe 2014-02-14 17:51:24 ----DC---- C:\Program Files\Internet Explorer 2014-02-14 17:51:03 ----DC---- C:\WINDOWS\ie8updates 2014-02-06 04:38:34 ----AC---- C:\WINDOWS\system32\wininet.dll 2014-02-06 00:08:31 ----C---- C:\WINDOWS\system32\occache.dll 2014-02-06 00:08:31 ----C---- C:\WINDOWS\system32\mstime.dll 2014-02-06 00:08:31 ----C---- C:\WINDOWS\system32\mshtmled.dll 2014-02-06 00:08:31 ----C---- C:\WINDOWS\system32\licmgr10.dll 2014-02-06 00:08:31 ----C---- C:\WINDOWS\system32\jsproxy.dll 2014-02-06 00:08:31 ----C---- C:\WINDOWS\system32\iepeers.dll 2014-02-06 00:08:31 ----C---- C:\WINDOWS\system32\iedkcs32.dll 2014-02-06 00:08:31 ----AC---- C:\WINDOWS\system32\urlmon.dll 2014-02-06 00:08:31 ----AC---- C:\WINDOWS\system32\url.dll 2014-02-06 00:08:31 ----AC---- C:\WINDOWS\system32\mshtml.dll 2014-02-06 00:08:31 ----AC---- C:\WINDOWS\system32\msfeedsbs.dll 2014-02-06 00:08:31 ----AC---- C:\WINDOWS\system32\msfeeds.dll 2014-02-06 00:08:31 ----AC---- C:\WINDOWS\system32\iertutil.dll 2014-02-06 00:08:31 ----AC---- C:\WINDOWS\system32\ieframe.dll 2014-02-06 00:08:31 ----AC---- C:\WINDOWS\system32\corpol.dll 2014-02-05 23:29:26 ----C---- C:\WINDOWS\system32\ie4uinit.exe 2014-02-05 19:37:59 ----AC---- C:\WINDOWS\system32\FlashPlayerApp.exe 2014-02-02 19:32:31 ----DC---- C:\Documents and Settings\Fam. Haverkamp\Application Data\vlc 2014-02-02 17:21:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$ 2014-02-02 12:11:46 ----AC---- C:\WINDOWS\win.ini 2014-02-02 12:11:46 ----AC---- C:\WINDOWS\system.ini 2014-02-01 17:17:18 ----SDC---- C:\WINDOWS\Tasks 2014-01-28 20:00:13 ----DC---- C:\Documents and Settings\All Users\Application Data\1click dvd copy 2014-01-26 12:56:14 ----DC---- C:\Program Files\Common Files 2014-01-26 12:55:24 ----RSDC---- C:\WINDOWS\Fonts 2014-01-26 12:54:57 ----AC---- C:\WINDOWS\system32\msvcr100.dll 2014-01-26 12:54:57 ----AC---- C:\WINDOWS\system32\msvcp100.dll 2014-01-24 20:06:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$ ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2013-10-24 147768] R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2013-10-31 222520] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2013-10-01 102712] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2013-09-10 27448] R0 ohci1394;NEC FireWarden OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-15 61696] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-12-15 477240] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2013-11-05 120600] R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2013-11-04 209176] R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2013-09-17 22840] R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2013-10-31 176952] R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-08-01 193848] R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys [] R1 ClntMgmt;Compaq Client Management Driver; C:\WINDOWS\System32\Drivers\ClntMgmt.sys [2002-05-10 54272] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40448] R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-04 62799] R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-15 12032] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2008-04-14 11868] R2 PfFilter;PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys [] R2 pnarp;Pure Networks Device Discovery Driver; C:\WINDOWS\system32\DRIVERS\pnarp.sys [2009-07-07 25392] R2 purendis;Pure Networks Wireless Driver; C:\WINDOWS\system32\DRIVERS\purendis.sys [2009-07-07 26672] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-10-01 2279424] R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-15 60800] R3 dvd43llh;dvd43llh; C:\WINDOWS\System32\DRIVERS\dvd43llh.sys [2012-11-19 18816] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2008-04-14 1041536] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2008-04-14 220032] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-21 807998] R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-15 61824] R3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992] R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-03-30 47230] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-15 20608] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2008-04-14 685056] S0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [] S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295] S3 BthEnum;Stuurprogramma voor Bluetooth-aanvraagblok; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024] S3 BTHMODEM;Communicatiestuurprogramma voor Bluetooth-modem; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888] S3 BthPan;Bluetooth-apparaat (PAN - Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120] S3 BTHPORT;Poortstuurprogramma voor Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272640] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio's; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944] S3 catchme;catchme; \??\C:\DOCUME~1\FAM~1.HAV\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 cpuz135;cpuz135; \??\C:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys [] S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\H:\Everest Ultimate Edition 4.60 build 1500\kerneld.wnt [] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-05-11 41888] S3 LVUVC;Logitech QuickCam Pro 5000(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-05-11 3580832] S3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2012-11-21 47360] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-16 2851] S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-08-26 108672] S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531] S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2005-06-27 53504] S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612] S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-06 50048] S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2005-09-13 34816] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160] S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976] S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 usbvideo;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008] S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2013-07-10 11520] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008] R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336] R2 CPQALERT;Compaq Local Alerter; C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe [2002-08-13 512000] R2 cpqdmi;cpqdmi; C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe [2002-08-13 20480] R2 cpqWebDmi;Compaq DMI Web Agent; C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe [2002-08-13 24576] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-12-28 161664] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 nmservice;Pure Networks Platform Service; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [2012-06-09 647216] R2 WDDriveService;WD Drive Manager; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [2013-07-10 270704] R2 WIN32SL;Win32Sl; C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe [2001-04-11 215552] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-28 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928] S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-28 116648] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-15 14336] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------
-
Beste lezer/lezeres, de laatste tijd krijg ik bij diverse pagina's op internet automatisch een popup De pagina "register with unibet €5". Ik kan hem wel weg wegklikken maar het is erg vervelend. Wat voor soort logfile moet ik plaatsen voor dit probleem ? Is het een virus ? Ik gebruik wel AVG free en malware anti mailware. Alvast bedankt voor jullie tijd.
-
Perfect, eindelijk van die vervelende foutmeldingen af. Superbedankt Kape !!!! - - - Updated - - - Vanwege de altijd fantastische hulp heb ik een kleine financiele bijdrage overgemaakt. Ik weet niet wat ik zonder jullie moet beginnen. Al zo vaak goeie hulp gehad. Kape en anderen bedankt !!!!
-
Beste Kape, zie onderstaande logfile. Zoek.exe v5.0.0.0 Updated 05-Januari-2014 Tool run by Fam. Haverkamp on zo 05-01-2014 at 11:22:21,53. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Fam. Haverkamp\Bureaublad\zoek.com [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-01-03-163125.log 45675 bytes ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TuneUp.UtilitiesSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TuneUp.UtilitiesSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TuneUpUtilitiesDrv deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TuneUpUtilitiesDrv deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iLivid] ==== Deleting Files \ Folders ====================== C:\Program Files\AVG\AVG PC TuneUp deleted ==== C:\zoek_backup content ====================== C:\zoek_backup (files=140 folders=18 90597782 bytes) ==== EOF on zo 05-01-2014 at 11:27:10,07 ======================
-
Als het goed is staan er 3 bijlages in dit bericht. De 4e komt nog. screenshot 3.bmp screenshot 2.bmp screenshot 1.bmp
-
Beste Kape, screenshots zijn toch gelukt ik heb ze opgeslagen in bestand van programma paint. Kan ik deze dan mailen of hoe krijg ik deze bestanden bij u ?
