Politievirus/Ukash

[Borre1487]

Hallo,

vorig jaar had ik al eens last van hetzelfde probleem, deze keer ben ik weer getroffen.

Hieronder kan je het logje vinden :

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:48:21, on 12-10-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16514)

Boot mode: Normal

Running processes:

D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe

C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

G:\TXT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: Shell=C:\PROGRA~3\wavav0bdtzbtb43b.bat

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKCU\..\Run: [EADM] "D:\Program Files\Origin\Origin.exe" -AutoStart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?')

O4 - S-1-5-21-3022008148-1341554004-2509797194-1000 Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe (User '?')

O4 - Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)

O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing)

O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe

O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9993 bytes

Kunnen jullie hierbij helpen ?

Alvast bedankt en vriendelijke groet,

Nick

[kape]

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: Shell=C:\PROGRA~3\wavav0bdtzbtb43b.bat

O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)

O4 - S-1-5-21-3022008148-1341554004-2509797194-1000 Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe (User '?')

O4 - Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe

O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)

O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download MalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

• Update MalwareBytes' Anti-Malware
  
• Start MalwareBytes' Anti-Malware
  
• Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.
  

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  
• Druk vervolgens op "Scannen" om de scan te starten.
  
• Het scannen kan een tijdje duren, dus wees geduldig.
  
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  
• Herstart de computer indien nodig en post hierna de log in het volgende bericht, samen met een nieuw logje van HijackThis.
  

[Borre1487]

Hier zijn de twee logs :

Malwarebytes Anti-Malware 1.75.0.1300

Malwarebytes : Free anti-malware download

Databaseversie: v2013.10.12.04

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Gebruiker :: GEBRUIK-YXSGZML [administrator]

12-10-2013 18:02:11

mbam-log-2013-10-12 (18-02-11).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 223484

Verstreken tijd: 3 minuut/minuten, 59 seconde(n)

Geheugenprocessen gedetecteerd: 1

C:\Users\Gebruiker\AppData\Local\FilesFrog Update Checker\update_checker.exe (PUP.Optional.FilesFrog.A) -> 4932 -> Zal worden verwijderd tijdens het herstarten.

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 14

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\CrossriderApp0043905.BHO (PUP.Optional.CrossRider.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\CrossriderApp0043905.BHO.1 (PUP.Optional.CrossRider.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\CrossriderApp0043905.Sandbox (PUP.Optional.CrossRider.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\CrossriderApp0043905.Sandbox.1 (PUP.Optional.CrossRider.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCU\SOFTWARE\BI (PUP.Optional.FilesFrog.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCU\SOFTWARE\SOMOTO\SDP (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\Software\a2zLyrics-15 (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\CLSID\{11111111-1111-1111-1111-110411391105} (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\TypeLib\{44444444-4444-4444-4444-440444394405} (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\Interface\{55555555-5555-5555-5555-550455395505} (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411391105} (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411391105} (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a2zLyrics-15 (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 3

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SDP (PUP.Optional.FilesFrog.A) -> Data: C:\Users\Gebruiker\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto -> Succesvol in quarantaine geplaatst en verwijderd.

HKCU\Software\BI|ui_path_filesfrog (PUP.Optional.FilesFrog.A) -> Data: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker -> Succesvol in quarantaine geplaatst en verwijderd.

HKCU\Software\Somoto\SDP|affid (PUP.Optional.Somoto.A) -> Data: awbe7zip55480 -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 3

C:\Users\Gebruiker\AppData\Local\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> Zal worden verwijderd tijdens het herstarten.

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15 (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 36

C:\ProgramData\vdoqehrf.plz (Trojan.Ransom.ED) -> Zal worden verwijderd tijdens het herstarten.

C:\Users\Gebruiker\AppData\Local\FilesFrog Update Checker\update_checker.exe (PUP.Optional.FilesFrog.A) -> Zal worden verwijderd tijdens het herstarten.

C:\ProgramData\frheqodv.pzz (Trojan.FakeMS) -> Zal worden verwijderd tijdens het herstarten.

C:\Users\Gebruiker\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe (Heuristics.Shuriken) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Local\Temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Local\Temp\biclient.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Local\Temp\MoviesToolbarSetup_Somoto29_9_13.exe (PUP.Optional.MoviesToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Local\Temp\UpdateCheckerSetup.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Local\Temp\~tmf2210712375808886953.dll (Trojan.Ransom.ED) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\Downloads\7ZipSetup.exe (PUP.Optional.Somoto) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Local\Bundled software uninstaller\biclient.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Local\FilesFrog Update Checker\uninstall.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Windows\Tasks\a2zLyrics-15-codedownloader.job (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Windows\Tasks\a2zLyrics-15-enabler.job (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Windows\Tasks\a2zLyrics-15-firefoxinstaller.job (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Windows\Tasks\a2zLyrics-15-updater.job (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk (PUP.Optional.FilesFrog.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk (PUP.Optional.FilesFrog.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\43905.xpi (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-bg.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-bho.dll (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-bho64.dll (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-buttonutil.dll (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-buttonutil.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-buttonutil64.dll (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-buttonutil64.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-codedownloader.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-enabler.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-firefoxinstaller.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-helper.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-updater.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15.ico (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\background.html (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\Installer.log (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\Uninstall.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files (x86)\a2zLyrics-15\utils.exe (PUP.Optional.A2ZLyrics.A) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:16:46, on 12-10-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16514)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

D:\Program Files\Origin\Origin.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe

D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

G:\TXT\HijackThis.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKCU\..\Run: [EADM] "D:\Program Files\Origin\Origin.exe" -AutoStart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?')

O4 - S-1-5-21-3022008148-1341554004-2509797194-1000 Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe (User '?')

O4 - Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing)

O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe

O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9104 bytes

Bij het opstarten kreeg ik ook het volgende RunDLL-bericht : "Er is een probleem opgetreden tijdens het starten van C:\PROGRA~3\vdoqehrf.plz. Kan opgegeven module niet vinden."

Bedankt,

Nick

- - - Updated - - -

De Windows Security Center-service is ook uitgeschakeld en geeft steeds een foutmelding als ik deze terug wil inschakelen --> "De Windows Security Center-service kan niet worden gestart."

Mvg,

Nick

[kape]

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

[Borre1487]

Dit is de inhoud van de log :

Logfile of random's system information tool 1.09 (written by random/random)

Run by Gebruiker at 2013-10-12 19:09:50

WIN_7 Service Pack 1

System drive C: has 7 GB (8%) free of 86 GB

Total RAM: 12279 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:12:51, on 12-10-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16514)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe

D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

D:\Steam\steam.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files\trend micro\Gebruiker.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKCU\..\Run: [EADM] "D:\Program Files\Origin\Origin.exe" -AutoStart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?')

O4 - S-1-5-21-3022008148-1341554004-2509797194-1000 Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe (User '?')

O4 - Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing)

O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe

O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9109 bytes

======Listing Processes======

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.117 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]

"Description"=NVIDIA stereo images plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]

"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.117 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411391105}]

a2zLyrics-15 - C:\Program Files (x86)\a2zLyrics-15\a2zLyrics-15-bho64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-01-15 347424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-01-15 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-16 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-16 171424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-12-12 7560296]

"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 1356240]

"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2012-07-24 6900024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-03-19 2363392]

"Steam"=D:\Steam\steam.exe [2013-10-09 1813928]

"DAEMON Tools Lite"=D:\DAEMON Tools Lite\DTLite.exe [2012-01-24 3478336]

"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2013-03-12 1099608]

"EADM"=D:\Program Files\Origin\Origin.exe [2013-10-02 3551576]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]

"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]

"ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2009-07-30 380928]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

frheqodv.lnk - C:\Windows\System32\rundll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"ConsentPromptBehaviorUser"=0

"EnableLUA"=0

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux"=wdmaud.drv

"VIDC.XFR1"=xfcodec64.dll

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"wave9"=wdmaud.drv

"midi9"=wdmaud.drv

"mixer9"=wdmaud.drv

"wave8"=wdmaud.drv

"midi8"=wdmaud.drv

"mixer8"=wdmaud.drv

"wave7"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2013-10-12 19:10:20 ----D---- C:\Program Files\trend micro

2013-10-12 19:09:50 ----D---- C:\rsit

2013-10-12 17:59:24 ----D---- C:\Program Files (x86)\7-Zip

2013-10-10 23:03:36 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2013-10-10 23:03:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2013-10-10 23:03:36 ----A---- C:\Windows\system32\mshtmled.dll

2013-10-10 23:03:35 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-10-10 23:03:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2013-10-10 23:03:35 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-10-10 23:03:35 ----A---- C:\Windows\system32\ieUnatt.exe

2013-10-10 23:03:35 ----A---- C:\Windows\system32\ieui.dll

2013-10-10 23:03:34 ----A---- C:\Windows\SYSWOW64\url.dll

2013-10-10 23:03:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-10-10 23:03:34 ----A---- C:\Windows\system32\wininet.dll

2013-10-10 23:03:34 ----A---- C:\Windows\system32\url.dll

2013-10-10 23:03:34 ----A---- C:\Windows\system32\msfeeds.dll

2013-10-10 23:03:34 ----A---- C:\Windows\system32\jsproxy.dll

2013-10-10 23:03:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-10-10 23:03:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-10-10 23:03:33 ----A---- C:\Windows\system32\urlmon.dll

2013-10-10 23:03:33 ----A---- C:\Windows\system32\jscript9.dll

2013-10-10 23:03:33 ----A---- C:\Windows\system32\iertutil.dll

2013-10-10 23:03:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-10-10 23:03:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-10-10 23:03:32 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-10-10 23:03:32 ----A---- C:\Windows\system32\vbscript.dll

2013-10-10 23:03:32 ----A---- C:\Windows\system32\jscript.dll

2013-10-10 23:03:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-10-10 23:03:31 ----A---- C:\Windows\system32\mshtml.dll

2013-10-10 23:03:30 ----A---- C:\Windows\system32\ieframe.dll

2013-10-10 23:03:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-10-10 20:52:37 ----A---- C:\Windows\SYSWOW64\comctl32.dll

2013-10-10 20:52:37 ----A---- C:\Windows\system32\comctl32.dll

2013-10-10 20:52:34 ----A---- C:\Windows\SYSWOW64\lpk.dll

2013-10-10 20:52:34 ----A---- C:\Windows\SYSWOW64\fontsub.dll

2013-10-10 20:52:34 ----A---- C:\Windows\SYSWOW64\dciman32.dll

2013-10-10 20:52:34 ----A---- C:\Windows\SYSWOW64\atmlib.dll

2013-10-10 20:52:34 ----A---- C:\Windows\SYSWOW64\atmfd.dll

2013-10-10 20:52:34 ----A---- C:\Windows\system32\lpk.dll

2013-10-10 20:52:34 ----A---- C:\Windows\system32\fontsub.dll

2013-10-10 20:52:34 ----A---- C:\Windows\system32\dciman32.dll

2013-10-10 20:52:34 ----A---- C:\Windows\system32\atmlib.dll

2013-10-10 20:52:34 ----A---- C:\Windows\system32\atmfd.dll

2013-10-10 20:52:32 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-10-10 20:52:30 ----A---- C:\Windows\system32\drivers\usbcir.sys

2013-10-10 20:52:29 ----A---- C:\Windows\system32\drivers\hidparse.sys

2013-10-10 20:52:29 ----A---- C:\Windows\system32\drivers\hidclass.sys

2013-10-10 20:52:27 ----A---- C:\Windows\SYSWOW64\WebClnt.dll

2013-10-10 20:52:27 ----A---- C:\Windows\SYSWOW64\davclnt.dll

2013-10-10 20:52:27 ----A---- C:\Windows\system32\WebClnt.dll

2013-10-10 20:52:27 ----A---- C:\Windows\system32\drivers\mrxdav.sys

2013-10-10 20:52:27 ----A---- C:\Windows\system32\davclnt.dll

2013-10-10 20:52:26 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-10-10 20:52:25 ----A---- C:\Windows\SYSWOW64\mswsock.dll

2013-10-10 20:52:25 ----A---- C:\Windows\system32\mswsock.dll

2013-10-10 20:52:25 ----A---- C:\Windows\system32\drivers\afd.sys

2013-10-10 20:52:24 ----A---- C:\Windows\system32\win32k.sys

2013-10-10 20:52:24 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-10-10 20:52:23 ----A---- C:\Windows\SYSWOW64\tdh.dll

2013-10-10 20:52:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2013-10-10 20:52:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2013-10-10 20:52:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll

2013-10-10 20:52:23 ----A---- C:\Windows\system32\tdh.dll

2013-10-10 20:52:23 ----A---- C:\Windows\system32\ntdll.dll

2013-10-10 20:52:23 ----A---- C:\Windows\system32\advapi32.dll

2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\wow32.dll

2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\user.exe

2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\setup16.exe

2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2013-10-10 20:52:22 ----A---- C:\Windows\SYSWOW64\instnm.exe

2013-10-10 20:52:22 ----A---- C:\Windows\system32\wow64.dll

2013-10-10 20:52:10 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-10 20:52:10 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-10 20:52:09 ----A---- C:\Windows\SYSWOW64\DWrite.dll

2013-10-10 20:52:09 ----A---- C:\Windows\system32\FntCache.dll

2013-10-10 20:52:09 ----A---- C:\Windows\system32\DWrite.dll

2013-10-10 20:52:09 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2013-10-10 20:52:08 ----A---- C:\Windows\system32\scavengeui.dll

2013-10-03 20:34:36 ----D---- C:\Program Files (x86)\Mozilla Firefox

2013-09-12 20:06:50 ----A---- C:\Windows\system32\drivers\ataport.sys

2013-09-12 20:06:49 ----A---- C:\Windows\SYSWOW64\KernelBase.dll

2013-09-12 20:06:49 ----A---- C:\Windows\SYSWOW64\kernel32.dll

2013-09-12 20:06:49 ----A---- C:\Windows\system32\winsrv.dll

2013-09-12 20:06:49 ----A---- C:\Windows\system32\smss.exe

2013-09-12 20:06:49 ----A---- C:\Windows\system32\KernelBase.dll

2013-09-12 20:06:49 ----A---- C:\Windows\system32\kernel32.dll

2013-09-12 20:06:49 ----A---- C:\Windows\system32\csrsrv.dll

2013-09-12 20:06:49 ----A---- C:\Windows\system32\conhost.exe

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2013-09-12 20:06:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2013-09-12 20:06:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll

2013-09-12 20:06:48 ----A---- C:\Windows\system32\apisetschema.dll

2013-09-12 20:06:41 ----A---- C:\Windows\SYSWOW64\shell32.dll

2013-09-12 20:06:41 ----A---- C:\Windows\SYSWOW64\shdocvw.dll

2013-09-12 20:06:41 ----A---- C:\Windows\system32\shell32.dll

2013-09-12 20:06:41 ----A---- C:\Windows\system32\shdocvw.dll

2013-08-15 23:17:51 ----D---- C:\Users\Gebruiker\AppData\Roaming\TS3Client

2013-08-13 20:52:10 ----D---- C:\Users\Gebruiker\AppData\Roaming\3909 LLC

2013-08-13 20:09:05 ----A---- C:\Windows\SYSWOW64\wintrust.dll

2013-08-13 20:09:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll

2013-08-13 20:09:05 ----A---- C:\Windows\SYSWOW64\cryptnet.dll

2013-08-13 20:09:05 ----A---- C:\Windows\SYSWOW64\crypt32.dll

2013-08-13 20:09:05 ----A---- C:\Windows\system32\wintrust.dll

2013-08-13 20:09:05 ----A---- C:\Windows\system32\cryptsvc.dll

2013-08-13 20:09:05 ----A---- C:\Windows\system32\cryptnet.dll

2013-08-13 20:09:05 ----A---- C:\Windows\system32\crypt32.dll

2013-08-13 20:09:01 ----A---- C:\Windows\SYSWOW64\tzres.dll

2013-08-13 20:09:01 ----A---- C:\Windows\system32\tzres.dll

2013-08-13 20:08:59 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL

2013-08-13 20:08:59 ----A---- C:\Windows\system32\WMVDECOD.DLL

2013-08-13 20:08:57 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll

2013-08-13 20:08:57 ----A---- C:\Windows\system32\rpcrt4.dll

2013-08-13 20:08:55 ----A---- C:\Windows\system32\rdpcorets.dll

2013-08-13 20:08:55 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2013-07-23 17:46:50 ----A---- C:\ProgramData\wavav0bdtzbtb43b.bat

2013-07-14 09:33:29 ----D---- C:\Windows\system32\MRT

======List of files/folders modified in the last 3 months======

2013-10-12 19:10:20 ----RD---- C:\Program Files

2013-10-12 19:09:11 ----D---- C:\Windows\Temp

2013-10-12 18:24:44 ----D---- C:\Windows\system32\config

2013-10-12 18:09:22 ----D---- C:\ProgramData\NVIDIA

2013-10-12 18:09:17 ----HD---- C:\ProgramData

2013-10-12 18:07:23 ----RD---- C:\Program Files (x86)

2013-10-12 18:07:22 ----D---- C:\Windows\Tasks

2013-10-12 18:07:22 ----D---- C:\Windows\system32\Tasks

2013-10-12 18:01:27 ----D---- C:\Windows\system32\drivers

2013-10-12 14:13:29 ----D---- C:\Users\Gebruiker\AppData\Roaming\Omerta

2013-10-12 13:28:43 ----D---- C:\Windows\Prefetch

2013-10-12 10:37:16 ----D---- C:\Windows\rescache

2013-10-12 10:25:26 ----RSD---- C:\Windows\assembly

2013-10-12 10:25:26 ----D---- C:\Windows\Microsoft.NET

2013-10-12 09:57:09 ----D---- C:\Windows\System32

2013-10-12 09:57:09 ----D---- C:\Windows\inf

2013-10-12 09:57:09 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-10-11 20:39:25 ----SHD---- C:\System Volume Information

2013-10-11 20:19:41 ----D---- C:\Windows\winsxs

2013-10-11 20:18:39 ----D---- C:\Windows\SYSWOW64\migration

2013-10-11 20:18:39 ----D---- C:\Windows\SysWOW64

2013-10-11 20:18:39 ----D---- C:\Windows\system32\migration

2013-10-11 20:18:39 ----D---- C:\Program Files (x86)\Internet Explorer

2013-10-11 20:18:38 ----D---- C:\Windows\AppPatch

2013-10-11 20:18:38 ----D---- C:\Program Files\Internet Explorer

2013-10-11 20:18:37 ----D---- C:\Windows\system32\DriverStore

2013-10-11 20:18:18 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-11 20:18:18 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2013-10-10 23:04:42 ----SHD---- C:\Windows\Installer

2013-10-10 23:03:44 ----D---- C:\Windows\system32\catroot

2013-10-10 23:03:43 ----D---- C:\Windows\system32\catroot2

2013-10-10 23:03:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2013-10-10 23:00:09 ----A---- C:\Windows\system32\MRT.exe

2013-10-10 22:58:18 ----D---- C:\Windows\system32\nl-NL

2013-10-08 22:54:29 ----D---- C:\Windows

2013-10-08 22:54:29 ----D---- C:\Program Files\Microsoft Security Client

2013-10-08 22:54:29 ----D---- C:\Program Files (x86)\Microsoft Security Client

2013-10-08 22:37:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2013-10-07 20:19:00 ----A---- C:\Windows\NeroDigital.ini

2013-10-06 12:15:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2013-09-12 22:06:10 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-09-03 21:39:06 ----D---- C:\Users\Gebruiker\AppData\Roaming\The Creative Assembly

2013-07-31 22:40:34 ----D---- C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoft

2013-07-31 22:40:34 ----D---- C:\Program Files (x86)\Common Files

2013-07-31 22:40:31 ----D---- C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-08-10 120920]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]

R0 mv91xx;mv91xx; C:\Windows\system32\DRIVERS\mv91xx.sys [2009-12-25 297512]

R0 nvrd64;NVIDIA nForce RAID Driver; C:\Windows\system32\DRIVERS\nvrd64.sys [2009-08-04 175648]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2007-10-03 22056]

R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2007-10-03 17448]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-02-13 564792]

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]

R1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2012-07-17 2639976]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]

R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys [2012-03-05 16384]

R1 MpKsl80e52099;MpKsl80e52099; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D9485D16-FB85-4ED0-86B1-852FCC307266}\MpKsl80e52099.sys [2013-10-12 46768]

R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-10-20 314016]

R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-10-20 43680]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]

R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792]

R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2009-02-17 39424]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-13 4718952]

R3 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2010-02-22 23680]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]

R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2012-02-07 66328]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]

R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\DRIVERS\nvstusb.sys [2013-06-21 448288]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928]

S0 johci;JMicron 1394 Filter Driver; C:\Windows\system32\DRIVERS\johci.sys [2008-10-09 18784]

S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []

S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys []

S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []

S1 bdfdhbdg;bdfdhbdg; \??\C:\Windows\system32\drivers\bdfdhbdg.sys []

S1 epvpxbfk;epvpxbfk; \??\C:\Windows\system32\drivers\epvpxbfk.sys []

S1 pgleboel;pgleboel; \??\C:\Windows\system32\drivers\pgleboel.sys []

S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []

S1 qfjujdqz;qfjujdqz; \??\C:\Windows\system32\drivers\qfjujdqz.sys []

S1 sicaqqtb;sicaqqtb; \??\C:\Windows\system32\drivers\sicaqqtb.sys []

S3 ahcix64s;ahcix64s; C:\Windows\system32\DRIVERS\ahcix64s.sys [2009-05-18 231224]

S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304]

S3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2007-05-11 70424]

S3 hptmv;hptmv; C:\Windows\system32\DRIVERS\hptmv.sys [2006-09-18 93472]

S3 IAMTVE;Stuurprogramma voor Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTVE.sys [2007-04-11 43416]

S3 IAMTXPE;Stuurprogramma voor Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTXPE.sys [2007-04-11 51096]

S3 iaStor;iaStor; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 537112]

S3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]

S3 ioatdma1;ioatdma1; C:\Windows\System32\Drivers\qd162x64.sys [2009-11-16 40144]

S3 ioatdma2;Intel® QuickData Technology device ver.2; C:\Windows\System32\Drivers\qd262x64.sys [2009-11-16 42192]

S3 iteraid;iteraid; C:\Windows\system32\DRIVERS\iteraid.sys [2007-05-02 32768]

S3 MegaSR1;MegaSR1; C:\Windows\system32\DRIVERS\MegaSR1.sys [2009-04-16 461320]

S3 nvamacpi;nvamacpi; C:\Windows\system32\DRIVERS\NVAMACPI.sys [2009-07-17 28192]

S3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 28704]

S3 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696]

S3 Pnp680;Pnp680; C:\Windows\system32\DRIVERS\pnp680.sys [2007-11-13 80424]

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]

S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR64.SYS [2009-03-11 71168]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]

S3 Ser2at;ATEN USB to Serial port driver; C:\Windows\system32\DRIVERS\ser2at64.sys [2007-06-08 90112]

S3 SI3112r;SI3112r; C:\Windows\system32\DRIVERS\SI3112r.sys [2007-02-01 164656]

S3 SI3114;SI3114; C:\Windows\system32\DRIVERS\SI3114.sys [2006-11-10 99120]

S3 SI3114r;SI3114r; C:\Windows\system32\DRIVERS\SI3114R.sys [2007-04-11 163632]

S3 SI3124;SI3124; C:\Windows\system32\DRIVERS\SI3124.sys [2006-11-02 113456]

S3 Si3124r5;Si3124r5; C:\Windows\system32\DRIVERS\Si3124r5.sys [2006-09-20 334640]

S3 SI3132;SI3132; C:\Windows\system32\DRIVERS\SI3132.sys [2007-10-03 90664]

S3 Si3531;Si3531; C:\Windows\system32\DRIVERS\Si3531.sys [2007-06-01 330544]

S3 SISAGP;SiS AGP Filter; C:\Windows\system32\DRIVERS\SISAGPX.sys [2009-08-01 67104]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]

S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]

S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []

S3 vcrdrx64;VIA MSP Card Reader Host Controller; C:\Windows\system32\DRIVERS\vcrdrx64.sys [2009-09-15 123544]

S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []

S3 viaagp1;VIA AGP Filter; C:\Windows\system32\DRIVERS\viaagp1.sys [2005-09-23 59392]

S3 viamrx64;viamrx64; C:\Windows\system32\DRIVERS\viamrx64.sys [2008-04-21 157336]

S3 ViBusX64;ViBusX64; C:\Windows\system32\DRIVERS\ViBusX64.sys [2008-04-15 25240]

S3 ViPrtX64;ViPrtX64; C:\Windows\system32\DRIVERS\ViPrtX64.sys [2008-04-15 67224]

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

S3 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2008-05-15 28208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2009-07-27 61440]

R2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe [2009-12-01 63488]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-03-12 185688]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-03-19 73728]

R2 MBAMScheduler;MBAMScheduler; D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 23808]

R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-05-18 935208]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]

R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-10 76888]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]

R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 366600]

S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2012-07-17 538000]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-03 118680]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-08-28 563624]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-04 1255736]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[kape]

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411391105}];r64
 Bdfdhbdg;s
 Epvpxbfk;s
 pgleboel;s
 qfjujdqz;s
 sicaqqtb;s
 C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
 frheqodv.lnk;f
  startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• HijackThis Log
  
• Firefox Defaults
  
• Reset Chrome
  
• IE Defaults
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[Borre1487]

Dit is de inhoud van de log :

Zoek.exe Version 4.0.0.5 Updated 09-October-2013

Tool run by Gebruiker on za 12-10-2013 at 19:41:56,13.

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Gebruiker\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

Failed to create System Restore Point

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bdfdhbdg deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bdfdhbdg deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Epvpxbfk deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Epvpxbfk deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pgleboel deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\pgleboel deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\qfjujdqz deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\qfjujdqz deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sicaqqtb deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sicaqqtb deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default\prefs.js:

Added to C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default

user.js not found

---- Lines crossrider removed from prefs.js ----

user_pref("extensions.crossrider.bic", "141ad64c0dd6a4f997fac01147f981f5");

---- Lines crossrider modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_12-10-2013_1947_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411391105}]

==== Deleting Files \ Folders ======================

"C:\ProgramData\wavav0bdtzbtb43b.reg" deleted

"C:\ProgramData\wavav0bdtzbtb43b.bat" deleted

"C:\Users\Gebruiker\Downloads\FreeYouTubeToMP3Converter.exe" deleted

"C:\Windows\_dsFFF0.tmp" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted

"C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers" deleted

"C:\ProgramData\Package Cache" deleted

"C:\Users\Gebruiker\AppData\Local\Bundled software uninstaller" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\GEBRUI~1\AppData\Local\Temp ====

2013-10-12 15:58:50 B3FDF6E7B0AECD48CA7E4921773FB606 1110476 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\7z920.exe

====== Java Cache =====

2013-10-11 20:59:13 45934F387A40FF82C60D36E3C936F8A8 698 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\65627e8a-6eec92dd

2013-10-11 20:50:02 FD59EE7E427EF2CAA0B8EA38EA4183E2 2762 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\660b204a-426153ed

2013-10-11 20:52:25 3A9E87DDADB915817E8AEF772D69FA92 699 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\3a6c4fce-1c20e9ca

2013-10-11 20:50:02 CEA388349490FA5290948F6D550C0AFE 223082 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\7fbc6151-44a8efb4

2013-10-12 13:11:53 EB75E2C7A2B53F682637D4E69D18BE5D 8622 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\7460ac52-4dae7bc7

2013-10-11 20:58:53 A9E4AE31D5FC9D0C113CD01DF9DFAC60 705 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\36ea9355-6e8914c0

2013-10-12 12:30:22 17344FEB4DCA982172BC7514AA0E17C0 1067 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\3ccfde59-5160fcab

2013-10-11 20:57:50 B9616B8A66E92815482F5ED9722EA1C6 1117 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\2e9f95e1-5b01876f

2013-10-11 21:10:54 BCDC3B75E4B76B2DC9373A6849401D87 941 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\3b9a2de1-5fe5072d

2013-10-11 21:19:17 AAA769F0E7F94B327C9E4343CC24BD3F 1162 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\50e8b764-2420d118

2013-10-11 20:57:00 5AAB20FD392D721E3AA6A09D8731056F 1214 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\2502c825-65e79f48

2013-10-11 21:06:34 02727403E772A7BB71E521495C5B2DA4 946 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\2158206a-786584c7

2013-10-11 20:50:04 5AA47C3729595FF261CB63FD84269453 3285 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\2c716770-709e6e51

2013-10-11 21:19:53 43CB1DD81743DEC54945E7BFD73973A3 553 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\4fa12930-5f0c6796

2013-10-11 20:58:08 24737EB5D2EBBC9081B8E63B51515849 696 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\743b163a-2d46defd

2013-10-11 20:50:12 81E92BE530F6E985D07766DAA1EE8150 100 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\1719977e-72dbe104

2013-10-11 20:58:25 571E01434B3A8E5BAE25C47BFEA28B91 696 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\491705be-713bbbd2

2013-10-12 10:53:51 FB2D399D260A0E64C8D7D100350F51A3 1146 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\5753657e-6b2365cb

2013-10-11 21:11:43 05D7102FDD0F96501D82CA8408E72B21 2494 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\1b21aa7f-15f59f62

2013-10-11 20:57:48 41213F3A31D75E3E457B76E223C974E4 435 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\56565007-23c6c545

2013-10-11 20:57:14 EA3D72BE02FAF3AE3AF537F4B216653C 1136 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\60621588-7ab6adcf

2013-10-11 20:57:07 2815C88AEA6783CE7AD34640852D8E2E 671 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\5baf1ec9-222fa573

====== C:\Windows\SysWOW64 =====

2013-10-10 21:03:36 D9F8C3F763EF4CCEA8A6DD2540760817 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-10-10 21:03:36 4F97C454AF1718AE51696D9AD6A2F9AB 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2013-10-10 21:03:36 327FE5AB6905642AB9FC34F912B6C264 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2013-10-10 21:03:35 FF3E0BA38DB8561CB97B0FBF6C3B3F9E 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-10-10 21:03:35 C8ADAA6948993D839D14524847EA5B75 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-10-10 21:03:35 3B2EFBBC78DA786391B5A49614DF56C0 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-10-10 21:03:34 DE4C23B8F2F277ECF9692428DC9B5A22 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-10-10 21:03:34 AF0FEB5AEFE8440F78DDCFDAA742EE63 231936 ----a-w- C:\Windows\SysWOW64\url.dll

2013-10-10 21:03:33 EB311F8C0DBE714A4A6E63AD22245A28 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2013-10-10 21:03:33 D2A365FCB3492C01F7A6273F747BDD0A 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-10-10 21:03:33 8CDB5EC48867F571455B1C6875E033D3 1104896 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-10-10 21:03:32 D71C425BBC059CBFEE99328AF6D4D340 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-10-10 21:03:32 9CE9B5DDE7017DF600DC29EFC3E832A7 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-10-10 21:03:32 3B0B665ECDC46A32395FF2F430B8680E 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-10-10 21:03:31 F46A58EC9183CB2B24326A41CDDE1FAE 12336128 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-10-10 21:03:29 9C5CC7677B63F939D980D16953438B45 9739264 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-10-10 18:52:37 75F5E1FE8D55CF8E577E0EC5F2290D3F 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll

2013-10-10 18:52:34 CC23295DA8F7B5C53F93804D2F5D30EB 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll

2013-10-10 18:52:34 8CC4638FA7B5B921B9080CF962582C0B 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll

2013-10-10 18:52:34 7D27E63B54DB093BB0D9E95F81094D75 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll

2013-10-10 18:52:34 5C6B44F9CAAC475B7B9EBBC29CB7F065 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll

2013-10-10 18:52:34 2342EC9254F4C60CA98441BD65C89E12 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll

2013-10-10 18:52:27 EAF4712B706936C0B10D3B5319B37E81 81920 ----a-w- C:\Windows\SysWOW64\davclnt.dll

2013-10-10 18:52:27 75E8EBD7040CE238684333F97014762A 205824 ----a-w- C:\Windows\SysWOW64\WebClnt.dll

2013-10-10 18:52:25 E94C583CDE2348950155F2AF2876F34D 231424 ----a-w- C:\Windows\SysWOW64\mswsock.dll

2013-10-10 18:52:23 D67472125471784DE7147946EDA25FEB 640512 ----a-w- C:\Windows\SysWOW64\advapi32.dll

2013-10-10 18:52:23 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2013-10-10 18:52:23 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2013-10-10 18:52:23 401D25136E26B237D77DA1BF1198B3BD 619520 ----a-w- C:\Windows\SysWOW64\tdh.dll

2013-10-10 18:52:22 DEE3A05EB88EAFE9C5FF9643676ECC60 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll

2013-10-10 18:52:22 DA1340AC8B22D0719F47222C8D508393 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2013-10-10 18:52:22 D37B27C1F5FE8CFFCCA80FFD4F91149B 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll

2013-10-10 18:52:22 A2B0924D50F4435FD389499047CE553A 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll

2013-10-10 18:52:22 8C3D064E7B7C0F3685A441A37A93C5D1 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2013-10-10 18:52:22 5244D544B022E70881794563D657B5EF 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2013-10-10 18:52:10 2A01B40C8334A8124001CFAC256FCA83 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-10 18:52:09 F50EC0B39521D098373137E5E3CB4405 1077760 ----a-w- C:\Windows\SysWOW64\DWrite.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-10-10 21:03:36 D4372C2CFEF849676ECE9747EEE92A32 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-10-10 21:03:36 4CC24784CB8D1BD9DBB35E4C055BD052 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2013-10-10 21:03:35 B73439C148710919E18321C487E4C885 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2013-10-10 21:03:35 67926CE246B1C4080AD8DE7626965059 248320 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-10-10 21:03:34 A9B0F7A6C9839F931829CD0FF34D82F8 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-10-10 21:03:34 6431F1042CEE8BD0197200EDCDF10B4F 237056 ----a-w- C:\Windows\Sysnative\url.dll

2013-10-10 21:03:34 61DB16986A5561DE7929C1BEE64BFF11 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-10-10 21:03:34 3CD6F07E6416ED6E18A1965CD2B9144A 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-10-10 21:03:33 F45A1C24BC50B41659F6318C4F7C4533 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-10-10 21:03:33 83A99C79BA5980FB187CCE825C5AECDE 1346560 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-10-10 21:03:33 26FCE63F15EADEFCB0E1D37A6CD6939B 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2013-10-10 21:03:33 224FF6EA2D15F6D808AE25D869DED005 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-10-10 21:03:32 FB20289B5331AE4D36EB39F3762C6527 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll

2013-10-10 21:03:32 BA4EAF171692FEC3F22DC8ED588C125E 816640 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-10-10 21:03:31 88664D38A94CDBD372ABB617E2928C37 17833984 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-10-10 21:03:30 F210546A7E54361B4E26B07A1959DBD1 10926080 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-10-10 18:52:37 9028D1621C43DF8DFBD1C76860412A11 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll

2013-10-10 18:52:34 E1BB958681BE311E7CFF06CFEC5F1F2B 368128 ----a-w- C:\Windows\Sysnative\atmfd.dll

2013-10-10 18:52:34 D6BAE9B4B210D71CDDADC224CEFCDB5F 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll

2013-10-10 18:52:34 A5ED9421B8D09ED4F57CDA386307713E 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll

2013-10-10 18:52:34 796B47A4B82EF1C39F13435B88834C48 41472 ----a-w- C:\Windows\Sysnative\lpk.dll

2013-10-10 18:52:34 142671F462619CB64BA74F5B70136CB4 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll

2013-10-10 18:52:27 B32AB94A432289AC2DF77A3DCAD32EED 102400 ----a-w- C:\Windows\Sysnative\davclnt.dll

2013-10-10 18:52:27 0EB0E5D22B1760F2DBCE632F2DD7A54D 259584 ----a-w- C:\Windows\Sysnative\WebClnt.dll

2013-10-10 18:52:25 9A9F9F1A77D6A80EE28B57664F00013E 327168 ----a-w- C:\Windows\Sysnative\mswsock.dll

2013-10-10 18:52:24 5B9A6A310326D9C438F2C19FBBE97C97 5549504 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe

2013-10-10 18:52:24 19320B121BFE7462EADD50A42C81AFD0 3155968 ----a-w- C:\Windows\Sysnative\win32k.sys

2013-10-10 18:52:23 CAAAC014C5C56A69F710B5F1B836DE22 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll

2013-10-10 18:52:23 A3FCC4F97551087D65F8FEE879FEF736 859648 ----a-w- C:\Windows\Sysnative\tdh.dll

2013-10-10 18:52:23 63A580C88CFAF72A92550940054569EF 878080 ----a-w- C:\Windows\Sysnative\advapi32.dll

2013-10-10 18:52:22 70833F5A59F65908698093889C34BCA2 243712 ----a-w- C:\Windows\Sysnative\wow64.dll

2013-10-10 18:52:10 764DF431D13537A575752009E7740F18 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll

2013-10-10 18:52:09 79BEC88D21DB3611C2A0B453D4846A8E 1545728 ----a-w- C:\Windows\Sysnative\DWrite.dll

2013-10-10 18:52:09 76C196B109E4BFA50132EF50AF6A1C1B 1143296 ----a-w- C:\Windows\Sysnative\FntCache.dll

2013-10-10 18:52:08 56661BB55AE4633677F846FFCD080ECA 461312 ----a-w- C:\Windows\Sysnative\scavengeui.dll

====== C:\Windows\Sysnative\drivers =====

2013-10-10 18:52:32 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys

2013-10-10 18:52:30 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys

2013-10-10 18:52:29 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys

2013-10-10 18:52:29 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys

2013-10-10 18:52:27 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys

2013-10-10 18:52:26 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-10-10 18:52:25 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-10-10 18:52:09 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

2013-09-12 18:06:50 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-12 17:10:20 -------- d-----w- C:\Program Files\trend micro

======= C:\Program Files (x86) =====

2013-10-12 15:59:24 -------- d-----w- C:\Program Files (x86)\7-Zip

======= C: =====

====== C:\Users\Gebruiker\AppData\Roaming ======

====== C:\Users\Gebruiker ======

2013-10-12 17:09:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe

2013-10-12 16:00:59 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300.exe

2013-10-12 15:59:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2013-10-12 13:13:48 A58A36F56DF6901DE51A0F86F2D42EB7 1117511 ----a-w- C:\ProgramData\frheqodv.pff

2013-10-12 13:12:01 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\ProgramData\frheqodv.ctrl

====== C: exe-files ==

2013-10-12 17:10:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe

2013-10-12 17:09:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe

2013-10-12 16:00:59 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300.exe

2013-10-12 15:59:25 78E662D435A8E1F5B9CED236FD331856 58641 ----a-w- C:\Program Files (x86)\7-Zip\Uninstall.exe

2013-10-12 15:58:50 B3FDF6E7B0AECD48CA7E4921773FB606 1110476 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\7z920.exe

2013-10-10 21:03:35 B73439C148710919E18321C487E4C885 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-10-10 21:03:35 3B2EFBBC78DA786391B5A49614DF56C0 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-10-10 21:03:34 F980F2E95E0434C8E0559B6504FE1D10 763544 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-10-10 21:03:34 45BDA923BE52906D1460BCB13AC2AB7A 757400 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2013-10-10 18:52:24 5B9A6A310326D9C438F2C19FBBE97C97 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-10-10 18:52:23 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2013-10-10 18:52:23 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2013-10-10 18:52:22 DA1340AC8B22D0719F47222C8D508393 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2013-10-10 18:52:22 8C3D064E7B7C0F3685A441A37A93C5D1 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2013-10-10 18:52:22 5244D544B022E70881794563D657B5EF 2048 ----a-w- C:\Windows\SysWOW64\user.exe

=== C: other files ==

2013-10-12 16:37:00 3FE51813290A0D7103B620E2813A8C0E 915554 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

2013-10-10 18:52:32 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2013-10-10 18:52:30 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys

2013-10-10 18:52:29 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys

2013-10-10 18:52:29 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys

2013-10-10 18:52:27 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys

2013-10-10 18:52:26 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-10-10 18:52:25 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-10-10 18:52:24 19320B121BFE7462EADD50A42C81AFD0 3155968 ----a-w- C:\Windows\System32\win32k.sys

2013-10-10 18:52:09 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3022008148-1341554004-2509797194-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Steam"="D:\Steam\steam.exe -silent"

"DAEMON Tools Lite"="D:\DAEMON Tools Lite\DTLite.exe -autorun"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

"EADM"="D:\Program Files\Origin\Origin.exe -AutoStart"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe"

"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"ASUSGamerOSD"="C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Steam"="D:\Steam\steam.exe -silent"

"DAEMON Tools Lite"="D:\DAEMON Tools Lite\DTLite.exe -autorun"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

"EADM"="D:\Program Files\Origin\Origin.exe -AutoStart"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"

==== Startup Folders ======================

2013-10-12 13:12:01 1037 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\frheqodv.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-10-2013 22:37]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\{3DCE0556-47E2-4789-B425-8E207792C25B}" [D:\Program Files\Blitzkrieg 2\EXE\bin\GAME.EXE]

"C:\Windows\SysNative\tasks\{5955D7F0-FF47-4D82-8EC8-ADAEE1C80683}" [D:\Program Files\Blitzkrieg 2\EXE\bin\GAME.EXE]

"C:\Windows\SysNative\tasks\{6D1C29AA-F87A-4858-88BC-F870CF21298B}" [D:\Program Files\Blitzkrieg 2\EXE\bin\GAME.EXE]

"C:\Windows\SysNative\tasks\{7D7210A0-A217-4745-85C4-5E7881D54B37}" [D:\Program Files\Blitzkrieg 2\EXE\bin\GAME.EXE]

"C:\Windows\SysNative\tasks\{854DF2F2-FF27-472D-860E-485F765073E2}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

ADC539F67D3198679F480974EE203678 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

"Search Page"="http://www.google.nl"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.google.nl/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKCU\..\Run: [EADM] "D:\Program Files\Origin\Origin.exe" -AutoStart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?')

O4 - S-1-5-21-3022008148-1341554004-2509797194-1000 Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe (User '?')

O4 - Startup: frheqodv.lnk = C:\Windows\System32\rundll32.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing)

O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe

O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\muv8sqwg.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on za 12-10-2013 at 19:54:13,81 ======================

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• 
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
 C:\ProgramData\frheqodv.pff;f
 C:\ProgramData\frheqodv.ctrl;f
 C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300.exe;f
 C:\Users\Gebruiker\AppData\Local\Temp\7z920.exe;f
 C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi;f
 C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\frheqodv.lnk;f
 autoclean;
hijackthis;

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Borre1487]

Dit is de inhoud van het logje :

Zoek.exe Version 4.0.0.5 Updated 13-October-2013

Tool run by Gebruiker on zo 13-10-2013 at 18:45:25,92.

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Gebruiker\Desktop\zoek\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-10-12-175413.log 35570 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\Users\Gebruiker\AppData\Local\Temp\7z920.exe" not found

"C:\ProgramData\frheqodv.pff" deleted

"C:\ProgramData\frheqodv.ctrl" deleted

"C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300.exe" deleted

"C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi" deleted

"C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\frheqodv.lnk" deleted

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\muv8sqwg.default

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

ADC539F67D3198679F480974EE203678 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [steam] "D:\Steam\steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKCU\..\Run: [EADM] "D:\Program Files\Origin\Origin.exe" -AutoStart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-21-3022008148-1341554004-2509797194-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?')

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing)

O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe

O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\muv8sqwg.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on zo 13-10-2013 at 18:55:33,41 ======================

[kape]

En heb je nu nog merkbare problemen ?