Ga naar inhoud

PolH

Aanbevolen berichten

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites

Het is mij toch gelukt via jahewi

Logfile of random's system information tool 1.09 (written by random/random)

Run by Pol at 2013-11-05 17:32:58

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 149 GB (52%) free of 288 GB

Total RAM: 1976 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:33:42, on 5/11/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16720)

Boot mode: Normal

Running processes:

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\windows\system32\igfxsrvc.exe

C:\Program Files\Fighters\SPAMfighter\sfagent.exe

C:\Program Files\Fighters\Tray\FightersTray.exe

C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe

C:\Program Files\Norton Ghost\Agent\VProTray.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Users\Pol\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe

C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\windows\system32\RunDll32.exe

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe

C:\Program Files\Sonos\Sonos.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\windows\System32\MsSpellCheckingFacility.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Users\Pol\Desktop\RSIT.exe

C:\Program Files\trend micro\Pol.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll

O2 - BHO: Ask Toolbar BHO - {4F524A2D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll" (file missing)

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - (no file)

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Pol\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (file missing)

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll

O3 - Toolbar: Ask Toolbar - {4F524A2D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll" (file missing)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [signIn] "C:\Program Files\Microsoft Online Services\Sign In\SignIn.exe" /autorun

O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe

O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files\Fighters\Tray\FightersTray.exe

O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe

O4 - HKLM\..\Run: [Norton Ghost 15.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [skyDrive] "C:\Users\Pol\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN34K1CK6P05WK:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3050A J611 series (netwerk).lnk = ?

O4 - Global Startup: Bluetooth.lnk = ?

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe

O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe

O9 - Extra button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .mxl: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .mya: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .myt: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O15 - Trusted Zone: http://cbc-pdf.cbc.be

O15 - Trusted Zone: http://static.cbc.be

O15 - Trusted Zone: http://www.cbccorporate.be

O15 - Trusted Zone: http://www.csob.cz

O15 - Trusted Zone: http://www.csob.sk

O15 - Trusted Zone: http://col.isabel.be

O15 - Trusted Zone: http://www.isabel.be

O15 - Trusted Zone: http://www.beta.isabel.be

O15 - Trusted Zone: http://col.isabel.eu

O15 - Trusted Zone: http://www.isabel.eu

O15 - Trusted Zone: http://www.beta.isabel.eu

O15 - Trusted Zone: http://kbc-pdf.kbc.be

O15 - Trusted Zone: http://static.kbc.be

O15 - Trusted Zone: http://www.kbcam.be

O15 - Trusted Zone: http://www.kbcam.com

O15 - Trusted Zone: http://www.kbcbankingforbusiness.com

O15 - Trusted Zone: http://www.kbccorporates.com

O15 - Trusted Zone: http://www.kbcfi.com

O15 - Trusted Zone: http://www.kbcmerchantbanking.com

O15 - Trusted Zone: http://www.kh.hu

O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM)

O15 - Trusted Zone: http://static.cbc.be (HKLM)

O15 - Trusted Zone: http://www.cbccorporate.be (HKLM)

O15 - Trusted Zone: http://www.csob.cz (HKLM)

O15 - Trusted Zone: http://www.csob.sk (HKLM)

O15 - Trusted Zone: http://col.isabel.be (HKLM)

O15 - Trusted Zone: http://www.isabel.be (HKLM)

O15 - Trusted Zone: http://www.beta.isabel.be (HKLM)

O15 - Trusted Zone: http://col.isabel.eu (HKLM)

O15 - Trusted Zone: http://www.isabel.eu (HKLM)

O15 - Trusted Zone: http://www.beta.isabel.eu (HKLM)

O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM)

O15 - Trusted Zone: http://static.kbc.be (HKLM)

O15 - Trusted Zone: http://www.kbcam.be (HKLM)

O15 - Trusted Zone: http://www.kbcam.com (HKLM)

O15 - Trusted Zone: http://www.kbcbankingforbusiness.com (HKLM)

O15 - Trusted Zone: http://www.kbccorporates.com (HKLM)

O15 - Trusted Zone: http://www.kbcfi.com (HKLM)

O15 - Trusted Zone: http://www.kbcmerchantbanking.com (HKLM)

O15 - Trusted Zone: http://www.kh.hu (HKLM)

O15 - Trusted Zone: http://*.mcafee.com (HKLM)

O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)

O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)

O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} (MSN Games – Backgammon) - http://zone.msn.com/bingame/zpagames/ZPA_Backgammon.cab64162.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: AdminService for OpenEdge 10.2B (AdminService10.2B) - Unknown owner - C:\Program Files\OpenEdge\bin\AdmSrvc.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe

O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe

O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe

O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Pol\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

O23 - Service: GenericMount Helper Service - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

O23 - Service: Norton Online Backup (NOBU) - Unknown owner - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe (file missing)

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe

O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe

O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\SPAMfighter\sfus.exe

O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe

O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

--

End of file - 18789 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job

C:\windows\tasks\GoogleUpdateTaskMachineCore.job

C:\windows\tasks\GoogleUpdateTaskMachineUA.job

C:\windows\tasks\HPCeeScheduleForPol.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default

prefs.js - "browser.search.suggest.enabled" - true

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "http://www.google.com"

prefs.js - "extensions.enabledItems" - "{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0.0.479, belgiumeid@eid.belgium.be:1.0.8, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.74, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.10"

"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\coFFPlgn\

"FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files\PDF Architect\FFPDFArchitectExt

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\IPSFF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/MycameraPlugin]

"Description"=Canon MycameraPlugin

"Path"=C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]

"Description"=Picasa3 plugin

"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]

"Description"=Nokia Suite Enabler Plugin

"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

belgiumeid@eid.belgium.be

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

browser.xpt

browserdirprovider.dll

brwsrcmp.dll

components.list

FeedConverter.js

FeedProcessor.js

FeedWriter.js

fuelApplication.js

GPSDGeolocationProvider.js

jsconsole-clhandler.js

NetworkGeolocationProvider.js

nsAddonRepository.js

nsBadCertHandler.js

nsBlocklistService.js

nsBrowserContentHandler.js

nsBrowserGlue.js

nsContentDispatchChooser.js

nsContentPrefService.js

nsDefaultCLH.js

nsDownloadManagerUI.js

nsExtensionManager.js

nsFormAutoComplete.js

nsHandlerService.js

nsHelperAppDlg.js

nsINIProcessor.js

nsIQTScriptablePlugin.xpt

nsLivemarkService.js

nsLoginInfo.js

nsLoginManager.js

nsLoginManagerPrompter.js

nsMicrosummaryService.js

nsPlacesAutoComplete.js

nsPlacesDBFlush.js

nsPlacesTransactionsService.js

nsPrivateBrowsingService.js

nsProxyAutoConfig.js

nsSafebrowsingApplication.js

nsSearchService.js

nsSearchSuggestions.js

nsSessionStartup.js

nsSessionStore.js

nsSetDefaultBrowser.js

nsSidebar.js

nsTaggingService.js

nsTryToClose.js

nsUpdateService.js

nsUpdateServiceStub.js

nsUpdateTimerManager.js

nsUrlClassifierLib.js

nsUrlClassifierListManager.js

nsURLFormatter.js

nsWebHandlerApp.js

pluginGlue.js

storage-Legacy.js

storage-mozStorage.js

txEXSLTRegExFunctions.js

WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\

npnul32.dll

NPOFF12.DLL

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\

bolcom-nl.xml

google.xml

marktplaats-nl.xml

vandale-nl.xml

wikipedia-nl.xml

yahoo-nl.xml

C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\extensions\

addon@defaulttab.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Help bij koppelingen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2013-09-03 68480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]

PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7}]

Ask Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll [2013-10-16 12240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-31 509776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL [2013-04-09 387040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

DefaultTab Browser Helper - C:\Users\Pol\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2013-10-31 462968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-06 194640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll [2013-05-31 509776]

{4F524A2D-5637-006A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll [2013-10-16 12240]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-06 194640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"QLBController"=C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-01-28 256056]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2010-01-08 186904]

"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-09-01 499768]

"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-03-12 141848]

"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-03-12 175640]

"Persistence"=C:\windows\system32\igfxpers.exe [2010-03-12 166936]

"UDC Integration"= []

"SignIn"=C:\Program Files\Microsoft Online Services\Sign In\SignIn.exe [2010-03-09 1734512]

"sfagent"=C:\Program Files\Fighters\SPAMfighter\sfagent.exe [2013-02-28 1065504]

"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1246544]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"NPSStartup"= []

"CommonToolkitTray"=C:\Program Files\Fighters\Tray\FightersTray.exe [2013-01-28 1425440]

"IsaKbcCertUpdate"=C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe [2012-10-15 1085528]

"Norton Ghost 15.0"=C:\Program Files\Norton Ghost\Agent\VProTray.exe [2010-03-03 2598760]

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]

""= []

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-09-17 152392]

"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-16 1673680]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 995176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-06-19 39408]

"SkyDrive"=C:\Users\Pol\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2013-08-14 257136]

"HP Deskjet 3050A J611 series (NET)"=C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17 1837672]

""= []

"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]

C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-16 1673680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid]

C:\Program Files\Belgium Identity Card\beid35gui.exe [2010-08-12 2060288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisorDock]

C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-10 1515576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2010-01-22 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe]

C:\Program Files\MyTomTom 3\MyTomTomSA.exe [2013-05-23 455608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11]

C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe [2011-09-14 230696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

C:\Program Files\Skype\\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]

C:\Users\Pol\AppData\Roaming\Spotify\Spotify.exe [2013-07-05 4640768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-01-22 1684776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]

C:\Program Files\IDT\WDM\sttray.exe [2011-11-12 495708]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe

Inktwaarschuwingen controleren - HP Deskjet 3050A J611 series (netwerk).lnk - C:\windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\windows\system32\igfxdev.dll [2010-01-25 225792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll, schannel.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"wave7"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

"wave8"=wdmaud.drv

"midi8"=wdmaud.drv

"mixer8"=wdmaud.drv

"wave9"=wdmaud.drv

"midi9"=wdmaud.drv

"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-05 17:32:58 ----DC---- C:\rsit

2013-10-31 14:29:17 ----D---- C:\Program Files\Microsoft Security Client

2013-10-24 10:22:21 ----D---- C:\ProgramData\Oracle

2013-10-24 10:21:14 ----D---- C:\Program Files\Common Files\Java

2013-10-24 10:20:59 ----A---- C:\windows\system32\javaws.exe

2013-10-24 10:20:12 ----A---- C:\windows\system32\WindowsAccessBridge.dll

2013-10-24 10:20:12 ----A---- C:\windows\system32\javaw.exe

2013-10-24 10:20:12 ----A---- C:\windows\system32\java.exe

2013-10-23 13:42:42 ----D---- C:\Program Files\Trusteer

2013-10-23 13:41:37 ----D---- C:\ProgramData\Trusteer

2013-10-19 16:20:58 ----D---- C:\Program Files\QuickTime

2013-10-14 20:53:59 ----D---- C:\Program Files\GUMD027.tmp

2013-10-14 20:53:59 ----A---- C:\Program Files\GUTD739.tmp

2013-10-10 09:13:08 ----A---- C:\windows\system32\jscript.dll

2013-10-10 09:13:07 ----A---- C:\windows\system32\jscript9.dll

2013-10-10 09:13:06 ----A---- C:\windows\system32\jsproxy.dll

2013-10-10 09:13:04 ----A---- C:\windows\system32\ieui.dll

2013-10-10 09:13:04 ----A---- C:\windows\system32\iesetup.dll

2013-10-10 09:13:02 ----A---- C:\windows\system32\urlmon.dll

2013-10-10 09:13:02 ----A---- C:\windows\system32\RegisterIEPKEYs.exe

2013-10-10 09:13:02 ----A---- C:\windows\system32\msfeeds.dll

2013-10-10 09:13:02 ----A---- C:\windows\system32\iesysprep.dll

2013-10-10 09:13:02 ----A---- C:\windows\system32\iernonce.dll

2013-10-10 09:13:02 ----A---- C:\windows\system32\ie4uinit.exe

2013-10-10 09:13:01 ----A---- C:\windows\system32\iertutil.dll

2013-10-10 09:12:58 ----A---- C:\windows\system32\wininet.dll

2013-10-10 09:12:57 ----A---- C:\windows\system32\ieframe.dll

2013-10-10 09:12:51 ----A---- C:\windows\system32\mshtml.dll

2013-10-09 14:01:37 ----D---- C:\Users\Pol\AppData\Roaming\Plogue

2013-10-09 09:13:22 ----A---- C:\windows\system32\drivers\usbscan.sys

2013-10-09 09:13:22 ----A---- C:\windows\system32\drivers\hidparse.sys

2013-10-09 09:13:22 ----A---- C:\windows\system32\drivers\hidclass.sys

2013-10-09 09:13:21 ----A---- C:\windows\system32\drivers\usbehci.sys

2013-10-09 09:13:21 ----A---- C:\windows\system32\drivers\usbccgp.sys

2013-10-09 09:13:21 ----A---- C:\windows\system32\comctl32.dll

2013-10-09 09:13:20 ----A---- C:\windows\system32\drivers\usbuhci.sys

2013-10-09 09:13:20 ----A---- C:\windows\system32\drivers\usbport.sys

2013-10-09 09:13:20 ----A---- C:\windows\system32\drivers\usbohci.sys

2013-10-09 09:13:20 ----A---- C:\windows\system32\drivers\usbhub.sys

2013-10-09 09:13:20 ----A---- C:\windows\system32\drivers\usbd.sys

2013-10-09 09:13:20 ----A---- C:\windows\system32\drivers\tcpip.sys

2013-10-09 09:13:19 ----A---- C:\windows\system32\mswsock.dll

2013-10-09 09:13:19 ----A---- C:\windows\system32\drivers\afd.sys

2013-10-09 09:13:17 ----A---- C:\windows\system32\drivers\usbser.sys

2013-10-09 09:13:16 ----A---- C:\windows\system32\drivers\dxgkrnl.sys

2013-10-09 09:13:14 ----A---- C:\windows\system32\ntkrnlpa.exe

2013-10-09 09:13:13 ----A---- C:\windows\system32\ntoskrnl.exe

2013-10-09 09:13:12 ----A---- C:\windows\system32\tdh.dll

2013-10-09 09:13:12 ----A---- C:\windows\system32\ntdll.dll

2013-10-09 09:13:12 ----A---- C:\windows\system32\advapi32.dll

2013-10-09 09:13:11 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 09:13:10 ----A---- C:\windows\system32\lpk.dll

2013-10-09 09:13:10 ----A---- C:\windows\system32\fontsub.dll

2013-10-09 09:13:10 ----A---- C:\windows\system32\dciman32.dll

2013-10-09 09:13:10 ----A---- C:\windows\system32\atmlib.dll

2013-10-09 09:13:10 ----A---- C:\windows\system32\atmfd.dll

2013-10-09 09:13:08 ----A---- C:\windows\system32\scavengeui.dll

2013-10-09 09:13:05 ----A---- C:\windows\system32\win32k.sys

2013-10-09 09:12:56 ----A---- C:\windows\system32\WebClnt.dll

2013-10-09 09:12:56 ----A---- C:\windows\system32\drivers\mrxdav.sys

2013-10-09 09:12:56 ----A---- C:\windows\system32\davclnt.dll

2013-10-09 09:12:54 ----A---- C:\windows\system32\drivers\usbvideo.sys

2013-10-09 09:12:54 ----A---- C:\windows\system32\drivers\usbcir.sys

2013-10-09 09:12:30 ----A---- C:\windows\system32\drivers\Wdf01000.sys

======List of files/folders modified in the last 1 month======

2013-11-05 17:33:42 ----D---- C:\Program Files\Trend Micro

2013-11-05 17:33:20 ----DC---- C:\windows\Temp

2013-11-05 17:08:10 ----D---- C:\Users\Pol\AppData\Roaming\Dropbox

2013-11-05 16:59:40 ----D---- C:\ProgramData\Sonos,_Inc

2013-11-05 16:47:04 ----D---- C:\windows\system32\config

2013-11-05 16:40:13 ----SHD---- C:\System Volume Information

2013-11-05 16:36:15 ----A---- C:\ProgramData\HPWALog.txt

2013-11-05 16:36:05 ----HD---- C:\ProgramData

2013-11-05 16:36:02 ----D---- C:\wvero

2013-11-05 10:55:26 ----D---- C:\windows\Registration

2013-11-05 08:27:48 ----D---- C:\windows\system32\catroot2

2013-11-03 18:02:02 ----D---- C:\windows\inf

2013-11-02 14:59:38 ----SHD---- C:\windows\Installer

2013-11-02 14:59:33 ----D---- C:\Program Files\Sonos

2013-10-31 14:30:34 ----D---- C:\Windows

2013-10-31 14:29:36 ----D---- C:\windows\system32\catroot

2013-10-31 14:29:33 ----D---- C:\windows\system32\drivers

2013-10-31 14:29:29 ----SD---- C:\ProgramData\Microsoft

2013-10-31 14:29:17 ----RD---- C:\Program Files

2013-10-31 14:29:00 ----SD---- C:\Users\Pol\AppData\Roaming\Microsoft

2013-10-30 10:33:13 ----D---- C:\Program Files\Nokia

2013-10-30 10:33:13 ----D---- C:\Program Files\Common Files\Nokia

2013-10-30 08:27:51 ----D---- C:\windows\System32

2013-10-30 08:18:05 ----D---- C:\windows\Prefetch

2013-10-29 23:13:35 ----A---- C:\windows\system32\PerfStringBackup.INI

2013-10-27 16:51:50 ----D---- C:\Program Files\Hewlett-Packard

2013-10-27 16:51:47 ----D---- C:\ProgramData\Hewlett-Packard

2013-10-27 16:51:41 ----D---- C:\windows\Help

2013-10-27 16:51:38 ----D---- C:\windows\winsxs

2013-10-27 16:48:34 ----RSD---- C:\windows\assembly

2013-10-26 17:34:24 ----D---- C:\Users\Pol\AppData\Roaming\Apple Computer

2013-10-24 10:21:14 ----D---- C:\Program Files\Common Files

2013-10-24 10:20:12 ----D---- C:\Program Files\Java

2013-10-23 13:40:54 ----D---- C:\Program Files\Common Files\Isabel CSP

2013-10-23 13:40:53 ----D---- C:\Program Files\Common Files\Isabel

2013-10-23 13:40:52 ----D---- C:\ProgramData\Isabel Services

2013-10-19 16:22:40 ----D---- C:\Program Files\Common Files\Apple

2013-10-10 13:45:03 ----D---- C:\windows\rescache

2013-10-10 10:37:50 ----D---- C:\windows\Microsoft.NET

2013-10-10 09:44:15 ----D---- C:\windows\system32\nl-NL

2013-10-10 09:44:15 ----D---- C:\Program Files\Internet Explorer

2013-10-10 09:44:11 ----D---- C:\windows\system32\DriverStore

2013-10-10 09:39:32 ----D---- C:\ProgramData\Microsoft Help

2013-10-10 09:35:15 ----D---- C:\windows\system32\MRT

2013-10-10 09:19:30 ----A---- C:\windows\system32\MRT.exe

2013-10-09 14:24:32 ----A---- C:\windows\system32\FlashPlayerApp.exe

2013-10-09 11:44:44 ----D---- C:\Temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-01-08 331288]

R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]

R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]

R0 RapportKELL;RapportKELL; C:\windows\System32\Drivers\RapportKELL.sys [2013-10-01 108816]

R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R0 SymDS;Symantec Data Store; C:\windows\system32\drivers\N360\1404000.028\SYMDS.SYS [2013-05-21 367704]

R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\N360\1404000.028\SYMEFA.SYS [2013-05-23 934488]

R0 symsnap;Symantec Volume Snap Shot Driver; C:\windows\system32\DRIVERS\symsnap.sys [2010-02-11 138592]

R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20131002.001\BHDrvx86.sys [2013-10-02 1097304]

R1 ccSet_N360;Norton 360 Settings Manager; C:\windows\system32\drivers\N360\1404000.028\ccSetx86.sys [2013-04-16 134744]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2013-08-27 376920]

R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20131101.001\IDSvix86.sys [2013-10-28 393816]

R1 RapportCerberus_59849;RapportCerberus_59849; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [2013-10-23 340432]

R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2013-10-01 157264]

R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2013-10-01 230448]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\windows\system32\drivers\N360\1404000.028\SRTSPX.SYS [2013-03-05 32344]

R1 SymIRON;Symantec Iron Driver; C:\windows\system32\drivers\N360\1404000.028\Ironx86.SYS [2013-03-05 175264]

R1 SymNetS;Symantec Network Security WFP Driver; C:\windows\System32\Drivers\N360\1404000.028\SYMNETS.SYS [2013-04-25 339544]

R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]

R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]

R2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [2011-09-14 71664]

R3 Afc;PPdus ASPI Shell; C:\windows\system32\drivers\Afc.sys [2006-11-10 18688]

R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-11-02 1163328]

R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]

R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]

R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]

R3 btwaudio;Bluetooth-audioapparaat; C:\windows\system32\drivers\btwaudio.sys [2010-01-07 86056]

R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2010-01-07 108072]

R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]

R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-07 18472]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-08-27 108120]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 GenericMount;Generic Mount Driver; C:\windows\system32\DRIVERS\GenericMount.sys [2010-02-12 57840]

R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-07-16 15872]

R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-01-25 6282240]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2009-07-09 122880]

R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2013-04-04 22856]

R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20131104.024\NAVENG.SYS [2013-08-29 93272]

R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20131104.024\NAVEX15.SYS [2013-08-29 1612376]

R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]

R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\windows\system32\DRIVERS\rtl8192se.sys [2010-01-20 996896]

R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2010-04-27 1763968]

R3 SRTSP;Symantec Real Time Storage Protection; C:\windows\System32\Drivers\N360\1404000.028\SRTSP.SYS [2013-05-16 603224]

R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10305; C:\windows\system32\DRIVERS\stwrt.sys [2011-11-12 431616]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]

R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT.SYS [2013-06-19 142496]

R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-01-22 234800]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]

S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]

S3 ACSSCR;ACR38 Smart Card Reader; C:\windows\system32\DRIVERS\a38usbxp.sys [2004-04-30 24832]

S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]

S3 FsUsbExDisk;FsUsbExDisk; \??\C:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]

S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]

S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]

S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]

S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]

S3 usb_rndisx;USB RNDIS-adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\windows\system32\drivers\usbscan.sys [2013-07-03 36352]

S3 usbser;USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]

S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]

S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

S3 VProEventMonitor;Symantec Event Monitor Driver; C:\windows\system32\DRIVERS\vproeventmonitor.sys [2009-09-21 15096]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]

R2 AdminService10.2B;AdminService for OpenEdge 10.2B; C:\Program Files\OpenEdge\bin\AdmSrvc.exe [2009-12-14 28672]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2011-11-12 81920]

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-11-02 14336]

R2 APNMCP;Ask-updateservice; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-10-16 166352]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 595232]

R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-09-14 83240]

R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-10-12 75048]

R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-10-12 292136]

R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Pol\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-07-11 107520]

R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-01-28 265272]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2010-01-08 354840]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 22208]

R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [2013-05-21 144368]

R2 Norton Ghost;Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [2010-03-03 4590432]

R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]

R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]

R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]

R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-10-01 1444120]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]

R2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files\Fighters\SPAMfighter\sfus.exe [2013-02-28 216608]

R2 STacSV;@%SystemRoot%\system32\stlang.dll,-10101; C:\Program Files\IDT\WDM\STacSV.exe [2011-11-12 254034]

R2 Suite Service;Suite Service; C:\Program Files\Fighters\FighterSuiteService.exe [2012-11-12 1270376]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 553288]

R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 295376]

R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]

R3 SymSnapService;SymSnapService; C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe [2010-02-11 1964528]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-19 136176]

S2 NOBU;Norton Online Backup; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe service []

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 GenericMount Helper Service;GenericMount Helper Service; C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [2010-02-12 1574408]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-19 136176]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-04 194032]

S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]

S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]

S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe [2008-02-01 394704]

S3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider; C:\windows\system32\dllhost.exe [2009-07-14 7168]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-09-14 1343400]

S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
startupall; 
 {4F524A2D-5637-006A-76A7-7A786E7484D7};c
 C:\Program Files\AskPartnerNetwork;fs
 {7825CFB6-490A-436B-9F26-4A7B5CFC01A9};c
 {7F6AFBF1-E065-4627-A2FD-810366367D01};c
 C:\Users\Pol\AppData\Roaming\DefaultTab;fs
 ApnTBMon;s
 APNMCP;s
 C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\extensions\[email="addon@defaulttab.com"]addon@defaulttab.com[/email];f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}];r
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
 ""=-;r
 "ApnTBMon"=-;r
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
 ""=-;r
 C:\Program Files\GUMD027.tmp;f
 C:\Program Files\GUTD739.tmp;f
 DefaultTabUpdate;s
  filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Firefox Defaults
  • Reset Chrome
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.5 Updated 05-November-2013

Tool run by Pol on wo 06/11/2013 at 11:01:48,37.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Pol\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

6/11/2013 11:06:40 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\EGB3 deleted successfully

C:\Program Files\MSXML 4.0 deleted successfully

C:\Program Files\NCH Software deleted successfully

C:\Program Files\OApps deleted successfully

C:\ProgramData\NCH Software deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\ProgramData\WinZip deleted successfully

C:\ProgramData\ZoomBrowser deleted successfully

C:\Users\Pol\AppData\Roaming\Samsung deleted successfully

C:\Users\Pol\AppData\Local\PDFC deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{4F524A2D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5637-006A-76A7-7A786E7484D7} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabUpdate deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_20130504_1728_.backup

prefs_20130611_1123_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

"ApnTBMon"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

==== Deleting Files \ Folders ======================

C:\Users\Pol\AppData\Roaming\DefaultTab deleted

C:\windows\system32\appdata deleted

C:\Program Files\GUTD739.tmp deleted

C:\Program Files\GUMD027.tmp deleted

C:\Program Files\MyPC Backup deleted

C:\Users\Pol\AppData\Roaming\pdfforge deleted

C:\ProgramData\AskPartnerNetwork deleted

C:\ProgramData\APN deleted

C:\ProgramData\iMesh deleted

C:\ProgramData\Tarma Installer deleted

C:\Users\Pol\AppData\Local\iMesh deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh deleted

C:\Users\Pol\Downloads\rcpsetup_softonic_soft_util_728_90_pdtop.exe deleted

C:\Users\Pol\AppData\LocalLow\IAC deleted

C:\Users\Pol\AppData\LocalLow\wincoreimband deleted

C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} deleted

C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\extensions\addon@defaulttab.com deleted

"C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\Program Files\AskPartnerNetwork" deleted

"C:\Program Files\AskPartnerNetwork" deleted

"C:\Program Files\AskPartnerNetwork\Toolbar" deleted

"C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted

"C:\Program Files\AskPartnerNetwork\Toolbar" deleted

"C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====

2013-10-31 13:30:34 E185BDA84E5F03F4E1D8DCA30E209277 1912 ----a-w- C:\windows\epplauncher.mif

====== C:\Users\Pol\AppData\Local\Temp ====

2013-10-28 07:54:28 BCB0728F4B117855765CE8FE883B5E9B 1536 -c--a-w- C:\Users\Pol\AppData\Local\Temp\NOSEventMessages.dll

2013-10-27 15:45:43 4541335F712FBB52BA6A9FB593F77E76 74808 -c--a-w- C:\Users\Pol\AppData\Local\Temp\HPHelpUpdater.exe

2013-10-27 15:45:40 7A79D02EDC9EB290F5BBD681D276A5E0 31616 -c--a-w- C:\Users\Pol\AppData\Local\Temp\Resource.exe

2013-10-27 15:45:39 239CB72E0605A43BF856BCD49712D1FA 114080 -c--a-w- C:\Users\Pol\AppData\Local\Temp\UninstallHPSA.exe

====== Java Cache =====

====== C:\windows\system32 =====

2013-10-24 09:20:59 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\windows\System32\javaws.exe

2013-10-24 09:20:12 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\windows\System32\javaw.exe

2013-10-24 09:20:12 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\windows\System32\WindowsAccessBridge.dll

2013-10-24 09:20:12 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\windows\System32\java.exe

====== C:\windows\system32\drivers =====

2013-10-09 08:13:22 FC6B21DB4B5B398AB93DBE59CBF11036 36352 ----a-w- C:\windows\System32\drivers\usbscan.sys

2013-10-09 08:13:22 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\windows\System32\drivers\hidparse.sys

2013-10-09 08:13:22 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\windows\System32\drivers\hidclass.sys

2013-10-09 08:13:21 C4FB8E7ADEA9B5CEEA885A1B504B7E40 43008 ----a-w- C:\windows\System32\drivers\usbehci.sys

2013-10-09 08:13:21 71D97F1A3CC47A56728F7A400A3F8295 76288 ----a-w- C:\windows\System32\drivers\usbccgp.sys

2013-10-09 08:13:20 FDA6F2BB7FA034D95863ED8788B4E416 284672 ----a-w- C:\windows\System32\drivers\usbport.sys

2013-10-09 08:13:20 DCDF9855145A14DFCA0AB32308871961 20480 ----a-w- C:\windows\System32\drivers\usbohci.sys

2013-10-09 08:13:20 CA59F7C570AF70BC174F477CFE2D9EE3 1294272 ----a-w- C:\windows\System32\drivers\tcpip.sys

2013-10-09 08:13:20 8E51D04175BAA14C4F79AA5F6D248770 24064 ----a-w- C:\windows\System32\drivers\usbuhci.sys

2013-10-09 08:13:20 86AA95ACB611001E26CD2C0145F2225A 258560 ----a-w- C:\windows\System32\drivers\usbhub.sys

2013-10-09 08:13:20 6FB17D7A2E76B838886E5E8C60239DAE 6016 ----a-w- C:\windows\System32\drivers\usbd.sys

2013-10-09 08:13:19 F81BB7E487EDCEAB630A7EE66CF23913 338944 ----a-w- C:\windows\System32\drivers\afd.sys

2013-10-09 08:13:17 007C0C8D5B01D82ACEB70431D15083F6 28160 ----a-w- C:\windows\System32\drivers\usbser.sys

2013-10-09 08:13:16 71BC35067CABC02C9453AEAA42B2E43E 729024 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys

2013-10-09 08:12:56 21F4B24ACFC79A483515BD986DD9043F 115712 ----a-w- C:\windows\System32\drivers\mrxdav.sys

2013-10-09 08:12:54 DE014425522610BEDCA3821BB8C0F1D5 146816 ----a-w- C:\windows\System32\drivers\usbvideo.sys

2013-10-09 08:12:54 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\windows\System32\drivers\usbcir.sys

2013-10-09 08:12:30 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\windows\System32\drivers\Wdf01000.sys

====== C:\windows\Tasks ======

====== C:\windows\Temp ======

======= C:\Program Files =====

2013-10-24 09:21:14 -------- d-----w- C:\Program Files\Common Files\Java

2013-10-23 12:42:42 -------- d-----w- C:\Program Files\Trusteer

2013-10-19 15:20:58 -------- d-----w- C:\Program Files\QuickTime

======= C: =====

2013-11-01 18:43:25 203E29FD6C2BE3DBAADB2DDE871D2119 3376 -c--a-w- C:\{CF7A762E-A43E-4647-BA73-9956B29163A4}

2013-11-01 18:41:21 6920098DA443400B2BC3B34C8385179A 3056 -c--a-w- C:\{23941CD2-0804-42EF-B864-CEEAB1517AEB}

2013-11-01 18:38:13 4D143EDFF88BE96830B02D779C54B0F0 3416 -c--a-w- C:\{B4A84A17-FDF2-4E85-9FD5-5BF074B9A515}

2013-11-01 18:35:35 BBA749B6D22F728F72A84A0A26B9B10B 3096 -c--a-w- C:\{6041F6B2-C315-464A-8217-1D81E4BAC1E6}

2013-11-01 18:33:32 C3C0DED33DBE48DC9594461B0FE67140 3392 -c--a-w- C:\{865F15EA-BE9C-479D-8917-65B1F4568C0B}

2013-11-01 18:31:38 6AC9DDF09CA3E3AE10F76442D952F588 3080 -c--a-w- C:\{B2132BB9-E5C0-4D7E-AE39-59734E7BDD2F}

====== C:\Users\Pol\AppData\Roaming ======

2013-10-24 08:11:12 -------- d-----w- C:\windows\system32\config\systemprofile\AppData\Local\Trusteer

2013-10-23 12:42:55 -------- d-----w- C:\Users\Pol\AppData\Local\Trusteer

2013-10-19 15:24:33 -------- d-----w- C:\Users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-apparaten

2013-10-19 15:20:37 -------- d-----w- C:\Users\Pol\AppData\Locallow\Apple Computer

====== C:\Users\Pol ======

2013-11-05 16:31:10 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Pol\Desktop\RSIT.exe

2013-10-30 09:34:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia

2013-10-24 09:20:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2013-10-23 12:42:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging

2013-10-23 12:41:37 -------- d-----w- C:\ProgramData\Trusteer

2013-10-19 15:22:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

2013-10-19 15:21:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

====== C: exe-files ==

=== C: other files ==

2013-11-06 09:57:46 D7E766208F61E4A84E81EB10F431F2EA 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-3740741272-41367026-2587978378-1001\$IOUFX9Q.zip

2013-11-06 09:16:38 88F31293B1362217F718D7786E90A6A7 2521086 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3740741272-41367026-2587978378-1001\$ROUFX9Q.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"SkyDrive"="C:\Users\Pol\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

"HP Deskjet 3050A J611 series (NET)"="C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe -deviceID CN34K1CK6P05WK:NW -scfn HP Deskjet 3050A J611 series (NET) -AutoStart 1"

"NokiaSuite.exe"="C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QLBController"="C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start"

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

"IgfxTray"="C:\windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\windows\system32\hkcmd.exe"

"Persistence"="C:\windows\system32\igfxpers.exe"

"SignIn"="C:\Program Files\Microsoft Online Services\Sign In\SignIn.exe /autorun"

"sfagent"="C:\Program Files\Fighters\SPAMfighter\sfagent.exe"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"CommonToolkitTray"="C:\Program Files\Fighters\Tray\FightersTray.exe"

"IsaKbcCertUpdate"="C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe"

"Norton Ghost 15.0"="C:\Program Files\Norton Ghost\Agent\VProTray.exe"

"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"SkyDrive"="C:\Users\Pol\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

"HP Deskjet 3050A J611 series (NET)"="C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe -deviceID CN34K1CK6P05WK:NW -scfn HP Deskjet 3050A J611 series (NET) -AutoStart 1"

"NokiaSuite.exe"="C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnTBMon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ApnTBMon"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\AskPartnerNetwork\\Toolbar\\Updater\\TBNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ArcSoft Connection Service"

"hkey"="HKLM"

"command"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beid]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="beid"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Belgium Identity Card\\beid35gui.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPAdvisorDock]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HPAdvisorDock"

"hkey"="HKCU"

"command"="C:\\Program Files\\Hewlett-Packard\\HP Advisor\\Dock\\HPAdvisorDock.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LightScribe Control Panel"

"hkey"="HKCU"

"command"="C:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyTomTomSA.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MyTomTomSA.exe"

"hkey"="HKCU"

"command"="C:\\Program Files\\MyTomTom 3\\MyTomTomSA.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl11]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RemoteControl11"

"hkey"="HKLM"

"command"="C:\\Program Files\\CyberLink\\PowerDVD11\\PDVD11Serv.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Skype\\\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spotify"

"hkey"="HKCU"

"command"="\"C:\\Users\\Pol\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SynTPEnh"

"hkey"="HKLM"

"command"="%ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SysTrayApp]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SysTrayApp"

"hkey"="HKLM"

"command"="C:\\Program Files\\IDT\\WDM\\sttray.exe"

==== Startup Folders ======================

2010-09-14 12:02:00 1048 ----a-w- C:\Users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2013-07-27 11:16:32 1960 ----a-w- C:\Users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3050A J611 series (netwerk).lnk

2010-09-13 16:43:30 848 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 14:24]

C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19/06/2011 11:54]

C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19/06/2011 11:54]

C:\windows\tasks\HPCeeScheduleForPol.job --a------ C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [05/01/2010 11:53]

==== Other Scheduled Tasks ======================

"C:\windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe]

"C:\windows\system32\tasks\4480" [wscript.exe C:\Users\Pol\AppData\Local\Temp\launchie.vbs //B]

"C:\windows\system32\tasks\Adobe Flash Player Updater" [C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\windows\system32\tasks\HPCeeScheduleForPol" [C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\windows\system32\tasks\HPCustParticipation HP Deskjet 3050A J611 series" ["C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe"]

"C:\windows\system32\tasks\Norton WSC Integration" ["C:\Program Files\Norton 360\Engine\20.4.0.40\WSCStub.exe"]

"C:\windows\system32\tasks\User_Feed_Synchronization-{95F51530-CDF6-47EE-95D7-EB8D604D46FD}" [C:\windows\system32\msfeedssync.exe]

"C:\windows\system32\tasks\{8BB8C829-EFE3-420C-9084-230D325EED7C}" [C:\Program Files\Microsoft Office\Office12\WINWORD.EXE]

"C:\windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

"C:\windows\system32\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files\Norton 360\Engine\20.4.0.40\SymErr.exe]

"C:\windows\system32\tasks\Norton 360\Norton Error Processor" [C:\Program Files\Norton 360\Engine\20.4.0.40\SymErr.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\IPSFF" [09/10/2013 17:37]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default

22E022C1B47866F29ACE50693AB656B0 - C:\Program Files\Mozilla Firefox\plugins\npnul32.dll - Mozilla Default Plug-in

9A6101F29E2E9D41B99CBCC8F106E8FE - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL - 2007 Microsoft Office system

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx[12/09/2013 16:26]

Docs - Pol - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Pol - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Pol - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Pol - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Norton Identity Protection - Pol - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Gmail - Pol - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Google"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{34E06CAD-35C0-4201-9B09-1529B6FAD270} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Reset Google Chrome ======================

C:\Users\Pol\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Pol\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{34E06CAD-35C0-4201-9B09-1529B6FAD270} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully

HKEY_CURRENT_USER\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Pol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Pol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Pol\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Pol\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied

C:\Users\Pol\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 06/11/2013 at 12:14:02,71 ======================

Link naar reactie
Delen op andere sites

Prima ... er zaten een aantal besmettingen op de PC (verwijderd o.a. door zoek.exe). Best kan je nu ook nog eerst de gebruikte tools verwijderen (dan ben je die ook kwijt tijdens je beoordeling).

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.