Ga naar inhoud

HJT logje

dikken
 Delen

Aanbevolen berichten

dikken Ervaren

dikken

Geplaatst:
Geplaatst:

beste,

gelieve eens mijn HJT logje te controleren. had nationzoom malwarestaan en met mbam kunnen verwijderen. Graag eens bekijken voor eventuele restanten.

mvg, bart lambert

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:02:20, on 28/12/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe

C:\Program Files\Launch Manager\OSD.exe

C:\Program Files\Launch Manager\WButton.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\bart\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files\Google\Drive\googledrivesync.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Users\bart\AppData\Roaming\BitTorrent\BitTorrent.exe

C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\OnecomCloudDrive\Dlls\OnecomCloudDrive.exe

C:\Program Files\Google\Drive\googledrivesync.exe

C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE

C:\Program Files\Evernote\Evernote\Evernote.exe

C:\Program Files\Evernote\Evernote\EvernoteTray.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe

C:\Users\bart\Downloads\RSIT.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\trend micro\bart.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1388263144&from=ild&uid=WDCXWD5000BEVT-00A0RT0_WD-WX60AC9E4483E4483&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1388263144&from=ild&uid=WDCXWD5000BEVT-00A0RT0_WD-WX60AC9E4483E4483&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3

O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe"

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [skyDrive] "C:\Users\bart\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart

O4 - HKCU\..\Run: [One.com] C:\Program Files\OnecomCloudDrive\Dlls\AppLauncher.exe

O4 - HKCU\..\Run: [bitTorrent] "C:\Users\bart\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\bart\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid a885c6cc3f0a47d3ad5ad15cc5d9e3a4-29979046cb3151efe72d8036b9668a7a291e0278 --CMPID 0913b

O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\bart\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3039444746-860539606-3949323410-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-3039444746-860539606-3949323410-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

O4 - Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

O8 - Extra context menu item: Afbeelding knippen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Kopieer selectie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3

O8 - Extra context menu item: Kopieer URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

O8 - Extra context menu item: Nieuwe notitie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html

O8 - Extra context menu item: Pagina opemen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html

O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL

O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\Windows\system32\nvinit.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe

O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--

End of file - 15857 bytes

Link naar reactie
Delen op andere sites
kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Klik met de rechter muisknop op de icoon van Hijackthis en kies dan voor “Run as administrator" of "Uitvoeren als administrator".

Selecteer “Do a system scan only”.

Vink alleen de items aan die hieronder zijn genoemd:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1388263144&from=ild&uid=WDCXWD5000BEVT-00A0RT0_WD-WX60AC9E4483E4483&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1388263144&from=ild&uid=WDCXWD5000BEVT-00A0RT0_WD-WX60AC9E4483E4483&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

Klik op 'Fix checked' om de items te verwijderen.

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites
dikken Ervaren

dikken

Geplaatst:
  • Auteur
Geplaatst:

ok,

hier het tweede log van RSIT.

zoals ik kan uitmaken is die nationzoom hardnekkiger dan ik dacht. een aantal van de R0 en R1 vermeldingen van de vorige log heb ik na de scan niet zien staan maar nu weer wel.

Logfile of random's system information tool 1.09 (written by random/random)

Run by bart at 2013-12-29 11:54:30

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 259 GB (60%) free of 435 GB

Total RAM: 3255 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:02:20, on 28/12/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe

C:\Program Files\Launch Manager\OSD.exe

C:\Program Files\Launch Manager\WButton.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\bart\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files\Google\Drive\googledrivesync.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Users\bart\AppData\Roaming\BitTorrent\BitTorrent.exe

C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\OnecomCloudDrive\Dlls\OnecomCloudDrive.exe

C:\Program Files\Google\Drive\googledrivesync.exe

C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE

C:\Program Files\Evernote\Evernote\Evernote.exe

C:\Program Files\Evernote\Evernote\EvernoteTray.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe

C:\Users\bart\Downloads\RSIT.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\trend micro\bart.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1388263144&from=ild&uid=WDCXWD5000BEVT-00A0RT0_WD-WX60AC9E4483E4483&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1388263144&from=ild&uid=WDCXWD5000BEVT-00A0RT0_WD-WX60AC9E4483E4483&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3

O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe"

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [skyDrive] "C:\Users\bart\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart

O4 - HKCU\..\Run: [One.com] C:\Program Files\OnecomCloudDrive\Dlls\AppLauncher.exe

O4 - HKCU\..\Run: [bitTorrent] "C:\Users\bart\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\bart\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid a885c6cc3f0a47d3ad5ad15cc5d9e3a4-29979046cb3151efe72d8036b9668a7a291e0278 --CMPID 0913b

O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\bart\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3039444746-860539606-3949323410-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-3039444746-860539606-3949323410-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

O4 - Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

O8 - Extra context menu item: Afbeelding knippen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Kopieer selectie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3

O8 - Extra context menu item: Kopieer URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

O8 - Extra context menu item: Nieuwe notitie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html

O8 - Extra context menu item: Pagina opemen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html

O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL

O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\Windows\system32\nvinit.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe

O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--

End of file - 15857 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]

Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-10-17 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-23 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]

Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2013-12-18 583520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2013-09-13 705240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2013-11-02 1727176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-23 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-01-05 8419872]

"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2010-01-05 678432]

"LMgrVolOSD"=C:\Program Files\Launch Manager\OSD.exe [2009-12-11 348960]

"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2010-01-13 413696]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1594664]

"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2009-04-28 50472]

"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-11-07 4956176]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-10 142616]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-10 177432]

"Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-10 177944]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392]

"mobilegeni daemon"=C:\Program Files\Mobogenie\DaemonProcess.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

"SkyDrive"=C:\Users\bart\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2013-08-14 257136]

"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2013-12-06 20203904]

"One.com"=C:\Program Files\OnecomCloudDrive\Dlls\AppLauncher.exe [2013-06-11 23464]

"BitTorrent"=C:\Users\bart\AppData\Roaming\BitTorrent\BitTorrent.exe [2013-11-24 895328]

"AVG-Secure-Search-Update_0913b"=C:\Users\bart\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid a885c6cc3f0a47d3ad5ad15cc5d9e3a4-29979046cb3151efe72d8036b9668a7a291e0278 --CMPID 0913b []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

C:\Users\bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

EvernoteClipper.lnk - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

Send to OneNote.lnk - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\Windows\system32\nvinit.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2012-01-10 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"msacm.siren"=sirenacm.dll

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux2"=wdmaud.drv

"wave2"=wdmaud.drv

"mixer2"=wdmaud.drv

"midi2"=wdmaud.drv

"wave4"=wdmaud.drv

"mixer4"=wdmaud.drv

"midi4"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"aux3"=wdmaud.drv

"wave6"=wdmaud.drv

"mixer6"=wdmaud.drv

"midi6"=wdmaud.drv

"wave7"=wdmaud.drv

"mixer7"=wdmaud.drv

"midi7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2013-12-28 22:02:09 ----D---- C:\Program Files\trend micro

2013-12-28 22:02:08 ----D---- C:\rsit

2013-12-28 21:51:13 ----D---- C:\Users\bart\AppData\Roaming\Malwarebytes

2013-12-28 21:51:06 ----D---- C:\ProgramData\Malwarebytes

2013-12-28 21:51:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2013-12-28 21:51:05 ----A---- C:\Windows\system32\drivers\mbam.sys

2013-12-28 21:40:05 ----D---- C:\ProgramData\WPM

2013-12-20 11:47:51 ----D---- C:\Users\bart\AppData\Roaming\skychart

2013-12-20 11:47:27 ----D---- C:\Program Files\Ciel

2013-12-20 11:46:21 ----D---- C:\Program Files\Celestia

2013-12-20 11:45:43 ----D---- C:\Program Files\Stellarium

2013-12-19 04:27:28 ----D---- C:\Program Files\Mozilla Thunderbird

2013-12-17 21:58:03 ----A---- C:\Windows\system32\jsproxy.dll

2013-12-17 21:58:03 ----A---- C:\Windows\system32\ie4uinit.exe

2013-12-17 21:58:02 ----A---- C:\Windows\system32\ieui.dll

2013-12-17 21:58:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2013-12-17 21:58:02 ----A---- C:\Windows\system32\ieapfltr.dll

2013-12-17 21:58:01 ----A---- C:\Windows\system32\jscript9diag.dll

2013-12-17 21:58:01 ----A---- C:\Windows\system32\ieUnatt.exe

2013-12-17 21:58:01 ----A---- C:\Windows\system32\iesetup.dll

2013-12-17 21:58:01 ----A---- C:\Windows\system32\iernonce.dll

2013-12-17 21:58:01 ----A---- C:\Windows\system32\ieetwproxystub.dll

2013-12-17 21:58:01 ----A---- C:\Windows\system32\ieetwcollector.exe

2013-12-17 21:58:00 ----A---- C:\Windows\system32\wininet.dll

2013-12-17 21:57:59 ----A---- C:\Windows\system32\urlmon.dll

2013-12-17 21:57:59 ----A---- C:\Windows\system32\iertutil.dll

2013-12-17 21:57:58 ----A---- C:\Windows\system32\ieframe.dll

2013-12-17 21:57:57 ----A---- C:\Windows\system32\mshtml.dll

2013-12-17 21:57:57 ----A---- C:\Windows\system32\jscript9.dll

2013-12-17 21:46:45 ----A---- C:\Windows\system32\wmp.dll

2013-12-17 21:46:44 ----A---- C:\Windows\system32\wmploc.DLL

2013-12-17 19:00:31 ----A---- C:\Windows\system32\msieftp.dll

2013-12-17 19:00:30 ----A---- C:\Windows\system32\wscript.exe

2013-12-17 19:00:30 ----A---- C:\Windows\system32\scrrun.dll

2013-12-17 19:00:30 ----A---- C:\Windows\system32\imagehlp.dll

2013-12-17 19:00:30 ----A---- C:\Windows\system32\cscript.exe

2013-12-17 19:00:29 ----A---- C:\Windows\system32\WMPhoto.dll

2013-12-17 19:00:28 ----A---- C:\Windows\system32\tzres.dll

2013-12-17 19:00:25 ----A---- C:\Windows\system32\win32k.sys

2013-12-17 19:00:23 ----A---- C:\Windows\system32\drivers\portcls.sys

2013-12-17 19:00:23 ----A---- C:\Windows\system32\drivers\drmk.sys

2013-12-09 01:17:22 ----D---- C:\wamp

2013-12-06 13:46:22 ----D---- C:\Program Files\Sena Technologies

2013-12-05 18:46:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2013-12-05 18:46:08 ----A---- C:\Windows\system32\jsIntl.dll

2013-12-05 18:46:08 ----A---- C:\Windows\system32\elshyph.dll

2013-12-05 18:46:07 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-12-05 18:46:07 ----A---- C:\Windows\system32\msrating.dll

2013-12-05 18:46:07 ----A---- C:\Windows\system32\msls31.dll

2013-12-05 18:46:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-12-05 18:46:06 ----A---- C:\Windows\system32\dxtrans.dll

2013-12-05 18:46:06 ----A---- C:\Windows\system32\dxtmsft.dll

2013-12-05 18:46:05 ----A---- C:\Windows\system32\webcheck.dll

2013-12-05 18:46:05 ----A---- C:\Windows\system32\url.dll

2013-12-05 18:46:05 ----A---- C:\Windows\system32\mshtmlmedia.dll

2013-12-05 18:46:05 ----A---- C:\Windows\system32\licmgr10.dll

2013-12-05 18:46:05 ----A---- C:\Windows\system32\inseng.dll

2013-12-05 18:46:05 ----A---- C:\Windows\system32\iedkcs32.dll

2013-12-05 18:46:05 ----A---- C:\Windows\system32\ieapfltr.dat

2013-12-05 18:46:05 ----A---- C:\Windows\system32\icardie.dll

2013-12-05 18:46:04 ----A---- C:\Windows\system32\wextract.exe

2013-12-05 18:46:04 ----A---- C:\Windows\system32\vbscript.dll

2013-12-05 18:46:04 ----A---- C:\Windows\system32\pngfilt.dll

2013-12-05 18:46:04 ----A---- C:\Windows\system32\occache.dll

2013-12-05 18:46:04 ----A---- C:\Windows\system32\mshtmled.dll

2013-12-05 18:46:04 ----A---- C:\Windows\system32\MshtmlDac.dll

2013-12-05 18:46:04 ----A---- C:\Windows\system32\mshta.exe

2013-12-05 18:46:04 ----A---- C:\Windows\system32\msfeeds.dll

2013-12-05 18:46:04 ----A---- C:\Windows\system32\jscript.dll

2013-12-05 18:46:04 ----A---- C:\Windows\system32\imgutil.dll

2013-12-05 18:46:04 ----A---- C:\Windows\system32\iexpress.exe

2013-12-05 18:46:03 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2013-12-05 18:46:03 ----A---- C:\Windows\system32\mshtmler.dll

2013-12-05 18:46:03 ----A---- C:\Windows\system32\msfeedssync.exe

2013-12-05 18:46:03 ----A---- C:\Windows\system32\msfeedsbs.dll

2013-12-05 18:46:03 ----A---- C:\Windows\system32\iesysprep.dll

2013-12-05 18:46:03 ----A---- C:\Windows\system32\iepeers.dll

2013-12-05 18:46:03 ----A---- C:\Windows\system32\IEAdvpack.dll

======List of files/folders modified in the last 1 month======

2013-12-29 11:54:27 ----D---- C:\Windows\Temp

2013-12-29 11:53:36 ----D---- C:\Users\bart\AppData\Roaming\BitTorrent

2013-12-29 11:53:22 ----D---- C:\ProgramData\MFAData

2013-12-28 22:33:00 ----D---- C:\Windows\system32\config

2013-12-28 22:19:59 ----RD---- C:\Program Files

2013-12-28 22:18:41 ----D---- C:\Users\bart\AppData\Roaming\OnecomCloudDrive

2013-12-28 22:18:36 ----D---- C:\Windows\Prefetch

2013-12-28 22:17:01 ----A---- C:\Windows\system32\log.txt

2013-12-28 22:16:56 ----D---- C:\ProgramData\NVIDIA

2013-12-28 22:16:05 ----D---- C:\Windows\Web

2013-12-28 22:16:05 ----D---- C:\Windows\system32\drivers

2013-12-28 22:14:20 ----D---- C:\ProgramData\DSearchLink

2013-12-28 21:51:06 ----HD---- C:\ProgramData

2013-12-28 21:40:44 ----D---- C:\Windows\Tasks

2013-12-28 21:40:44 ----D---- C:\Windows\system32\Tasks

2013-12-28 06:13:34 ----D---- C:\Windows\System32

2013-12-28 06:13:34 ----D---- C:\Windows\inf

2013-12-28 06:13:34 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-12-27 15:09:42 ----SHD---- C:\System Volume Information

2013-12-20 15:33:42 ----D---- C:\Windows\rescache

2013-12-20 10:50:34 ----SHD---- C:\Windows\Installer

2013-12-20 10:49:19 ----D---- C:\Windows\system32\catroot2

2013-12-20 09:50:15 ----D---- C:\Program Files\Mozilla Maintenance Service

2013-12-18 10:28:19 ----D---- C:\Windows\system32\MRT

2013-12-18 10:24:38 ----D---- C:\Windows\winsxs

2013-12-18 10:20:40 ----D---- C:\Program Files\Internet Explorer

2013-12-18 10:20:37 ----D---- C:\Windows\system32\nl-NL

2013-12-18 10:20:34 ----D---- C:\Windows\system32\DriverStore

2013-12-17 21:59:12 ----D---- C:\ProgramData\Microsoft Help

2013-12-17 21:59:03 ----RSD---- C:\Windows\assembly

2013-12-17 21:58:13 ----D---- C:\Windows\system32\catroot

2013-12-17 21:50:16 ----A---- C:\Windows\system32\MRT.exe

2013-12-17 21:46:54 ----D---- C:\Program Files\Windows Media Player

2013-12-09 01:15:33 ----D---- C:\xampp

2013-12-06 13:49:34 ----D---- C:\Program Files\DIFX

2013-12-06 10:21:59 ----D---- C:\Windows\PolicyDefinitions

2013-12-06 10:21:58 ----D---- C:\Windows\system32\migration

2013-12-06 10:21:58 ----D---- C:\Windows\system32\en-US

2013-12-05 18:48:53 ----D---- C:\Windows\Logs

2013-12-05 18:45:01 ----D---- C:\Windows

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-10-24 147768]

R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-10-31 222520]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-10-01 102712]

R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-10 27448]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-02 432664]

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-06-21 25376]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-11-03 45968]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-11-05 120600]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-11-04 209176]

R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-17 22840]

R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-10-31 176952]

R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 HECI;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-18 41088]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-01-10 10859520]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-01-05 2984352]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2009-11-27 209920]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-11-13 58368]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-04-01 1009184]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 231600]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]

S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]

S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []

S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-03-31 43680]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []

S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys []

S3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []

S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []

S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []

S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []

S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []

S3 bthav;Bluetooth AV-profiel; C:\Windows\system32\drivers\bthav.sys [2008-07-10 34816]

S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]

S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]

S3 CSRBC;%CSRBC.SvcDesc%; C:\Windows\System32\Drivers\csrbc.sys [2011-02-09 31744]

S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]

S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-20 193056]

S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]

S3 USBCCID;USB Smart Card Reader; C:\Windows\system32\DRIVERS\usbccid.sys []

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;Stuurprogramma voor VIA C7-processor; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]

R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-12-10 268824]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 640288]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]

R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-10-15 244904]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]

R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-10 2320920]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288]

R3 WisLMSvc;WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [2009-10-23 118560]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-11 116648]

S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-26 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-08 46528]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-11 116648]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 108032]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-19 119408]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 150648]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]

S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe [2013-06-23 22016]

S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe [2013-06-23 10923520]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-12 1343400]

S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]

S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]

S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites
kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
emptyclsid;
emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Deep Scan

  • Installed Programs

  • HijackThis Log

  • Running Processes
  • Uninstall List
  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.