Ga naar inhoud

Aanbevolen berichten

Geplaatst: (aangepast)

hallo, een probleem: voor verzending via Kiala dient er een document te worden afgeprint via hun website. Tot eergisteren lukte dit perfect, doch na een elektriciteitspanne lukt dit niet meer. Ik krijg een blanco internet pagina, dus totaal geen inhoud. Systeemherstel werkt (sedert aankoop van mijn pc) niet, daar kan ik geen hulp van verwachten. Alle andere printopdrachten lukken perfect, ik heb wel 1 x de melding gekregen bij het opstarten dat er iets fout was met WIA, Windows Image Aquisition, iemand een idee of oplossing wat ik hieraan kan verhelpen?

alvast bedankt,

mvg,

Alain

ps: windows 7, 64-bit en IE10

aangepast door mercury2001
Geplaatst:

DownloadMBAM(Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma teinstalleren.

Zorg ervoor dat er een vinkje geplaatst is voor UpdateMalwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op"Voltooien".

Indien een update gevonden werd, zal die gedownload engeïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer danin het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "BekijkResultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op:Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagdworden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen teherstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkitverwijderen.

Het log wordt automatisch bewaard door MBAM en kan jeterugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaaldebestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zalhet vragen om de computer opnieuw op te starten... Dus sta toe dat MBAM decomputer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht

Geplaatst:

Hallo,

alles uitgevoerd zoals gevraagd,

zie de 2 logbestanden hieronder. Echter nog steeds hetzelfde probleem, niet mogelijk om de pagina af te drukken, de pagina blijft leeg,

mvg,

Alain

Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300

www.malwarebytes.org

Databaseversie: v2014.01.24.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16750

Alain :: ALAIN-PC [administrator]

Bescherming: Ingeschakeld

24/01/2014 4:53:27

mbam-log-2014-01-24 (04-53-27).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 207639

Verstreken tijd: 2 minuut/minuten, 8 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 1

C:\Users\Alain\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.

Registersleutels gedetecteerd: 3

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Alain\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 9

C:\ProgramData\DealPlyLive (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\ProgramData\DealPlyLive\Update (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\ProgramData\DealPlyLive\Update\Log (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Alain\AppData\Roaming\Dealply (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Alain\AppData\Roaming\Dealply\UpdateProc (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Alain\AppData\Local\DealPlyLive (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Alain\AppData\Local\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Alain\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.

C:\Users\Alain\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 6

C:\ProgramData\YTD Video Downloader\ytd_installer.exe (PUP.Optional.Spigot.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Alain\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.

C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.log (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Alain\AppData\Roaming\Dealply\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Alain\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Alain\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

2014/01/24 04:53:06 +0100 ALAIN-PC Alain MESSAGE Starting protection

2014/01/24 04:53:06 +0100 ALAIN-PC Alain MESSAGE Protection started successfully

2014/01/24 04:53:06 +0100 ALAIN-PC Alain MESSAGE Starting IP protection

2014/01/24 04:53:15 +0100 ALAIN-PC Alain MESSAGE IP Protection started successfully

2014/01/24 04:53:15 +0100 ALAIN-PC Alain MESSAGE Starting database refresh

2014/01/24 04:53:15 +0100 ALAIN-PC Alain MESSAGE Stopping IP protection

2014/01/24 04:53:17 +0100 ALAIN-PC Alain MESSAGE IP Protection stopped successfully

2014/01/24 04:53:19 +0100 ALAIN-PC Alain MESSAGE Database refreshed successfully

2014/01/24 04:53:19 +0100 ALAIN-PC Alain MESSAGE Starting IP protection

2014/01/24 04:53:20 +0100 ALAIN-PC Alain MESSAGE IP Protection started successfully

2014/01/24 04:58:14 +0100 ALAIN-PC Alain MESSAGE Starting protection

2014/01/24 04:58:14 +0100 ALAIN-PC Alain MESSAGE Protection started successfully

2014/01/24 04:58:14 +0100 ALAIN-PC Alain MESSAGE Starting IP protection

2014/01/24 04:58:16 +0100 ALAIN-PC Alain MESSAGE IP Protection started successfully

Geplaatst:

Er is al flink wat verwijderd met Malwarebytes, maar we gaan toch nog even wat dieper kijken:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Geplaatst:

hierbij het log:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Alain at 2014-01-25 14:40:03

Microsoft Windows 7 Professional Service Pack 1

System drive C: has 80 GB (47%) free of 171 GB

Total RAM: 6134 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:40:05, on 25/01/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16750)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

D:\Noads\NoAds.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

D:\Cobian backup\Cobian.exe

D:\acrobat reader\Distillr\acrotray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

D:\Cobian backup\cbInterface.exe

C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe

C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

D:\acrobat reader\Acrobat\Acrobat.exe

C:\Users\Alain\AppData\Local\Temp\Adobelm_Cleanup.0001

C:\Users\Alain\AppData\Local\Temp\Adobelm_Cleanup.0001

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files\trend micro\Alain.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Fixhomepage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Fixhomepage

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Fixhomepage

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\acrobat reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - D:\Shareaza\RazaWebHook32.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\acrobat reader\Acrobat\AcroIEFavClient.dll

O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\acrobat reader\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [Cobian Backup 10] "D:\Cobian backup\Cobian.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\acrobat reader\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKCU\..\Run: [NoAds] "D:\Noads\NoAds.exe"

O4 - HKCU\..\Run: [updateMgr] D:\acrobat reader\Acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2" /build:7601 (User 'Default user')

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.eu/ips-opdata/uploadClients/fuji/jordan.cab

O16 - DPF: {53049A9A-1122-4673-B8D4-12F545AE3285} (CV781Object Object) - http://avm565a-sn.ddns.eagleeyes.tw:85/AVC_AX_764.cab

O16 - DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} (AMCCtrl Class) - http://178.118.53.209:8910/AVC_AX_742.cab

O16 - DPF: {AA09E7F8-1C11-4B65-9D61-EB6CB0F1E86C} (CV781Object Object) - http://sieuthivienthong.dyndns.org:8081/AVC_AX_35X.cab

O16 - DPF: {B513310D-152C-4521-97C4-C92860987AD2} (CameraViewer Class) - http://113.161.84.225:9006/MediaClientAxCtrl.cab

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - D:\Cobian backup\cbVSCService.exe

O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - D:\Prey\platform\windows\cronsvc.exe

O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe

O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11981 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

winlogon.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Windows\system32\nvvsvc.exe"

"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

"C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe"

C:\Windows\Explorer.EXE

"D:\Cobian backup\cbVSCService.exe"

"D:\Prey\platform\windows\cronsvc.exe"

"C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI

C:\Windows\system32\hasplms.exe -run

"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming

"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"

"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe"

"C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\diMaster.dll" /prefetch:1

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe"

"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"

KHALMNPR.EXE /API

"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

"D:\Noads\NoAds.exe"

"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe"

"C:\Program Files (x86)\AVG Secure Search\vprot.exe"

"D:\Cobian backup\Cobian.exe"

"D:\acrobat reader\Distillr\acrotray.exe"

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"

\??\C:\Windows\system32\conhost.exe "-727900884-1444913889-21634523-884365802469687718-1498616496-1603158009-1596921501

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl

"D:\Cobian backup\cbInterface.exe"

"C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe" /c /a /s UserSession

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp

\??\C:\Windows\system32\conhost.exe "189884698917560715691711029546-19650037357301250481953107462-936490874-1681395038

"C:\Program Files (x86)\Nero\Update\NASvc.exe"

"C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE"

"D:\acrobat reader\Acrobat\Acrobat.exe" /o /eo /l

"C:\Users\Alain\AppData\Local\Temp\Adobelm_Cleanup.0001" 6028 "C:\Users\Alain\AppData\Local\Temp\""Adobelm_Cleanup.0001.dir.0022"

"C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"

"C:\Users\Alain\AppData\Local\Temp\Adobelm_Cleanup.0001" 6028 "C:\Users\Alain\AppData\Local\Temp\""Adobelm_Cleanup.0001.dir.0023"

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files\Internet Explorer\iexplore.exe" Windows 7 printprobleem na elektriciteitspanne

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6564 CREDAT:267521 /prefetch:2

C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe -Embedding

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6564 CREDAT:3020109 /prefetch:2

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe21_ Global\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540

"C:\Users\Alain\Downloads\RSITx64.exe"

C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}]

Shareaza Web Download Hook - D:\Shareaza\RazaWebHook64.dll [2013-11-24 40448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]

Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31 433944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - D:\acrobat reader\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}]

Shareaza Web Download Hook - D:\Shareaza\RazaWebHook32.dll [2013-11-24 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-23 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll [2014-01-09 3349528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - D:\acrobat reader\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]

Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31 364824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-23 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll [2014-01-09 3349528]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - D:\acrobat reader\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-07-31 3091224]

"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-14 1028384]

"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]

"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"NoAds"=D:\Noads\NoAds.exe [2013-10-29 122880]

"updateMgr"=D:\acrobat reader\Acrobat\AdobeUpdateManager.exe [2006-03-30 313472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]

D:\Adobe acrobat\Acrobat\Acrotray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]

D:\Samsung\Kies\Kies.exe [2013-11-06 1564528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]

D:\Samsung\Kies\KiesTrayAgent.exe [2013-11-06 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter]

C:\Program Files (x86)\NetLimiter\NetLimiter.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]

C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ComproRemote.lnk]

C:\PROGRA~2\COMMON~1\VIDEOM~1\COMPRO~1.EXE [2011-01-26 13365248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ComproSchedulerDTV.lnk]

C:\PROGRA~2\COMMON~1\VIDEOM~1\COMPRO~2.EXE [2011-03-10 409600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Alain^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Productregistratie.lnk]

C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-01-09 2486296]

"Cobian Backup 10"=D:\Cobian backup\Cobian.exe [2010-09-23 421376]

"Acrobat Assistant 7.0"=D:\acrobat reader\Distillr\Acrotray.exe [2008-04-23 483328]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]

c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-06-13 66328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]

wlnotify.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"DisableStatusMessages"=0

"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NofolderOptions"=0

"NoDriveTypeAutoRun"=149

"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux"=wdmaud.drv

"wave"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave2"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer3"=wdmaud.drv

"vidc.CDV5"=cdv5codc.dll

"vidc.CLLC"=cllccodc.dll

"vidc.CUVC"=cuvccodc.dll

"vidc.CDVC"=cdvccodc.dll

"vidc.CDVH"=cdvhcodc.dll

"vidc.CMIC"=cmiccodc.dll

"vidc.CHQX"=chqxcodc.dll

"vidc.C210"=c210codc.dll

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"wave8"=wdmaud.drv

"midi8"=wdmaud.drv

"mixer8"=wdmaud.drv

"wave7"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

"wave9"=wdmaud.drv

"midi9"=wdmaud.drv

"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-25 14:40:03 ----D---- C:\rsit

2014-01-25 14:40:03 ----D---- C:\Program Files\trend micro

2014-01-24 11:57:36 ----A---- C:\Windows\ntbtlog.txt

2014-01-24 10:46:36 ----D---- C:\Program Files\DIFX

2014-01-24 10:45:40 ----D---- C:\Windows\SYSWOW64\siscardplugins

2014-01-24 10:45:40 ----D---- C:\Windows\SYSWOW64\beidpp

2014-01-24 10:45:40 ----D---- C:\Program Files\log

2014-01-24 10:45:40 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-01-24 10:45:39 ----D---- C:\Program Files (x86)\Belgium Identity Card

2014-01-24 10:45:29 ----D---- C:\drivers

2014-01-24 04:52:57 ----D---- C:\Users\Alain\AppData\Roaming\Malwarebytes

2014-01-24 04:52:48 ----D---- C:\ProgramData\Malwarebytes

2014-01-24 04:52:47 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-01-24 04:52:47 ----A---- C:\Windows\system32\drivers\mbam.sys

2014-01-23 21:38:42 ----A---- C:\Windows\SYSWOW64\javaws.exe

2014-01-23 21:38:34 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

2014-01-23 21:38:34 ----A---- C:\Windows\SYSWOW64\javaw.exe

2014-01-23 21:38:34 ----A---- C:\Windows\SYSWOW64\java.exe

2014-01-23 21:38:31 ----D---- C:\Program Files (x86)\Java

2014-01-22 11:48:16 ----D---- C:\Users\Alain\AppData\Roaming\ParetoLogic

2014-01-22 11:48:16 ----D---- C:\Users\Alain\AppData\Roaming\DriverCure

2014-01-22 11:48:09 ----D---- C:\ProgramData\ParetoLogic

2014-01-16 18:02:17 ----D---- C:\Program Files\Speccy

2014-01-15 10:09:56 ----HD---- C:\Windows\PIF

2014-01-15 09:41:19 ----D---- C:\Users\Alain\AppData\Roaming\AdobeUM

2014-01-15 09:37:41 ----D---- C:\ProgramData\Adobe Systems

2014-01-15 09:36:11 ----D---- C:\Windows\SYSWOW64\spool

2014-01-15 05:43:53 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2014-01-15 05:43:53 ----A---- C:\Windows\system32\drivers\usbport.sys

2014-01-15 05:43:53 ----A---- C:\Windows\system32\drivers\usbohci.sys

2014-01-15 05:43:53 ----A---- C:\Windows\system32\drivers\usbhub.sys

2014-01-15 05:43:53 ----A---- C:\Windows\system32\drivers\usbehci.sys

2014-01-15 05:43:53 ----A---- C:\Windows\system32\drivers\usbd.sys

2014-01-15 05:43:53 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2014-01-15 05:43:53 ----A---- C:\Windows\system32\drivers\netio.sys

2014-01-15 05:43:52 ----A---- C:\Windows\system32\win32k.sys

2014-01-13 09:28:03 ----SHD---- C:\Windows\ftpcache

2014-01-11 15:51:23 ----A---- C:\Users\Alain\AppData\Roaming\ALAIN-PC.MTBF.txt

2014-01-11 15:44:58 ----D---- C:\Program Files (x86)\Pinnacle

2014-01-11 15:42:22 ----D---- C:\ProgramData\Pinnacle

2014-01-09 06:25:08 ----A---- C:\Windows\SYSWOW64\noa7629.tmp

2013-12-26 22:30:23 ----D---- C:\Users\Alain\AppData\Roaming\Apple Computer

2013-12-26 08:55:22 ----D---- C:\Users\Alain\AppData\Roaming\FairStars Audio Converter Pro

======List of files/folders modified in the last 1 month======

2014-01-25 14:40:03 ----RD---- C:\Program Files

2014-01-25 14:39:56 ----D---- C:\Windows\Temp

2014-01-25 14:38:31 ----A---- C:\Windows\SYSWOW64\TempWmicBatchFile.bat

2014-01-25 13:13:15 ----D---- C:\Windows\system32\config

2014-01-25 12:34:26 ----D---- C:\Windows\System32

2014-01-25 12:34:26 ----D---- C:\Windows\inf

2014-01-25 12:34:26 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-01-25 12:14:24 ----D---- C:\ProgramData\NVIDIA

2014-01-25 12:14:17 ----SHD---- C:\System Volume Information

2014-01-25 06:30:24 ----D---- C:\Program Files (x86)\Internet Explorer

2014-01-24 12:01:52 ----SHD---- C:\Windows\Installer

2014-01-24 12:01:51 ----SHD---- C:\Config.Msi

2014-01-24 12:00:52 ----D---- C:\ProgramData\Adobe

2014-01-24 11:57:36 ----D---- C:\Windows

2014-01-24 10:46:36 ----D---- C:\Windows\winsxs

2014-01-24 10:46:36 ----D---- C:\Windows\system32\catroot

2014-01-24 10:46:35 ----D---- C:\Windows\system32\DriverStore

2014-01-24 10:45:40 ----RD---- C:\Program Files (x86)

2014-01-24 10:45:40 ----D---- C:\Windows\SysWOW64

2014-01-24 04:56:50 ----HD---- C:\ProgramData

2014-01-24 04:56:50 ----D---- C:\ProgramData\YTD Video Downloader

2014-01-24 04:52:47 ----D---- C:\Windows\system32\drivers

2014-01-23 21:38:51 ----D---- C:\ProgramData\Oracle

2014-01-23 21:38:46 ----D---- C:\Program Files (x86)\Common Files

2014-01-22 14:54:39 ----RSD---- C:\Windows\assembly

2014-01-22 14:54:39 ----D---- C:\Windows\Microsoft.NET

2014-01-22 14:54:38 ----D---- C:\Windows\system32\Tasks

2014-01-22 11:50:37 ----D---- C:\Windows\Tasks

2014-01-22 11:46:10 ----D---- C:\Windows\system32\wbem

2014-01-22 11:45:19 ----D---- C:\ProgramData\Norton

2014-01-22 11:45:18 ----D---- C:\Windows\system32\drivers\UMDF

2014-01-22 11:45:18 ----D---- C:\Windows\system32\CodeIntegrity

2014-01-22 11:45:18 ----D---- C:\Windows\system32\catroot2

2014-01-22 11:45:18 ----D---- C:\Windows\AppCompat

2014-01-22 11:45:15 ----D---- C:\Windows\registration

2014-01-22 10:54:02 ----D---- C:\Windows\system32\wfp

2014-01-19 17:39:59 ----D---- C:\Windows\system32\FxsTmp

2014-01-18 15:14:41 ----D---- C:\Windows\system32\NDF

2014-01-18 04:49:50 ----D---- C:\Users\Alain\AppData\Roaming\Adobe

2014-01-17 11:30:12 ----D---- C:\Users\Alain\AppData\Roaming\MAGIX

2014-01-15 09:36:08 ----RSD---- C:\Windows\Fonts

2014-01-15 09:28:38 ----D---- C:\ProgramData\regid.1986-12.com.adobe

2014-01-15 07:03:08 ----D---- C:\Windows\debug

2014-01-15 05:44:55 ----D---- C:\Windows\system32\MRT

2014-01-15 05:44:46 ----A---- C:\Windows\system32\MRT.exe

2014-01-13 05:38:26 ----D---- C:\Windows\SoftwareDistribution

2014-01-10 07:32:13 ----D---- C:\Windows\Minidump

2014-01-09 05:45:51 ----D---- C:\ProgramData\AVG Secure Search

2014-01-09 05:45:48 ----D---- C:\Program Files (x86)\AVG Secure Search

2014-01-08 17:39:55 ----D---- C:\Users\Alain\AppData\Roaming\FileZilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS [2013-09-10 493656]

R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS [2013-09-27 1147480]

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-10-28 46368]

R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [2013-12-18 1526488]

R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [2013-09-26 162392]

R1 cdrblock;cdrblock; C:\Windows\system32\DRIVERS\cdrblock.sys [2011-04-21 36696]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-12-12 484952]

R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140124.001\IDSvia64.sys [2014-01-21 521944]

R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [2013-09-27 858200]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [2013-09-10 36952]

R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2013-09-10 78936]

R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [2013-09-27 264280]

R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [2013-09-26 590936]

R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2013-08-09 91784]

R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2013-08-09 331328]

R3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2013-08-09 60488]

R3 akshhl;SafeNet Inc. Sentinel HL Key; C:\Windows\system32\DRIVERS\akshhl.sys [2013-08-09 63944]

R3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2013-08-09 303624]

R3 ComproHID;VideoMate Root Enumerated Hid Device; C:\Windows\system32\DRIVERS\ComproHID64.sys [2007-10-01 9088]

R3 e1yexpress;Stuurprogramma voor Intel® Gigabit-netwerkverbindingen; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-12-12 137648]

R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2013-05-23 77592]

R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2013-05-23 13080]

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-05-23 76568]

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-05-23 59160]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140124.016\ENG64.SYS [2014-01-20 126040]

R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140124.016\EX64.SYS [2014-01-20 2099288]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-10-27 196384]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-12-12 177752]

R3 VMHybrid64;VMHybrid service; C:\Windows\system32\DRIVERS\VMHybr64.sys [2011-05-06 1403648]

S3 cxbu0x64;OMNIKEY 3x21; C:\Windows\system32\DRIVERS\cxbu0x64.sys [2013-08-19 187264]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys []

S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2010-07-15 14216]

S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2010-07-15 8456]

S3 Ph3xIB64;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB64.sys [2009-06-10 1627520]

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys []

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

S3 usbser;USB Serial emulation driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

S4 aksfridge;Sentinel Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys [2013-08-09 140736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AHDDC2;Ashampoo HDD Control 2 Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2012-07-30 1518504]

R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service; D:\Cobian backup\cbVSCService.exe [2010-09-23 67584]

R2 CronService;Cron Service for Prey; D:\Prey\platform\windows\cronsvc.exe [2013-05-08 23552]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2009-12-16 3750400]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]

R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [2013-10-08 275696]

R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]

R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]

R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]

R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-01-09 1771544]

R3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2013-10-29 72704]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-23 116648]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [2009-08-24 544768]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-23 116648]

S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-06-13 357144]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-28 1255736]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.