Ga naar inhoud

logje


Aanbevolen berichten

Hallo,

Ik heb nu meerdere keren geprobeerd om een bestand door te sturen. Het gaat hier om een fotoalbum.

Zodra het bestand ingepakt is en doorgstuurd moet worden, krijg ik de volgende melding.

Windows-hostproces (rundll32) werkt niet meer en is gesloten.

Hoe kan ik dit oplossen?

alvast bedankt.

Gr. Marloes

Link naar reactie
Delen op andere sites

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 21:39:55, on 27-1-2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16526)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe

C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\spool\drivers\w32x86\3\E_FATILGE.EXE

C:\Program Files\NETGEAR\WN111v2\WN111v2.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Maarten\Maarten\HijackThis\HijackThis.exe

C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI Nederland - Startpagina

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot

O4 - HKLM\..\Run: [bullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe

O4 - HKLM\..\Run: [openvpn-gui] C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-215 217 Series"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Global Startup: Ziggo Wireless Utility.lnk = C:\Program Files\NETGEAR\WN111v2\WN111v2.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000

O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing)

O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing)

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Antiphishing\IE\BGAntiphishingIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll BgGamingMonitor.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe

O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe

O23 - Service: OpenVPN Interactive Service (OpenVPNServiceInteractive) - Unknown owner - C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe

O23 - Service: Pervasive Workgroup Engine - Unknown owner - C:\PVSW\bin\psql_svc.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--

End of file - 11073 bytes

Link naar reactie
Delen op andere sites

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)

O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)

O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing)

O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing)

O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)

O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll BgGamingMonitor.dll

O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Maarten at 2014-01-30 21:13:51

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 205 GB (35%) free of 590 GB

Total RAM: 3325 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:14:03, on 30-1-2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16526)

Boot mode: Normal

Running processes:

C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe

C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\wermgr.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\spool\drivers\w32x86\3\E_FATILGE.EXE

C:\Program Files\NETGEAR\WN111v2\WN111v2.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\mobsync.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Users\Maarten\Desktop\RSIT 32.exe

C:\Program Files\trend micro\Maarten.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI Nederland - Startpagina

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot

O4 - HKLM\..\Run: [bullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe

O4 - HKLM\..\Run: [openvpn-gui] C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-215 217 Series"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Global Startup: Ziggo Wireless Utility.lnk = C:\Program Files\NETGEAR\WN111v2\WN111v2.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Antiphishing\IE\BGAntiphishingIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe

O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe

O23 - Service: OpenVPN Interactive Service (OpenVPNServiceInteractive) - Unknown owner - C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe

O23 - Service: Pervasive Workgroup Engine - Unknown owner - C:\PVSW\bin\psql_svc.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--

End of file - 10291 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\EPSON XP-215 217 Series Invitation {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}.job

C:\Windows\tasks\EPSON XP-215 217 Series Update {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}.job

C:\Windows\tasks\Google Software Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]

HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-03-13 330160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-03-13 59824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""= []

"BullGuard"=C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [2013-10-21 857936]

"BullGuardUpdate2"=c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2013-10-16 1878352]

"openvpn-gui"=C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [2012-10-15 406112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE [2013-01-24 260160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\(default)]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]

C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [2008-07-18 104936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]

C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2013-03-28 1058880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-08 178712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]

C:\Program Files\Mobogenie\DaemonProcess.exe [2013-12-10 761024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

C:\Windows\system32\NvCpl.dll [2009-03-27 13687328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

C:\Windows\system32\NvMcTray.dll [2009-03-27 92704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor]

C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-03 6724128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Ziggo Wireless Utility.lnk - C:\Program Files\NETGEAR\WN111v2\WN111v2.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsUpdate]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"msacm.siren"=sirenacm.dll

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-01-30 21:10:57 ----D---- C:\rsit

2014-01-30 21:10:57 ----D---- C:\Program Files\trend micro

2014-01-27 21:12:51 ----D---- C:\Nieuwe map (2)

2014-01-16 16:00:39 ----D---- C:\Windows\system32\SearchProtect

2014-01-09 19:08:54 ----D---- C:\Windows\Migration

2014-01-05 10:07:41 ----D---- C:\Program Files\iPod

2014-01-05 10:07:39 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

2014-01-05 10:07:39 ----D---- C:\Program Files\iTunes

2014-01-02 21:01:23 ----D---- C:\Program Files\SearchProtect

2014-01-02 21:00:10 ----D---- C:\Users\Maarten\AppData\Roaming\uTorrent

2014-01-02 20:49:48 ----D---- C:\Users\Maarten\AppData\Roaming\newnext.me

2014-01-02 20:48:22 ----D---- C:\Program Files\Mobogenie

2014-01-02 20:47:53 ----D---- C:\Program Files\VideoLAN

======List of files/folders modified in the last 1 month======

2014-01-30 21:14:03 ----D---- C:\Windows\Temp

2014-01-30 21:13:30 ----D---- C:\ProgramData\BullGuard

2014-01-30 21:10:57 ----RD---- C:\Program Files

2014-01-30 20:09:22 ----D---- C:\Windows\System32

2014-01-29 22:37:46 ----D---- C:\Users\Maarten\AppData\Roaming\CorelHomeOffice

2014-01-29 20:58:35 ----D---- C:\Windows\prefetch

2014-01-27 10:14:30 ----SHD---- C:\Windows\Installer

2014-01-27 10:14:30 ----HD---- C:\Config.Msi

2014-01-27 10:14:23 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-01-27 10:14:20 ----D---- C:\Windows\inf

2014-01-27 10:12:29 ----SHD---- C:\System Volume Information

2014-01-26 19:45:45 ----RSD---- C:\Windows\Fonts

2014-01-26 19:45:28 ----D---- C:\ProgramData\HP

2014-01-26 19:45:03 ----HD---- C:\ProgramData

2014-01-26 19:44:46 ----D---- C:\Program Files\HP

2014-01-26 19:44:35 ----D---- C:\Windows\winsxs

2014-01-26 19:44:26 ----D---- C:\Windows

2014-01-26 19:44:25 ----D---- C:\Windows\system32\catroot

2014-01-26 19:44:00 ----D---- C:\Windows\twain_32

2014-01-16 15:56:32 ----D---- C:\Users\Maarten\AppData\Roaming\BullGuard

2014-01-15 22:27:02 ----D---- C:\ProgramData\Microsoft Help

2014-01-15 22:26:16 ----D---- C:\Windows\system32\MRT

2014-01-15 22:23:04 ----A---- C:\Windows\system32\mrt.exe

2014-01-09 22:02:01 ----D---- C:\Windows\AppPatch

2014-01-09 19:54:13 ----D---- C:\Windows\Microsoft.NET

2014-01-09 19:16:07 ----RSD---- C:\Windows\assembly

2014-01-09 19:09:12 ----D---- C:\Windows\system32\en-US

2014-01-09 19:08:54 ----SD---- C:\ProgramData\Microsoft

2014-01-05 10:07:40 ----D---- C:\Program Files\Common Files\Apple

2014-01-02 21:25:30 ----D---- C:\Windows\system32\catroot2

2014-01-02 20:50:20 ----HD---- C:\Windows\system32\GroupPolicy

2014-01-02 20:41:16 ----SD---- C:\Users\Maarten\AppData\Roaming\Microsoft

2014-01-02 15:01:07 ----D---- C:\Intramed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-10-08 306200]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]

R1 AFW;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2012-12-13 33888]

R1 BdSpy;BdSpy; C:\Windows\system32\drivers\BdSpy.sys [2013-03-27 64624]

R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2008-10-01 20384]

R1 NovaShieldFilterDriver;NovaShieldFilterDriver; C:\Windows\system32\DRIVERS\NSKernel.sys [2012-06-26 216136]

R1 NovaShieldTDIDriver;NovaShieldTDIDriver; C:\Windows\system32\DRIVERS\NSNetmon.sys [2012-06-26 20040]

R3 afwcore;afwcore; C:\Windows\system32\DRIVERS\afwcore.sys [2012-12-13 337504]

R3 DNISp50;DNISp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\DNISp50.sys [2006-11-16 20480]

R3 e1express;Stuurprogramma voor Intel® PRO/1000 PCI Express-netwerkverbinding; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-03 2320480]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-27 7738816]

R3 tap0901;Sophos SSL VPN Adapter; C:\Windows\system32\DRIVERS\tap0901.sys [2012-10-15 34576]

R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2013-02-05 343456]

R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service; C:\Windows\system32\DRIVERS\WN111v2v.sys [2009-01-13 453120]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S3 61883;61883-eenheidsapparaat; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]

S3 Avc;AVC-apparaat; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]

S3 DNIMp50;DNIMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\DNIMp50.sys [2006-11-16 21504]

S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]

S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-21 52608]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28u.sys [2007-09-21 554496]

S3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]

S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]

S3 UMPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-21 7680]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]

S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 BsBackup;BullGuard backup service; C:\Windows\System32\SvcHost.exe [2008-01-21 21504]

R2 BsBhvScan;BullGuard behavioural detection service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2013-10-16 376144]

R2 BsFileScan;BullGuard on-access service; C:\Windows\System32\SvcHost.exe [2008-01-21 21504]

R2 BsFire;BullGuard firewall service; C:\Windows\System32\SvcHost.exe [2008-01-21 21504]

R2 BsMailProxy;BullGuard e-mail monitoring service; C:\Windows\System32\SvcHost.exe [2008-01-21 21504]

R2 BsMain;BullGuard main service; C:\Windows\System32\SvcHost.exe [2008-01-21 21504]

R2 BsScanner;BullGuard scanning service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2013-10-16 211792]

R2 BsUpdate;BullGuard update service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2013-10-21 291152]

R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [2014-01-29 2301216]

R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc.exe [2012-05-17 126128]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-08 358936]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-27 207392]

R2 OpenVPNServiceInteractive;OpenVPN Interactive Service; C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [2012-10-15 57952]

R2 Pervasive Workgroup Engine;Pervasive Workgroup Engine; C:\PVSW\bin\psql_svc.exe [2007-01-12 73728]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]

R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-29 135664]

S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-26 194032]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-29 135664]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288]

S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe [2008-02-29 942080]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 OpenVPNService;OpenVPN Service; C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [2012-10-15 57952]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  CltMngSvc;s
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
 ""=-;r
 C:\Windows\system32\SearchProtect;fs
 C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1;fs
 C:\Program Files\SearchProtect;fs
 C:\Users\Maarten\AppData\Roaming\newnext.me;fs
 C:\Program Files\Mobogenie;fs
  emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

  • 2 weken later...

Zoek.exev5.0.0.0 Updated 07-February-2014

Tool run byMaarten on za 08-02-2014 at 20:58:57,70.

Microsoft®Windows Vista™ Home Premium 6.0.6002Service Pack 2 x86

Running in:Normal Mode Internet Access Detected

Launched: C:\Users\Maarten\Downloads\zoek.exe[scan all users] [script inserted] [Checkboxes used]

==== SystemRestore Info ======================

8-2-201421:01:20 Zoek.exe System Restore Point Created Succesfully.

==== EmptyFolders Check ======================

C:\ProgramFiles\MSXML 4.0 deleted successfully

C:\ProgramFiles\VideoLAN deleted successfully

C:\Users\Maarten\AppData\Roaming\PeerNetworkingdeleted successfully

C:\Users\Maarten\AppData\Roaming\SoftwareInspection Library deleted successfully

C:\Users\Maarten\AppData\Local\Conduitdeleted successfully

C:\Users\Maarten\AppData\Local\PackageAwaredeleted successfully

C:\Users\Maarten\AppData\Local\Yahoo!deleted successfully

====Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deletedsuccessfully

HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406} deletedsuccessfully

HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{A3520868-6D15-4F6C-A740-F2C732249DD5} deletedsuccessfully

HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{A5EB8529-C0BC-4986-A25A-3E0440BE73B1} deletedsuccessfully

HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deletedsuccessfully

====Deleting CLSID Registry Values ======================

====Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvcdeleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\CltMngSvcdeleted successfully

====Registry Fix Code ======================

WindowsRegistry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

====Deleting Files \ Folders ======================

C:\Windows\system32\SearchProtectdeleted

C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1deleted

C:\ProgramFiles\SearchProtect deleted

C:\Users\Maarten\AppData\Roaming\newnext.medeleted

C:\ProgramFiles\Mobogenie deleted

C:\Users\Maarten\AppData\Local\genienextdeleted

C:\Users\Maarten\daemonprocess.txt deleted

C:\Users\Maarten\.androiddeleted

C:\ProgramFiles\Conduit deleted

C:\ProgramFiles\Ask.com deleted

C:\Users\Maarten\AppData\Roaming\OpenCandydeleted

C:\Users\Maarten\AppData\Local\IlividPlayer deleted

C:\Users\Maarten\AppData\Local\SearchProtectdeleted

C:\Users\Maarten\AppData\Local\IACdeleted

C:\Users\Maarten\AppData\Local\Mobogeniedeleted

C:\Users\Maarten\AppData\Local\cachedeleted

C:\Users\Maarten\AppData\LocalLow\IACdeleted

C:\Users\Maarten\AppData\LocalLow\searchqubanddeleted

C:\Users\Maarten\AppData\LocalLow\Softonicdeleted

C:\Users\Maarten\AppData\LocalLow\PriceGongdeleted

C:\Users\Maarten\AppData\LocalLow\Conduitdeleted

C:\Windows\System32\SET757D.tmpdeleted

C:\Users\Maarten\Documents\Mobogenie deleted

==== FilesRecently Created / Modified ======================

======C:\Windows ====

======C:\Users\Maarten\AppData\Local\Temp ====

2014-02-0311:36:28 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Maarten\AppData\Local\Temp\SPSetup.exe

2014-01-2921:44:20 81DF17EAE33CB2A422A9183672564FC2 6774448 ----a-w- C:\Users\Maarten\AppData\Local\Temp\DC00E992-B11D-4AEE-88BD-6DEAEDF3E3D5.exe

====== JavaCache =====

======C:\Windows\system32 =====

2014-02-0819:00:53 821E45601C7FD525A8E5B5568BDE894E 512 ----a-w- C:\Windows\System32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD

======C:\Windows\system32\drivers =====

======C:\Windows\Tasks ======

======C:\Windows\Temp ======

=======C:\Program Files =====

2014-01-3020:10:57 -------- d-----w- C:\ProgramFiles\trend micro

======= C:=====

======C:\Users\Maarten\AppData\Roaming ======

2014-01-0921:01:21 -------- d-----w- C:\Users\Maarten\AppData\Local\ElevatedDiagnostics

====== C:\Users\Maarten======

2014-01-3020:10:18 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Maarten\Desktop\RSIT32.exe

====== C:exe-files ==

2014-02-0517:20:33 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\ProgramFiles\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe

2014-02-0311:36:28 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Maarten\AppData\Local\Temp\SPSetup.exe

2014-02-0310:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Windows\Temp\nsv3CB6.exe

2014-02-0310:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Windows\Temp\nsf2FE9.exe

=== C:other files ==

====Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exeoobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe/detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exeoobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe/detectMem"

[HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\ProgramFiles\Windows Sidebar\sidebar.exe /autoRun"

"WMPNSCFG"="C:\ProgramFiles\Windows Media Player\WMPNSCFG.exe"

"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE/EPT EPLTarget\P0000000000000000 /M XP-215 217 Series"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BullGuard"="C:\ProgramFiles\BullGuard Ltd\BullGuard\BullGuard.exe -boot"

"BullGuardUpdate2"="c:\programfiles\bullguard ltd\bullguard\BullGuardUpdate2.exe"

"openvpn-gui"="C:\ProgramFiles\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\ProgramFiles\Windows Sidebar\sidebar.exe /autoRun"

"WMPNSCFG"="C:\ProgramFiles\Windows Media Player\WMPNSCFG.exe"

"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE/EPT EPLTarget\P0000000000000000 /M XP-215 217 Series"

[HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\PROGRA~1\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dllc:\\PROGRA~1\\BULLGU~1\\BULLGU~1\\BgAgent.dll BgGamingMonitor.dll"

====Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\(default)]

"command"=""

"hkey"="HKLM"

"item"="(default)"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\Adobe ARM]

"command"="\"C:\\ProgramFiles\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"hkey"="HKLM"

"item"="AdobeARM"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\CLMLServer]

"command"="\"C:\\ProgramFiles\\HomeCinema\\Power2Go\\CLMLSvc.exe\""

"hkey"="HKLM"

"item"="CLMLServer"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\EEventManager]

"command"="\"C:\\ProgramFiles\\Epson Software\\Event Manager\\EEventManager.exe\""

"hkey"="HKLM"

"item"="EEventManager"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IAAnotif]

"command"="\"C:\\ProgramFiles\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\""

"hkey"="HKLM"

"item"="IAAnotif"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\mobilegeni daemon]

"command"="C:\\ProgramFiles\\Mobogenie\\DaemonProcess.exe"

"hkey"="HKLM"

"item"="mobilegenidaemon"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\NvCplDaemon]

"command"="RUNDLL32.EXEC:\\Windows\\system32\\NvCpl.dll,NvStartup"

"hkey"="HKLM"

"item"="NvCplDaemon"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\NvMediaCenter]

"command"="RUNDLL32.EXEC:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"

"hkey"="HKLM"

"item"="NvMediaCenter"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PAC7302_Monitor]

"command"="C:\\Windows\\PixArt\\PAC7302\\Monitor.exe"

"hkey"="HKLM"

"item"="PAC7302_Monitor"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\RtHDVCpl]

"command"="C:\\ProgramFiles\\Realtek\\Audio\\HDA\\RtHDVCpl.exe"

"hkey"="HKLM"

"item"="RtHDVCpl"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\Windows Defender]

"command"="C:\\ProgramFiles\\Windows Defender\\MSASCui.exe -hide"

"hkey"="HKLM"

"item"="WindowsDefender"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

====Startup Folders ======================

2010-11-0811:20:34 1938 ----a-w- C:\ProgramData\Microsoft\Windows\StartMenu\Programs\Startup\Ziggo Wireless Utility.lnk

==== TaskScheduler Jobs ======================

C:\Windows\tasks\AdobeFlash Player Updater.job --a------C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [05-02-201418:41]

C:\Windows\tasks\EPSONXP-215 217 Series Invitation {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}.job--a------ C:;8C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.exe []

C:\Windows\tasks\EPSONXP-215 217 Series Update {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}.job --a------C:;8C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.exe []

C:\Windows\tasks\GoogleSoftware Updater.job --a------ C:\Program Files\Google\Common\GoogleUpdater\GoogleUpdaterService.exe [26-08-2012 21:12]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job--a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-12-2009 14:41]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job--a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-12-2009 14:41]

==== OtherScheduled Tasks ======================

"C:\Windows\system32\tasks\AdobeFlash Player Updater"[C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CreateChoiceProcessTask"[C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\EPSONXP-215 217 Series Invitation {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}"[C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.EXE]

"C:\Windows\system32\tasks\EPSONXP-215 217 Series Update {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}"[C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.EXE]

"C:\Windows\system32\tasks\GoogleSoftware Updater" [C:\Program Files\Google\Common\GoogleUpdater\GoogleUpdaterService.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore"[C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA"[C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{A4AD3220-B5A9-4771-9566-E84D7CB4EA56}"[C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\{823232DB-30F2-47B9-8F97-05F8F0C81FEE}"[C:\Program Files\Skype\Phone\Skype.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate"[C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== FirefoxExtensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"antiphishing@bullguard"="c:\programfiles\bullguard ltd\bullguard\Antiphishing\FF\antiphishing@bullguard"[17-10-2013 08:09]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"smartwebprinting@hp.com"="C:\ProgramFiles\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [04-08-201116:45]

==== ChromeLook ======================

Google Docs- Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

GoogleDrive - Maarten\AppData\Local\Google\Chrome\UserData\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube -Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

GoogleSearch - Maarten\AppData\Local\Google\Chrome\UserData\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

MapsGalaxy- Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmpoonbkphmkpjmcbgpeoondejnaaic

GoogleWallet - Maarten\AppData\Local\Google\Chrome\UserData\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail -Maarten\AppData\Local\Google\Chrome\UserData\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Docs - Marloes\AppData\Local\Google\Chrome\UserData\Default\Extensions\aohghmighlieiainnegkcijnfilokake

GoogleDrive - Marloes\AppData\Local\Google\Chrome\UserData\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube -Marloes\AppData\Local\Google\Chrome\UserData\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

GoogleSearch - Marloes\AppData\Local\Google\Chrome\UserData\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Gmail -Marloes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IEto Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\Main]

"StartPage"="http://google.nl/"

"Default_Page_URL"="http://www.aldi.nl/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\InternetExplorer\SearchScopes]

"DefaultScope"="{A3520868-6D15-4F6C-A740-F2C732249DD5}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\InternetExplorer\SearchScopes\{A3520868-6D15-4F6C-A740-F2C732249DD5}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"StartPage"="http://google.nl/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\InternetExplorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== AllHKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\InternetExplorer\SearchScopes

{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}Unknown Url="Not_Found"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A}Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64}Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDC_nl"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== DeletingCLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deletedsuccessfully

====Deleting CLSID Registry Values ======================

====Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtectdeleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\mobilegeni daemon deleted successfully

==== EmptyIE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully

C:\Users\Maarten\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Low\Content.IE5 emptied successfully

C:\Users\Maarten\AppData\Local\Temp\TemporaryInternet Files\Content.IE5 emptied successfully

C:\Users\Marloes\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully

C:\Users\Marloes\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Low\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\TemporaryInternet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully

C:\Users\Maarten\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5\index.dat will be deleted at reboot

==== EmptyFireFox Cache ======================

No FireFoxProfiles found

==== EmptyChrome Cache ======================

C:\Users\Maarten\AppData\Local\Google\Chrome\UserData\Default\Cache emptied successfully

C:\Users\Marloes\AppData\Local\Google\Chrome\UserData\Default\Cache emptied successfully

==== EmptyAll Flash Cache ======================

Flash CacheEmptied Successfully

==== EmptyAll Java Cache ======================

Java Cachecleared successfully

====C:\zoek_backup content ======================

C:\zoek_backup(files=194 folders=97 52308657 bytes)

==== EmptyTemp Folders ======================

C:\Users\Default\AppData\Local\Tempemptied successfully

C:\Users\DefaultUser\AppData\Local\Temp emptied successfully

C:\Users\Marloes\AppData\Local\Tempemptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Tempemptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Tempemptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Tempemptied successfully

C:\Users\Maarten\AppData\Local\Temp will be emptied at reboot

C:\Windows\Tempwill be emptied at reboot

==== AfterReboot ======================

==== EmptyTemp Folders ======================

C:\Windows\Tempsuccessfully emptied

C:\Users\Maarten\AppData\Local\Tempsuccessfully emptied

==== EmptyRecycle Bin ======================

C:\$RECYCLE.BINsuccessfully emptied

====Deleting Files / Folders ======================

"C:\Users\Maarten\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5\index.dat" not deleted

==== EOF on za 08-02-2014 at 21:39:21,59======================

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  [HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\mobilegeni daemon];r

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  [HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\mobilegeni daemon];r

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Zoek.exe v5.0.0.0 Updated 07-February-2014

Tool run by Maarten on zo 09-02-2014 at 9:56:45,77.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Maarten\Downloads\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-08-203921.log 19005 bytes

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Windows]

"AppInit_DLLs"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\mobilegeni daemon]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=194 folders=97 52308657 bytes)

==== EOF on zo 09-02-2014 at 9:58:14,17 ======================

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.