Ga naar inhoud

Malware


Custard

Aanbevolen berichten

Hallo

Al een tijdje heb ik vreemde meldingen dat ik malware zou hebben op mijn pc. Zo ook al een lange tijd dat ipv google een "doportals" of "dosearches" als 1ste tabbladvenster van men browser opent. AVG kan dit niet oplossen en ben het stilletjes beu aan het worden dat ik het er niet van af krijg.

Kan iemand me helpen?

Groetjes

Link naar reactie
Delen op andere sites

  • Reacties 27
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites

Hoihoi kape :-)

Hier het logbestandje :

Logfile of random's system information tool 1.09 (written by random/random)

Run by Jürgen - Nancy at 2014-02-10 10:14:55

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 650 GB (69%) free of 941 GB

Total RAM: 3959 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:14:59, on 10/02/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Users\Jürgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe

C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe

C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files\trend micro\Jürgen - Nancy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe

O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [f.lux] "C:\Users\Jürgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow

O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3597228709-2799698942-2323137413-1007\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-3597228709-2799698942-2323137413-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Flux.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~3\bitguard\261673~1.238\{c16c1~1\bitguard.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 14708 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=373a0646-0887-4205-b352-6e529633941c /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\33d35a14-177e-4e26-9c68-8345aeb2142c-1c4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

winlogon.exe

"C:\Windows\system32\nvvsvc.exe"

"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

taskeng.exe {3B1518F0-74D0-4D79-A19E-45B978489603}

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"

"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"

C:\Windows\SysWOW64\svchost.exe -k netsvcs

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

"c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"

C:\Windows\System32\svchost.exe -k HPZ12

"C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe"

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"

"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"

taskeng.exe {366C6CF7-FF90-4CF7-AF0F-DA9E2045527A}

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

taskeng.exe {5D10C75E-F11D-4F51-9528-4B04F42DA4C0}

WLIDSvcM.exe 2808

"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background

"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"

"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"C:\Users\Jürgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow

"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"

"C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"

"C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe"

"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

"c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F2400 series#1373802423" -Startup

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding

"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"

"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"

"\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe"

"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ad1ca710-9054-4092-ad1f-51d309dc1df5 -SystemEventPortName:HostProcess-071d7852-d79e-4767-954d-5964ddc1bd05 -IoCancelEventPortName:HostProcess-938792cc-8acb-41fa-9129-3c99f1850a02 -NonStateChangingEventPortName:HostProcess-ecdea2be-32ba-4a4d-a19c-540fb48ff96c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3124612e-ee3e-4fd6-8d85-092794ff7b44 -DeviceGroupId:WpdFsGroup

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding

"C:\Program Files\Internet Explorer\iexplore.exe" PortalDoSites

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5300 CREDAT:267521 /prefetch:2

C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_44_ActiveX.exe -Embedding

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /L Analysis

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536

"C:\Users\Jürgen - Nancy\Downloads\!TE DOEN\RSITx64.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe" HP.SupportFramework

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\ROC_JAN2013_TB_rmv.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-13 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]

HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]

Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-13 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-09-14 610360]

"PC-Doctor for Windows localizer"=C:\Program Files\PC-Doctor for Windows\localizer.exe [2009-09-17 95728]

"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-07-03 1028896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-12-02 39408]

"f.lux"=C:\Users\Jürgen [2012-11-19 52654]

"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-09-29 1685048]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2009-10-02 284696]

"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2009-09-02 60464]

"ContentTransferWMDetector.exe"=C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [2009-11-19 583016]

"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-06-01 600928]

"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-11-07 4956176]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

Flux.lnk - C:\Users\Jürgen - Nancy\Local Settings\Apps\F.lux\flux.exe

HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe

C:\Users\Jürgen - Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-03-08 52272]

"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

"DisableTaskMgr"=0

"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"wave7"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-04 16:31:33 ----D---- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}

2014-02-03 00:22:19 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\Softland

2014-02-03 00:22:08 ----A---- C:\Windows\system32\GdiPlus.dll

2014-01-26 00:39:25 ----D---- C:\Windows\Migration

2014-01-26 00:08:20 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\piServer

2014-01-21 23:07:44 ----D---- C:\ProgramData\Oracle

2014-01-21 23:03:34 ----A---- C:\Windows\SYSWOW64\javaws.exe

2014-01-21 23:03:25 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

2014-01-21 23:03:25 ----A---- C:\Windows\SYSWOW64\javaw.exe

2014-01-21 23:03:25 ----A---- C:\Windows\SYSWOW64\java.exe

2014-01-17 20:12:31 ----D---- C:\THEKING

2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbport.sys

2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbohci.sys

2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbhub.sys

2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbehci.sys

2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbd.sys

2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2014-01-15 11:47:11 ----A---- C:\Windows\system32\win32k.sys

2014-01-15 11:47:10 ----A---- C:\Windows\system32\drivers\netio.sys

2014-01-11 20:35:06 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me

2014-01-11 20:34:29 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\vlc

2014-01-11 20:34:24 ----D---- C:\Program Files (x86)\Mobogenie

2014-01-11 20:33:32 ----D---- C:\Program Files (x86)\VideoLAN

======List of files/folders modified in the last 1 month======

2014-02-10 10:14:59 ----D---- C:\Windows\Prefetch

2014-02-10 10:14:58 ----D---- C:\Program Files\trend micro

2014-02-10 10:10:00 ----D---- C:\Windows\Temp

2014-02-10 09:52:12 ----D---- C:\Windows\system32\config

2014-02-10 09:45:12 ----D---- C:\ProgramData\MFAData

2014-02-10 09:39:38 ----D---- C:\ProgramData\NVIDIA

2014-02-09 22:28:17 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\uTorrent

2014-02-09 16:45:21 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\Mp3tag

2014-02-07 10:00:40 ----SHD---- C:\Windows\Installer

2014-02-07 10:00:40 ----HD---- C:\Config.Msi

2014-02-06 23:54:31 ----D---- C:\Windows\Minidump

2014-02-06 23:54:31 ----D---- C:\Windows

2014-02-06 12:13:15 ----D---- C:\Windows\Logs

2014-02-06 12:13:14 ----D---- C:\Windows\debug

2014-02-05 13:23:15 ----D---- C:\Windows\SysWOW64

2014-02-05 13:23:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-02-04 16:49:43 ----SHD---- C:\System Volume Information

2014-02-04 16:43:05 ----D---- C:\Windows\winsxs

2014-02-04 16:36:37 ----D---- C:\Windows\Help

2014-02-04 16:36:00 ----RSD---- C:\Windows\assembly

2014-02-04 16:35:03 ----D---- C:\Windows\system32\drivers

2014-02-04 16:34:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2014-02-04 16:34:11 ----D---- C:\Program Files (x86)\Hewlett-Packard

2014-02-04 16:31:33 ----HD---- C:\ProgramData

2014-02-04 16:29:53 ----D---- C:\ProgramData\Hewlett-Packard

2014-02-04 16:28:45 ----AD---- C:\swsetup

2014-02-03 00:30:32 ----RD---- C:\Program Files

2014-02-03 00:30:28 ----D---- C:\Windows\System32

2014-02-02 23:53:01 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-02-02 23:53:00 ----D---- C:\Windows\inf

2014-01-29 10:31:59 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2014-01-27 23:41:36 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-01-27 23:40:28 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\HpUpdate

2014-01-27 23:40:28 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\HP Support Assistant

2014-01-27 20:24:42 ----D---- C:\Windows\system32\catroot2

2014-01-26 10:21:53 ----D---- C:\Windows\Microsoft.NET

2014-01-26 00:39:46 ----D---- C:\Windows\SYSWOW64\en-US

2014-01-26 00:39:46 ----D---- C:\Windows\system32\en-US

2014-01-26 00:39:25 ----SD---- C:\ProgramData\Microsoft

2014-01-26 00:31:38 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-01-26 00:31:38 ----D---- C:\Windows\system32\nl-NL

2014-01-26 00:20:39 ----RD---- C:\Program Files (x86)

2014-01-21 23:03:25 ----D---- C:\Program Files (x86)\Java

2014-01-15 12:18:20 ----D---- C:\Windows\system32\DriverStore

2014-01-15 12:05:59 ----D---- C:\ProgramData\Microsoft Help

2014-01-15 12:05:01 ----D---- C:\Windows\system32\MRT

2014-01-15 12:00:46 ----A---- C:\Windows\system32\MRT.exe

2014-01-15 11:46:57 ----D---- C:\Windows\system32\catroot

2014-01-14 15:07:41 ----D---- C:\Windows\system32\NDF

2014-01-11 23:46:53 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-10-24 194872]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544]

R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-02 537112]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-05 150808]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-04 240920]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-10-31 212280]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-02-08 39768]

R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2009-09-17 26624]

R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-09-07 2484072]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-21 239616]

R3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2011-06-01 848384]

R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]

R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-08-05 58744]

S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]

S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]

S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-12-07 14448]

S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-12-07 27760]

S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-30 30208]

S3 msvad_simple;Power Mp3 Recorder Virtual Driver (WDM); C:\Windows\system32\drivers\vadSimpl.sys [2011-09-20 27800]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-25 2426672]

S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; syswow64\drivers\pcdrndisuio.sys []

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 5504]

S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-08-28 211560]

S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]

S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]

S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]

S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []

S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []

S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]

R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]

R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]

R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 NMSAccess;NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-03 1887520]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-07-30 192368]

S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-02 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-03-18 947528]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]

S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-02 136176]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-12 194032]

S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  mobilegeni daemon;s
 C:\Program Files (x86)\Mobogenie;fs
 NextLive;s
 C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me;fs
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
 "NextLive"=-;r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
 "mobilegeni daemon"=-:r64
 C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F};fs
  emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

hier het logbestandje

Zoek.exe v5.0.0.0 Updated 10-February-2014

Tool run by Jrgen - Nancy on di 11/02/2014 at 12:17:59,78.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AE9TES81\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2013-11-08-145037.log 49462 bytes

C:\zoek-results2013-11-09-095449.log 4972 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\Uniblue deleted successfully

C:\ProgramData\Oracle deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"NextLive"=-

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

==== Deleting Files \ Folders ======================

C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me not found

C:\Program Files (x86)\Mobogenie deleted

C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted

C:\Users\JRGEN-~1\daemonprocess.txt deleted

C:\Users\JRGEN-~1\.android deleted

C:\Users\JRGEN-~1\AppData\LocalLow\Plus-HD-2.2 deleted

C:\Users\JRGEN-~1\AppData\LocalLow\Magnet Downloader deleted

C:\Windows\tasks\ROC_JAN2013_TB_rmv.job deleted

C:\windows\SysNative\tasks\ROC_JAN2013_TB_rmv deleted

C:\Users\JRGEN-~1\Documents\Mobogenie deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-02-06 22:54:27 C56815AABC7C7BA77123D91CDAB919E9 719336401 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\JRGEN-~1\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-02-02 23:22:13 ED01633E2BEBC53446767093A7D8B6C0 7549 ----a-w- C:\Windows\Sysnative\dopdf7.ctm

2014-02-02 23:22:08 4D328694BB516E46D2D184950D94433F 1700352 ----a-w- C:\Windows\Sysnative\GdiPlus.dll

====== C:\Windows\Sysnative\drivers =====

2014-01-15 10:47:12 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys

2014-01-15 10:47:12 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys

2014-01-15 10:47:12 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys

2014-01-15 10:47:12 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys

2014-01-15 10:47:12 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys

2014-01-15 10:47:12 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys

2014-01-15 10:47:12 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys

2014-01-15 10:47:10 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

======= C: =====

====== C:\Users\JRGEN-~1\AppData ======

2014-02-02 23:22:19 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Softland

2014-02-02 23:22:19 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\Softland

2014-01-25 23:08:20 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\piServer

2014-01-17 19:12:31 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The King

====== C:\Users\JRGEN-~1 ======

2014-02-04 15:44:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support

2014-01-17 19:12:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King

====== C: exe-files ==

2014-02-10 09:16:48 FFD052D0F464ADC243C24E71D15C9990 12344 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe

2014-02-10 09:16:48 F9A63E15E78C2E6470CE3DFC526970D3 32472 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AfterUpgradingToWin81.exe

2014-02-10 09:16:48 F86275D16121F6591B69B801DE6ED394 21408 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_NetworkCheck.exe

2014-02-10 09:16:48 F6D2EA7FCB0F094B53CB88480FB5E582 30424 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness_Ex.exe

2014-02-10 09:16:48 F4CCCAB03392ECA3BCB6EAB9DB2089E0 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_NSPOS.exe

2014-02-10 09:16:48 F228ECDCDF7D094326F43ADF29A0DBD5 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_EMEA.exe

2014-02-10 09:16:48 E4F8F4F057E3164A52D9D206D1F99193 31544 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness.exe

2014-02-10 09:16:48 E49E5BF9C8C5F1508F63DA3C6C824984 30936 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupPasswordReminder.exe

2014-02-10 09:16:48 DDE93A9FB974B6DCDEE299AF055CFFF1 59608 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\WarrantyObjectChecker.exe

2014-02-10 09:16:48 DD79A6B15C2F28DE98DF4852AAF6B13B 21720 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe

2014-02-10 09:16:48 CAE98FD09A88C575E7853218103A212A 29912 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_HPConnectedPhoto.exe

2014-02-10 09:16:48 C7EC72A8673DD2CC88A8384CA6D00120 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_US.exe

2014-02-10 09:16:48 C6CA25804A7F161D3D9986DF5A305EBD 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BeforeUpgradingToWin81.exe

2014-02-10 09:16:48 9DFDD8AC6D33626A90E97D7B74E1F9A4 29912 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_US.exe

2014-02-10 09:16:48 8BBE4ACE9EA06D5BAE4BEE2A2B42BC8D 27352 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_EMEA.exe

2014-02-10 09:16:48 5288FEC36ADB27C8A24623F6DB8858B8 72920 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_toastNotify.exe

2014-02-10 09:16:48 51D3A8E9A26EA3DE98A80BF117519F85 42712 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_EMEA.exe

2014-02-10 09:16:48 4C5282B9AF02E930E85761395610DCA1 27864 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\SystemAgeOneYear.exe

2014-02-10 09:16:48 2DA14CADC35E8CAEC6D0FD7D3A5844C2 21208 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_GuestAccount.exe

2014-02-10 09:16:48 2BCA2C6866D24EEEA37968D0B48FAEFF 78136 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe

2014-02-10 09:16:48 136D8804CB446BB88C19856B1DC75861 32472 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe

2014-02-10 09:16:48 086CE228EEEB9968C33C924355DEBF72 121144 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtilDT.exe

2014-02-10 09:16:48 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe

2014-02-04 19:32:30 EFBB12554A646E87E72B65C1621E8877 3238136 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000057aa\DAO.17777837.exe

2014-02-04 15:35:32 8725ED11EF032D408C109DF0816D33BA 123192 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\Tools\UninstallHPSA.exe

2014-02-04 15:34:30 41CB698F967B4D9F2580EA2A21A5A710 107320 ----a-w- C:\Users\Jürgen - Nancy\AppData\Local\Temp\{C81956B2-2F83-4448-8FF6-8EA3B917B346}\ISBEW64.exe

2014-02-04 15:31:39 41CB698F967B4D9F2580EA2A21A5A710 107320 ------w- C:\Users\Jürgen - Nancy\AppData\Local\Temp\{F8ED6807-9454-4A29-80C1-DC0DF7D6F694}\ISBEW64.exe

2014-02-04 15:28:48 8725ED11EF032D408C109DF0816D33BA 123192 ----a-w- C:\Users\Jürgen - Nancy\AppData\Local\Temp\UninstallHPSA.exe

=== C: other files ==

2014-02-10 09:16:59 22A341D42D1568B948E2204D1EA446DE 36570 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\nl-NL\hcsolutions.zip

2014-02-10 09:16:56 02F8664D3039D1A181F716A867D0A3CF 1238598 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guidAcheck.zip

2014-02-10 09:16:52 59F14B5DF9F1C9CCA13CC0EB7A7035DB 1829427 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guid.zip

2014-02-08 16:50:38 313210E22131EBFA4407345D20109198 98068 ----a-w- C:\Users\Jürgen - Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LZVASQFQ\IMIHBAC2014[1].zip

2014-02-04 15:43:28 8982A18BF989AECCBFFF14B246F5571F 141 ----a-w- C:\Windows\Help\OEM\Scripts\winNetworkDianosticTool.bat

2014-02-04 15:43:28 8198CB1BBFE605E2D9029F5CC39A80F9 104 ----a-w- C:\Windows\Help\OEM\Scripts\sysproperty.bat

2014-02-04 15:43:27 3A7A37197511A6AF3FB1E5FD0C846816 28 ----a-w- C:\Windows\Help\OEM\Scripts\ProgramCompatibilityWizard.bat

2014-02-04 15:43:26 875A1490532B2E58A32B30F1F613121E 92 ----a-w- C:\Windows\Help\OEM\Scripts\openPerformanceRatingTools.bat

2014-02-04 15:29:53 C8A9B21B203188163732BBABA8EB2CC1 435 ----a-w- C:\ProgramData\Hewlett-Packard\temp.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"f.lux"="C:\Users\Jrgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow"

[HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Microsoft\Windows\CurrentVersion\Run]

"HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN"

"ROC_JAN2013_TB"="C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe /PROMPT /CMPID=JAN2013_TB"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"

"ContentTransferWMDetector.exe"="C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe"

"PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"f.lux"="C:\Users\Jrgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\\progra~3\\bitguard\\261673~1.238\\{c16c1~1\\bitguard.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background"

"PC-Doctor for Windows localizer"="C:\Program Files\PC-Doctor for Windows\localizer.exe"

"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]

"Google Update"="\"C:\\Users\\Jrgen - Nancy\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"

"Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HPADVISOR"

"hkey"="HKCU"

"command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe view=DOCKVIEW"

==== Startup Folders ======================

2012-09-30 17:47:13 1316 ----a-w- C:\Users\JRGEN-~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

2013-08-06 14:36:02 1032 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk

2013-04-18 17:50:30 2047 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Flux.lnk

2013-07-14 11:45:02 2101 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05/02/2014 13:23]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/12/2010 00:40]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/12/2010 00:40]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]

"C:\Windows\SysNative\tasks\4775" [wscript.exe C:\Users\JRGEN-~1\AppData\Local\Temp\launchie.vbs //B]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe]

"C:\Windows\SysNative\tasks\ExtendedServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]

"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Jrgen - Nancy\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\Orb Startup" [C:\Program Files (x86)\Winamp Remote\bin\OrbTray.exe]

"C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3597228709-2799698942-2323137413-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3597228709-2799698942-2323137413-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\{04902170-FAB5-4221-8A26-C54A801ABD8B}" [E:\Setup.exe]

"C:\Windows\SysNative\tasks\{0D9410E3-651B-44B0-8114-B1377C2F8A68}" [C:\Users\Jrgen - Nancy\Downloads\TE DOEN\riknl111.exe]

"C:\Windows\SysNative\tasks\{4E3895D7-2AF7-44DD-AED7-96601D575516}" [E:\Setup.exe]

"C:\Windows\SysNative\tasks\{72C2AD64-B6BB-4F2E-A5F0-F81C82E6A407}" [C:\Program Files (x86)\Bit Che\Bit_Che.exe]

"C:\Windows\SysNative\tasks\{7C6507C9-154F-4F31-A85D-9C15CB592043}" [C:\Users\Jrgen - Nancy\Documents\PS_AIO_NonNetwork_NLD_NB.exe]

"C:\Windows\SysNative\tasks\{B978FA62-FCE5-419F-ACE6-7EA92A7F51EE}" [E:\Setup.exe]

"C:\Windows\SysNative\tasks\{F9536317-D79F-46A0-97DF-FB1ED69CF44F}" [C:\Program Files (x86)\Disc2Phone\D2P.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\Windows\SysNative\tasks\NCH Swift Sound\switchShakeIcon" [C:\Program Files (x86)\NCH Swift Sound\Switch\Switch.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"speedanalysis03@SpeedAnalysis.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com" [17/10/2013 16:43]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"speedanalysis03@SpeedAnalysis.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com" [17/10/2013 16:43]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{B3F21F8A-5E8D-4245-86E1-9A5BEEC62229}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{7FE3B0FB-0424-422C-A321-62DC4DF5CA98} Bing Url="{searchTerms} - Bing"

{B3F21F8A-5E8D-4245-86E1-9A5BEEC62229} Google Url="{searchTerms} - Google Search"

{F71D9DCE-B6DB-44FD-A2CB-5608C24BA223} Microsoft Url="{searchTerms - Search Microsoft.com}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.2 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AE9TES81 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=623 folders=135 283745843 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\JRGEN-~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AE9TES81" not found

==== EOF on di 11/02/2014 at 13:43:41,24 ======================

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];r64
 "AppInit_DLLs"=-;r64
 C:\Windows\SysNative\tasks\0;fs
 C:\Windows\SysNative\tasks\4775;fs
 C:\Users\J[font=Calibri][/font]rgen - Nancy\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com;fs
 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions];r64
"speedanalysis03@SpeedAnalysis.com"=-;r64
 [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions];r64
 "speedanalysis03@SpeedAnalysis.com"=-;r64

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Nogmaals het bestandje

Zoek.exe v5.0.0.0 Updated 10-February-2014

Tool run by Jrgen - Nancy on wo 12/02/2014 at 17:57:35,62.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\JRGEN-~1\Documents\Jürgen\Software\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2013-11-08-145037.log 49462 bytes

C:\zoek-results2013-11-09-095449.log 4972 bytes

C:\zoek-results2014-02-11-124341.log 23581 bytes

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"speedanalysis03@SpeedAnalysis.com"=-

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"speedanalysis03@SpeedAnalysis.com"=-

==== Deleting Files \ Folders ======================

C:\Windows\SysNative\tasks\0 deleted

C:\Windows\SysNative\tasks\4775 deleted

C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com deleted

==== C:\zoek_backup content ======================

C:\zoek_backup (files=656 folders=140 284038103 bytes)

==== EOF on wo 12/02/2014 at 17:59:52,89 ======================

Link naar reactie
Delen op andere sites

Hellow

Ik moet je eigenlijk teleurstellen, de "doPortal" startpagina is nog steeds aanwezig. En de pop-ups zijn er ook nog steeds :frown:

Misschien heb ik iets fout gedaan? Ik heb gelezen dat een "dosearches" of "doPortal" startpagina eigenlijk een vast nestelend virus is dat naar gelang de tijd het erger kan worden. Ondertussen heb ik AVG hernieuwd (een 30 dagen volledige proefversie) en deze laten scannen maar is er niet tegen opgewassen. Andere keren heeft iemand mij geholpen door Malwarebytes en HiJackthis te laten scannen en toen heeft het een tijdje geholpen. Is het misschien nu dan een ander probleem? Ik wou dat ik er meer van af wist...van computers bedoel ik dus xD:adore:

Anyway...

Grtjs

Link naar reactie
Delen op andere sites

De ongewenste meldingen waar je naar verwijst, zijn alvast niet merkbaar in de logjes die je hebt gepost (ook niet in het logje van HijackThis dat in RSIT geïntegreerd zit). We kunnen wel eens bekijken of Malwarebytes hier iets mee aan kan (HijackThis is in dit geval nutteloos).

Download 51a46ae42d560-malwarebytes_anti_malware.pngMalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
  • Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga dan naar "Scanner Instellingen". Onderaan bij "PUP" kies je voor "Weergeven in scan resultaten - selecteren voor verwijdering".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  • Herstart de computer indien nodig en post hierna de log in het volgende bericht.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.