newnext.me

[A van der Knaap]

Ik heb hetzelfde probleem met mijn vista 32 bit..

Zou iemand mij ook kunnen helpen. Met vriendelijke groet, Annet

Logfile of random's system information tool 1.09 (written by random/random)

Run by knaap at 2014-03-05 14:58:24

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 157 GB (51%) free of 305 GB

Total RAM: 2047 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:59:15, on 5-3-2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16533)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe

C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe

C:\Program Files\Garmin\ANT Agent\ANT Agent.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Windows\system32\RunDll32.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_70_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\sdclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\knaap\Downloads\RSIT.exe

C:\Program Files\trend micro\knaap.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,c:\program files\g data\internetsecurity\avkkid\avkcks.exe

O1 - Hosts: ::1 localhost

O2 - BHO: ThreeShips IEHelper - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Reader Application Helper] C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" -startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe

O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

O4 - HKLM\..\Run: [G Data AntiVirus Tray] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe

O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN17I2130G05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [ANT Agent] C:\Program Files\Garmin\ANT Agent\ANT Agent.exe

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\knaap\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-2229290244-4101571045-3097305160-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')

O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk = ?

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://portal.westfriesgasthuis.nl/dana-cached/sc/JuniperSetupClient.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe

O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe

O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe

O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G Data\GDScan\GDScan.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe

--

End of file - 10806 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17FDB9F8-DCC4-4F6A-AE07-B16018A48469}]

ThreeShips IE Helper - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll [2012-04-16 586168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-23 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-23 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r []

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-03-24 49208]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"Reader Application Helper"=C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [2013-11-27 899400]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"Corel Photo Downloader"=C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe -startup []

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-05-15 152392]

"Corel File Shell Monitor"=C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [2007-10-30 16200]

"Nikon Message Center 2"=C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]

"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

""= []

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"mobilegeni daemon"=C:\Program Files\Mobogenie\DaemonProcess.exe []

"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-26 3814736]

"G Data AntiVirus Tray"=C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe [2013-08-21 1444472]

"GDFirewallTray"=C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [2013-03-22 1854928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]

"HP Photosmart 6510 series (NET)"=C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2011-05-25 1801064]

"ANT Agent"=C:\Program Files\Garmin\ANT Agent\ANT Agent.exe [2013-02-15 14731776]

"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2013-07-31 4287536]

""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe []

"NextLive"=C:\Users\knaap\AppData\Roaming\newnext.me\nengine.dll,EntryPoint -m l []

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]

C:\Users\knaap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe

OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"VIDC.I420"=lvcodec2.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo"=vfwwdm32.dll

"MSVideo8"=VfWWDM32.dll

"vidc.VP60"=C:\Windows\system32\vp6vfw.dll

"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-05 14:58:24 ----D---- C:\rsit

2014-03-05 14:58:24 ----D---- C:\Program Files\trend micro

2014-03-05 13:48:21 ----A---- C:\Windows\system32\drivers\PktIcpt.sys

2014-03-05 13:47:16 ----A---- C:\Windows\system32\drivers\gdwfpcd32.sys

2014-03-05 13:47:07 ----A---- C:\Windows\system32\drivers\MiniIcpt.sys

2014-03-05 13:47:07 ----A---- C:\Windows\system32\drivers\HookCentre.sys

2014-03-05 13:47:06 ----A---- C:\Windows\system32\drivers\GDBehave.sys

2014-03-05 12:32:58 ----D---- C:\1824e0d6a3a13b889a

2014-03-02 16:02:21 ----D---- C:\02874a9e7582e4eb3bd218

2014-02-28 18:15:26 ----D---- C:\Windows\Migration

2014-02-27 21:29:15 ----D---- C:\Program Files\Common Files\Skype

2014-02-27 21:12:45 ----D---- C:\Program Files\LogMeIn Hamachi

2014-02-22 13:42:26 ----D---- C:\Users\knaap\AppData\Roaming\.technic

2014-02-13 15:36:32 ----A---- C:\Windows\system32\vbscript.dll

2014-02-13 15:36:32 ----A---- C:\Windows\system32\mshtmled.dll

2014-02-13 15:36:31 ----A---- C:\Windows\system32\ieui.dll

2014-02-13 15:36:30 ----A---- C:\Windows\system32\wininet.dll

2014-02-13 15:36:30 ----A---- C:\Windows\system32\msfeeds.dll

2014-02-13 15:36:30 ----A---- C:\Windows\system32\jsproxy.dll

2014-02-13 15:36:30 ----A---- C:\Windows\system32\jscript.dll

2014-02-13 15:36:30 ----A---- C:\Windows\system32\ieUnatt.exe

2014-02-13 15:36:29 ----A---- C:\Windows\system32\url.dll

2014-02-13 15:36:29 ----A---- C:\Windows\system32\jscript9.dll

2014-02-13 15:36:28 ----A---- C:\Windows\system32\urlmon.dll

2014-02-13 15:36:28 ----A---- C:\Windows\system32\iertutil.dll

2014-02-13 15:36:27 ----A---- C:\Windows\system32\ieframe.dll

2014-02-13 15:36:24 ----A---- C:\Windows\system32\mshtml.dll

2014-02-12 21:32:22 ----A---- C:\Windows\system32\msxml3.dll

======List of files/folders modified in the last 1 month======

2014-03-05 14:59:06 ----D---- C:\Windows\Temp

2014-03-05 14:58:24 ----D---- C:\Program Files

2014-03-05 14:27:41 ----D---- C:\Windows\system32\drivers

2014-03-05 14:25:34 ----D---- C:\Windows\System32

2014-03-05 14:25:34 ----D---- C:\Program Files\Common Files\G Data

2014-03-05 14:02:38 ----D---- C:\ProgramData\G DATA

2014-03-05 13:44:48 ----D---- C:\Program Files\G Data

2014-03-05 13:18:47 ----D---- C:\Windows\system32\catroot

2014-03-05 13:12:41 ----D---- C:\Windows\system32\spool

2014-03-05 13:10:47 ----D---- C:\Windows\system32\WDI

2014-03-05 13:10:47 ----D---- C:\Windows\system32\Tasks

2014-03-05 13:02:20 ----D---- C:\Windows\Microsoft.NET

2014-03-05 12:36:25 ----SHD---- C:\Windows\Installer

2014-03-05 12:36:12 ----SHD---- C:\Config.Msi

2014-03-05 12:32:44 ----SHD---- C:\System Volume Information

2014-03-04 22:21:59 ----D---- C:\Users\knaap\AppData\Roaming\Skype

2014-03-04 22:08:29 ----D---- C:\Users\knaap\AppData\Roaming\.minecraft

2014-03-04 18:32:30 ----D---- C:\Windows\Prefetch

2014-03-04 18:21:48 ----D---- C:\Windows\system32\catroot2

2014-03-04 16:02:08 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-03-04 16:02:06 ----D---- C:\Windows\inf

2014-02-28 18:18:19 ----D---- C:\Windows\system32\en-US

2014-02-28 18:15:26 ----SD---- C:\ProgramData\Microsoft

2014-02-28 18:15:26 ----D---- C:\Windows

2014-02-27 21:29:25 ----D---- C:\ProgramData\Skype

2014-02-27 21:29:15 ----RD---- C:\Program Files\Skype

2014-02-27 21:29:15 ----D---- C:\Program Files\Common Files

2014-02-21 19:05:26 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-02-13 19:15:02 ----RSD---- C:\Windows\assembly

2014-02-13 18:23:23 ----D---- C:\Windows\system32\migration

2014-02-13 18:23:21 ----D---- C:\Program Files\Internet Explorer

2014-02-13 16:30:46 ----D---- C:\Windows\winsxs

2014-02-13 16:22:03 ----D---- C:\Windows\system32\MRT

2014-02-13 16:16:00 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys [2014-03-05 45912]

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2008-08-18 145952]

R0 PxHelp20;PxHelp20; C:\Windows\system32\Drivers\PxHelp20.sys [2006-11-02 36624]

R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2014-03-05 96600]

R1 gdwfpcd;G Data WFP CD; C:\Windows\system32\drivers\gdwfpcd32.sys [2014-03-05 54104]

R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2014-03-05 51032]

R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-09-01 281760]

R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-09-01 25888]

R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2014-03-05 52056]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]

R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]

R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-04-30 265496]

R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-03-25 1048480]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-25 8939296]

R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2009-04-30 13976]

R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2009-04-30 2687512]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]

R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-05-08 1047552]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2; C:\Windows\system32\DRIVERS\aabed2.sys [2008-03-20 23040]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]

R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2013-08-26 1970296]

R2 AVKService;G Data Scheduler; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [2013-08-21 635000]

R2 AVKWCtl;G Data Bestandssysteembewaker; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2013-10-15 2101280]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-02-26 1678672]

R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-26 375056]

R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 645992]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-01-06 76888]

R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]

R3 GDFwSvc;G Data Personal Firewall; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2013-10-17 2373712]

R3 GDScan;G Data Scanner; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [2013-08-22 695416]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-15 553288]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-07 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21 257928]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-07 136176]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-03-07 194032]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2013-11-26 73728]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]

S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Jion]

Dag A van der Knaap,

welkom op PCH!

Ik heb je een eigen topic aangemaakt. Dat houdt het voor iedereen een pak overzichtelijker. ;-)

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• 
  
• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

[A van der Knaap]

Beste Jion.

Hier zijn de resultaten:

# AdwCleaner v3.020 - Report created 05/03/2014 at 16:58:13

# Updated 27/02/2014 by Xplode

# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)

# Username : knaap - PC_VAN_KNAAP

# Running from : C:\Users\knaap\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\NCH Software

Folder Deleted : C:\ProgramData\StarApp

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\ProgramData\WPM

Folder Deleted : C:\ProgramData\savenshaaRe

Folder Deleted : C:\ProgramData\Searchh-NewTab

Folder Deleted : C:\Program Files\Mobogenie

Folder Deleted : C:\Program Files\NCH Software

Folder Deleted : C:\Program Files\Plus-HD-2.2

Folder Deleted : C:\Program Files\Common Files\337

Folder Deleted : C:\Users\knaap\AppData\Local\Babylon

Folder Deleted : C:\Users\knaap\AppData\Local\genienext

Folder Deleted : C:\Users\knaap\AppData\Local\Mobogenie

Folder Deleted : C:\Users\knaap\AppData\LocalLow\Softonic

Folder Deleted : C:\Users\knaap\AppData\LocalLow\savenshaaRe

Folder Deleted : C:\Users\knaap\AppData\LocalLow\Searchh-NewTab

Folder Deleted : C:\Users\knaap\AppData\Roaming\ExpressFiles

Folder Deleted : C:\Users\knaap\AppData\Roaming\NCH Software

Folder Deleted : C:\Users\knaap\AppData\Roaming\OpenCandy

Folder Deleted : C:\Users\knaap\AppData\Roaming\SkypEmoticons

File Deleted : C:\END

File Deleted : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser

File Deleted : C:\Windows\System32\Tasks\Express FilesUpdate

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk

Shortcut Disinfected : C:\Users\knaap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

Shortcut Disinfected : C:\Users\knaap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85DE526C-260F-4113-9722-B9D4EF255CB0}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85DE526C-260F-4113-9722-B9D4EF255CB0}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24482682-E9CD-4FFC-A8EA-6C52729C2E4C}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24482682-E9CD-4FFC-A8EA-6C52729C2E4C}

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc

Key Deleted : HKLM\SOFTWARE\592dd8ce63fb914

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\1ClickDownload

Key Deleted : HKCU\Software\BabSolution

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\DataMngr

Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\ExpressFiles

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\NCH Software

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKLM\Software\caphyon

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\Desksvc

Key Deleted : HKLM\Software\ExpressFiles

Key Deleted : HKLM\Software\hdcode

Key Deleted : HKLM\Software\NCH Software

Key Deleted : HKLM\Software\supWPM

Key Deleted : HKLM\Software\Updater By Sweetpacks

Key Deleted : HKLM\Software\V9

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.2

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Plus-HD-2.2

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\knaap\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5746 octets] - [05/03/2014 16:37:04]

AdwCleaner[s0].txt - [5235 octets] - [05/03/2014 16:58:13]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5295 octets] ##########

[Jion]

Download MalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

• 
  
• Update MalwareBytes' Anti-Malware
  
• Start MalwareBytes' Anti-Malware
  
• Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.
  

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

• 
  
• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  
• Ga dan naar "Scanner Instellingen". Onderaan bij "PUP" kies je voor "Weergeven in scan resultaten - selecteren voor verwijdering".
  
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  
• Druk vervolgens op "Scannen" om de scan te starten.
  
• Het scannen kan een tijdje duren, dus wees geduldig.
  
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  
• Herstart de computer indien nodig en post hierna de log in het volgende bericht.
  

[A van der Knaap]

Beste Jion, hier de volgende serie:

Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300

www.malwarebytes.org

Databaseversie: v2014.03.05.07

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

knaap :: PC_VAN_KNAAP [administrator]

Bescherming: Ingeschakeld

5-3-2014 17:35:03

mbam-log-2014-03-05 (17-35-03).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 249448

Verstreken tijd: 19 minuut/minuten, 3 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 1

HKLM\SOFTWARE\Wow6432Node\Updater By Sweetpacks (PUP.Optional.SweetPacks.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 2

HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{DEDAF650-12B8-48f5-A843-BBA100716106} (PUP.Optional.SweetIM.A) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{DEDAF650-12B8-48f5-A843-BBA100716106} (PUP.Optional.SweetIM.A) -> Data: C:\Program Files\Updater By Sweetpacks\Firefox -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 12

C:\ProgramData\InstallMate\{A0BFDEC6-A9D7-4DFF-AF14-E1F57B5CFC30}\Custom.dll (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\knaap\AppData\Local\Temp\setupA9_.exe (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\knaap\Downloads\app.exe (PUP.Optional.Solimba) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\knaap\Downloads\YTDSetup.exe (PUP.Optional.Spigot.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\knaap\Downloads\For-Divine-Rpg-1.5.2.rar_Downloader.exe (PUP.Optional.FilePile.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\knaap\Downloads\SoftonicDownloader_voor_bittorrent.exe (PUP.Optional.Softonic) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\knaap\Downloads\SoftonicDownloader_voor_minecraft-server.exe (PUP.Optional.Softonic.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\knaap\Downloads\SoftonicDownloader_voor_need-for-speed-shift.exe (PUP.Optional.Softonic) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\knaap\Downloads\SoftonicDownloader_voor_need-for-speed-world.exe (PUP.Optional.Softonic) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\knaap\Downloads\SoftonicDownloader_voor_total-video-converter.exe (PUP.Optional.Softonic.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\knaap\Downloads\SoftonicDownloader_voor_videopad-video-editor.exe (PUP.Optional.Softonic.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\knaap\Downloads\Cube_World_ONLY_KEYGEN_2013_rar.exe (PUP.BundleInstaller.DW) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

[Jion]

Leuke series he. xD

Mag ik nu eens een nieuw RSIT logje hebben?

[A van der Knaap]

Ja, wat een leeswerk, Jion.

Hier de rsit serie.

Logfile of random's system information tool 1.09 (written by random/random)

Run by knaap at 2014-03-05 18:36:47

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 157 GB (51%) free of 305 GB

Total RAM: 2047 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:37:30, on 5-3-2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16533)

Boot mode: Normal

Running processes:

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe

C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe

C:\Program Files\Garmin\ANT Agent\ANT Agent.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Windows\system32\RunDll32.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_70_ActiveX.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\sdclt.exe

C:\Users\knaap\Downloads\RSIT.exe

C:\Program Files\trend micro\knaap.exe

C:\Program Files\HP\HP Photosmart 6510 series\bin\HPNetworkCommunicator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,c:\program files\g data\internetsecurity\avkkid\avkcks.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: ThreeShips IEHelper - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Reader Application Helper] C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" -startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

O4 - HKLM\..\Run: [G Data AntiVirus Tray] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe

O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN17I2130G05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [ANT Agent] C:\Program Files\Garmin\ANT Agent\ANT Agent.exe

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-2229290244-4101571045-3097305160-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')

O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk = ?

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://portal.westfriesgasthuis.nl/dana-cached/sc/JuniperSetupClient.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe

O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe

O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe

O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G Data\GDScan\GDScan.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe

--

End of file - 10811 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17FDB9F8-DCC4-4F6A-AE07-B16018A48469}]

ThreeShips IE Helper - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll [2012-04-16 586168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-23 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-23 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r []

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-03-24 49208]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"Reader Application Helper"=C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [2013-11-27 899400]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"Corel Photo Downloader"=C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe -startup []

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-05-15 152392]

"Corel File Shell Monitor"=C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [2007-10-30 16200]

"Nikon Message Center 2"=C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]

"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

""= []

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-26 3814736]

"G Data AntiVirus Tray"=C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe [2013-08-21 1444472]

"GDFirewallTray"=C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [2013-03-22 1854928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]

"HP Photosmart 6510 series (NET)"=C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2011-05-25 1801064]

"ANT Agent"=C:\Program Files\Garmin\ANT Agent\ANT Agent.exe [2013-02-15 14731776]

"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2013-07-31 4287536]

""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe []

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]

C:\Users\knaap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe

OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"VIDC.I420"=lvcodec2.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo"=vfwwdm32.dll

"MSVideo8"=VfWWDM32.dll

"vidc.VP60"=C:\Windows\system32\vp6vfw.dll

"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-03-05 17:33:25 ----D---- C:\Users\knaap\AppData\Roaming\Malwarebytes

2014-03-05 17:33:16 ----D---- C:\ProgramData\Malwarebytes

2014-03-05 17:33:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2014-03-05 17:33:14 ----A---- C:\Windows\system32\drivers\mbam.sys

2014-03-05 16:36:51 ----D---- C:\AdwCleaner

2014-03-05 15:11:09 ----D---- C:\Program Files\Puran File Recovery

2014-03-05 14:58:24 ----D---- C:\rsit

2014-03-05 14:58:24 ----D---- C:\Program Files\trend micro

2014-03-05 13:48:21 ----A---- C:\Windows\system32\drivers\PktIcpt.sys

2014-03-05 13:47:16 ----A---- C:\Windows\system32\drivers\gdwfpcd32.sys

2014-03-05 13:47:07 ----A---- C:\Windows\system32\drivers\MiniIcpt.sys

2014-03-05 13:47:07 ----A---- C:\Windows\system32\drivers\HookCentre.sys

2014-03-05 13:47:06 ----A---- C:\Windows\system32\drivers\GDBehave.sys

2014-03-05 12:32:58 ----D---- C:\1824e0d6a3a13b889a

2014-03-02 16:02:21 ----D---- C:\02874a9e7582e4eb3bd218

2014-02-28 18:15:26 ----D---- C:\Windows\Migration

2014-02-27 21:29:15 ----D---- C:\Program Files\Common Files\Skype

2014-02-27 21:12:45 ----D---- C:\Program Files\LogMeIn Hamachi

2014-02-22 13:42:26 ----D---- C:\Users\knaap\AppData\Roaming\.technic

2014-02-13 15:36:32 ----A---- C:\Windows\system32\vbscript.dll

2014-02-13 15:36:32 ----A---- C:\Windows\system32\mshtmled.dll

2014-02-13 15:36:31 ----A---- C:\Windows\system32\ieui.dll

2014-02-13 15:36:30 ----A---- C:\Windows\system32\wininet.dll

2014-02-13 15:36:30 ----A---- C:\Windows\system32\msfeeds.dll

2014-02-13 15:36:30 ----A---- C:\Windows\system32\jsproxy.dll

2014-02-13 15:36:30 ----A---- C:\Windows\system32\jscript.dll

2014-02-13 15:36:30 ----A---- C:\Windows\system32\ieUnatt.exe

2014-02-13 15:36:29 ----A---- C:\Windows\system32\url.dll

2014-02-13 15:36:29 ----A---- C:\Windows\system32\jscript9.dll

2014-02-13 15:36:28 ----A---- C:\Windows\system32\urlmon.dll

2014-02-13 15:36:28 ----A---- C:\Windows\system32\iertutil.dll

2014-02-13 15:36:27 ----A---- C:\Windows\system32\ieframe.dll

2014-02-13 15:36:24 ----A---- C:\Windows\system32\mshtml.dll

2014-02-12 21:32:22 ----A---- C:\Windows\system32\msxml3.dll

2014-01-25 21:46:50 ----D---- C:\Program Files\Enigma Software Group

2014-01-25 21:46:05 ----D---- C:\Windows\455F074C814E4520B69B5584BD90400C.TMP

2014-01-25 21:46:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2014-01-23 16:40:10 ----A---- C:\Windows\system32\javaws.exe

2014-01-23 16:39:40 ----A---- C:\Windows\system32\WindowsAccessBridge.dll

2014-01-23 16:39:40 ----A---- C:\Windows\system32\javaw.exe

2014-01-23 16:39:39 ----A---- C:\Windows\system32\java.exe

2014-01-22 10:11:32 ----SHD---- C:\found.013

2014-01-15 20:51:48 ----D---- C:\Program Files\Rockstar Games

2014-01-15 14:00:53 ----D---- C:\Program Files\Total Video Converter

2014-01-09 15:51:16 ----D---- C:\Users\knaap\AppData\Roaming\.fellowship

2014-01-01 14:57:24 ----D---- C:\ProgramData\Solidshield

2014-01-01 14:52:33 ----A---- C:\Windows\system32\d3dx10_41.dll

2014-01-01 14:52:33 ----A---- C:\Windows\system32\D3DCompiler_41.dll

2014-01-01 14:52:32 ----A---- C:\Windows\system32\XAudio2_4.dll

2014-01-01 14:52:32 ----A---- C:\Windows\system32\xactengine3_4.dll

2014-01-01 14:52:32 ----A---- C:\Windows\system32\X3DAudio1_6.dll

2014-01-01 14:52:31 ----A---- C:\Windows\system32\d3dx10_40.dll

2014-01-01 14:52:31 ----A---- C:\Windows\system32\D3DCompiler_40.dll

2014-01-01 14:52:30 ----A---- C:\Windows\system32\D3DX9_40.dll

2014-01-01 14:52:28 ----A---- C:\Windows\system32\D3DX9_39.dll

2014-01-01 14:52:28 ----A---- C:\Windows\system32\d3dx10_39.dll

2014-01-01 14:52:28 ----A---- C:\Windows\system32\D3DCompiler_39.dll

2014-01-01 14:52:27 ----A---- C:\Windows\system32\XAudio2_1.dll

2014-01-01 14:52:27 ----A---- C:\Windows\system32\XAPOFX1_0.dll

2014-01-01 14:52:27 ----A---- C:\Windows\system32\xactengine3_1.dll

2014-01-01 14:52:27 ----A---- C:\Windows\system32\X3DAudio1_4.dll

2014-01-01 14:52:27 ----A---- C:\Windows\system32\d3dx10_38.dll

2014-01-01 14:52:27 ----A---- C:\Windows\system32\D3DCompiler_38.dll

2014-01-01 14:52:26 ----A---- C:\Windows\system32\XAudio2_0.dll

2014-01-01 14:52:26 ----A---- C:\Windows\system32\D3DX9_38.dll

2014-01-01 14:52:25 ----A---- C:\Windows\system32\xactengine3_0.dll

2014-01-01 14:52:25 ----A---- C:\Windows\system32\X3DAudio1_3.dll

2014-01-01 14:52:24 ----A---- C:\Windows\system32\D3DX9_37.dll

2014-01-01 14:52:24 ----A---- C:\Windows\system32\d3dx10_37.dll

2014-01-01 14:52:24 ----A---- C:\Windows\system32\D3DCompiler_37.dll

2014-01-01 14:52:23 ----A---- C:\Windows\system32\xactengine2_10.dll

2014-01-01 14:52:22 ----A---- C:\Windows\system32\d3dx10_36.dll

2014-01-01 14:52:22 ----A---- C:\Windows\system32\D3DCompiler_36.dll

2014-01-01 14:52:21 ----A---- C:\Windows\system32\xactengine2_9.dll

2014-01-01 14:52:21 ----A---- C:\Windows\system32\d3dx9_36.dll

2014-01-01 14:52:20 ----A---- C:\Windows\system32\d3dx10_35.dll

2014-01-01 14:52:20 ----A---- C:\Windows\system32\D3DCompiler_35.dll

2014-01-01 14:52:19 ----A---- C:\Windows\system32\d3dx9_35.dll

2014-01-01 14:52:18 ----A---- C:\Windows\system32\xactengine2_8.dll

2014-01-01 14:52:18 ----A---- C:\Windows\system32\X3DAudio1_2.dll

2014-01-01 14:52:18 ----A---- C:\Windows\system32\d3dx10_34.dll

2014-01-01 14:52:18 ----A---- C:\Windows\system32\D3DCompiler_34.dll

2014-01-01 14:52:17 ----A---- C:\Windows\system32\xinput1_3.dll

2014-01-01 14:52:17 ----A---- C:\Windows\system32\d3dx9_34.dll

2014-01-01 14:52:16 ----A---- C:\Windows\system32\xactengine2_7.dll

2014-01-01 14:52:16 ----A---- C:\Windows\system32\d3dx10_33.dll

2014-01-01 14:52:16 ----A---- C:\Windows\system32\D3DCompiler_33.dll

2014-01-01 14:52:15 ----A---- C:\Windows\system32\xactengine2_6.dll

2014-01-01 14:52:15 ----A---- C:\Windows\system32\d3dx9_33.dll

2014-01-01 14:52:14 ----A---- C:\Windows\system32\xactengine2_5.dll

2014-01-01 14:52:14 ----A---- C:\Windows\system32\d3dx10.dll

2014-01-01 14:52:13 ----A---- C:\Windows\system32\xactengine2_4.dll

2014-01-01 14:52:13 ----A---- C:\Windows\system32\x3daudio1_1.dll

2014-01-01 14:52:13 ----A---- C:\Windows\system32\d3dx9_32.dll

2014-01-01 14:52:12 ----A---- C:\Windows\system32\xactengine2_3.dll

2014-01-01 14:52:12 ----A---- C:\Windows\system32\d3dx9_31.dll

2014-01-01 14:52:11 ----A---- C:\Windows\system32\xinput1_2.dll

2014-01-01 14:52:11 ----A---- C:\Windows\system32\xinput1_1.dll

2014-01-01 14:52:11 ----A---- C:\Windows\system32\xactengine2_2.dll

2014-01-01 14:52:10 ----A---- C:\Windows\system32\xactengine2_1.dll

2014-01-01 14:52:00 ----A---- C:\Windows\system32\xactengine2_0.dll

2014-01-01 14:52:00 ----A---- C:\Windows\system32\x3daudio1_0.dll

2014-01-01 14:52:00 ----A---- C:\Windows\system32\d3dx9_30.dll

2014-01-01 14:51:59 ----A---- C:\Windows\system32\d3dx9_29.dll

2014-01-01 14:51:59 ----A---- C:\Windows\system32\d3dx9_28.dll

2014-01-01 14:51:58 ----A---- C:\Windows\system32\d3dx9_27.dll

2014-01-01 14:51:58 ----A---- C:\Windows\system32\d3dx9_26.dll

2014-01-01 14:51:56 ----A---- C:\Windows\system32\d3dx9_24.dll

2014-01-01 13:25:09 ----D---- C:\Users\knaap\AppData\Roaming\The Hobbit

2013-12-21 20:06:59 ----D---- C:\Games

2013-12-15 14:11:37 ----D---- C:\Users\knaap\AppData\Roaming\.minecraft

2013-12-14 16:50:33 ----D---- C:\Users\knaap\AppData\Roaming\.medieval

2013-12-13 17:37:13 ----D---- C:\ElementalTinkerer

2013-12-13 17:05:28 ----D---- C:\Users\knaap\AppData\Roaming\.voidswrath

2013-12-12 14:37:44 ----A---- C:\Windows\system32\win32k.sys

2013-12-12 14:37:31 ----A---- C:\Windows\system32\drivers\portcls.sys

2013-12-12 14:37:31 ----A---- C:\Windows\system32\drivers\drmk.sys

2013-12-12 14:37:29 ----A---- C:\Windows\system32\wshcon.dll

2013-12-12 14:37:29 ----A---- C:\Windows\system32\wscript.exe

2013-12-12 14:37:29 ----A---- C:\Windows\system32\scrrun.dll

2013-12-12 14:37:29 ----A---- C:\Windows\system32\cscript.exe

2013-12-12 14:37:27 ----A---- C:\Windows\system32\imagehlp.dll

2013-12-12 14:27:16 ----D---- C:\Program Files\Common Files\Sony Shared

======List of files/folders modified in the last 3 months======

2014-03-05 18:37:04 ----D---- C:\Windows\Temp

2014-03-05 17:56:58 ----D---- C:\Windows\system32\drivers

2014-03-05 17:56:58 ----D---- C:\Windows\ServiceProfiles

2014-03-05 17:33:16 ----HD---- C:\ProgramData

2014-03-05 17:33:14 ----D---- C:\Program Files

2014-03-05 16:58:50 ----D---- C:\ProgramData\G DATA

2014-03-05 16:58:23 ----D---- C:\Windows\system32\Tasks

2014-03-05 16:58:20 ----D---- C:\Program Files\Common Files

2014-03-05 16:45:22 ----D---- C:\Users\knaap\AppData\Roaming\Skype

2014-03-05 14:25:34 ----D---- C:\Windows\System32

2014-03-05 14:25:34 ----D---- C:\Program Files\Common Files\G Data

2014-03-05 13:44:48 ----D---- C:\Program Files\G Data

2014-03-05 13:18:47 ----D---- C:\Windows\system32\catroot

2014-03-05 13:12:41 ----D---- C:\Windows\system32\spool

2014-03-05 13:10:47 ----D---- C:\Windows\system32\WDI

2014-03-05 13:02:20 ----D---- C:\Windows\Microsoft.NET

2014-03-05 12:36:25 ----SHD---- C:\Windows\Installer

2014-03-05 12:36:12 ----SHD---- C:\Config.Msi

2014-03-05 12:32:44 ----SHD---- C:\System Volume Information

2014-03-04 18:32:30 ----D---- C:\Windows\Prefetch

2014-03-04 18:21:48 ----D---- C:\Windows\system32\catroot2

2014-03-04 16:02:08 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-03-04 16:02:06 ----D---- C:\Windows\inf

2014-02-28 18:18:19 ----D---- C:\Windows\system32\en-US

2014-02-28 18:15:26 ----SD---- C:\ProgramData\Microsoft

2014-02-28 18:15:26 ----D---- C:\Windows

2014-02-27 21:29:25 ----D---- C:\ProgramData\Skype

2014-02-27 21:29:15 ----RD---- C:\Program Files\Skype

2014-02-21 19:05:26 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-02-13 19:15:02 ----RSD---- C:\Windows\assembly

2014-02-13 18:23:23 ----D---- C:\Windows\system32\migration

2014-02-13 18:23:21 ----D---- C:\Program Files\Internet Explorer

2014-02-13 16:30:46 ----D---- C:\Windows\winsxs

2014-02-13 16:22:03 ----D---- C:\Windows\system32\MRT

2014-02-13 16:16:00 ----A---- C:\Windows\system32\mrt.exe

2014-02-05 20:58:11 ----D---- C:\Users\knaap\AppData\Roaming\BitTorrent

2014-01-26 20:01:15 ----D---- C:\Program Files\EA Games

2014-01-26 19:03:17 ----HD---- C:\Program Files\InstallShield Installation Information

2014-01-26 14:44:21 ----D---- C:\Program Files\Sony

2014-01-25 21:19:43 ----D---- C:\Program Files\Ubisoft

2014-01-25 21:17:41 ----D---- C:\Windows\Tasks

2014-01-25 20:53:18 ----A---- C:\Windows\system32\msvcr100.dll

2014-01-25 20:53:18 ----A---- C:\Windows\system32\msvcp100.dll

2014-01-23 16:42:11 ----D---- C:\ProgramData\Oracle

2014-01-22 17:53:23 ----D---- C:\Program Files\Mp3 File Editor

2014-01-22 17:52:41 ----D---- C:\Program Files\TomTom International B.V

2014-01-22 13:53:34 ----D---- C:\Program Files\Java

2014-01-20 16:42:49 ----D---- C:\VoidLauncher

2014-01-16 19:00:32 ----D---- C:\ProgramData\Microsoft Help

2014-01-15 14:01:04 ----RSD---- C:\Windows\Fonts

2014-01-08 21:11:47 ----A---- C:\Windows\system32\PnkBstrB.exe

2014-01-06 17:37:30 ----A---- C:\Windows\system32\PnkBstrA.exe

2014-01-04 13:47:22 ----SD---- C:\Windows\Downloaded Program Files

2013-12-27 14:01:56 ----D---- C:\Windows\system32\LogFiles

2013-12-21 12:14:25 ----D---- C:\Program Files\Google

2013-12-18 06:13:56 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys [2014-03-05 45912]

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2008-08-18 145952]

R0 PxHelp20;PxHelp20; C:\Windows\system32\Drivers\PxHelp20.sys [2006-11-02 36624]

R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2014-03-05 96600]

R1 gdwfpcd;G Data WFP CD; C:\Windows\system32\drivers\gdwfpcd32.sys [2014-03-05 54104]

R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2014-03-05 51032]

R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-09-01 281760]

R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-09-01 25888]

R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2014-03-05 52056]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]

R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]

R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-04-30 265496]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]

R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-03-25 1048480]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-25 8939296]

R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2009-04-30 13976]

R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2009-04-30 2687512]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]

R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-05-08 1047552]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2; C:\Windows\system32\DRIVERS\aabed2.sys [2008-03-20 23040]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]

R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2013-08-26 1970296]

R2 AVKService;G Data Scheduler; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [2013-08-21 635000]

R2 AVKWCtl;G Data Bestandssysteembewaker; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2013-10-15 2101280]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-02-26 1678672]

R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-26 375056]

R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 645992]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-01-06 76888]

R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]

R3 GDFwSvc;G Data Personal Firewall; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2013-10-17 2373712]

R3 GDScan;G Data Scanner; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [2013-08-22 695416]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-15 553288]

R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-07 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21 257928]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-07 136176]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-03-07 194032]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2013-11-26 73728]

S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Jion]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie).

• 
  
• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

C:\Program Files\Enigma Software Group;fs
autoclean;
emptyclsid;
emptyfolderscheck;delete 
startupall; 
filesrcm;

• 
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[A van der Knaap]

Ja Jion,Jion, daar is de volgende serie. Duurde even ivm werk.

Had wel even problemen met opstarten.

Zoek.exe v5.0.0.0 Updated 02-March-2014

Tool run by knaap on do 06-03-2014 at 17:32:03,21.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\knaap\Desktop\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

6-3-2014 17:35:08 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Mp3 File Editor deleted successfully

C:\Program Files\MSXML 4.0 deleted successfully

C:\Program Files\Samsung deleted successfully

C:\PROGRA~2\Electronic Arts deleted successfully

C:\PROGRA~2\Oracle deleted successfully

C:\PROGRA~2\Turbine deleted successfully

C:\Users\knaap\AppData\Roaming\Samsung deleted successfully

C:\Users\knaap\AppData\Roaming\SimpleFiles deleted successfully

C:\Users\knaap\AppData\Roaming\versions deleted successfully

C:\Users\knaap\AppData\Local\Samsung deleted successfully

C:\Users\knaap\AppData\Local\Techne deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{DEDAF650-12B8-48f5-A843-BBA100716106} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Program Files\Enigma Software Group deleted

C:\Users\knaap\daemonprocess.txt deleted

C:\Users\knaap\.android deleted

C:\found.000 deleted

C:\found.001 deleted

C:\found.002 deleted

C:\found.003 deleted

C:\found.004 deleted

C:\found.005 deleted

C:\found.006 deleted

C:\found.007 deleted

C:\found.008 deleted

C:\found.009 deleted

C:\found.010 deleted

C:\found.011 deleted

C:\found.012 deleted

C:\found.013 deleted

C:\PROGRA~2\InstallMate deleted

C:\Users\knaap\AppData\Local\cache deleted

C:\user.js deleted

"C:\Users\knaap\AppData\Roaming\Commands" deleted

"C:\Users\knaap\AppData\Roaming\Common" deleted

"C:\Users\knaap\AppData\Roaming\Woodwinds" deleted

"C:\Users\knaap\AppData\Roaming\Work - Home" deleted

"C:\Users\knaap\AppData\Roaming\Workflows" deleted

"C:\ProgramData\Conditionals" deleted

"C:\ProgramData\Configure Folder Actions" deleted

"C:\ProgramData\designjet" deleted

"C:\ProgramData\deskjet" deleted

"C:\ProgramData\docInfo" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\knaap\AppData\Local\Temp ====

2014-02-27 10:27:17 0D0AE1B62B9A50C65A3934E5A6CF5CE5 34827424 ----a-w- C:\Users\knaap\AppData\Local\Temp\SkypeSetup.exe

====== Java Cache =====

====== C:\Windows\system32 =====

====== C:\Windows\system32\drivers =====

2014-03-05 16:33:14 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-03-05 12:48:21 780E4290AE95F7766AEB3B1C1467DEA3 52056 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys

2014-03-05 12:47:16 A224F5EB3D9C49F58E199F4D72B46181 54104 ----a-w- C:\Windows\System32\drivers\gdwfpcd32.sys

2014-03-05 12:47:07 6D2F9B98ED50ED617040485B02957176 51032 ----a-w- C:\Windows\System32\drivers\HookCentre.sys

2014-03-05 12:47:07 66AB4FCBB20CF760E331E7F394245DCD 96600 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys

2014-03-05 12:47:06 A9F617B922319A7B27551D0F0AEF1E8A 45912 ----a-w- C:\Windows\System32\drivers\GDBehave.sys

====== C:\Windows\Tasks ======

2014-02-27 10:26:18 FCE5FDBF9F38EB023403BC49294E85AB 3008 ----a-w- C:\Windows\system32\Tasks\{025CB461-3726-43D3-A2D2-49BC29D64A8C}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-03-05 14:11:09 -------- d-----w- C:\Program Files\Puran File Recovery

2014-03-05 13:58:24 -------- d-----w- C:\Program Files\trend micro

2014-02-27 20:29:15 -------- d-----w- C:\Program Files\Common Files\Skype

======= C: =====

====== C:\Users\knaap\AppData\Roaming ======

2014-02-27 20:29:30 -------- d-----w- C:\Users\knaap\AppData\Local\Skype

2014-02-22 12:42:26 -------- d-----w- C:\Users\knaap\AppData\Roaming\.technic

2014-02-13 14:58:49 -------- d-----w- C:\Users\knaap\AppData\Local\Unity

2014-02-13 14:58:47 -------- d-----w- C:\Users\knaap\AppData\Locallow\Unity

====== C:\Users\knaap ======

2014-03-05 15:35:02 A845789676F7D2A542E708EB5CAC12C9 1244192 ----a-w- C:\Users\knaap\Desktop\adwcleaner.exe

2014-03-05 14:11:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran File Recovery

2014-03-05 13:58:08 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\knaap\Downloads\RSIT.exe

2014-02-27 20:29:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-02-24 12:38:34 B14CC02E8228CF763D4DD5D28DFFA498 774730 ----a-w- C:\Users\knaap\Downloads\ATLauncher.exe

2014-02-22 12:50:38 D79A654777CED791D52066AFBC5DB6AE 1064232 ----a-w- C:\Users\knaap\Downloads\WinRAR 3.50 + Crack.exe

====== C: exe-files ==

2014-03-05 15:35:02 A845789676F7D2A542E708EB5CAC12C9 1244192 ----a-w- C:\Users\knaap\Desktop\adwcleaner.exe

2014-03-05 14:11:09 99A1C109BD258A3A13F226665336E8F1 975744 ----a-w- C:\Program Files\Puran File Recovery\Puran File Recovery.exe

2014-03-05 14:11:09 21076A0ED4FE99D52DA52B164B9264B9 1233280 ----a-w- C:\Program Files\Puran File Recovery\unins000.exe

2014-03-05 13:58:27 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\knaap.exe

2014-03-05 13:58:08 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\knaap\Downloads\RSIT.exe

2014-03-04 18:20:52 99EDAB82414D23D14947415E5C502FE1 786136 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.146\33.0.1750.146_33.0.1750.117_chrome_updater.exe

=== C: other files ==

2014-03-05 16:33:14 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-03-05 12:48:21 780E4290AE95F7766AEB3B1C1467DEA3 52056 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys

2014-03-05 12:47:16 A224F5EB3D9C49F58E199F4D72B46181 54104 ----a-w- C:\Windows\System32\drivers\gdwfpcd32.sys

2014-03-05 12:47:07 6D2F9B98ED50ED617040485B02957176 51032 ----a-w- C:\Windows\System32\drivers\HookCentre.sys

2014-03-05 12:47:07 66AB4FCBB20CF760E331E7F394245DCD 96600 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys

2014-03-05 12:47:06 A9F617B922319A7B27551D0F0AEF1E8A 45912 ----a-w- C:\Windows\System32\drivers\GDBehave.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-2229290244-4101571045-3097305160-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"HP Photosmart 6510 series (NET)"="C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe -deviceID CN17I2130G05QB:NW -scfn HP Photosmart 6510 series (NET) -AutoStart 1"

"ANT Agent"="C:\Program Files\Garmin\ANT Agent\ANT Agent.exe"

"Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-21-2229290244-4101571045-3097305160-1002\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"HDAudDeck"="C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r"

"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Reader Application Helper"="C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe -startup"

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"Corel File Shell Monitor"="C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe"

"Nikon Message Center 2"="C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s"

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe /hide"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"LogMeIn Hamachi Ui"="C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

"G Data AntiVirus Tray"="C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe"

"GDFirewallTray"="C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"HP Photosmart 6510 series (NET)"="C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe -deviceID CN17I2130G05QB:NW -scfn HP Photosmart 6510 series (NET) -AutoStart 1"

"ANT Agent"="C:\Program Files\Garmin\ANT Agent\ANT Agent.exe"

"Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Folders ======================

2013-08-02 15:08:44 1787 ----a-w- C:\Users\knaap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk

2013-05-14 17:54:18 1115 ----a-w- C:\Users\knaap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [21-02-2014 19:05]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [07-03-2013 14:55]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\HPCustParticipation HP Photosmart 6510 series" ["C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPCustPartic.exe"]

"C:\Windows\system32\tasks\hpUrlLauncher.exe_{69B7DA50-3E1C-47BB-9B32-37C97CB5DFC8}" [C:\Program Files\HP\HP Photosmart 6510 series\Bin\utils\hpUrlLauncher.exe]

"C:\Windows\system32\tasks\{025CB461-3726-43D3-A2D2-49BC29D64A8C}" ["c:\program files\google\chrome\application\chrome.exe"]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [02-03-2013 15:08]

==== Firefox Extensions ======================

ProfilePath: C:\Users\knaap\AppData\Roaming\TomTom\HOME\Profiles\tjomfojp.default

- Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com

- Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================

==== Chrome Look ======================

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{14E802DE-9EC4-4AF1-8EF3-6F9F10274AC9}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{14E802DE-9EC4-4AF1-8EF3-6F9F10274AC9} Google Url="{searchTerms} - Google zoeken="

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2229290244-4101571045-3097305160-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================

==== shortcuts on Users Desktops ======================

C:\Users\knaap\Desktop\BitTorrent.lnk - C:\Users\knaap\AppData\Roaming\BitTorrent\BitTorrent.exe

C:\Users\knaap\Desktop\LogMeIn Hamachi.lnk - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Capture NX 2.lnk - C:\Program Files\Nikon\Capture NX 2\Capture NX 2.exe

C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk - C:\Program Files\G Data\InternetSecurity\GUI\GDSC.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\Harry Potter en de Gevangene van Azkaban.lnk - C:\Program Files\EA Games\Harry Potter en de Gevangene van Azkaban\system\hppoa.exe

C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Public\Desktop\Reader for PC.lnk - C:\Program Files\Sony\ReaderDesktop\Reader.exe

C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe

C:\Users\Public\Desktop\Spotnet.lnk - C:\Program Files\Spotnet\Spotnet.exe

C:\Users\Public\Desktop\ViewNX 2.lnk - C:\Program Files\Nikon\ViewNX 2\ViewNX2.exe

==== shortcuts in Users Start Menu ======================

C:\Users\knaap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\knaap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\knaap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Photosmart 6510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN17I2130G05QB;CONNECTION=NW;MONITOR=1;

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014\G Data Bootmedium.lnk - C:\Program Files\G Data\InternetSecurity\AVK\BootCDWizard.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014\G Data InternetSecurity 2014.lnk - C:\Program Files\G Data\InternetSecurity\GUI\GDSC.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\Windows\system32\msiexec.exe /i {91BA5476-8B26-49E4-84B2-9EFE10917B33} REMOVE=ALL

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran File Recovery\Puran File Recovery on the Web.lnk - C:\Program Files\Puran File Recovery\Puran File Recovery.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran File Recovery\Puran File Recovery.lnk - C:\Program Files\Puran File Recovery\Puran File Recovery.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\knaap\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe Google

C:\Users\knaap\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe Google

C:\Users\knaap\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\knaap\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\knaap\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Mail (2).lnk - C:\Program Files\Windows Mail\WinMail.exe

C:\Users\knaap\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk - C:\Program Files\Bandicam\bdcam.exe

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\knaap\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\knaap\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D89B16B6-82A9-2CB5-AC9E-455EE409F4FE} deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\knaap\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\knaap\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\knaap\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\knaap\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\knaap\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=302 folders=57 142457783 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\knaap\AppData\Local\Temp will be emptied at reboot

C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\knaap\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\knaap\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun-3A-421CFC91-A93E-42AB-A35C-F06F127FCC44.lock" not found

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on do 06-03-2014 at 19:17:00,10 ======================

[Jion]

Merk je nu nog problemen op?