computer doet soms traag en raar

[dries V]

beste,

mijn computer doet sinds kort soms raar, werkt zeer traag en blijft soms wat hangen

kan iemand mijn logje bekijken.

Logfile of random's system information tool 1.09 (written by random/random)

Run by Microsoft User at 2014-03-05 19:19:09

Microsoft Windows XP Professional Service Pack 3

System drive C: has 6 GB (5%) free of 114 GB

Total RAM: 1022 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:19:28, on 5/03/2014

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\WINDOWS\system32\ElkCtrl.exe

C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files\Genie-Soft\GBALite8LaCie\GBMAgent.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Samsung\Kies\Kies.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Microsoft User\Mijn documenten\Downloads\RSIT.exe

C:\Program Files\trend micro\Microsoft User.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"

O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"

O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"

O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

O4 - HKLM\..\Run: [GBMLite8AgentLaCie] C:\Program Files\Genie-Soft\GBALite8LaCie\GBMAgent.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [GBMLite8AgentLaCie] C:\Program Files\Genie-Soft\GBALite8LaCie\GBMAgent.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Avira Realtime Protection (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--

End of file - 9850 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Microsoft User\Application Data\Mozilla\Firefox\Profiles\vn80b503.default

prefs.js - "browser.search.suggest.enabled" - false

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "http://google.be/"

prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, jqs@sun.com:1.0, {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:3.0.1, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6"

prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"ext@WebexpEnhancedV1alpha375.net"=C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha375\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 12.0.0.70 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]

"Description"=McAfee Mss Plugin

"Path"=C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\

IICAClient.xpt

nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\

cgpcfg.dll

CgpCore.dll

confmgr.dll

ctxlogging.dll

ctxmui.dll

ICAClObj.class

icafile.dll

icalogon.dll

Microsoft.VC80.CRT.manifest

msvcm80.dll

msvcp80.dll

msvcr80.dll

npicaN.dll

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

QuickTimePlugin.class

sslsdk_b.dll

TcpPServ.dll

C:\Documents and Settings\Microsoft User\Application Data\Mozilla\Firefox\Profiles\vn80b503.default\extensions\

{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2004-08-10 59392]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-02-27 16005120]

"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-03-16 88204]

"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-01-08 102491]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-01-08 692315]

"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]

"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2006-04-06 225280]

"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]

"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2006-03-30 471040]

"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]

"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]

"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-10-11 29984]

"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-10-11 46368]

"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992]

"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-02-19 1089536]

"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-12-21 86016]

"GBMLite8AgentLaCie"=C:\Program Files\Genie-Soft\GBALite8LaCie\GBMAgent.exe [2008-08-26 189056]

"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2012-02-09 312376]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-05-23 311152]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2013-05-01 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"GBMLite8AgentLaCie"=C:\Program Files\Genie-Soft\GBALite8LaCie\GBMAgent.exe [2008-08-26 189056]

"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-05-23 1561968]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]

C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [2006-04-06 331776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]

C:\Program Files\Acer\OrbiCam\InstallHelper.exe [2006-04-06 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Citrix XenApp.lnk]

C:\WINDOWS\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2011-10-03 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^McAfee Security Scan Plus.lnk]

C:\PROGRA~1\MCAFEE~1\30D80A~1.285\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Apple Mobile Device"=2

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten

McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2006-05-04 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDriveAutoRun"=67108863

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

"NoDriveAutoRun"=67108863

"NoDriveTypeAutoRun"=323

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\SPSSInc\PASWStatistics18\paswstat.com"="C:\Program Files\SPSSInc\PASWStatistics18\paswstat.com:*:Disabled:Statistics18:com"

"C:\Program Files\SPSSInc\PASWStatistics18\WinWrapIDE.exe"="C:\Program Files\SPSSInc\PASWStatistics18\WinWrapIDE.exe:*:Disabled:SPSS Basic Script Editor"

"C:\Program Files\SPSSInc\PASWStatistics18\paswstat.exe"="C:\Program Files\SPSSInc\PASWStatistics18\paswstat.exe:*:Disabled:Statistics18:exe"

"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"

"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Games\World_of_Tanks\WoTLauncher.exe"="C:\Games\World_of_Tanks\WoTLauncher.exe:*:Enabled:World of Tanks Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"VIDC.I420"=lvcodec2.dll

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"VIDC.YVYU"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"MSVideo"=vfwwdm32.dll

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"VIDC.MPG4"=mpg4c32.dll

"VIDC.MP42"=mpg4c32.dll

======List of files/folders created in the last 1 month======

2014-03-05 19:19:09 ----D---- C:\rsit

2014-02-15 16:13:07 ----A---- C:\DelFix.txt

2014-02-15 15:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\COMODO

2014-02-15 15:51:32 ----D---- C:\first_launch

2014-02-15 15:50:58 ----D---- C:\Program Files\Comodo

2014-02-15 15:50:45 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo Downloader

2014-02-15 15:07:31 ----D---- C:\Program Files\CCleaner

2014-02-15 10:52:18 ----A---- C:\WINDOWS\system32\XAudio2_7.dll

2014-02-15 10:52:18 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll

2014-02-15 10:52:17 ----A---- C:\WINDOWS\system32\xactengine3_7.dll

2014-02-15 10:52:17 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll

2014-02-15 10:52:16 ----A---- C:\WINDOWS\system32\d3dx11_43.dll

2014-02-15 10:52:16 ----A---- C:\WINDOWS\system32\d3dx10_43.dll

2014-02-15 10:52:16 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll

2014-02-15 10:52:15 ----A---- C:\WINDOWS\system32\D3DX9_43.dll

2014-02-15 10:52:14 ----A---- C:\WINDOWS\system32\XAudio2_6.dll

2014-02-15 10:52:14 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll

2014-02-15 10:52:14 ----A---- C:\WINDOWS\system32\xactengine3_6.dll

2014-02-15 10:52:14 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll

2014-02-15 10:52:13 ----A---- C:\WINDOWS\system32\XAudio2_5.dll

2014-02-15 10:52:13 ----A---- C:\WINDOWS\system32\xactengine3_5.dll

2014-02-15 10:52:12 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll

2014-02-15 10:52:10 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll

2014-02-15 10:52:09 ----A---- C:\WINDOWS\system32\d3dx11_42.dll

2014-02-15 10:52:08 ----A---- C:\WINDOWS\system32\D3DX9_42.dll

2014-02-15 10:52:08 ----A---- C:\WINDOWS\system32\d3dx10_42.dll

2014-02-15 10:52:07 ----A---- C:\WINDOWS\system32\d3dx10_41.dll

2014-02-15 10:52:07 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll

2014-02-15 10:52:05 ----A---- C:\WINDOWS\system32\D3DX9_41.dll

2014-02-15 10:52:04 ----A---- C:\WINDOWS\system32\XAudio2_4.dll

2014-02-15 10:52:04 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll

2014-02-15 10:52:04 ----A---- C:\WINDOWS\system32\xactengine3_4.dll

2014-02-15 10:52:04 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll

2014-02-15 10:52:03 ----A---- C:\WINDOWS\system32\d3dx10_40.dll

2014-02-15 10:52:03 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll

2014-02-15 10:52:02 ----A---- C:\WINDOWS\system32\XAudio2_3.dll

2014-02-15 10:52:02 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll

2014-02-15 10:52:02 ----A---- C:\WINDOWS\system32\D3DX9_40.dll

2014-02-15 10:52:01 ----A---- C:\WINDOWS\system32\xactengine3_3.dll

2014-02-15 10:52:01 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll

2014-02-15 10:52:00 ----A---- C:\WINDOWS\system32\XAudio2_2.dll

2014-02-15 10:52:00 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll

2014-02-15 10:52:00 ----A---- C:\WINDOWS\system32\xactengine3_2.dll

2014-02-15 10:51:59 ----A---- C:\WINDOWS\system32\D3DX9_39.dll

2014-02-15 10:51:59 ----A---- C:\WINDOWS\system32\d3dx10_39.dll

2014-02-15 10:51:59 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll

2014-02-15 10:51:58 ----A---- C:\WINDOWS\system32\XAudio2_1.dll

2014-02-15 10:51:58 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll

2014-02-15 10:51:58 ----A---- C:\WINDOWS\system32\xactengine3_1.dll

2014-02-15 10:51:57 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll

2014-02-15 10:51:57 ----A---- C:\WINDOWS\system32\d3dx10_38.dll

2014-02-15 10:51:57 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll

2014-02-15 10:51:56 ----A---- C:\WINDOWS\system32\XAudio2_0.dll

2014-02-15 10:51:56 ----A---- C:\WINDOWS\system32\D3DX9_38.dll

2014-02-15 10:51:55 ----A---- C:\WINDOWS\system32\xactengine3_0.dll

2014-02-15 10:51:54 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll

2014-02-15 10:51:54 ----A---- C:\WINDOWS\system32\D3DX9_37.dll

2014-02-15 10:51:54 ----A---- C:\WINDOWS\system32\d3dx10_37.dll

2014-02-15 10:51:54 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll

2014-02-15 10:51:53 ----A---- C:\WINDOWS\system32\xactengine2_10.dll

2014-02-15 10:51:52 ----A---- C:\WINDOWS\system32\d3dx9_36.dll

2014-02-15 10:51:52 ----A---- C:\WINDOWS\system32\d3dx10_36.dll

2014-02-15 10:51:52 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll

2014-02-15 10:51:51 ----A---- C:\WINDOWS\system32\xactengine2_9.dll

2014-02-15 10:51:50 ----A---- C:\WINDOWS\system32\d3dx9_35.dll

2014-02-15 10:51:50 ----A---- C:\WINDOWS\system32\d3dx10_35.dll

2014-02-15 10:51:50 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll

2014-02-15 10:51:49 ----A---- C:\WINDOWS\system32\xactengine2_8.dll

2014-02-15 10:51:49 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll

2014-02-15 10:51:47 ----A---- C:\WINDOWS\system32\d3dx9_34.dll

2014-02-15 10:51:47 ----A---- C:\WINDOWS\system32\d3dx10_34.dll

2014-02-15 10:51:47 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll

2014-02-15 10:51:46 ----A---- C:\WINDOWS\system32\xinput1_3.dll

2014-02-15 10:51:42 ----A---- C:\WINDOWS\system32\xactengine2_7.dll

2014-02-15 10:51:41 ----A---- C:\WINDOWS\system32\d3dx10_33.dll

2014-02-15 10:51:41 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll

2014-02-15 10:51:39 ----A---- C:\WINDOWS\system32\xactengine2_6.dll

2014-02-15 10:51:39 ----A---- C:\WINDOWS\system32\d3dx9_33.dll

2014-02-15 10:51:38 ----A---- C:\WINDOWS\system32\xactengine2_5.dll

2014-02-15 10:51:37 ----A---- C:\WINDOWS\system32\d3dx9_32.dll

2014-02-15 10:51:36 ----A---- C:\WINDOWS\system32\xactengine2_4.dll

2014-02-15 10:51:36 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll

2014-02-15 10:51:36 ----A---- C:\WINDOWS\system32\d3dx9_31.dll

2014-02-15 10:51:35 ----A---- C:\WINDOWS\system32\xinput1_2.dll

2014-02-15 10:51:35 ----A---- C:\WINDOWS\system32\xactengine2_3.dll

2014-02-15 10:51:35 ----A---- C:\WINDOWS\system32\xactengine2_2.dll

2014-02-15 10:51:34 ----A---- C:\WINDOWS\system32\xinput1_1.dll

2014-02-15 10:51:33 ----A---- C:\WINDOWS\system32\xactengine2_1.dll

2014-02-15 10:51:28 ----A---- C:\WINDOWS\system32\xactengine2_0.dll

2014-02-15 10:51:28 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll

2014-02-15 10:51:28 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2014-02-15 10:51:27 ----A---- C:\WINDOWS\system32\d3dx9_29.dll

2014-02-15 10:51:27 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2014-02-15 10:51:26 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll

2014-02-15 10:51:25 ----A---- C:\WINDOWS\system32\d3dx9_27.dll

2014-02-15 10:51:25 ----A---- C:\WINDOWS\system32\d3dx9_26.dll

2014-02-15 10:51:24 ----A---- C:\WINDOWS\system32\d3dx9_25.dll

2014-02-15 10:51:21 ----A---- C:\WINDOWS\system32\d3dx9_24.dll

2014-02-15 10:49:32 ----HD---- C:\WINDOWS\msdownld.tmp

2014-02-15 10:49:25 ----D---- C:\WINDOWS\Logs

2014-02-15 10:49:21 ----D---- C:\Games

2014-02-13 20:05:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$

2014-02-13 19:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2904878$

2014-02-13 08:55:40 ----D---- C:\Program Files\McAfee Security Scan

======List of files/folders modified in the last 1 month======

2014-03-05 19:19:16 ----D---- C:\Program Files\Trend Micro

2014-03-05 19:19:15 ----D---- C:\WINDOWS\Prefetch

2014-03-05 18:36:28 ----D---- C:\WINDOWS\Temp

2014-03-05 18:20:55 ----A---- C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt

2014-03-05 18:20:48 ----D---- C:\WINDOWS\Registration

2014-03-05 18:20:30 ----D---- C:\WINDOWS

2014-03-05 18:20:28 ----D---- C:\WINDOWS\system32\Lang

2014-03-04 21:18:32 ----A---- C:\WINDOWS\SchedLgU.Txt

2014-03-04 19:26:59 ----A---- C:\WINDOWS\NeroDigital.ini

2014-03-01 17:45:09 ----D---- C:\WINDOWS\system32\CatRoot2

2014-02-27 22:04:16 ----D---- C:\WINDOWS\system32

2014-02-21 10:55:54 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2014-02-19 20:05:00 ----D---- C:\Documents and Settings\All Users\Application Data\pdf995

2014-02-15 17:47:02 ----D---- C:\WINDOWS\system32\drivers

2014-02-15 16:04:34 ----SHD---- C:\WINDOWS\Installer

2014-02-15 16:03:43 ----D---- C:\Program Files\Common Files

2014-02-15 16:03:34 ----HD---- C:\WINDOWS\inf

2014-02-15 15:50:58 ----RD---- C:\Program Files

2014-02-15 15:28:45 ----D---- C:\Program Files\Mozilla Firefox

2014-02-15 15:26:00 ----D---- C:\Program Files\Mozilla Maintenance Service

2014-02-15 15:19:06 ----D---- C:\Documents and Settings\Microsoft User\Application Data\BitTorrent

2014-02-15 15:19:06 ----D---- C:\Documents and Settings\Microsoft User\Application Data\Azureus

2014-02-15 15:18:46 ----D---- C:\WINDOWS\Debug

2014-02-15 14:32:17 ----D---- C:\WINDOWS\system32\Restore

2014-02-15 10:52:33 ----D---- C:\WINDOWS\WinSxS

2014-02-15 10:52:21 ----D---- C:\WINDOWS\system32\DirectX

2014-02-15 10:51:33 ----RSD---- C:\WINDOWS\assembly

2014-02-15 10:51:15 ----D---- C:\WINDOWS\Microsoft.NET

2014-02-13 20:05:27 ----RSHDC---- C:\WINDOWS\system32\dllcache

2014-02-13 20:03:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2014-02-13 20:00:08 ----D---- C:\WINDOWS\system32\MRT

2014-02-13 19:56:41 ----A---- C:\WINDOWS\system32\MRT.exe

2014-02-13 19:56:23 ----D---- C:\Program Files\Internet Explorer

2014-02-13 19:55:57 ----D---- C:\WINDOWS\ie8updates

2014-02-06 04:38:34 ----A---- C:\WINDOWS\system32\wininet.dll

2014-02-06 00:08:31 ----N---- C:\WINDOWS\system32\occache.dll

2014-02-06 00:08:31 ----N---- C:\WINDOWS\system32\iedkcs32.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\urlmon.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\url.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\mstime.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\mshtmled.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\mshtml.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\msfeedsbs.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\msfeeds.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\licmgr10.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\jsproxy.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\iertutil.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\iepeers.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\ieframe.dll

2014-02-06 00:08:31 ----A---- C:\WINDOWS\system32\corpol.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2004-08-10 19840]

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-04-27 137928]

R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2012-04-16 36000]

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2012-02-09 112096]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]

R1 WmiAcpi;Microsoft Windows Beheerinterface voor ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]

R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-09-02 12032]

R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-04-24 83392]

R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []

R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-03-16 1124097]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-04 1522688]

R3 btaudio;Bluetooth-audioapparaat; C:\WINDOWS\system32\drivers\btaudio.sys [2006-01-05 328061]

R3 BTKRNL;Bluetooth bus-enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-01-05 850282]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-27 4241920]

R3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\system32\DRIVERS\lv321av.sys [2006-04-06 1097472]

R3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []

R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []

R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2006-04-06 39424]

R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288]

R3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]

R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-01-08 191456]

R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-09-20 162432]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]

R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-27 1427968]

S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter; C:\WINDOWS\system32\DRIVERS\ADM8511.SYS [2001-08-17 20160]

S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]

S3 BTDriver;Bluetooth virtuele-communicatiestuurprogramma; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-01-05 30459]

S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-01-05 148900]

S3 catchme;catchme; \??\C:\DOCUME~1\MICROS~1\LOCALS~1\Temp\catchme.sys []

S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]

S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-05-02 83864]

S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2013-05-22 20032]

S3 MHNDRV;MHN-stuurprogramma; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]

S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-05-02 181912]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]

S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]

S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []

S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]

S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]

S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]

S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-03-29 125328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-04 405504]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-01-05 266295]

R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]

R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2004-08-10 194560]

R2 ehSched;Media Center-taakplanner; C:\WINDOWS\eHome\ehSched.exe [2004-08-30 102912]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]

R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2006-04-06 86016]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-07 167936]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288]

S2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe []

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21 257928]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 235696]

S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-13 118896]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[kape]

Download MalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

• Update MalwareBytes' Anti-Malware
  
• Start MalwareBytes' Anti-Malware
  
• Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.
  

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  
• Ga dan naar "Scanner Instellingen". Onderaan bij "PUP" kies je voor "Weergeven in scan resultaten - selecteren voor verwijdering".
  
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  
• Druk vervolgens op "Scannen" om de scan te starten.
  
• Het scannen kan een tijdje duren, dus wees geduldig.
  
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  
• Herstart de computer indien nodig en post hierna de log in het volgende bericht.
  

[dries V]

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

Malwarebytes : Free Anti-Malware

Databaseversie: v2014.03.06.08

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Microsoft User :: K314 [administrator]

Bescherming: Uitgeschakeld

6/03/2014 19:25:24

mbam-log-2014-03-06 (19-25-24).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 251256

Verstreken tijd: 13 minuut/minuten, 14 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 1

HKLM\SOFTWARE\Mozilla\Firefox\Extensions|ext@WebexpEnhancedV1alpha375.net (PUP.Optional.WebExpEnhanced.A) -> Data: C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha375\ff -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

[kape]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Quick Scan
  
  
• Installer List
  
• IE Defaults
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[dries V]

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by Microsoft User on za 08/03/2014 at 11:48:13,32.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Microsoft User\Mijn documenten\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

===== Runcheck 11:50:38,75 =====

--- Create Environment Variables 11:50:40,35

--- Checking Input 11:50:48,39

--- AU AppData Check 11:50:52,46

--- Windows Installer List 11:50:55,04

--- Empty Folders Check 11:52:08,12

--- IE Startpage Check 11:53:08,04

--- Program Files DB Check 11:53:42,67

--- C:\Documents and Settings\Administrator\Application Data DB Check 11:54:38,25

--- C:\Documents and Settings\Default User\Application Data DB Check 11:54:38,25

--- C:\Documents and Settings\LocalService\Application Data DB Check 11:54:38,25

--- C:\Documents and Settings\Microsoft User\Application Data DB Check 11:54:38,25

--- C:\Documents and Settings\NetworkService\Application Data DB Check 11:54:38,25

--- C:\WINDOWS\system32\config\systemprofile\Application Data DB Check 11:54:38,25

--- C:\Documents and Settings\Microsoft User DB Check 11:56:29,46

--- C:\DOCUME~1\ALLUSE~1\APPLIC~1 DB Check 11:56:47,68

--- C:\Documents and Settings\Administrator\Local Settings\Application Data DB Check 11:56:48,31

--- C:\Documents and Settings\Default User\Local Settings\Application Data DB Check 11:56:48,31

--- C:\Documents and Settings\LocalService\Local Settings\Application Data DB Check 11:56:48,31

--- C:\Documents and Settings\Microsoft User\Local Settings\Application Data DB Check 11:56:48,31

--- C:\Documents and Settings\NetworkService\Local Settings\Application Data DB Check 11:56:48,31

--- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data DB Check 11:56:48,31

--- C:\Documents and Settings\All Users\Menu Start\Programma's DB Check 11:58:01,07

--- C:\Documents and Settings\Microsoft User\Menu Start\Programma's DB Check 11:58:09,95

--- Tasks DB Check 11:58:14,87

--- Tasks2 DB Check 11:58:17,95

--- Documents DB Check 11:58:39,28

--- Documents2 DB Check 11:58:42,57

--- C:\Documents and Settings\MICROS~1\Application Data\Mozilla\Firefox\Profiles\vn80b503.default DB Check 11:58:44,37

--- C:\Documents and Settings\All Users\Bureaublad DB Check 11:58:47,67

--- C:\Documents and Settings\Microsoft User\Bureaublad DB Check 11:58:50,95

--- Services DB Check 11:59:00,34

--- FF prefs.js DB Check 11:59:20,17

--- Del by CLSID 11:59:57,09

--- Delete Services 12:01:04,34

--- Delete files\folders 12:01:09,54

--- Create Backups 12:01:09,67

--- Recently Created 12:01:42,76

--- StartUp Information 12:04:32,93

--- Firefox Extensions 12:04:49,12

--- Firefox Plugins 12:04:49,62

--- Chrome Look 12:06:08,65

--- Create Backups 12:06:12,79

--- IEdefaults 12:06:13,10

--- Del from Uninstall List 12:06:39,21

[kape]

Dit is een overzicht van de taken die zoek.exe heeft uitgevoerd, maar het is het logje zoek-results.log dat we nodig hebben voor analyse. Dat kan je vinden in je C-partitie en mag je dan in een volgend bericht hangen.

[dries V]

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by Microsoft User on za 08/03/2014 at 11:48:13,32.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Microsoft User\Mijn documenten\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-03-07-154453.log 11468 bytes

==== Windows Installer Info ======================

Adobe Reader XI (11.0.06) - Nederlands [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73401B744BA0000000010]C:\WINDOWS\Installer\3f501a.msi

Apple Application Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5A440F64B8EC691489E4B56D25E563D1]C:\WINDOWS\Installer\129c329.msi

Apple Mobile Device Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\69FE29508D96B4E4C99C885FE88AF610]C:\WINDOWS\Installer\129c388.msi

Apple Software Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\46B5A9879DD95AB419A50FCFA0B1B7EF]C:\WINDOWS\Installer\caad5a.msi

ATI Catalyst Control Center [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EF5D78AC2288AF14E848343A2F4240F6]C:\WINDOWS\Installer\f0f22.msi

Bonjour [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2F5519759897D9468219D52080EEDB5]C:\WINDOWS\Installer\129c397.msi

Call of Duty® 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\49750A0D2C8442441AA5F902CFDF3D47]C:\WINDOWS\Installer\3d3066.msi

Citrix XenApp Plugin for Hosted Apps [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B031C88397004B640A5DCDD27D8AA9B7]C:\WINDOWS\Installer\e1ca0.msi

iTunes [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\80CB791C28D3156488686EC81275A883]C:\WINDOWS\Installer\129d2d7.msi

Java 7 Update 40 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF238120704FF]C:\WINDOWS\Installer\1d7f6b.msi

Java Auto Updater [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401]C:\WINDOWS\Installer\1d7f79.msi

Java 6 Update 33 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF238120633FF]C:\WINDOWS\Installer\dcbc04.msi

Microsoft .NET Framework 2.0 Service Pack 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DC3BF90CC0D3D2F398A9A6D1762F70F3]c:\WINDOWS\Installer\f4b24.msi

Microsoft .NET Framework 3.0 Service Pack 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0DC1503A46F231838AD88BCDDC8E8F7C]c:\WINDOWS\Installer\117114.msi

Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26DDC2EC4210AC63483DF9D4FCC5B59D]C:\WINDOWS\Installer\12438d.msi

Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5C1093C35543A0E32A41B090A305076A]C:\WINDOWS\Installer\106275.msi

Microsoft .NET Framework 4 Client Profile NLD Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F1AF716240C0BBA3FA46D7B566023C14]C:\WINDOWS\Installer\10627a.msi

Microsoft Office Access MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109510031400000000000F01FEC]C:\WINDOWS\Installer\1319ca.msi

Microsoft Office Excel MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109610031400000000000F01FEC]C:\WINDOWS\Installer\131986.msi

Microsoft Office File Validation Add-In [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109500200000000000000F01FEC]C:\WINDOWS\Installer\3a2fc.msi

Microsoft Office InfoPath MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109440031400000000000F01FEC]C:\WINDOWS\Installer\13199d.msi

Microsoft Office Outlook MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A10031400000000000F01FEC]C:\WINDOWS\Installer\13198c.msi

Microsoft Office PowerPoint MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109810031400000000000F01FEC]C:\WINDOWS\Installer\131992.msi

Microsoft Office Professional Plus 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109110000000000000000F01FEC]C:\WINDOWS\Installer\1319d1.msi

Microsoft Office Proof (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10031400000000000F01FEC]C:\WINDOWS\Installer\1319a2.msi

Microsoft Office Proof (English) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10090400000000000F01FEC]C:\WINDOWS\Installer\1319b3.msi

Microsoft Office Proof (French) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F100C0400000000000F01FEC]C:\WINDOWS\Installer\1319ad.msi

Microsoft Office Proof (German) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10070400000000000F01FEC]C:\WINDOWS\Installer\1319a7.msi

Microsoft Office Proofing (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109C20031400000000000F01FEC]C:\WINDOWS\Installer\1319b8.msi

Microsoft Office Publisher MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109910031400000000000F01FEC]C:\WINDOWS\Installer\1319be.msi

Microsoft Office Shared MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109E60031400000000000F01FEC]C:\WINDOWS\Installer\131981.msi

Microsoft Office Word MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109B10031400000000000F01FEC]C:\WINDOWS\Installer\1319c4.msi

Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]c:\WINDOWS\Installer\97816a.msi

Microsoft Software Update for Web Folders (Dutch) 12 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109010031400000000000F01FEC]C:\WINDOWS\Installer\131998.msi

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D756077321A70C3E844C138CE981581]c:\WINDOWS\Installer\47a0de.msi

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\WINDOWS\Installer\efea80.msi

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E58EC68CABDDFF39B774E7BF9389C90]c:\WINDOWS\Installer\80545a.msi

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]c:\WINDOWS\Installer\a8a626.msi

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]c:\WINDOWS\Installer\13fbeff.msi

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]c:\WINDOWS\Installer\efeaab.msi

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]c:\WINDOWS\Installer\6285e.msi

MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDA39468D428E8B4DB27C8D5DC5CA217]c:\WINDOWS\Installer\fb8d0.msi

MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8A266FCD4F2A1409E1C8110F44DBCE]c:\WINDOWS\Installer\fb8d8.msi

PASW Statistics 18 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CF51252C00950B849BC3D83397203721]C:\WINDOWS\Installer\14a9e82.msi

QuickTime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ABFAB76BF9C4AF84496939E3B3520544]C:\WINDOWS\Installer\129c309.msi

Samsung Kies [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1038C85769625584FA5435B4210089A0]C:\WINDOWS\Installer\30dfea.msi

ScanSoft PaperPort 11 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547FF8A75CBBB284884E813D7128949A]C:\WINDOWS\Installer\509e4a.msi

Security Update for CAPICOM (KB931906) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9F2FDFE0D6387BE43AD230B83D1FBFA2]C:\WINDOWS\Installer\47a2dc.msi

SketchUp Pro 8 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E9EFB8E6C50FF4F4BA4ABF289FFAF289]C:\WINDOWS\Installer\afe874.msi

TIPCI [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BE9FC6B7B2BCA1A4189AEBA1094496A0]C:\WINDOWS\Installer\176655.msi

WebFldrs XP [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3149C053C7D38EE4AB9A00CB3B5D2472]C:\WINDOWS\Installer\20ad7.msi

WIDCOMM Bluetooth Software [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\569CE4F3FE823C540B36402BD5E46997]C:\WINDOWS\Installer\423c4.msi

==== Empty Folders Check ======================

C:\Documents and Settings\LocalService\Application Data\Apple Computer deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Documents and Settings\Microsoft User\daemonprocess.txt deleted

C:\Documents and Settings\Microsoft User\.android deleted

C:\Program Files\Mobogenie deleted

C:\Documents and Settings\Microsoft User\Application Data\ZoomBrowser EX deleted

C:\Documents and Settings\Microsoft User\Local Settings\Application Data\Mobogenie deleted

C:\Documents and Settings\Microsoft User\Local Settings\Application Data\cache deleted

C:\Documents and Settings\Microsoft User\Mijn documenten\Mobogenie deleted

C:\Documents and Settings\MICROS~1\Application Data\Mozilla\Firefox\Profiles\vn80b503.default\extensions\firefox@ghostery.com.xpi deleted

C:\Documents and Settings\MICROS~1\Application Data\Mozilla\Firefox\Profiles\vn80b503.default\jetpack deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\MICROS~1\LOCALS~1\Temp ====

====== Java Cache =====

====== C:\WINDOWS\system32 =====

====== C:\WINDOWS\system32\drivers =====

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-02-15 14:50:58 -------- d-----w- C:\Program Files\Comodo

======= C: =====

2014-02-15 15:13:07 DAD3166B2C6207A957C6A3D982856817 2202 ----a-w- C:\DelFix.txt

====== C:\Documents and Settings\Microsoft User\Application Data ======

2014-03-08 10:34:30 -------- d-----w- C:\Documents and Settings\Microsoft User\Menu Start\Programma's\CyberLink PowerDVD

2014-02-15 14:59:25 -------- d-----w- C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO

====== C:\Documents and Settings\Microsoft User ======

2014-02-15 14:18:45 -------- d--h--r- C:\Documents and Settings\Microsoft User\Onlangs geopend

====== C: exe-files ==

2014-03-06 18:19:00 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Documents and Settings\Microsoft User\Mijn documenten\Downloads\mbam-setup-1.75.0.1300.exe

2014-03-05 18:18:58 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Microsoft User\Mijn documenten\Downloads\RSIT.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-220523388-790525478-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]

"GBMLite8AgentLaCie"="C:\Program Files\Genie-Soft\GBALite8LaCie\GBMAgent.exe"

"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="C:\WINDOWS\ehome\ehtray.exe"

"RTHDCPL"="RTHDCPL.EXE"

"AGRSMMSG"="AGRSMMSG.exe"

"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe runtime -Delay"

"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE"

"LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe /automation"

"LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE"

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe"

"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot"

"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"

"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"

"PPort11reminder"="C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe -r C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"

"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN"

"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun"

"GBMLite8AgentLaCie"="C:\Program Files\Genie-Soft\GBALite8LaCie\GBMAgent.exe"

"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE -startup"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"GBMLite8AgentLaCie"="C:\Program Files\Genie-Soft\GBALite8LaCie\GBMAgent.exe"

"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogitechCameraAssistant]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CameraAssistant"

"hkey"="HKLM"

"command"="C:\\Program Files\\Acer\\OrbiCam\\CameraAssistant.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogitechVideo[inspector]]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="InstallHelper"

"hkey"="HKLM"

"command"="C:\\Program Files\\Acer\\OrbiCam\\InstallHelper.exe /inspect"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Citrix XenApp.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Citrix XenApp.lnk"

"backup"="C:\\WINDOWS\\pss\\Citrix XenApp.lnkCommon Startup"

"command"="C:\\WINDOWS\\Installer\\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}\\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe "

"item"="Citrix XenApp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^McAfee Security Scan Plus.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\McAfee Security Scan Plus.lnk"

"backup"="C:\\WINDOWS\\pss\\McAfee Security Scan Plus.lnkCommon Startup"

"command"="C:\\PROGRA~1\\MCAFEE~1\\30D80A~1.285\\SSSCHE~1.EXE "

"item"="McAfee Security Scan Plus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [21/02/2014 10:55]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [17/12/2009 14:35]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\MICROS~1\Application Data\Mozilla\Firefox\Profiles\vn80b503.default

- Garmin Communicator - C:\Documents and Settings\Microsoft User\Application Data\Mozilla\Firefox\Profiles\vn80b503.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

- Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Microsoft User\Application Data\Mozilla\Firefox\Profiles\vn80b503.default

D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash

63EE2015B877A2E472CC59E05291AA39 - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll - McAfee Security Scanner +

86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4

9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4

5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4

3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4

A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4

AC987EE8037531807C5D7E6217A23501 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

EB41064BC07017F5694CF16B4DEF6B10 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat

A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U51

9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13

9D4A0B314CB9CF134CA27E1E0217E51E - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

acpmciifilddgbomoffoilbopgjdjcfk - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha375\ch\WebexpEnhancedV1alpha375.crx[]

bopakagnckmlgajfccecajhnimjiiedh - No path found[]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"

{51818293-706D-4738-B3DF-034E626DBA3A} Google Url="http://www.google.be/search?hl=nl&source=hp&q={searchTerms}&meta=&aq=f&oq="

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

autoclean;

• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[dries V]

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by Microsoft User on zo 09/03/2014 at 16:20:05,65.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Microsoft User\Mijn documenten\Downloads\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-03-07-154453.log 11468 bytes

C:\zoek-results2014-03-08-110617.log 22266 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [17/12/2009 14:35]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\MICROS~1\Application Data\Mozilla\Firefox\Profiles\vn80b503.default

- Garmin Communicator - C:\Documents and Settings\Microsoft User\Application Data\Mozilla\Firefox\Profiles\vn80b503.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

- Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Microsoft User\Application Data\Mozilla\Firefox\Profiles\vn80b503.default

D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash

63EE2015B877A2E472CC59E05291AA39 - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll - McAfee Security Scanner +

86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4

9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4

5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4

3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4

A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4

AC987EE8037531807C5D7E6217A23501 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

EB41064BC07017F5694CF16B4DEF6B10 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat

A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U51

9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13

9D4A0B314CB9CF134CA27E1E0217E51E - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

acpmciifilddgbomoffoilbopgjdjcfk - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha375\ch\WebexpEnhancedV1alpha375.crx[]

bopakagnckmlgajfccecajhnimjiiedh - No path found[]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"

{51818293-706D-4738-B3DF-034E626DBA3A} Google Url="http://www.google.be/search?hl=nl&source=hp&q={searchTerms}&meta=&aq=f&oq="

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\acpmciifilddgbomoffoilbopgjdjcfk deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Microsoft User\Local Settings\temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\Microsoft User\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Microsoft User\Local Settings\Application Data\Mozilla\Firefox\Profiles\vn80b503.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=994 folders=107 85234817 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\temp emptied successfully

C:\Documents and Settings\Default User\Local Settings\temp emptied successfully

C:\Documents and Settings\LocalService\Local Settings\temp will be emptied at reboot

C:\Documents and Settings\Microsoft User\Local Settings\temp will be emptied at reboot

C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\MICROS~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\Microsoft User\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\LocalService\Local Settings\temp\Cookies" not found

"C:\Documents and Settings\LocalService\Local Settings\temp\History" not found

"C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files" not found

==== EOF on zo 09/03/2014 at 16:40:16,53 ======================

[kape]

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.