Ga naar inhoud

webssearsch trojan op mijn laptop + een computer - niet weg te krijgen .. svp Help.

peerspecial
 Delen

Aanbevolen berichten

peerspecial Leerling

peerspecial

Geplaatst:
Geplaatst:

Ik ben nu al een paar dagen aan het knutselen om een heel vervelende trojan die zowel op mijn laptop als op een pc gekomen is - weg te krijgen en tot nu toe lukt niets.. Ik vrees dat ik ook steeds naar allerlei sites gestuurd wordt die allemaal verbonden zijn aan deze malware verspreider - die dit gewoon zomaar lekker mag en kan blijven doen ,, heeft niemand een probleem mee denk ik dan maar..

Wat moet ik doen? Graag hulp. Peter.

Ik heb al wel een logje gemaakt.

info.txt logfile of random's system information tool 1.09 2014-04-27 16:04:13

======Uninstall list======

-->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Diner Dash\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Dora's Carnival Adventure\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Farm Frenzy\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\HP Game Console\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Mah Jong Medley\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Peggle\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\StoneLoops of Jurassica\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Super Collapse 3\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\THE GAME OF LIFE\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Virtual Families\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\World of Goo\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Yahtzee\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"

-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall

64 Bit HP CIO Components Installer-->MsiExec.exe /I{BC741628-0AFC-405C-8946-DD46D1005A0A}

7-Zip 4.65-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"

Aangifte inkomstenbelasting 2012-->C:\Program Files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe

Acrobat.com-->msiexec /qb /x {628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}

Acrobat.com-->MsiExec.exe /I{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}

Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}

Adobe Flash Player 13 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_182_ActiveX.exe -maintain activex

Adobe Flash Player 13 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_182_Plugin.exe -maintain plugin

Adobe Reader XI (11.0.06) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001}

Adobe Shockwave Player-->MsiExec.exe /X{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}

AVG 2011-->MsiExec.exe /I{544974E3-D015-401C-900C-E5D137BC930E}

avg deinst.-->"C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" /AppMode=SETUP /Uninstall

Avira Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE

CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"

CodecInstaller 2.10.4-->C:\Program Files (x86)\JockerSoft\CodecInstaller\uninst.exe

Compatibiliteitspakket voor het 2007 Microsoft Office system-->MsiExec.exe /X{90120000-0020-0413-0000-0000000FF1CE}

CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall

CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall

CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall

CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall

CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall

CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall

D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}

DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall

EasyObdII Free Software version 2.4.0-->"C:\Program Files (x86)\EasyObdII Free Software\unins000.exe"

Free Internet Eraser-->"C:\Program Files (x86)\PrivacyEraser Computing\Free Internet Eraser\unins000.exe"

Free YouTube Download version 3.1.38.1005-->C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe

Hewlett-Packard ACLM.NET v1.2.2.3-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}

High-Definition Video Playback 10-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}

HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}

HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}

HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"

HP Quick Launch Buttons-->"C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -runfromtemp -l0x0413 -removeonly uninst

HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17B4760F-334B-475D-829F-1A3E94A6A4E6}\setup.exe" -l0x9 -removeonly

HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe" -runfromtemp -l0x0409 -removeonly

HP Update-->MsiExec.exe /X{D46D081B-F60E-467E-A7C4-117B70D76731}

HP User Guides 0148-->MsiExec.exe /X{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}

HP Wireless Assistant-->MsiExec.exe /X{54CC7901-804D-4155-B353-21F0CC9112AB}

IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly

Intel® Graphics Media Accelerator Driver-->C:\Windows\SysWOW64\igxpun.exe -uninstall

IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe

Java 7 Update 55-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF}

Java 6 Update 15 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416015FF}

Java SE Development Kit 6 Update 15 (64-bit)-->MsiExec.exe /I{64A3A4F4-B792-11D6-A78A-00B0D0160150}

K-Lite Codec Pack 7.0.0 (Standard)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"

LightScribe System Software-->MsiExec.exe /X{CC8E94A2-55C7-4460-953C-2A790180578C}

Malwarebytes Anti-Malware versie 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"

Media Player Classic - Home Cinema v1.5.2.3456 x64-->"C:\Program Files\Media Player Classic - Home Cinema\unins000.exe"

Microsoft .NET Framework 4.5.1 (Nederlands)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\NLD\\Setup.exe /repair /x86 /x64 /lcid 1043

Microsoft .NET Framework 4.5.1 (NLD)-->MsiExec.exe /X{9EBB0AF2-4AD2-3ABA-95EF-977EBEA1CB09}

Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64

Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}

Microsoft Office 2003 Web Services Toolkit - NLD-->MsiExec.exe /X{D36274D4-2A80-4A7F-8BF6-69DDCE1A76D7}

Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}

Microsoft Office Outlook Connector-->MsiExec.exe /X{95140000-007A-0413-0000-0000000FF1CE}

Microsoft Office PowerPoint Viewer 2007 (Dutch)-->MsiExec.exe /X{95120000-00AF-0413-0000-0000000FF1CE}

Microsoft Office Professional Editie 2003-->MsiExec.exe /I{90110413-6000-11D3-8CFE-0150048383C9}

Microsoft PowerPoint Viewer-->MsiExec.exe /X{95140000-00AF-0413-0000-0000000FF1CE}

Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

Microsoft Works-->MsiExec.exe /I{5158F1F5-FA1B-4D49-B546-55A5004B89BD}

Movie Maker-->MsiExec.exe /X{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}

Movie Maker-->MsiExec.exe /X{DD67BE4B-7E62-4215-AFA3-F123A800A389}

MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}

MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}

Nero 10 ClipartPack-->MsiExec.exe /X{96ED4B78-300E-4033-AE6C-C115CEB4DF07}

Nero 10 Menu TemplatePack 1-->MsiExec.exe /X{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}

Nero 10 Menu TemplatePack 2-->MsiExec.exe /X{E712C273-7564-4C8E-AA59-0FA19BC35117}

Nero 10 Menu TemplatePack 3-->MsiExec.exe /X{92146419-AE44-4C8B-A48B-0ABB1B5EC026}

Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}

Nero 10 Movie ThemePack 1-->MsiExec.exe /X{43FBAB46-5969-4200-9958-1FF81FEE506F}

Nero 10 Movie ThemePack 2-->MsiExec.exe /X{70F19404-B96C-4EBB-AD2B-3574F8736197}

Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}

Nero 10 Sample ImagePack-->MsiExec.exe /X{ACD15FDF-FC42-4175-B477-576F92FF2256}

Nero 10 Sample Videos-->MsiExec.exe /X{92A10E9D-EA00-4A46-8F22-EEA660992D61}

Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}

Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}

Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}

Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}

Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}

Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}

Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}

Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}

Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}

Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}

Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}

Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}

Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}

Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}

Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}

Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}

Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}

Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}

Nero MediaHub 10-->MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}

Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}

Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}

Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}

Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}

Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}

Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}

Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}

Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}

Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}

Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}

Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}

Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}

Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}

Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}

NetWorx 5.2.2-->"C:\Program Files\NetWorx\unins000.exe"

OBD II logger-->C:\WINDOWS\st6unst.exe -n "C:\Program Files (x86)\OBD II logger\ST6UNST.LOG"

OutlookTempCleaner-->MsiExec.exe /I{F741BC84-68C7-4369-9778-432A40EC254A}

Photo Common-->MsiExec.exe /X{C3538BF4-735B-45F3-B09E-C541A007E4E8}

Photo Gallery-->MsiExec.exe /X{07AAB66E-4718-422D-9218-4AFB3C922A71}

Photo Gallery-->MsiExec.exe /X{F4DEB840-B638-4BCE-AC6B-057EF31E0012}

PL-2303 USB-to-Serial-->"C:\Program Files (x86)\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\setup.exe" -runfromtemp -l0x0009 -removeonly

Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

PowerDVD-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\CyberLink\PowerDVD\Uninst.isu"

QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A}

Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly

Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -l0x0013 -removeonly

Recovery Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall

Revo Uninstaller 1.95-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe

Revo Uninstaller Pro 3.0.2-->"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"

Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D}

Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A}

Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}

Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

Uninstall Helper-->msiexec.exe /x {82BF2C5E-79A7-4A13-B508-D5E64A5B141E}

Uninstall Helper-->MsiExec.exe /X{82BF2C5E-79A7-4A13-B508-D5E64A5B141E}

VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}

VCDS-Release-10.6.4-->"C:\ROSS-TECH\VCDS\unins000.exe"

VLC media player 2.0.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe

Vuze-->C:\Program Files\Vuze\uninstall.exe

Windows Live Communications Platform-->MsiExec.exe /I{41C61308-6CFD-4D54-AB6A-7136ED08A18E}

Windows Live Essentials-->MsiExec.exe /I{1B905A9B-EB74-4C70-B81B-5F446C178566}

Windows Live ID Sign-in Assistant-->MsiExec.exe /I{CE52672C-A0E9-4450-8875-88A221D5CD50}

Windows Live Installer-->MsiExec.exe /I{659CB81C-B54E-4DF1-B618-F35777393A54}

Windows Live Messenger-->MsiExec.exe /X{5B71ABE2-65A3-4507-A227-3FF413FDA9C4}

Windows Live Messenger-->MsiExec.exe /X{E703613B-BDAB-433E-A66A-DE0263E3D35D}

Windows Live Photo Common-->MsiExec.exe /X{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}

Windows Live PIMT Platform-->MsiExec.exe /I{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}

Windows Live SOXE Definitions-->MsiExec.exe /I{D1893000-EA77-493C-8DDD-E262436E959B}

Windows Live SOXE-->MsiExec.exe /I{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{290C2B0A-CEE1-4F55-AB46-4571EC01DA96}

Windows Live UX Platform-->MsiExec.exe /I{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}

Windows Mobile Apparaatcentrum-->MsiExec.exe /X{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}

WinRAR 4.00 beta 1 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe

WinRAR 4.00 beta 1 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: hp-PC

Event Code: 104

Message: Logboekbestand Windows PowerShell is gewist.

Record Number: 528142

Source Name: Microsoft-Windows-Eventlog

Time Written: 20140427125550.546663-000

Event Type: Informatie

User: hp-PC\hp

Computer Name: hp-PC

Event Code: 104

Message: Logboekbestand Media Center is gewist.

Record Number: 528141

Source Name: Microsoft-Windows-Eventlog

Time Written: 20140427125550.406262-000

Event Type: Informatie

User: hp-PC\hp

Computer Name: hp-PC

Event Code: 104

Message: Logboekbestand Key Management Service is gewist.

Record Number: 528140

Source Name: Microsoft-Windows-Eventlog

Time Written: 20140427125550.265862-000

Event Type: Informatie

User: hp-PC\hp

Computer Name: hp-PC

Event Code: 104

Message: Logboekbestand Internet Explorer is gewist.

Record Number: 528139

Source Name: Microsoft-Windows-Eventlog

Time Written: 20140427125550.141062-000

Event Type: Informatie

User: hp-PC\hp

Computer Name: hp-PC

Event Code: 104

Message: Logboekbestand System is gewist.

Record Number: 528138

Source Name: Microsoft-Windows-Eventlog

Time Written: 20140427125549.922661-000

Event Type: Informatie

User: hp-PC\hp

=====Application event log=====

Computer Name: hp-PC

Event Code: 902

Message: De Software Protection-service is gestart.

6.1.7601.17514

Record Number: 120617

Source Name: Microsoft-Windows-Security-SPP

Time Written: 20140427135202.000000-000

Event Type: Informatie

User:

Computer Name: hp-PC

Event Code: 1003

Message: De statuscontrole van de licentie door de Software Protection-service is voltooid.

Id van toepassing=55c92734-d682-4d71-983e-d6ec3f16059f

Licentiestatus=

1: 01f5fc37-a99e-45c5-b65e-d762f3518ead, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

2: 2e7d060d-4714-40f2-9896-1e4f15b612ad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

3: 3b965dfc-31d9-4903-886f-873a0382776c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

4: 586bc076-c93d-429a-afe5-a69fbc644e88, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

5: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

6: 5e35dc43-389b-47c5-b889-2088b06738cb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

7: 6a7d5d8a-92af-4e6a-af4b-8fddaec800e5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

8: 9ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

9: 9f83d90f-a151-4665-ae69-30b3f63ec659, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

10: a63275f4-530c-48a7-b0d3-4f00d688d151, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

11: b8a4bb91-69b1-460d-93f8-40e0670af04a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

12: d2c04e90-c3dd-4260-b0f3-f845f5d27d64, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]

13: e68b141f-4dfa-4387-b3b7-e65c4889216e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

14: ee4e1629-bcdc-4b42-a68f-b92e135f78d7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

16: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

Record Number: 120616

Source Name: Microsoft-Windows-Security-SPP

Time Written: 20140427135202.000000-000

Event Type: Informatie

User:

Computer Name: hp-PC

Event Code: 1066

Message: Initialisatiestatus voor serviceobjecten.

C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000

C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000

C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000

C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000

C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000

C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000

Record Number: 120615

Source Name: Microsoft-Windows-Security-SPP

Time Written: 20140427135202.000000-000

Event Type: Informatie

User:

Computer Name: hp-PC

Event Code: 900

Message: De Software Protection-service wordt gestart.

Record Number: 120614

Source Name: Microsoft-Windows-Security-SPP

Time Written: 20140427135159.000000-000

Event Type: Informatie

User:

Computer Name: hp-PC

Event Code: 0

Message: PowerEvent is verwerkt door de service.

Record Number: 120613

Source Name: HP Support Assistant Service

Time Written: 20140427133654.000000-000

Event Type: Informatie

User:

=====Security event log=====

Computer Name: hp-PC

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 119453

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20140427135347.017243-000

Event Type: Controle geslaagd

User:

Computer Name: hp-PC

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: HP-PC$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x1d0

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 119452

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20140427135346.892443-000

Event Type: Controle geslaagd

User:

Computer Name: hp-PC

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 119451

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20140427135136.899197-000

Event Type: Controle geslaagd

User:

Computer Name: hp-PC

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: HP-PC$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x1d0

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 119450

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20140427135136.899197-000

Event Type: Controle geslaagd

User:

Computer Name: hp-PC

Event Code: 1102

Message: Het controlelogboek is gewist.

Onderwerp:

Beveiligings-id: S-1-5-21-2871515856-2589426266-17003624-1000

Accountnaam: hp

Domeinnaam: hp-PC

Aanmeldings-id: 0x2b815

Record Number: 119449

Source Name: Microsoft-Windows-Eventlog

Time Written: 20140427125549.548261-000

Event Type: Controle geslaagd

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Users\hp\AppData\Local\Smartbar\Application;%PROGRAMFILES%\Internet Explorer;C:\Program Files (x86)\Windows Live\Shared

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=AMD64

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

"NUMBER_OF_PROCESSORS"=1

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

"PROCESSOR_REVISION"=170a

"OnlineServices"=Online Services

"Platform"=MCD

"PCBRAND"=Presario

-----------------EOF-----------------

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites
peerspecial Leerling

peerspecial

Geplaatst:
  • Auteur
Geplaatst:

Logfile of random's system information tool 1.09(written by random/random)

Run by hp at 2014-04-29 00:14:07

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 105 GB (47%) free of 225 GB

Total RAM: 1979 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 0:14:14, on 29-4-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17041)

Boot mode: Normal

Running processes:

C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Common Files\Java\JavaUpdate\jusched.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Users\hp\AppData\Local\PirritSuggestor\PirritDesktop.exe

C:\Program Files(x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files\trend micro\hp.exe

R1 - HKCU\Software\Microsoft\InternetExplorer\Main,Default_Page_URL = Google

R1 - HKCU\Software\Microsoft\InternetExplorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\InternetExplorer\Main,Default_Page_URL = Google

R1 - HKLM\Software\Microsoft\InternetExplorer\Main,Default_Search_URL = Google

R0 - HKLM\Software\Microsoft\InternetExplorer\Main,Start Page = Google

R1 -HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =http=http://127.0.0.1:9880

O2 - BHO: Java Plug-In SSV Helper -{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files(x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account -{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\CommonFiles\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: (no name) -!{98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)

O3 - Toolbar: (no name) -!{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: (no name) -!{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)

O3 - Toolbar: (no name) -!{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)

O3 - Toolbar: (no name) -!{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file)

O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files(x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files(x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files(x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched]"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [WLSync] C:\Program Files(x86)\Windows Live\Mesh\WLSync.exe /background

O4 - Startup: Dropbox.lnk =hp\AppData\Roaming\Dropbox\bin\Dropbox.exe

O9 - Extra button: @C:\Program Files(x86)\Hewlett-Packard\HP SupportFramework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 -{25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files(x86)\Hewlett-Packard\HP SupportFramework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files(x86)\Hewlett-Packard\HP SupportFramework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 -{25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files(x86)\Hewlett-Packard\HP SupportFramework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button:@C:\Windows\WindowsMobile\INetRepl.dll,-222 -{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) -{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem:@C:\Windows\WindowsMobile\INetRepl.dll,-223 -{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Skype Click to Call -{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\InternetExplorer\skypeieplugin.dll (file missing)

O9 - Extra button: Onderzoek -{92780B25-18CC-41C8-B9BE-3C9C571A8263} -C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files(x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files(x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS]Accelerated graphics

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3}(Image Uploader Control) -http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}(Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: wlpg -{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\WindowsLive\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service(AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\CommonFiles\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service(AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated -C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters)- Andrea Electronics Corporation -C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112(ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avira Scheduler(AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\ProgramFiles (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection(AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files(x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Com4QLBEx - Hewlett-Packard DevelopmentCompany, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick LaunchButtons\Com4QLBEx.exe

O23 - Service: Cron Service for Prey (CronService) -Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100(EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118(Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: HP Support Assistant Service -Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP SupportFramework\hpsa_service.exe

O23 - Service: HP Software Framework Service(hpqwmiex) - Hewlett-Packard Company - C:\Program Files(x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000(IEEtwCollectorService) - Unknown owner -C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknownowner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc LabelingService (LightScribeService) - Hewlett-Packard Company - C:\Program Files(x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknownowner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files(x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files(x86)\Nero\Update\NASvc.exe

O23 - Service:@%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner -C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PirritDesktop - Unknown owner -C:\Users\hp\AppData\Local\PirritSuggestor\PirritService.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300(ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (filemissing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2(RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1(SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3(SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1(Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101(sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Audio Service (STacSV) - IDT, Inc. -C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe

O23 - Service:@%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner -C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service:@%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner -C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100(vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102(VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service:@%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner -C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service:@%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner -C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WinRST - Unknown owner - C:\ProgramFiles (x86)\WinRST\WinRST.exe

O23 - Service:@%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner -C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows MediaPlayer\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files(x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9532 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exeObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=OnSubSystemType=Windows ServerDll=basesrv,1ServerDll=winsrv:UserServerDllInitialization,3ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exeObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=OnSubSystemType=Windows ServerDll=basesrv,1ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -kLocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -kLocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -kLocalServiceAndNoImpersonation

"C:\Program Files (x86)\Avira\AntiVirDesktop\sched.exe"

C:\Windows\system32\svchost.exe -kLocalServiceNoNetwork

"C:\Program Files (x86)\CommonFiles\Adobe\ARM\1.0\armsvc.exe"

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe

"C:\Program Files (x86)\Avira\AntiVirDesktop\avguard.exe"

"C:\Prey\platform\windows\cronsvc.exe"

C:\Windows\SysWOW64\svchost.exe -k netsvcs

"C:\Program Files (x86)\CommonFiles\LightScribe\LSSrvc.exe"

"C:\Program Files (x86)\Common Files\MicrosoftShared\VS7DEBUG\MDM.EXE"

C:\Windows\System32\svchost.exe -k HPZ12

C:\Users\hp\AppData\Local\PirritSuggestor\PirritService.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\WinRST\WinRST.exe"

"C:\Program Files\Common Files\MicrosoftShared\Windows Live\WLIDSVC.EXE"

WLIDSvcM.exe 1104

"taskhost.exe"

taskeng.exe {A11C616A-8BCF-43AB-A186-51F586197851}

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Windows\System32\hkcmd.exe"

"C:\Program Files\IDT\WDM\sttray64.exe"

"C:\Windows\WindowsMobile\wmdc.exe"

"C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe"/systemstartup

"C:\Program Files (x86)\Hewlett-Packard\HPWireless Assistant\HPWAMain.exe"

"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe"/min

"C:\Program Files (x86)\Common Files\Java\JavaUpdate\jusched.exe"

"C:\Program Files (x86)\Avira\AntiVirDesktop\avshadow.exe" avshadowcontrol0_00000600

"C:\Program Files(x86)\CyberLink\YouCam\YCMMirage.exe"

"C:\Program Files\InternetExplorer\iexplore.exe"http://istart.webssearches.com/?type=sc&ts=1398474320&from=tugs&uid=WDCXWD2500BEKT-60V5T1_WD-WXG1A30R9654R9654

"C:\Program Files (x86)\InternetExplorer\IEXPLORE.EXE" SCODEF:3932 CREDAT:209921 /prefetch:2

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files(x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -kNetworkServiceNetworkRestricted

C:/Users/hp/AppData/Local/PirritSuggestor\PirritDesktop.exe

"C:\Program Files(x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding

"C:\Program Files (x86)\Hewlett-Packard\HPSupport Framework\hpsa_service.exe"

"C:\Program Files(x86)\Nero\Update\NASvc.exe"

"C:\Program Files\Windows MediaPlayer\wmpnetwk.exe"

"C:\Windows\System32\MsSpellCheckingFacility.exe"-Embedding

"C:\Program Files (x86)\InternetExplorer\IEXPLORE.EXE" SCODEF:3932 CREDAT:4142320 /prefetch:2

taskeng.exe {24726A5F-BCF9-4F8C-8799-2D5C6DA6409A}

"C:\Windows\system32\SearchFilterHost.exe" 0508 512 520 65536 516

"C:\Windows\system32\SearchProtocolHost.exe"Global\UsGthrFltPipeMssGthrPipe23_ Global\UsGthrCtrlFltPipeMssGthrPipe23 1-2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0(compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)""C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc""DownLevelDaemon"

taskhost.exe $(Arg0)

"C:\Users\hp\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5\3Z4VM9JU\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\PC Optimizer Pro Idle.job

C:\Windows\tasks\PC Optimizer Pro64 startups.job

C:\Windows\tasks\PCHelpers1st.job

C:\Windows\tasks\PCHelpers_period.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\ProgramFiles\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll[2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files(x86)\Hewlett-Packard\HP SupportFramework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files(x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Microsoft-account - C:\Program Files(x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll[2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\InternetExplorer\Toolbar]

!{98889811-442D-49dd-99D7-DC866BE87DBC}

!{2318C2B1-4965-11d4-9B18-009027A5CD4F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\InternetExplorer\Toolbar]

!{98889811-442D-49dd-99D7-DC866BE87DBC}

!{2318C2B1-4965-11d4-9B18-009027A5CD4F}

!{872b5b88-9db5-4310-bdd0-ac189557e5f5}

!{EEE6C35B-6118-11DC-9C72-001320C79847}

!{95080B13-AA71-4EE8-B951-7E98221E1ED5}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe[2009-09-11 387608]

"SysTrayApp"=C:\ProgramFiles\IDT\WDM\sttray64.exe [2009-08-13 456192]

"Windows Mobile DeviceCenter"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"=C:\Program Files(x86)\Hewlett-Packard\HP HealthCheck\ActiveCheck\product_line\NCPluginUpdater.exe [2014-04-22 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"WLSync"=C:\Program Files (x86)\WindowsLive\Mesh\WLSync.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Adobe ARM]

C:\Program Files (x86)\CommonFiles\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\ApnUpdater]

C:\Program Files (x86)\Ask.com\Updater\Updater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]

C:\Program Files (x86)\AVG\AVG10\avgtray.exe[2011-01-07 2747744]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\DivXMediaServer]

C:\Program Files (x86)\DivX\DivX MediaServer\DivXMediaServer.exe [2012-11-13 450560]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\DivXUpdate]

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[2012-11-30 1263512]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\iLivid]

C:\Users\hp\AppData\Local\iLivid\iLivid.exe -autorun[]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\KPN Assistent]

C:\Program Files (x86)\KPN\KPN Assistent\KPNAssistent\KPN_Assistent.exe /auto []

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\lxdiamon]

C:\Program Files (x86)\Lexmark 3500-4500Series\lxdiamon.exe [2007-03-05 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\lxdimon.exe]

C:\Program Files (x86)\Lexmark 3500-4500Series\lxdimon.exe [2007-03-06 435120]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\ManyCam]

C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe /silent[]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Media Finder]

C:\Program Files (x86)\Media Finder\Media Finder.exe/opentotray []

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Messenger (Yahoo!)]

C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe -quiet[]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\NetWorx]

C:\Program Files\NetWorx\networx.exe [2012-02-274692480]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Search Protection]

C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe[]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Skype]

C:\Program Files (x86)\Skype\Phone\Skype.exe/minimized /regrun []

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files (x86)\Common Files\Java\JavaUpdate\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\VoipBuster]

C:\Program Files(x86)\VoipBuster.com\VoipBuster\VoipBuster.exe -nosplash -minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupfolder\C:^Users^hp^AppData^Roaming^Microsoft^Windows^StartMenu^Programs^Startup^Dropbox.lnk]

C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe[2014-01-03 33508336]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupfolder\C:^Users^hp^AppData^Roaming^Microsoft^Windows^StartMenu^Programs^Startup^PalTalk.lnk]

C:\PROGRA~2\PALTAL~1\paltalk.exe [2013-07-20 9969760]

[HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupfolder\C:^Users^hp^AppData^Roaming^Microsoft^Windows^StartMenu^Programs^Startup^Webshots.lnk]

C:\PROGRA~2\Webshots\315~1.761\Launcher.exe /t []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"WirelessAssistant"=C:\Program Files(x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]

"avgnt"=C:\Program Files (x86)\Avira\AntiVirDesktop\avgnt.exe [2014-02-18 689744]

"Adobe ARM"=C:\Program Files (x86)\CommonFiles\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"SunJavaUpdateSched"=C:\Program Files(x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\Users\hp\AppData\Roaming\Microsoft\Windows\StartMenu\Programs\Startup

Dropbox.lnk - C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2009-08-27 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -C:\Windows\system32\webcheck.dll [2014-04-27 243200]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableLinkedConnections"=1

"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1month======

2014-04-28 00:22:21 ----A----C:\Windows\system32\MsSpellCheckingFacility.exe

2014-04-27 16:03:52 ----D---- C:\Program Files\trendmicro

2014-04-27 16:03:50 ----D---- C:\rsit

2014-04-27 14:43:54 ----D---- C:\Windows\ERUNT

2014-04-27 03:22:28 ----D---- C:\Program Files(x86)\WinRST

2014-04-27 03:07:58 ----A----C:\Windows\system32\IEUDINIT.EXE

2014-04-27 02:53:19 ----A---- C:\Windows\SYSWOW64\elshyph.dll

2014-04-27 02:53:14 ----A----C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2014-04-27 02:53:14 ----A----C:\Windows\SYSWOW64\msls31.dll

2014-04-27 02:53:14 ----A----C:\Windows\SYSWOW64\jsIntl.dll

2014-04-27 02:53:14 ----A---- C:\Windows\system32\elshyph.dll

2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\wininet.dll

2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\urlmon.dll

2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\msrating.dll

2014-04-27 02:53:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\ieui.dll

2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\iertutil.dll

2014-04-27 02:53:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\dxtrans.dll

2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\dxtmsft.dll

2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\wextract.exe

2014-04-27 02:53:12 ----A---- C:\Windows\SYSWOW64\url.dll

2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\mshtmlmedia.dll

2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\licmgr10.dll

2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\inseng.dll

2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\iexpress.exe

2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\iesetup.dll

2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\iernonce.dll

2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\iedkcs32.dll

2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\ieapfltr.dll

2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\ieapfltr.dat

2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\icardie.dll

2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\webcheck.dll

2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\vbscript.dll

2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\pngfilt.dll

2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\occache.dll

2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\mshtmled.dll

2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\MshtmlDac.dll

2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\mshtml.dll

2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\msfeeds.dll

2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\ieUnatt.exe

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\SetIEInstalledDate.exe

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\mshtmler.dll

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\mshta.exe

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\msfeedssync.exe

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\msfeedsbs.dll

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\jscript9diag.dll

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\jscript9.dll

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\jscript.dll

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\imgutil.dll

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\iesysprep.dll

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\iepeers.dll

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\ieetwproxystub.dll

2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\IEAdvpack.dll

2014-04-27 02:53:10 ----A----C:\Windows\system32\jsIntl.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\wininet.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\urlmon.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\SetIEInstalledDate.exe

2014-04-27 02:53:09 ----A----C:\Windows\system32\RegisterIEPKEYs.exe

2014-04-27 02:53:09 ----A----C:\Windows\system32\msrating.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\msls31.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\mshtmler.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\msfeedssync.exe

2014-04-27 02:53:09 ----A----C:\Windows\system32\msfeedsbs.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\jsproxy.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\jscript9diag.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\jscript9.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\ieui.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\iesysprep.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\iertutil.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\ieframe.dll

2014-04-27 02:53:09 ----A----C:\Windows\system32\IEAdvpack.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\wextract.exe

2014-04-27 02:53:08 ----A----C:\Windows\system32\webcheck.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\vbscript.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\url.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\pngfilt.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\occache.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\mshtmlmedia.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\mshtmled.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\mshtml.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\msfeeds.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\licmgr10.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\inseng.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\iexpress.exe

2014-04-27 02:53:08 ----A----C:\Windows\system32\ieUnatt.exe

2014-04-27 02:53:08 ----A----C:\Windows\system32\iesetup.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\iernonce.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\iedkcs32.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\ieapfltr.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\ieapfltr.dat

2014-04-27 02:53:08 ----A----C:\Windows\system32\ie4uinit.exe

2014-04-27 02:53:08 ----A----C:\Windows\system32\icardie.dll

2014-04-27 02:53:08 ----A---- C:\Windows\system32\dxtrans.dll

2014-04-27 02:53:08 ----A----C:\Windows\system32\dxtmsft.dll

2014-04-27 02:53:07 ----A----C:\Windows\system32\MshtmlDac.dll

2014-04-27 02:53:07 ----A----C:\Windows\system32\mshta.exe

2014-04-27 02:53:07 ----A---- C:\Windows\system32\jscript.dll

2014-04-27 02:53:07 ----A----C:\Windows\system32\imgutil.dll

2014-04-27 02:53:07 ----A----C:\Windows\system32\iepeers.dll

2014-04-27 02:53:07 ----A----C:\Windows\system32\ieetwproxystub.dll

2014-04-27 02:53:07 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-04-27 02:53:07 ----A----C:\Windows\system32\ieetwcollector.exe

2014-04-27 02:06:05 ----D---- C:\Program Files(x86)\Hosts_Anti_Adwares_PUPs

2014-04-27 02:04:41 ----D---- C:\AdwCleaner

2014-04-26 03:09:51 ----D---- C:\Program Files(x86)\Uninstaller

2014-04-26 03:08:34 ----D----C:\Users\hp\AppData\Roaming\SupTab

2014-04-26 03:08:25 ----D---- C:\ProgramData\WPM

2014-04-26 03:08:03 ----D----C:\Users\hp\AppData\Roaming\Optimizer Elite Max

2014-04-26 03:06:57 ----D---- C:\Users\hp\AppData\Roaming\VOPackage

2014-04-26 03:03:37 ----D---- C:\Program Files(x86)\Optimizer Elite Max

2014-04-22 20:38:13 ----D---- C:\Windows\nl

2014-04-22 20:33:04 ----A----C:\Windows\SYSWOW64\javaws.exe

2014-04-22 20:32:17 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

2014-04-22 20:32:17 ----A----C:\Windows\SYSWOW64\javaw.exe

2014-04-22 20:32:17 ----A----C:\Windows\SYSWOW64\java.exe

2014-04-22 14:04:20 ----A---- C:\AVScanner.ini

2014-04-09 11:03:43 ----A----C:\Windows\SYSWOW64\iologmsg.dll

2014-04-09 11:03:43 ----A----C:\Windows\system32\iologmsg.dll

2014-04-09 11:03:43 ----A----C:\Windows\system32\drivers\storport.sys

2014-04-09 11:03:43 ----A----C:\Windows\system32\drivers\msiscsi.sys

2014-04-09 11:03:43 ----A---- C:\Windows\system32\drivers\Diskdump.sys

2014-04-09 11:03:32 ----A----C:\Windows\SYSWOW64\kernel32.dll

2014-04-09 11:03:32 ----A----C:\Windows\system32\wow64win.dll

2014-04-09 11:03:32 ----A----C:\Windows\system32\wow64.dll

2014-04-09 11:03:32 ----A---- C:\Windows\system32\kernel32.dll

2014-04-09 11:03:31 ----A----C:\Windows\SYSWOW64\setup16.exe

2014-04-09 11:03:31 ----A----C:\Windows\SYSWOW64\ntvdm64.dll

2014-04-09 11:03:31 ----A----C:\Windows\system32\wow64cpu.dll

2014-04-09 11:03:31 ----A---- C:\Windows\system32\ntvdm64.dll

2014-04-09 11:03:30 ----A----C:\Windows\SYSWOW64\wow32.dll

2014-04-09 11:03:30 ----A----C:\Windows\SYSWOW64\user.exe

2014-04-09 11:03:30 ----A----C:\Windows\SYSWOW64\instnm.exe

2014-04-09 11:03:28 ----A----C:\Windows\system32\drivers\ntfs.sys

2014-04-04 17:55:47 ----D---- C:\Program Files(x86)\Mozilla Firefox

2014-04-04 03:10:36 ----A----C:\Windows\SYSWOW64\FlashPlayerInstaller.exe

2014-04-04 01:27:05 ----A----C:\Windows\SYSWOW64\wer.dll

2014-04-04 01:27:05 ----A---- C:\Windows\system32\wwansvc.dll

2014-04-04 01:27:05 ----A----C:\Windows\system32\wer.dll

2014-04-04 01:27:04 ----A----C:\Windows\system32\win32k.sys

2014-04-04 01:27:04 ----A----C:\Windows\system32\qedit.dll

2014-04-04 01:27:03 ----A----C:\Windows\SYSWOW64\WindowsCodecs.dll

2014-04-04 01:27:03 ----A----C:\Windows\SYSWOW64\qedit.dll

2014-04-04 01:27:03 ----A----C:\Windows\system32\WindowsCodecs.dll

2014-03-31 21:41:40 ----A----C:\Windows\SYSWOW64\sirenacm.dll

2014-03-31 21:34:22 ----A---- C:\Windows\WLXPGSS.SCR

======List of files/folders modified in the last 1month======

2014-04-29 00:14:13 ----D---- C:\Windows\temp

2014-04-28 23:27:35 ----A----C:\Windows\SYSWOW64\TempWmicBatchFile.bat

2014-04-28 21:46:21 ----D----C:\Windows\system32\config

2014-04-28 21:28:08 ----D----C:\Users\hp\AppData\Roaming\Dropbox

2014-04-28 21:28:01 ----D---- C:\ProgramData

2014-04-28 21:28:01 ----A----C:\ProgramData\HPWALog.txt

2014-04-28 00:23:21 ----D---- C:\Windows\winsxs

2014-04-28 00:23:15 ----D----C:\Windows\SYSWOW64\nl-NL

2014-04-28 00:23:15 ----D----C:\Windows\system32\nl-NL

2014-04-28 00:23:15 ----D---- C:\Windows\System32

2014-04-28 00:23:12 ----D----C:\Windows\system32\catroot

2014-04-28 00:23:11 ----D----C:\Windows\system32\catroot2

2014-04-28 00:22:01 ----SHD---- C:\System VolumeInformation

2014-04-27 23:14:09 ----D----C:\Windows\system32\DriverStore

2014-04-27 16:03:52 ----RD---- C:\Program Files

2014-04-27 14:47:47 ----RD---- C:\Program Files (x86)

2014-04-27 14:47:47 ----D---- C:\Windows\SysWOW64

2014-04-27 14:43:54 ----D---- C:\Windows

2014-04-27 14:03:16 ----D----C:\Windows\system32\Tasks

2014-04-27 14:03:14 ----D---- C:\Windows\Tasks

2014-04-27 13:57:39 ----SHD---- C:\Windows\Installer

2014-04-27 13:57:38 ----D---- C:\Config.Msi

2014-04-27 03:12:13 ----D---- C:\Windows\Panther

2014-04-27 03:11:06 ----D---- C:\Program Files(x86)\Google

2014-04-27 03:09:39 ----D---- C:\Program Files(x86)\Internet Explorer

2014-04-27 03:09:36 ----D---- C:\ProgramFiles\Internet Explorer

2014-04-27 03:09:35 ----D---- C:\Windows\SYSWOW64\migration

2014-04-27 03:09:35 ----D----C:\Windows\SYSWOW64\en-US

2014-04-27 03:09:32 ----D----C:\Windows\system32\migration

2014-04-27 03:09:32 ----D----C:\Windows\system32\en-US

2014-04-27 03:09:32 ----D----C:\Windows\PolicyDefinitions

2014-04-27 02:58:05 ----HD---- C:\Windows\msdownld.tmp

2014-04-27 02:58:05 ----D---- C:\Windows\inf

2014-04-27 02:58:00 ----D---- C:\Windows\Logs

2014-04-27 02:28:56 ----D---- C:\Windows\debug

2014-04-27 02:16:05 ----D---- C:\ProgramData\Skype

2014-04-27 02:16:04 ----RD---- C:\Program Files(x86)\Skype

2014-04-27 02:16:04 ----D---- C:\Program Files(x86)\Common Files

2014-04-27 02:16:01 ----D----C:\Users\hp\AppData\Roaming\Skype

2014-04-27 02:13:46 ----D---- C:\ProgramData\Google

2014-04-27 02:12:57 ----HD---- C:\Program Files(x86)\InstallShield Installation Information

2014-04-27 02:04:46 ----A----C:\Windows\system32\PerfStringBackup.INI

2014-04-27 00:16:45 ----D---- C:\Program Files(x86)\ManyCam

2014-04-26 03:08:34 ----D---- C:\Windows\Prefetch

2014-04-26 03:07:09 ----D----C:\Users\hp\AppData\Roaming\vlc

2014-04-25 22:31:59 ----A----C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-04-22 20:49:14 ----D---- C:\Program Files(x86)\Windows Live

2014-04-22 20:38:37 ----D---- C:\ProgramData\Oracle

2014-04-22 20:32:17 ----D---- C:\Program Files(x86)\Java

2014-04-22 00:34:10 ----A----C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-04-15 16:22:49 ----D---- C:\Windows\system32\NDF

2014-04-15 14:41:19 ----D---- C:\Windows\rescache

2014-04-10 11:27:45 ----SD---- C:\Users\hp\AppData\Roaming\Microsoft

2014-04-09 20:58:25 ----D----C:\Windows\system32\drivers

2014-04-09 20:58:24 ----D---- C:\Windows\AppPatch

2014-04-09 12:33:27 ----D---- C:\Windows\system32\MRT

2014-04-09 12:30:34 ----A----C:\Windows\system32\MRT.exe

2014-04-04 23:57:53 ----D---- C:\Program Files(x86)\Winsent Messenger

2014-04-04 22:42:48 ----D---- C:\ProgramData\WinsentMessenger

2014-04-04 11:40:27 ----D---- C:\ProgramFiles\Microsoft Silverlight

2014-04-04 11:40:27 ----D---- C:\Program Files(x86)\Microsoft Silverlight

2014-04-04 01:14:43 ----D---- C:\Windows\system32\wfp

2014-04-04 01:14:37 ----D---- C:\Windows\system32\wbem

2014-04-04 00:13:42 ----D---- C:\Windows\L2Schemas

2014-04-04 00:13:41 ----D----C:\Windows\SYSWOW64\Macromed

2014-04-04 00:13:40 ----D----C:\Windows\system32\Macromed

2014-04-04 00:13:36 ----D----C:\Windows\system32\CodeIntegrity

2014-04-04 00:13:36 ----D---- C:\Windows\AppCompat

2014-04-04 00:13:26 ----D---- C:\Program Files\CommonFiles\Microsoft Shared

2014-04-04 00:12:11 ----D---- C:\Windows\registration

======List of drivers (R=Running, S=Stopped, 0=Boot,1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 27216]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys[2010-09-07 30288]

R0 pciide;pciide;C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

R0 rdyboost;ReadyBoost;C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys[2010-12-08 308304]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-VirusShield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2010-09-07 41040]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys [2010-11-12 382032]

R1 avipbb;avipbb;C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-17 131576]

R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-07 28600]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-17 108440]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys [2010-08-02 32880]

R3 HpqKbFiltr;HpqKbFilter Driver;C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys[2009-08-27 7369600]

R3 IntcHdmiAddService;Intel® High Definition AudioHDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]

R3 NETw5s64;Intel® Wireless WiFi Link adapterstuurprogramma onder Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys[2010-01-13 7675392]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]

R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys[2009-08-13 487936]

R3 SynTP;Synaptics TouchPad Driver;C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-15 273456]

S2 Aspi32;Aspi32;C:\Windows\system32\drivers\Aspi32.sys []

S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys[2009-06-10 1146880]

S3 athr;Stuurprogramma Atheros Extensible draadlozeLAN-apparaat; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]

S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 157264]

S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 35920]

S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1;C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]

S3BthEnum;Bluetooth-stuurprogramma voor aanvraagblok;C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]

S3 BthPan;Bluetooth-apparaat (Personal Area Network);C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort;C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio;C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys[2009-07-14 145920]

S3 Dot4Print;Print Class Driver for IEEE-1284.4;C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]

S3 dot4usb;Dot4USB Filter Dot4USB Filter;C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]

S3 FTDIBUS;USB Serial Converter Driver;C:\Windows\system32\drivers\ftdibus.sys [2013-11-16 79592]

S3 FTSER2K;USB Serial Port Driver;C:\Windows\system32\drivers\ftser2k.sys [2014-01-14 86376]

S3 GKUPRO2D;GKUPRO2D;C:\Windows\System32\Drivers\GKUPRO2D.sys [2005-02-18 120704]

S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]

S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]

S3 NETw1v64;Intel® Wireless WiFi Link 1000 SeriesAdapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw1v64.sys [2009-07-21 7058432]

S3 netw5v64;Intel® Wireless WiFi Link 5000 SeriesAdapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]

S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI);C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys[2009-09-02 225280]

S3 RT-USB;Ross-Tech USB driver;C:\Windows\system32\drivers\RT-USB64.SYS [2010-06-16 70984]

S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys[2010-11-20 109056]

S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS[2009-06-10 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys[2010-11-20 59392]

S3 usbscan;Stuurprogramma voor USB-scanner;C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 WinUsb;WinUsb-stuurprogramma;C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot,1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\ProgramFiles (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]

R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe[2009-03-02 89600]

R2 AntiVirSchedulerService;Avira Scheduler; C:\ProgramFiles (x86)\Avira\AntiVir Desktop\sched.exe [2014-02-18 440400]

R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-02-18 440400]

R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2014-01-25 23552]

R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 HP Support Assistant Service;HP Support AssistantService; C:\Program Files (x86)\Hewlett-Packard\HP SupportFramework\hpsa_service.exe [2013-11-04 92160]

R2 LightScribeService;LightScribeService Direct DiscLabeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2009-08-20 73728]

R2 MDM;Machine Debug Manager; C:\Program Files(x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]

R2 NAUpdate;@C:\Program Files(x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe[2010-02-18 462632]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe[2009-07-14 27136]

R2 PirritDesktop;PirritDesktop;C:\Users\hp\AppData\Local\PirritSuggestor\PirritService.exe [2014-03-18 52056]

R2 Pml Driver HPZ12;Pml Driver HPZ12;C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104;C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 STacSV;Audio Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe[2009-08-13 240640]

R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079;C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 WinRST;WinRST; C:\Program Files(x86)\WinRST\WinRST.exe [2014-03-18 59904]

R2 wlidsvc;Windows Live ID Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2012-07-17 2292480]

R3 hpqwmiex;HP Software Framework Service; C:\ProgramFiles (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]

S2 clr_optimization_v4.0.30319_32;Microsoft .NETFramework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NETFramework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11124088]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player UpdateService; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe[2014-04-22 257712]

S3 aspnet_state;ASP.NET-statusservice;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-1151808]

S3 Com4QLBEx;Com4QLBEx; C:\Program Files(x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]

S3IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000;C:\Windows\system32\IEEtwCollector.exe [2014-04-27 111616]

S3 ose;Office Source Engine; C:\Program Files(x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-25 1255736]

S4 AVG Security Toolbar Service;AVG Security ToolbarService; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-11-25517448]

S4 AVGIDSAgent;AVGIDSAgent; C:\Program Files(x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-01-066128720]

S4 avgwd;AVG WatchDog; C:\Program Files(x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]

S4 GameConsoleService;GameConsoleService; C:\ProgramFiles (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-06-06 250616]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11139856]

S4NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11139856]

S4NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11139856]

-----------------EOF--------------

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie).

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
 {98889811-442D-49dd-99D7-DC866BE87DBC};c
 {2318C2B1-4965-11d4-9B18-009027A5CD4F};c
 {872b5b88-9db5-4310-bdd0-ac189557e5f5};c
 {EEE6C35B-6118-11DC-9C72-001320C79847};c
 {95080B13-AA71-4EE8-B951-7E98221E1ED5};c
 [color=black][font=&quot]C:\Windows\tasks\PC Optimizer Pro Idle.job;f[/font][/color]
[color=black][font=&quot]C:\Windows\tasks\PC Optimizer Pro64 startups.job;f[/font][/color]
[color=black][font=&quot]C:\Windows\tasks\PCHelpers1st.job;f[/font][/color]
[color=black][font=&quot]C:\Windows\tasks\PCHelpers_period.job;f[/font][/color]
 [color=black][font=&quot]C:\Program Files (x86)\Media Finder;fs[/font][/color]
 [color=black][font=&quot][-HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Media Finder];r64[/font][/color]
 [color=black][font=&quot]C:\Users\hp\AppData\Roaming\SupTab;fs[/font][/color]
[color=black][font=&quot]C:\ProgramData\WPM;fs[/font][/color]
[color=black][font=&quot]C:\Users\hp\AppData\Roaming\Optimizer Elite Max;fs[/font][/color]
[color=black][font=&quot]C:\Users\hp\AppData\Roaming\VOPackage;fs[/font][/color]
[color=black][font=&quot]C:\Program Files(x86)\Optimizer Elite Max;fs[/font][/color]
   autoclean;

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.