Ga naar inhoud

avast geeft melding"kwaadaardige url geblokeerd


Aanbevolen berichten

hierbij het gevraagde log

Logfile of random's system information tool 1.10 (written by random/random)

Run by willem at 2014-07-09 10:19:40

Microsoft Windows 8.1

System drive C: has 52 GB (52%) free of 101 GB

Total RAM: 4019 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:19:45, on 9-7-2014

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.9600.17126)

Boot mode: Normal

Running processes:

C:\Program Files\AVAST Software\Avast\avastui.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\willem.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"

O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [PWRISOVM.EXE] d:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

O4 - HKLM\..\Run: [KiesTrayAgent] D:\Program Files (x86)\Nieuwe map\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

O4 - HKCU\..\Run: [startMenuX] d:\Program Files\Start Menu X\StartMenuX.exe

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKCU\..\Run: [TomTomHOME.exe] "D:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [KiesPreload] D:\Program Files (x86)\Nieuwe map\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [EPSON SX110 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_SC21.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [EPSON SX110 Series (Kopie 1)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_S9D95.tmp" /EF "HKCU"

O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')

O8 - Extra context menu item: &Verzenden naar OneNote - res://D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkManagerDMS.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10637 bytes

======Listing Processes======

wininit.exe

C:\WINDOWS\system32\lsass.exe

winlogon.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

"dwm.exe"

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\igfxCUIService.exe

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k NetworkService

"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkManagerDMS.exe"

"C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkDMS.exe"

\??\C:\WINDOWS\system32\conhost.exe 0x4

"C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe"

"C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe"

taskhostex.exe

dashost.exe {72ab6eb4-4549-47c5-8a617bee4afba986}

C:\WINDOWS\Explorer.EXE

"C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"

"C:\Program Files\Intel\iCLS Client\HeciServer.exe"

"C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe"

"C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe" -Embedding

"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe"

"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart

C:\WINDOWS\system32\svchost.exe -k imgsvc

"D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\SearchIndexer.exe /Embedding

C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\System32\skydrive.exe -Embedding

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9a5d46ce-e586-4a85-aab4-8c07a4b8faaa -SystemEventPortName:HostProcess-69295b05-7e99-4c3b-a395-399105979be0 -IoCancelEventPortName:HostProcess-1dd09071-bab4-4b17-9ae6-6b362a77fb53 -NonStateChangingEventPortName:HostProcess-76e560fe-f06c-4f3c-82f2-b8520de60de5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e02ec701-c4c9-43e8-99c3-c2d5f58e0d56 -DeviceGroupId:WpdFsGroup

igfxEM.exe

igfxHK.exe

igfxTray.exe

"C:\Windows\System32\SettingSyncHost.exe" -Embedding

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"D:\Program Files\Start Menu X\StartMenuX.exe"

"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui

"C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

"C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe" -Embedding

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\Nero\Update\NASvc.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4424.0.2092560986\1085183176" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0412 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3621 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4424.2.1346776341\1026618004" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4424.5.66974392\1415380339" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4424.6.819929234\1863862836" /prefetch:673131151

C:\WINDOWS\System32\svchost.exe -k WerSvcGroup

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584

"D:\willem\downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\DriverNavigator Scheduled Scan.job - j:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe --scan

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-01 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-01 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}

{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-11-07 13219984]

"IAStorIcon"=C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe [2013-07-02 36352]

"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 3933496]

"BCSSync"=D:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

"Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2013-10-17 597576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"StartMenuX"=d:\Program Files\Start Menu X\StartMenuX.exe [2013-10-20 7672640]

"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2014-06-09 122200]

"TomTomHOME.exe"=D:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-08-27 248208]

"KiesPreload"=D:\Program Files (x86)\Nieuwe map\Kies\Kies.exe [2014-04-23 1564992]

"EPSON SX110 Series"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [2008-09-26 223232]

"EPSON SX110 Series (Kopie 1)"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [2008-09-26 223232]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"CLMLServer_For_P2G8"=C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-10-18 111120]

"CLVirtualDrive"=C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-10-18 492560]

"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-07-13 93296]

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-05 3890208]

"PWRISOVM.EXE"=d:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2013-07-22 337432]

"KiesTrayAgent"=D:\Program Files (x86)\Nieuwe map\Kies\KiesTrayAgent.exe [2014-04-23 311616]

"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"ConfirmFileDelete"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"VIDC.YUY2"=msyuv.dll

"vidc.i420"=lvcod64.dll

"msacm.msgsm610"=msgsm32.acm

"msacm.msg711"=msg711.acm

"VIDC.YVYU"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"wavemapper"=msacm32.drv

"midimapper"=midimap.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"vidc.msvc"=msvidc32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"MSVideo"=vfwwdm32.dll

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux4"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-09 10:19:40 ----D---- C:\rsit

2014-07-09 10:19:40 ----D---- C:\Program Files\trend micro

2014-07-05 15:08:00 ----D---- C:\Users\willem\AppData\Roaming\Newzbin

2014-07-05 15:05:46 ----D---- C:\Users\willem\AppData\Roaming\DailyMagic

2014-07-03 17:40:09 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

2014-07-03 17:39:41 ----A---- C:\WINDOWS\system32\drivers\mwac.sys

2014-07-03 17:39:41 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys

2014-06-15 14:59:56 ----D---- C:\Program Files (x86)\Garmin GPS Plugin

2014-06-15 14:59:54 ----D---- C:\Program Files\Garmin GPS Plugin

2014-06-14 13:21:21 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2014-06-12 15:19:11 ----A---- C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

2014-06-12 15:09:36 ----A---- C:\WINDOWS\system32\SyncEngine.dll

2014-06-12 15:09:34 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll

2014-06-12 15:09:34 ----A---- C:\WINDOWS\system32\win32k.sys

2014-06-12 15:09:33 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll

2014-06-12 15:09:33 ----A---- C:\WINDOWS\system32\SkyDrive.exe

2014-06-12 15:09:33 ----A---- C:\WINDOWS\system32\d3d9.dll

2014-06-12 15:09:33 ----A---- C:\WINDOWS\system32\authui.dll

2014-06-12 15:09:32 ----A---- C:\WINDOWS\SYSWOW64\authui.dll

2014-06-12 15:09:32 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-06-12 15:09:32 ----A---- C:\WINDOWS\system32\mfcore.dll

2014-06-12 15:09:32 ----A---- C:\WINDOWS\system32\lsasrv.dll

2014-06-12 15:09:32 ----A---- C:\WINDOWS\system32\localspl.dll

2014-06-12 15:09:31 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll

2014-06-12 15:09:31 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll

2014-06-12 15:09:31 ----A---- C:\WINDOWS\system32\wuaueng.dll

2014-06-12 15:09:31 ----A---- C:\WINDOWS\system32\vpnike.dll

2014-06-12 15:09:31 ----A---- C:\WINDOWS\system32\ntdll.dll

2014-06-12 15:09:31 ----A---- C:\WINDOWS\system32\fveapi.dll

2014-06-12 15:09:31 ----A---- C:\WINDOWS\system32\drivers\usbport.sys

2014-06-12 15:09:31 ----A---- C:\WINDOWS\system32\dhcpcore.dll

2014-06-12 15:09:31 ----A---- C:\WINDOWS\system32\actxprxy.dll

2014-06-12 15:09:30 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll

2014-06-12 15:09:30 ----A---- C:\WINDOWS\system32\framedynos.dll

2014-06-12 15:09:30 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys

2014-06-12 15:09:30 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys

2014-06-12 15:09:29 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll

2014-06-12 15:09:29 ----A---- C:\WINDOWS\SYSWOW64\framedynos.dll

2014-06-12 15:09:29 ----A---- C:\WINDOWS\system32\dhcpcore6.dll

2014-06-12 15:09:29 ----A---- C:\WINDOWS\system32\bdesvc.dll

2014-06-12 15:09:28 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll

2014-06-12 15:09:28 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll

2014-06-12 15:09:28 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys

2014-06-12 15:09:28 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys

2014-06-12 15:09:28 ----A---- C:\WINDOWS\system32\BFE.DLL

2014-06-12 15:09:28 ----A---- C:\WINDOWS\system32\adtschema.dll

2014-06-12 15:09:27 ----A---- C:\WINDOWS\system32\ncobjapi.dll

2014-06-12 15:09:27 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys

2014-06-12 15:09:26 ----A---- C:\WINDOWS\SYSWOW64\ncobjapi.dll

2014-06-12 15:09:26 ----A---- C:\WINDOWS\system32\winbici.dll

2014-06-12 15:09:26 ----A---- C:\WINDOWS\system32\framedyn.dll

2014-06-12 15:09:26 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys

2014-06-12 15:09:26 ----A---- C:\WINDOWS\system32\drivers\usbd.sys

2014-06-12 15:09:25 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll

2014-06-12 15:09:25 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe

2014-06-12 15:09:25 ----A---- C:\WINDOWS\SYSWOW64\framedyn.dll

2014-06-12 15:09:25 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll

2014-06-12 15:09:25 ----A---- C:\WINDOWS\system32\wuauclt.exe

2014-06-12 15:09:25 ----A---- C:\WINDOWS\system32\WebClnt.dll

2014-06-12 15:09:25 ----A---- C:\WINDOWS\system32\Robocopy.exe

2014-06-12 15:09:25 ----A---- C:\WINDOWS\system32\IKEEXT.DLL

2014-06-12 15:09:25 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll

2014-06-12 15:09:25 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll

2014-06-12 15:09:25 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe

2014-06-12 15:09:24 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc6.dll

2014-06-12 15:09:24 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc.dll

2014-06-12 15:09:24 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys

2014-06-12 15:09:23 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll

2014-06-12 15:09:23 ----A---- C:\WINDOWS\system32\srms.dat

2014-06-12 15:09:23 ----A---- C:\WINDOWS\system32\reseteng.dll

2014-06-12 15:09:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys

2014-06-12 15:08:39 ----A---- C:\WINDOWS\system32\mfps.dll

2014-06-12 15:05:06 ----A---- C:\WINDOWS\system32\iertutil.dll

2014-06-12 15:05:05 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll

2014-06-12 15:05:05 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll

2014-06-12 15:05:04 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll

2014-06-12 15:05:04 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll

2014-06-12 15:05:04 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll

2014-06-12 15:05:03 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll

2014-06-12 15:05:03 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll

2014-06-12 15:05:01 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll

2014-06-12 15:05:01 ----A---- C:\WINDOWS\system32\urlmon.dll

2014-06-12 15:05:01 ----A---- C:\WINDOWS\system32\dxtmsft.dll

2014-06-12 15:05:00 ----A---- C:\WINDOWS\system32\msfeeds.dll

2014-06-12 15:04:59 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll

2014-06-12 15:04:58 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll

2014-06-12 15:04:58 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll

2014-06-12 15:04:57 ----A---- C:\WINDOWS\system32\dxtrans.dll

2014-06-12 15:04:56 ----A---- C:\WINDOWS\system32\mshtmled.dll

2014-06-12 15:04:56 ----A---- C:\WINDOWS\system32\jscript9diag.dll

2014-06-12 15:04:56 ----A---- C:\WINDOWS\system32\ieframe.dll

2014-06-12 15:04:55 ----A---- C:\WINDOWS\system32\jscript9.dll

2014-06-12 15:04:54 ----A---- C:\WINDOWS\system32\jsproxy.dll

2014-06-12 15:04:54 ----A---- C:\WINDOWS\system32\ieapfltr.dll

2014-06-12 15:04:53 ----A---- C:\WINDOWS\system32\mshtml.dll

2014-06-12 15:04:51 ----A---- C:\WINDOWS\system32\wininet.dll

2014-06-12 15:04:50 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll

2014-06-12 15:04:48 ----A---- C:\WINDOWS\system32\ie4uinit.exe

2014-06-12 15:04:47 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll

2014-06-12 15:04:35 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll

2014-06-12 15:04:35 ----A---- C:\WINDOWS\system32\msxml3.dll

2014-06-12 15:04:34 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll

2014-06-12 15:04:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-06-12 15:04:34 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll

2014-06-12 15:04:34 ----A---- C:\WINDOWS\system32\WSShared.dll

2014-06-12 15:04:34 ----A---- C:\WINDOWS\system32\WSReset.exe

2014-06-12 15:04:34 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-06-12 15:04:34 ----A---- C:\WINDOWS\system32\gdi32.dll

2014-06-12 15:04:33 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys

2014-06-12 15:04:33 ----A---- C:\WINDOWS\system32\drivers\ks.sys

2014-06-12 15:04:33 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS

2014-06-12 15:04:32 ----A---- C:\WINDOWS\SYSWOW64\drvinst.exe

2014-06-12 15:04:32 ----A---- C:\WINDOWS\system32\rdpcorets.dll

2014-06-12 15:04:32 ----A---- C:\WINDOWS\system32\FntCache.dll

2014-06-12 15:04:32 ----A---- C:\WINDOWS\system32\DWrite.dll

2014-06-12 15:04:32 ----A---- C:\WINDOWS\system32\drvinst.exe

2014-06-12 15:04:32 ----A---- C:\WINDOWS\system32\drvcfg.exe

2014-06-12 15:04:31 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll

2014-06-12 15:04:31 ----A---- C:\WINDOWS\system32\WpcMon.exe

2014-06-12 15:04:31 ----A---- C:\WINDOWS\system32\Wpc.dll

2014-06-12 15:04:30 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll

2014-06-12 15:04:30 ----A---- C:\WINDOWS\system32\WpcWebSync.dll

2014-06-12 15:04:30 ----A---- C:\WINDOWS\system32\wpccpl.dll

2014-06-12 15:04:30 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys

2014-06-12 15:04:00 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll

2014-06-12 15:04:00 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll

2014-06-12 15:03:58 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe

2014-06-12 15:03:58 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll

2014-06-12 15:03:58 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll

2014-06-12 15:03:58 ----A---- C:\WINDOWS\system32\ieUnatt.exe

2014-06-12 15:03:58 ----A---- C:\WINDOWS\system32\iesetup.dll

2014-06-12 15:03:58 ----A---- C:\WINDOWS\system32\iernonce.dll

2014-06-12 15:03:58 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll

2014-06-12 15:03:58 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll

2014-06-12 15:03:58 ----A---- C:\WINDOWS\system32\ieetwcollector.exe

2014-06-12 15:03:57 ----A---- C:\WINDOWS\system32\msrating.dll

2014-06-10 09:32:18 ----D---- C:\Users\willem\AppData\Roaming\Boomzap

======List of files/folders modified in the last 1 month======

2014-07-09 10:19:40 ----RD---- C:\Program Files

2014-07-09 10:15:02 ----D---- C:\WINDOWS\Prefetch

2014-07-09 10:07:06 ----D---- C:\WINDOWS\Temp

2014-07-09 10:00:00 ----D---- C:\WINDOWS\system32\sru

2014-07-09 09:43:51 ----D---- C:\WINDOWS\AppReadiness

2014-07-09 00:08:57 ----HD---- C:\Program Files\WindowsApps

2014-07-09 00:03:02 ----D---- C:\WINDOWS\system32\config

2014-07-08 23:57:25 ----D---- C:\Program Files\Google

2014-07-08 23:57:25 ----D---- C:\Program Files (x86)\Google

2014-07-08 01:29:28 ----D---- C:\AdwCleaner

2014-07-06 17:27:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2014-07-06 17:27:36 ----HD---- C:\ProgramData

2014-07-06 17:27:20 ----SHD---- C:\System Volume Information

2014-07-06 17:25:59 ----SHD---- C:\WINDOWS\Installer

2014-07-06 10:15:05 ----D---- C:\WINDOWS\Microsoft.NET

2014-07-05 15:09:37 ----D---- C:\Users\willem\AppData\Roaming\Belastingdienst

2014-07-05 13:45:14 ----D---- C:\WINDOWS\system32\drivers

2014-07-05 13:45:14 ----D---- C:\WINDOWS\nl

2014-07-03 17:39:44 ----D---- C:\Users\willem\AppData\Roaming\Malwarebytes

2014-07-03 17:35:24 ----RD---- C:\Program Files (x86)

2014-07-03 17:34:50 ----RD---- C:\WINDOWS\System32

2014-07-03 17:34:50 ----D---- C:\WINDOWS\Tasks

2014-07-03 17:34:50 ----D---- C:\WINDOWS\system32\Tasks

2014-07-03 17:27:01 ----D---- C:\WINDOWS\Inf

2014-06-28 14:31:33 ----D---- C:\Program Files\CCleaner

2014-06-25 17:12:09 ----D---- C:\WINDOWS\CbsTemp

2014-06-23 21:10:33 ----D---- C:\WINDOWS\system32\catroot2

2014-06-21 11:17:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2014-06-19 23:28:26 ----D---- C:\WINDOWS\WinSxS

2014-06-19 01:17:26 ----D---- C:\Users\willem\AppData\Roaming\vlc

2014-06-15 19:48:10 ----D---- C:\WINDOWS\rescache

2014-06-15 15:09:56 ----D---- C:\WINDOWS\system32\DriverStore

2014-06-12 15:19:07 ----D---- C:\Windows

2014-06-12 15:16:28 ----RD---- C:\WINDOWS\ToastData

2014-06-12 15:16:28 ----D---- C:\WINDOWS\SYSWOW64\migration

2014-06-12 15:16:28 ----D---- C:\WINDOWS\SysWOW64

2014-06-12 15:16:28 ----D---- C:\WINDOWS\system32\wbem

2014-06-12 15:16:28 ----D---- C:\WINDOWS\system32\nl-NL

2014-06-12 15:16:28 ----D---- C:\WINDOWS\system32\migration

2014-06-12 15:16:27 ----D---- C:\WINDOWS\WinStore

2014-06-12 15:16:27 ----D---- C:\Program Files\Internet Explorer

2014-06-12 15:16:27 ----D---- C:\Program Files (x86)\Internet Explorer

2014-06-12 15:16:26 ----D---- C:\WINDOWS\SYSWOW64\wbem

2014-06-12 15:16:26 ----D---- C:\WINDOWS\SYSWOW64\nl-NL

2014-06-12 15:16:26 ----D---- C:\WINDOWS\system32\en-US

2014-06-12 15:16:26 ----D---- C:\WINDOWS\MediaViewer

2014-06-12 15:16:26 ----D---- C:\WINDOWS\FileManager

2014-06-12 15:16:26 ----D---- C:\WINDOWS\Camera

2014-06-12 15:14:03 ----D---- C:\WINDOWS\system32\catroot

2014-06-12 15:12:34 ----D---- C:\ProgramData\Microsoft Help

2014-06-12 15:11:38 ----D---- C:\WINDOWS\system32\MRT

2014-06-12 15:10:20 ----A---- C:\WINDOWS\system32\MRT.exe

2014-06-12 15:01:26 ----D---- C:\ProgramData\Package Cache

2014-06-12 15:01:11 ----D---- C:\ProgramData\Garmin

2014-06-12 15:01:06 ----D---- C:\Program Files (x86)\Garmin

2014-06-10 10:05:44 ----D---- C:\Users\willem\AppData\Roaming\AlawarEntertainment

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-05-01 65776]

R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-05-01 208416]

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-07-02 667496]

R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-05-01 93568]

R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-05-16 1039096]

R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-05-16 423240]

R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]

R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2013-07-22 126872]

R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-05-01 79184]

R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-05-16 85328]

R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-05-21 3791872]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-11-13 4207760]

R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-05-22 452088]

R3 iwdbus;@oem16.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-05-07 27032]

R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\WINDOWS\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]

R3 MEIx64;@oem11.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-04-12 64624]

R3 RTL8168;@oem3.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2012-12-27 760032]

S2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-05-01 29208]

S3 androidusb;@oem56.inf,%SAMSUNG.Adb.SvcDesc%;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2014-04-11 38080]

S3 cleanhlp;cleanhlp; \??\D:\EEK\Run\cleanhlp64.sys [2013-12-19 57024]

S3 dg_ssudbus;@oem63.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]

S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]

S3 intaud_WaveExtensible;@oem15.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-05-07 38296]

S3 lvpopf64;@oem22.inf,%lvpopflt.SrvDesc%;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640]

S3 LVPr2Mon;LVPr2M64 Driver; C:\WINDOWS\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]

S3 LVRS64;@oem22.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]

S3 LVUVC64;@oem23.inf,%PID_08CE_DD%(UVC);Logitech QuickCam Pro 5000(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]

S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2014-07-08 122584]

S3 ssadbus;@oem55.inf,%SAMSUNG.Service.Desc%;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\ssadbus.sys [2014-04-11 169288]

S3 ssadmdfl;@oem57.inf,%Samsung.Filter.Name%;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2014-04-11 21320]

S3 ssadmdm;@oem57.inf,%Samsung.Service.Name%;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2014-04-11 188232]

S3 ssadserd;@oem59.inf,%Samsung.Service.Name%;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2014-04-11 158024]

S3 sscdbus;@oem44.inf,%SAMSUNG.Service.Desc%;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\sscdbus.sys [2014-04-11 169288]

S3 ssudmdm;@oem66.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]

S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]

S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkManagerDMS.exe [2013-10-01 404360]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-01 50344]

R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-04-13 70952]

R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-04-13 312616]

R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-06-09 435032]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-07-02 15720]

R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-05-21 314696]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]

R2 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-04-12 131544]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2013-04-12 169432]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-04-12 366552]

R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]

R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]

R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2013-10-17 605768]

R2 TomTomHOMEService;TomTomHOMEService; D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072]

R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-18 116648]

S3 cphs;Intel® Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-05-21 278344]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-18 116648]

S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]

S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

-----------------EOF-----------------

- - - Updated - - -

ps dit is de url

hxxp://getusaaall.info/?e=svon&cht=2&dcu=1&cpatch=2&dcs=1&pf=1&unp=Azm9CdOLv7DVDyxECyFPg7x9Ae0KBfUKAe4MBG0VWznLDe4PBNq9geFI

- - - Updated - - -

ps dit is de url

hxxp://getusaaall.info/?e=svon&cht=2&dcu=1&cpatch=2&dcs=1&pf=1&unp=Azm9CdOLv7DVDyxECyFPg7x9Ae0KBfUKAe4MBG0VWznLDe4PBNq9geFI

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Deep Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Kape hierbij de gevraagde log

Zoek.exe v5.0.0.0 Updated 05-July-2014

Tool run by willem on do 10-07-2014 at 10:11:04,11.

Microsoft Windows 8.1 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\willem\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

10-7-2014 10:13:07 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Mindscape deleted successfully

C:\Program Files\Google deleted successfully

C:\PROGRA~3\WinZipEC deleted successfully

C:\Users\willem\AppData\Roaming\Malwarebytes deleted successfully

C:\Users\willem\AppData\Roaming\Opera Software deleted successfully

C:\Users\willem\AppData\Roaming\WinRAR deleted successfully

C:\Users\willem\AppData\Local\GHISLER deleted successfully

C:\Users\willem\AppData\Local\MigWiz deleted successfully

C:\Users\willem\AppData\Local\Opera Software deleted successfully

C:\Users\willem\AppData\Local\PackageStaging deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Running Processes ======================

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkDMS.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe

D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Users\willem\Desktop\zoek.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Users\willem\AppData\Roaming\AlawarEntertainment deleted

C:\PROGRA~3\Package Cache deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted

C:\Users\willem\Searches deleted

C:\Users\willem\AppData\LocalLow\weDownload Ltd deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM): 4020 MB

CPU Info: Intel® Core i5-4430 CPU @ 3.00GHz

CPU Speed: 3033,9 MHz

Sound Card: PL2273HDS (Intel® Display Aud |

Speakers (Realtek High Definiti |

Display Adapters: Intel® HD Graphics 4600 | Intel® HD Graphics 4600 | Intel® HD Graphics 4600

Monitors: 1x; Generic PnP Monitor |

Screen Resolution: 1920 X 1080 - 32 bit

Network: Network Present

Network Adapters: Realtek PCIe GBE Family Controller

CD / DVD Drives: 1x (H: | ) H: TSSTcorpCDDVDW SH-224DB

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 16 Button Wheel Mouse Present

Hard Disks: C: 98,7GB | D: 857,5GB | E: 844,5GB | F: 60,0GB | I: 275,0MB

Hard Disks - Free: C: 49,5GB | D: 832,3GB | E: 228,3GB | F: 35,3GB | I: 243,4MB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | | MEDION - 11112011

Time Zone: West-Europa (standaardtijd)

Motherboard *: mp MS-7848

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: avast! Antivirus disabled (Outdated)

Internet Explorer Version: 11.0.9600.17126

Google Chrome version: 35.0.1916.153

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2014-07-10 08:02:45 357CEBBCD99C8928A2D1A61A6CACC168 43152 ----a-w- C:\WINDOWS\avastSS.scr

====== C:\Users\willem\AppData\Local\Temp ====

2014-07-10 08:04:51 E96E9C7164E8567A2FBB91E10996ED2B 100335616 ----a-w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\mpam-d91374b8.exe

====== Java Cache =====

====== C:\WINDOWS\SysWOW64 =====

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

====== C:\WINDOWS\Sysnative\drivers =====

2014-07-03 15:40:09 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys

2014-07-03 15:39:41 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys

2014-07-03 15:39:41 0664F6335F108F38FE08C3CA747311EE 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys

2014-06-12 13:09:31 3EFEB62E6DCF4F19C42FEFE425006B31 440664 ----a-w- C:\WINDOWS\Sysnative\drivers\usbport.sys

2014-06-12 13:09:30 7A1A3F213CDB3363D179D5014272025D 402432 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys

2014-06-12 13:09:30 0F35ADB37DF6AF6BDFB725ECC6C2FD1B 418136 ----a-w- C:\WINDOWS\Sysnative\drivers\usbhub.sys

2014-06-12 13:09:28 DE9C8D03C010969CAD96ACAFC9FD1901 89944 ----a-w- C:\WINDOWS\Sysnative\drivers\usbehci.sys

2014-06-12 13:09:28 674A4702E4E144E8710ED1A2EC6DD049 96768 ----a-w- C:\WINDOWS\Sysnative\drivers\agilevpn.sys

2014-06-12 13:09:27 6BD2B29B58E12B478B2FB2E8866AE784 37376 ----a-w- C:\WINDOWS\Sysnative\drivers\usbuhci.sys

2014-06-12 13:09:26 BE7C78A9EB5886E3DF2D74A7C33ADE22 27480 ----a-w- C:\WINDOWS\Sysnative\drivers\usbd.sys

2014-06-12 13:09:26 65ED7B9CFEA893DF7748D5FF692690DE 38912 ----a-w- C:\WINDOWS\Sysnative\drivers\vwifimp.sys

2014-06-12 13:09:24 35BF5C5F5E3C9902C98978C7640574DA 71680 ----a-w- C:\WINDOWS\Sysnative\drivers\vwififlt.sys

2014-06-12 13:09:01 5C42CEE3E2018E1DFC6E3E17240A432A 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys

2014-06-12 13:04:33 D18EC2C83C2F773C9476A4FB0AA4C314 295424 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys

2014-06-12 13:04:33 A9749FD0A06E22009EA972D8B9CB046B 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS

2014-06-12 13:04:33 4B666AE119D2ADBAC816BEA7DB4D6881 2518872 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys

2014-06-12 13:04:30 182561A14F2E93E81E66FE3700D17A5A 55328 ----a-w- C:\WINDOWS\Sysnative\drivers\wpcfltr.sys

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-07-09 08:19:40 -------- d-----w- C:\Program Files\trend micro

2014-06-15 12:59:54 -------- d-----w- C:\Program Files\Garmin GPS Plugin

======= C:\PROGRA~2 =====

2014-06-15 12:59:56 -------- d-----w- C:\PROGRA~2\Garmin GPS Plugin

======= C: =====

====== C:\Users\willem\AppData\Roaming ======

2014-07-05 13:08:00 -------- d-----w- C:\Users\willem\AppData\Roaming\Newzbin

2014-07-05 13:05:46 -------- d-----w- C:\Users\willem\AppData\Roaming\DailyMagic

2014-06-12 18:56:44 6E5BD48CE66AF89576FA75F38681DCF7 260776 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat

====== C:\Users\willem ======

2014-06-18 09:01:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2014-06-12 13:19:15 -------- d-sh--w- C:\Users\willem\IntelGraphicsProfiles

====== C: exe-files ==

2014-07-10 08:04:51 E96E9C7164E8567A2FBB91E10996ED2B 100335616 ----a-w- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-d91374b8.exe

2014-07-09 08:19:41 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\willem.exe

=== C: other files ==

2014-07-03 15:40:09 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-07-03 15:39:41 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2014-07-03 15:39:41 0664F6335F108F38FE08C3CA747311EE 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-21-856524878-1779934063-3539371782-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"StartMenuX"="d:\Program Files\Start Menu X\StartMenuX.exe"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

"TomTomHOME.exe"="D:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

"KiesPreload"="D:\Program Files (x86)\Nieuwe map\Kies\Kies.exe /preload"

"EPSON SX110 Series"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU C:\WINDOWS\TEMP\E_SC21.tmp /EF HKCU"

"EPSON SX110 Series (Kopie 1)"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU C:\WINDOWS\TEMP\E_S9D95.tmp /EF HKCU"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"

"CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R"

"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

"PWRISOVM.EXE"="d:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup"

"KiesTrayAgent"="D:\Program Files (x86)\Nieuwe map\Kies\KiesTrayAgent.exe"

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe /hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"StartMenuX"="d:\Program Files\Start Menu X\StartMenuX.exe"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

"TomTomHOME.exe"="D:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

"KiesPreload"="D:\Program Files (x86)\Nieuwe map\Kies\Kies.exe /preload"

"EPSON SX110 Series"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU C:\WINDOWS\TEMP\E_SC21.tmp /EF HKCU"

"EPSON SX110 Series (Kopie 1)"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU C:\WINDOWS\TEMP\E_S9D95.tmp /EF HKCU"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

"BCSSync"="D:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"Samsung Link"="C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]

"GarminExpressTrayApp"="\"C:\\Program Files (x86)\\Garmin\\Express Tray\\ExpressTray.exe\""

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\DriverNavigator Scheduled Scan.job --a-------- C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-10-2013 09:25]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C::6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\AutoKMS" [C:\WINDOWS\AutoKMS\AutoKMS.exe]

"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]

"C:\WINDOWS\SysNative\tasks\DriverNavigator Scheduled Scan" [j:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe]

"C:\WINDOWS\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{3C624CB7-A6DD-4B81-8155-C5174C77C862}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{56AAF4A5-130A-48B1-A7E9-06F0FF530D2E}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe]

"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10-07-2014 10:02]

==== Firefox Extensions ======================

ProfilePath: C:\Users\willem\AppData\Roaming\TomTom\HOME\Profiles\gr4votqj.default

- Map status indicator - D:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com

- TomTom HOME default theme - D:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[10-07-2014 10:02]

Google Docs - willem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - willem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - willem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Last updated at time on date - willem\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Google Search - willem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

avast Online Security - willem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

Google Wallet - willem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - willem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{8310303F-6CB1-437E-8E38-CA89AD81A911} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"

O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [PWRISOVM.EXE] d:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

O4 - HKLM\..\Run: [KiesTrayAgent] D:\Program Files (x86)\Nieuwe map\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

O4 - HKCU\..\Run: [startMenuX] d:\Program Files\Start Menu X\StartMenuX.exe

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKCU\..\Run: [TomTomHOME.exe] "D:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [KiesPreload] D:\Program Files (x86)\Nieuwe map\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [EPSON SX110 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_SC21.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [EPSON SX110 Series (Kopie 1)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_S9D95.tmp" /EF "HKCU"

O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')

O8 - Extra context menu item: &Verzenden naar OneNote - res://D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkManagerDMS.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\willem\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\willem\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\willem\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=19 folders=18 36657703 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\willem\AppData\Local\Temp will be emptied at reboot

C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\Users\willem\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 10-07-2014 at 10:24:47,09 ======================

Link naar reactie
Delen op andere sites

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

hier het gevraagde log

# AdwCleaner v3.215 - Rapport aangemaakt 10/07/2014 op 23:14:18

# Laatste Update 09/07/2014 door Xplode

# Besturingssysteem : Windows 8.1 (64 bits)

# Gebruikersnaam : willem - WILLEMPC

# Gestart vanuit : D:\willem\downloads\adwcleaner_3.215.exe

# Optie : Verwijderen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Google Chrome v35.0.1916.153

[ Bestand : C:\Users\willem\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1254 octets] - [18/10/2013 22:56:49]

AdwCleaner[R10].txt - [2154 octets] - [10/07/2014 23:12:56]

AdwCleaner[R1].txt - [3202 octets] - [05/12/2013 16:00:13]

AdwCleaner[R2].txt - [1085 octets] - [10/12/2013 11:16:43]

AdwCleaner[R3].txt - [1145 octets] - [21/12/2013 22:55:56]

AdwCleaner[R4].txt - [1155 octets] - [30/12/2013 18:44:42]

AdwCleaner[R5].txt - [1288 octets] - [10/01/2014 23:34:41]

AdwCleaner[R6].txt - [1650 octets] - [04/03/2014 17:17:15]

AdwCleaner[R7].txt - [2637 octets] - [05/06/2014 19:17:59]

AdwCleaner[R8].txt - [2370 octets] - [02/07/2014 19:34:29]

AdwCleaner[R9].txt - [1849 octets] - [08/07/2014 01:28:27]

AdwCleaner[s0].txt - [1206 octets] - [18/10/2013 22:58:09]

AdwCleaner[s1].txt - [2243 octets] - [05/12/2013 16:01:22]

AdwCleaner[s2].txt - [1147 octets] - [10/12/2013 11:17:13]

AdwCleaner[s3].txt - [1217 octets] - [30/12/2013 18:45:38]

AdwCleaner[s4].txt - [1350 octets] - [10/01/2014 23:44:59]

AdwCleaner[s5].txt - [1717 octets] - [04/03/2014 17:18:08]

AdwCleaner[s6].txt - [2674 octets] - [05/06/2014 19:19:08]

AdwCleaner[s7].txt - [2446 octets] - [02/07/2014 19:35:37]

AdwCleaner[s8].txt - [1913 octets] - [08/07/2014 01:29:24]

AdwCleaner[s9].txt - [1960 octets] - [10/07/2014 23:14:18]

########## EOF - C:\AdwCleaner\AdwCleaner[s9].txt - [2020 octets] ##########

Link naar reactie
Delen op andere sites

Uitstekend ... dan mag je nu de gebruikte tools en nog wat overbodige restjes opruimen:

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”.

Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”.

Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.