patrickngstar
-
Items
53 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door patrickngstar
-
Toshiba laptop is heel traag
patrickngstar reageerde op patrickngstar's topic in Archief Windows Vista
Goedenmiddag, ik kan de bestanden niet vinden, ik weet namelijk niet waar ik ze moet zoeken. Ik heb wel een logbestand bewaard, echter weet ik niet of dit het juiste is, ik heb het voor de zekerheid bijgevoegd aan dit bericht. Groet log.txt -
Toshiba laptop is heel traag
patrickngstar reageerde op patrickngstar's topic in Archief Windows Vista
Goedemiddag, hierbij de log van malwarebytes. Prettig weekend! Fixlog.txt -
Toshiba laptop is heel traag
patrickngstar reageerde op patrickngstar's topic in Archief Windows Vista
Hallo , bedankt voor uw bericht. Hierbij de log. Prettige avond Fixlog.txt -
Toshiba laptop is heel traag
patrickngstar reageerde op patrickngstar's topic in Archief Windows Vista
Hallo, bedankt voor uw bericht, hierbij de twee log bestanden. Groet Addition.txt FRST.txt -
Toshiba laptop is heel traag
patrickngstar reageerde op patrickngstar's topic in Archief Windows Vista
Goeden dag, Bedankt voor het advies, ik heb met removal, Norton 360 verwijderd. Heeft u ook adviezen om hoe de computer te verschonen? Alvast bedankt Fijne avond. -
Geachte heer/mevrouw, Graag zou ik mijn Toshiba laptop van circa 8 jaar oud nog een kans willen geven. Hij is online heel erg traag geworden en ik probeer Norton 360 Premier van de computer te verwijderen, zodat ik er een gratis antivirus op kan zetten. Echter bij het configuratiescherm lukt het mij niet om de Norton 360 Premier te verwijderen. Kunt u mij helpen mijn laptop weer bruikbaar te maken mbt terug brengen naar redelijke snelheid en het Norton programma definitief te verwijderen? Hartelijk Dank! Patrick
-
Ok super! Bedankt voor de informatie' groet!
-
Beste Mako Hartelijk dank voor je bericht en advies. Mag ik vragen hoe je Norton de-installeerd voordat je Avira gebruikt? Groeten Patrick
-
Goedendag Mijn norton antivirus abonnement loopt binnenkort af. Weet u een goed gratis antivirus programma dat te verkrijgen is op het internet? Met vriendelijke groet Patrick
-
conduit spyware
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
Goedendag! Het is weer helemaal schoon! Bovendien is mijn laptop ook nog eens veel sneller geworden! Super! Bedankt, u bent een genie! Groet Patrick -
conduit spyware
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
[ATTACH]32514[/ATTACH] Goedenmorgen Hierbij het logje van AdwCleaner. Fijne dag toegewenst Groet Patrick AdwCleaner[S0].txt -
conduit spyware
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
[ATTACH]32507[/ATTACH] Goedenavond Bedankt voor uw bericht, hierbij vindt u het logje van zoek-results. Mag ik de Norton antivirus weer aanzetten? Met vriendelijke groet Patrick zoek-results.txt -
conduit spyware
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
[ATTACH]32465[/ATTACH] Goedendag, hierbij attached het logje van rsit. Hartelijk dank Patrick log.txt -
Goedendag Ik heb een toolbar als ik youtube open en als ik het probeer te deinstalleren dan krijg ik een melding van conduit. Ik heb dus het vermoeden dat conduit op mijn laptop zit. Wilt u mij svp helpen om het te verwijderen van mijn computer? Met vriendelijke groet Patrick
-
Norton Internet Security geeft foutmelding
patrickngstar reageerde op patrickngstar's topic in Archief Andere software
Goedendag Ik heb de computer opnieuw opgestart en nu doet alles weer zoals het hoort. Thanx -
Norton Internet Security geeft foutmelding
patrickngstar plaatste een topic in Archief Andere software
Goedendag Mijn Norton antivirus geeft een waarschuwing dat SONAR beveiliging het niet doet. Als ik op "verhelpen" klik dan probeert Norton het te repareren, echter wil dat niet lukken en krijg ik de melding: "Reparatie niet voltooid" Norton zegt dat mijn computer nu niet optimaal beschermd is. Hoe kan ik dit oplossen? Bij voorbaat Dank Met vriendelijke groet Patrick -
verwijderen spy hunter
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
Goedenavond Ik heb even geknutseld en ben naar configuratiescherm gegaan en heb daar nogmaals het programma spyhunter verwijderd, nu is het wel gelukt en het icoontje is van mijn bureaublad verdwenen, daarna heb ik de stappen gedaan die u beschreven heeft mbt cc cleaner en het searchconduit scherm komt niet meer als ik op google chrome klik. Kan ik er nu vanuit gaan dat beide problemen verholpen zijn? Alvast bedankt Met vriendelijke groet Patrick -
verwijderen spy hunter
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
Goedenavond Beide conduit search en spyhunter zitten nog steeds op mijn computer. Ik heb de delfix exe uitgevoerd. Wat zal ik nu doen? Groet Patrick -
verwijderen spy hunter
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
Goedenavond Mag ik de antivirus programma's weer activeren? Groet Patrick -
verwijderen spy hunter
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
Zoek.exe v5.0.0.0 Updated 25-January-2014 Tool run by Patrickngstar on zo 26-01-2014 at 21:38:42,34. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode No Internet Access Detected Launched: c:\Users\Patrickngstar\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-01-26-194251.log 28953 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\IB Updater not found "C:\Users\Patrickngstar\AppData\Local\Temp\SHSetup.exe" not found C:\Users\Patrickngstar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter deleted C:\Windows\system32\tasks\1a45ac28 deleted C:\Windows\system32\tasks\1acee6f0 deleted C:\Windows\system32\tasks\1c8affc0 deleted C:\Windows\system32\tasks\2acc8fa8 deleted C:\Windows\system32\tasks\2f359ca8 deleted C:\Windows\system32\tasks\3b62c770 deleted C:\Windows\system32\tasks\4a03fff0 deleted C:\Windows\system32\tasks\513826f0 deleted C:\Windows\system32\tasks\553ce168 deleted C:\Windows\system32\tasks\57eb7e8 deleted C:\Windows\system32\tasks\5afc1a68 deleted C:\Windows\system32\tasks\5bad7270 deleted C:\Windows\system32\tasks\5cf29128 deleted C:\Windows\system32\tasks\64768dc0 deleted C:\Windows\system32\tasks\67e637f0 deleted C:\Windows\system32\tasks\6ca7afc0 deleted C:\Windows\system32\tasks\6d9dc3c0 deleted C:\Windows\system32\tasks\72fa6dc0 deleted C:\Windows\system32\tasks\7d4859e8 deleted C:\Windows\system32\tasks\82cc93f0 deleted C:\Windows\system32\tasks\8bbc5428 deleted C:\Windows\system32\tasks\8c96068 deleted C:\Windows\system32\tasks\8ca68e68 deleted C:\Windows\system32\tasks\94a07570 deleted C:\Windows\system32\tasks\a9e65dc0 deleted C:\Windows\system32\tasks\b07eee8 deleted C:\Windows\system32\tasks\bbedd9c0 deleted C:\Windows\system32\tasks\bff9e1c0 deleted C:\Windows\system32\tasks\c9f43ae8 deleted C:\Windows\system32\tasks\d75e4c70 deleted C:\Windows\system32\tasks\e1614aa8 deleted C:\Windows\system32\tasks\e54a31c0 deleted C:\Windows\system32\tasks\e54f03c0 deleted C:\Windows\system32\tasks\ed7b1068 deleted C:\Windows\system32\tasks\f78fe1c0 deleted C:\Windows\system32\tasks\fb031a28 deleted C:\Windows\system32\tasks\fe39c570 deleted "C:\MSDOS.SYS" deleted "C:\IO.SYS" deleted "C:\Users\Patrickngstar\Downloads\SpyHunter-Installer.exe" deleted ==== C:\zoek_backup content ====================== C:\zoek_backup (files=107 folders=16 90362218 bytes) ==== EOF on zo 26-01-2014 at 21:43:28,72 ====================== -
verwijderen spy hunter
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
Hallo Hieronder het log van zoek.exe Bedankt Zoek.exe v5.0.0.0 Updated 25-January-2014 Tool run by Patrickngstar on zo 26-01-2014 at 20:17:27,68. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Patrickngstar\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 26-1-2014 20:20:52 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\cygdrive deleted successfully C:\Program Files\Freemake deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\ProgramData\Freemake deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1869149521-1382232434-93143114-1000\Software\Microsoft\Internet Explorer\SearchScopes\{e6d3044d-837d-43cc-b129-b4a5dcdf1f7f} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Esgiguard deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Esgiguard deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files\Enigma Software Group deleted C:\sh4ldr deleted C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted C:\found.000 deleted C:\Users\Patrickngstar\AppData\Roaming\Adobe\plugs deleted C:\Users\Patrickngstar\AppData\Roaming\Adobe\shed deleted C:\Users\Patrickngstar\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted C:\Windows\System32\Tasks\WinMaximizer-Patrickngstar-Startup deleted C:\Windows\Tasks\WinMaximizer-Patrickngstar-Startup.job deleted C:\Users\Patrickngstar\Downloads\iLividSetup.exe deleted C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCall.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla17.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla18.exe" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla19.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla2.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla20.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla22.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla22.exe" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-01-08 14:54:55 7ED438C44B90AF7B01609A942C7E7196 212480 ----a-w- C:\Windows\PCDLIB32.DLL 2014-01-08 14:52:25 DDD13F2ADEF13CE594634FEF9FEE0FFC 61440 ------w- C:\Windows\ov530dib.dll ====== C:\Users\PATRIC~1\AppData\Local\Temp ==== 2014-01-25 20:15:01 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-01-25 19:00:48 8B6FAC9B29365C7371CBBF86C339D3A2 46215248 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\SHSetup.exe 2014-01-25 18:34:29 6C06B19AB70815C0483E5657DF925E2D 120120 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\TUUUninstallHelper.exe 2014-01-25 17:51:15 85E4DF3349C45B318CE19E883E678D23 28690976 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\FreemakeVideoConverter_4.1.3.0.exe 2014-01-16 23:39:23 CFA7D92B53917CD247C3D55763C85090 436224 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\LJHD\Newtonsoft.Json.dll 2014-01-16 23:39:23 BC83108B18756547013ED443B8CDB31B 421200 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\LJHD\msvcp100.dll 2014-01-16 23:39:23 2EA1E16D6E0EA26D17357C4EA37BF44B 727552 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\LJHD\On2_routins.dll 2014-01-16 23:39:23 1B8A753CE8AF7CE439F4D3ECE20FA35C 3946496 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\LJHD\jcam.exe 2014-01-16 23:39:22 E3A471D2B43E91B14DCD4ED99DE8C276 1239040 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\LJHD\jasmin.dll 2014-01-16 23:39:22 D2A8E6E93004EFF1405FD59051518217 36864 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\LJHD\IpHlpApi.net.dll 2014-01-16 23:39:22 4032513982C59E21D4F7EE173928669B 28672 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\LJHD\es-ES\jcam.resources.dll 2014-01-16 23:39:22 2DDA03368C8298D71ACA63EC71DE23ED 94720 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\LJHD\ddsilentaudio.dll 2014-01-15 11:47:02 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\i4jdel2.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== 2014-01-08 14:52:25 7AF8E2849F31AA42EE6A7AD2E6612789 25177 ------w- C:\Windows\System32\drivers\ov530cmd.sys 2014-01-08 14:52:25 71CFFB1E06AA8978A7B4A346C191F8BA 161792 ------w- C:\Windows\System32\drivers\ov530vid.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-08 16:11:50 -------- d-----w- C:\Program Files\LiveJasmin.com 2014-01-08 14:54:58 -------- d-----w- C:\Program Files\Common Files\ArcSoft 2014-01-08 14:54:49 -------- d-----w- C:\Program Files\Hercules ======= C: ===== 2014-01-08 11:34:52 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS 2014-01-08 11:34:52 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS ====== C:\Users\Patrickngstar\AppData\Roaming ====== 2014-01-25 19:03:04 -------- d-----w- C:\Users\Patrickngstar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2014-01-25 18:29:52 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG 2014-01-25 18:21:54 796AED372F81D71DF17E772A9BB6AFBD 303728 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\WPFFontCache_v0400-System.dat 2014-01-25 18:21:54 796AED372F81D71DF17E772A9BB6AFBD 303728 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\WPFFontCache_v0400-S-1-5-18-16384.dat 2014-01-25 17:54:21 -------- d-----w- C:\Users\Patrickngstar\AppData\Local\FreemakeVideoConverter 2014-01-25 17:53:23 -------- d-----w- C:\Users\Patrickngstar\AppData\Roaming\AVG 2014-01-08 11:41:42 -------- d-----w- C:\Users\Patrickngstar\AppData\Roaming\ArcSoft ====== C:\Users\Patrickngstar ====== 2014-01-26 17:07:08 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Patrickngstar\Downloads\RSIT.exe 2014-01-25 20:14:38 EE386D5ACB945089BCD91766697224BB 1037068 ----a-w- C:\Users\Patrickngstar\Downloads\JRT.exe 2014-01-25 19:55:17 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\Patrickngstar\Downloads\adwcleaner.exe 2014-01-25 19:00:19 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Patrickngstar\Downloads\SpyHunter-Installer.exe 2014-01-25 17:53:00 -------- d-----w- C:\ProgramData\AVG 2014-01-25 17:52:49 -------- d--h--w- C:\ProgramData\Common Files 2014-01-25 17:46:18 E24FDC665349D118D80D87FCF810B7D7 1307920 ----a-w- C:\Users\Patrickngstar\Downloads\FreemakeVideoConverterSetup.exe 2014-01-20 15:09:20 6EE57BBE3A49F8BC4BE0049BB51ABD83 152704 ----a-w- C:\Users\Patrickngstar\Downloads\Revenge S03E12 720p HDTV x264__3038_i277182101_il1023041.exe 2014-01-20 15:06:22 6EE57BBE3A49F8BC4BE0049BB51ABD83 152704 ----a-w- C:\Users\Patrickngstar\Downloads\Revenge S03E12 720p HDTV x264__3516_i277176939_il1021786.exe 2014-01-20 15:06:16 6EE57BBE3A49F8BC4BE0049BB51ABD83 152704 ----a-w- C:\Users\Patrickngstar\Downloads\Revenge S03E12 720p HDTV x264__3039_i277176771_il1021786.exe 2014-01-08 16:13:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2014-01-08 14:55:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hercules WebCam Station ====== C: exe-files == 2014-01-26 17:07:08 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Patrickngstar\Downloads\RSIT.exe 2014-01-25 20:15:01 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-01-25 20:14:38 EE386D5ACB945089BCD91766697224BB 1037068 ----a-w- C:\Users\Patrickngstar\Downloads\JRT.exe 2014-01-25 19:55:17 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\Patrickngstar\Downloads\adwcleaner.exe 2014-01-25 19:03:05 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Patrickngstar\AppData\Roaming\Microsoft\Installer\{455F074C-814E-4520-B69B-5584BD90400C}\IconF7A21AF7.exe 2014-01-25 19:03:05 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Patrickngstar\AppData\Roaming\Microsoft\Installer\{455F074C-814E-4520-B69B-5584BD90400C}\IconD7F16134.exe 2014-01-25 19:03:05 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Patrickngstar\AppData\Roaming\Microsoft\Installer\{455F074C-814E-4520-B69B-5584BD90400C}\IconCF33A0CE.exe 2014-01-25 19:00:48 8B6FAC9B29365C7371CBBF86C339D3A2 46215248 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\SHSetup.exe 2014-01-25 19:00:19 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Patrickngstar\Downloads\SpyHunter-Installer.exe 2014-01-25 18:34:29 6C06B19AB70815C0483E5657DF925E2D 120120 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\TUUUninstallHelper.exe 2014-01-25 17:51:15 85E4DF3349C45B318CE19E883E678D23 28690976 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\FreemakeVideoConverter_4.1.3.0.exe 2014-01-25 17:46:18 E24FDC665349D118D80D87FCF810B7D7 1307920 ----a-w- C:\Users\Patrickngstar\Downloads\FreemakeVideoConverterSetup.exe 2014-01-23 16:20:13 EF0A1867E839BA0F6A2C1A0BC3C46D19 8562208 ----a-w- C:\Users\Patrickngstar\AppData\Roaming\Azureus\tmp\AZU5815948115817239327.tmp\VuzePlus_5.2.0.0_win32.exe 2014-01-20 15:09:20 6EE57BBE3A49F8BC4BE0049BB51ABD83 152704 ----a-w- C:\Users\Patrickngstar\Downloads\Revenge S03E12 720p HDTV x264__3038_i277182101_il1023041.exe 2014-01-20 15:06:22 6EE57BBE3A49F8BC4BE0049BB51ABD83 152704 ----a-w- C:\Users\Patrickngstar\Downloads\Revenge S03E12 720p HDTV x264__3516_i277176939_il1021786.exe 2014-01-20 15:06:16 6EE57BBE3A49F8BC4BE0049BB51ABD83 152704 ----a-w- C:\Users\Patrickngstar\Downloads\Revenge S03E12 720p HDTV x264__3039_i277176771_il1021786.exe === C: other files == 2014-01-25 20:15:01 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\modules.bat 2014-01-25 20:15:01 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\chrome.bat 2014-01-25 20:15:01 BAD6C67C870CC81C48DBA53089929884 153331 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\firefox.bat 2014-01-25 20:15:01 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\FWPolicy.bat 2014-01-25 20:15:01 B7D46D5BC21F69EFEEFFC15060E423AC 154167 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\misc.bat 2014-01-25 20:15:01 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\ask.bat 2014-01-25 20:15:01 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\ev_clear.bat 2014-01-25 20:15:01 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\iexplore.bat 2014-01-25 20:15:01 7178963AEE641F3E47E1CE22416F8A3A 9295 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\runvalues.bat 2014-01-25 20:15:01 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\delorphans.bat 2014-01-25 20:15:01 5AE8F4442CA6D69FE9A6738E8DB411F2 10261 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\JRT.bat 2014-01-25 20:15:01 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\prelim.bat 2014-01-25 20:15:01 55D97CE5B1A61AD51F887E46550029F6 16063 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\get.bat 2014-01-25 20:15:01 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\searchlnk.bat 2014-01-25 20:15:01 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\TDL4.bat 2014-01-25 20:15:01 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\medfos.bat 2014-01-25 20:15:01 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\Patrickngstar\AppData\Local\Temp\jrt\delfolders.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "TOSHIBA Online Product Information"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-1869149521-1382232434-93143114-1000\Software\Microsoft\Windows\CurrentVersion\Run] "TOSHIBA Online Product Information"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" "NortonUtilities"="C:\Program Files\Norton Utilities 14\RMTray.exe /H" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "TOSHIBA Online Product Information"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" "HWSetup"="C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP" "SVPWUTIL"="C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL" "KeNotify"="C:\Program Files\TOSHIBA\Utilities\KeNotify.exe" "TosSENotify"="C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "ToshibaServiceStation"="C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60" "NDSTray.exe"="C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe" "cfFncEnabler.exe"="C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe" "Toshiba TEMPRO"="C:\Program Files\Toshiba TEMPRO\TemproTray.exe" "Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaReminder.exe" "CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot" "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" "HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe " "SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe " "00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe " "SmartFaceVWatcher"="%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe " "Teco"=""%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r" "TPCHWMsg"="%ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe " "TWebCamera"=""%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOSHIBA Online Product Information"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" "NortonUtilities"="C:\Program Files\Norton Utilities 14\RMTray.exe /H" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" ==== Startup Folders ====================== 2009-06-15 15:45:56 1835 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2009-06-15 15:45:56 1835 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\1a45ac28" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup3372251560.exe] "C:\Windows\system32\tasks\1acee6f0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup2450814448.exe] "C:\Windows\system32\tasks\1c8affc0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup663758784.exe] "C:\Windows\system32\tasks\2acc8fa8" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup890296488.exe] "C:\Windows\system32\tasks\2f359ca8" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup2491145256.exe] "C:\Windows\system32\tasks\3b62c770" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup260009328.exe] "C:\Windows\system32\tasks\4a03fff0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup3990471408.exe] "C:\Windows\system32\tasks\513826f0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup3669537776.exe] "C:\Windows\system32\tasks\553ce168" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup178980520.exe] "C:\Windows\system32\tasks\57eb7e8" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup1393277992.exe] "C:\Windows\system32\tasks\5afc1a68" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup2778478568.exe] "C:\Windows\system32\tasks\5bad7270" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup476093680.exe] "C:\Windows\system32\tasks\5cf29128" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup1240848040.exe] "C:\Windows\system32\tasks\64768dc0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup2541985728.exe] "C:\Windows\system32\tasks\67e637f0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup355460848.exe] "C:\Windows\system32\tasks\6ca7afc0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup1953736128.exe] "C:\Windows\system32\tasks\6d9dc3c0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup239303104.exe] "C:\Windows\system32\tasks\72fa6dc0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup3693038016.exe] "C:\Windows\system32\tasks\7d4859e8" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup3452060904.exe] "C:\Windows\system32\tasks\82cc93f0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup1373165296.exe] "C:\Windows\system32\tasks\8bbc5428" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup47431336.exe] "C:\Windows\system32\tasks\8c96068" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup4172909736.exe] "C:\Windows\system32\tasks\8ca68e68" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup396525672.exe] "C:\Windows\system32\tasks\94a07570" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup699711088.exe] "C:\Windows\system32\tasks\a9e65dc0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup3847549376.exe] "C:\Windows\system32\tasks\b07eee8" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup578643880.exe] "C:\Windows\system32\tasks\bbedd9c0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup3175574464.exe] "C:\Windows\system32\tasks\bff9e1c0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup4108751808.exe] "C:\Windows\system32\tasks\c9f43ae8" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup566593576.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\d75e4c70" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup1121121392.exe] "C:\Windows\system32\tasks\e1614aa8" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup718657704.exe] "C:\Windows\system32\tasks\e54a31c0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup2159548864.exe] "C:\Windows\system32\tasks\e54f03c0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup3653488064.exe] "C:\Windows\system32\tasks\ed7b1068" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup2070145320.exe] "C:\Windows\system32\tasks\f78fe1c0" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup3309753792.exe] "C:\Windows\system32\tasks\fb031a28" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup3445636520.exe] "C:\Windows\system32\tasks\fe39c570" [C:\Users\PATRIC~1\AppData\Local\Temp\\setup2650958960.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Norton WSC Integration" ["C:\Program Files\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe"] "C:\Windows\system32\tasks\{A25E890E-0558-4031-A323-F548929DD1C1}" [C:\Program Files\Skype\Phone\Skype.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe] "C:\Windows\system32\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\IPSFF" [25-01-2014 19:24] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{336D0C35-8A85-403a-B9D2-65C292C39087}"="C:\Program Files\IB Updater\Firefox" [] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fgnippahjheicjenccifemomfgjofdhp - C:\ProgramData\TheBflix\fgnippahjheicjenccifemomfgjofdhp.crx[] jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx[19-01-2014 18:42] niogeckbkdcabhnapjbkeiklablhjoca - C:\Program Files\Perion\ChromeInfoBar\ChromeInfoBar.crx[] Google Docs - Patrickngstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Patrickngstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Patrickngstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Patrickngstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - Patrickngstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Norton Identity Protection - Patrickngstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Patrickngstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Patrickngstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {7739DA4F-D0A9-489C-91FF-BF4E533C404E} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG_nl" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{132804FC-A049-F6F8-799F-9219760ADEAB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fgnippahjheicjenccifemomfgjofdhp deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Patrickngstar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Patrickngstar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Patrickngstar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=66 folders=15 89524162 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Patrickngstar\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\PATRIC~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Patrickngstar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on zo 26-01-2014 at 20:42:51,63 ====================== -
verwijderen spy hunter
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
Goedenavond Bedankt voor uw reactie, hieronder het kopie log txt RSIT Vriendelijke groet Patrick Logfile of random's system information tool 1.09 (written by random/random) Run by Patrickngstar at 2014-01-26 18:10:30 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 16 GB (11%) free of 153 GB Total RAM: 3036 MB (49% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:10:32, on 26-1-2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16526) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe C:\Program Files\TOSHIBA\Utilities\KeNotify.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\TECO\TEco.exe C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\Toshiba TEMPRO\TemproTray.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Norton Utilities 14\RMTray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\SearchFilterHost.exe c:\Users\Patrickngstar\Downloads\RSIT.exe C:\Program Files\trend micro\Patrickngstar.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [smartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe O4 - HKLM\..\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [TPCHWMsg] %ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe O4 - HKLM\..\Run: [NDSTray.exe] "C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe" O4 - HKLM\..\Run: [cfFncEnabler.exe] "C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe" O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun O4 - HKLM\..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [NortonUtilities] C:\Program Files\Norton Utilities 14\RMTray.exe /H O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: TOSHIBA Web Camera Service (camsvc) - TOSHIBA - C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe O23 - Service: RosettaStoneDaemon - Rosetta Stone Ltd. - C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD/SSD-waarschuwingsservice (TOSHIBA HDD SSD Alert Service) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- End of file - 12291 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\WinMaximizer-Patrickngstar-Startup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-04 460712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-04 170416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-03-30 7289376] "HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2007-04-16 421888] "SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2008-11-21 438272] "KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088] "TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [2009-04-23 1011712] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-21 61440] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-03-06 468320] "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 55160] "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-03-31 503808] "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-03-23 729088] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-20 1451304] "SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-03-24 163840] "Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-04-24 1323008] "ToshibaServiceStation"=C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-04-01 1283384] "TPCHWMsg"=C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe [2009-04-15 570736] "NDSTray.exe"=C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2009-05-12 299008] "cfFncEnabler.exe"=C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe [2009-03-24 16384] "TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2009-04-16 2513472] "Toshiba TEMPRO"=C:\Program Files\Toshiba TEMPRO\TemproTray.exe [2009-03-23 1045904] "Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-03-04 96144] "CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152] "SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-04-20 58656] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-03-30 1833504] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-08-16 152392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOSHIBA Online Product Information"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2009-03-16 6158240] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-07-03 135680] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2011-03-09 247728] "NortonUtilities"=C:\Program Files\Norton Utilities 14\RMTray.exe [2009-09-14 279912] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktopChanges"=0 "NoSetActiveDesktop"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktopChanges"=0 "NoSetActiveDesktop"=0 "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "msacm.siren"=sirenacm.dll "vidc.XVID"=xvidvfw.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-01-26 18:07:44 ----D---- C:\rsit 2014-01-25 21:15:14 ----D---- C:\Windows\ERUNT 2014-01-25 20:56:00 ----D---- C:\AdwCleaner 2014-01-25 20:03:02 ----D---- C:\sh4ldr 2014-01-25 20:03:02 ----D---- C:\Program Files\Enigma Software Group 2014-01-25 20:01:50 ----D---- C:\Windows\455F074C814E4520B69B5584BD90400C.TMP 2014-01-25 18:53:23 ----D---- C:\Users\Patrickngstar\AppData\Roaming\AVG 2014-01-25 18:53:00 ----D---- C:\ProgramData\AVG 2014-01-25 18:52:49 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-01-25 18:52:49 ----HD---- C:\ProgramData\Common Files 2014-01-25 18:52:18 ----D---- C:\ProgramData\Freemake 2014-01-25 18:51:45 ----D---- C:\Program Files\Freemake 2014-01-08 17:11:50 ----D---- C:\Program Files\LiveJasmin.com 2014-01-08 15:54:58 ----D---- C:\Program Files\Common Files\ArcSoft 2014-01-08 15:54:55 ----A---- C:\Windows\system32\unicows.dll 2014-01-08 15:54:55 ----A---- C:\Windows\PCDLIB32.DLL 2014-01-08 15:54:49 ----D---- C:\Program Files\Hercules 2014-01-08 15:52:25 ----N---- C:\Windows\system32\ov530usd.dll 2014-01-08 15:52:25 ----N---- C:\Windows\system32\ov530ext.dll 2014-01-08 15:52:25 ----N---- C:\Windows\system32\drivers\ov530vid.sys 2014-01-08 15:52:25 ----N---- C:\Windows\system32\drivers\ov530cmd.sys 2014-01-08 15:52:25 ----N---- C:\Windows\ov530dib.dll 2014-01-08 15:52:25 ----D---- C:\Windows\OvtCam 2014-01-08 12:41:42 ----D---- C:\Users\Patrickngstar\AppData\Roaming\ArcSoft 2014-01-08 12:34:52 ----RASH---- C:\MSDOS.SYS 2014-01-08 12:34:52 ----RASH---- C:\IO.SYS 2014-01-06 20:23:36 ----A---- C:\Windows\system32\GPhotos.scr ======List of files/folders modified in the last 1 month====== 2014-01-26 18:10:31 ----D---- C:\Program Files\Trend Micro 2014-01-26 18:10:28 ----D---- C:\Windows\Temp 2014-01-26 18:03:09 ----D---- C:\Windows\System32 2014-01-26 18:03:09 ----D---- C:\Windows\inf 2014-01-26 18:03:09 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-01-26 18:00:19 ----SHD---- C:\System Volume Information 2014-01-26 01:07:17 ----D---- C:\Program Files\Google 2014-01-25 22:25:37 ----D---- C:\Program Files\Toshiba TEMPRO 2014-01-25 21:51:53 ----SHD---- C:\Windows\Installer 2014-01-25 21:51:25 ----D---- C:\Windows\system32\drivers 2014-01-25 21:50:09 ----D---- C:\Windows\system32\catroot2 2014-01-25 21:44:53 ----D---- C:\ProgramData\Google 2014-01-25 21:16:29 ----RD---- C:\Program Files 2014-01-25 21:15:14 ----D---- C:\Windows 2014-01-25 20:58:36 ----D---- C:\Windows\system32\Tasks 2014-01-25 20:58:36 ----D---- C:\Program Files\Mozilla Firefox 2014-01-25 20:58:33 ----HD---- C:\ProgramData 2014-01-25 20:01:48 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2014-01-25 19:25:35 ----D---- C:\Windows\system32\wbem 2014-01-25 19:24:43 ----D---- C:\Windows\Tasks 2014-01-25 19:24:43 ----D---- C:\Windows\system32\spool 2014-01-25 19:24:43 ----D---- C:\Windows\registration 2014-01-25 18:53:48 ----D---- C:\Windows\Prefetch 2014-01-23 17:56:26 ----D---- C:\Users\Patrickngstar\AppData\Roaming\Azureus 2014-01-16 13:32:31 ----D---- C:\ProgramData\Microsoft Help 2014-01-16 13:31:13 ----D---- C:\Windows\system32\MRT 2014-01-16 13:24:48 ----A---- C:\Windows\system32\mrt.exe 2014-01-08 17:13:19 ----D---- C:\Users\Patrickngstar\AppData\Roaming\Adobe 2014-01-08 17:13:15 ----D---- C:\Program Files\Adobe 2014-01-08 17:13:00 ----D---- C:\Windows\winsxs 2014-01-08 16:12:50 ----D---- C:\Windows\Minidump 2014-01-08 16:01:12 ----D---- C:\Users\Patrickngstar\AppData\Roaming\Skype 2014-01-08 15:54:58 ----D---- C:\Program Files\Common Files 2014-01-08 15:54:48 ----HD---- C:\Program Files\InstallShield Installation Information 2014-01-08 15:52:25 ----D---- C:\Windows\twain_32 2014-01-08 15:45:00 ----D---- C:\Windows\system32\Msdtc 2014-01-08 15:44:02 ----D---- C:\Windows\system32\config 2014-01-08 15:43:52 ----D---- C:\Windows\system32\CodeIntegrity 2014-01-08 15:43:51 ----D---- C:\Program Files\TOSHIBA 2014-01-08 12:35:01 ----D---- C:\Program Files\Common Files\InstallShield 2014-01-08 12:27:24 ----D---- C:\Program Files\Picasa2 2014-01-06 13:24:34 ----D---- C:\Windows\ehome ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-02-11 329752] R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2008-05-07 25896] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-02-23 43872] R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NIS\1501000.012\SYMDS.SYS [2013-08-01 367704] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1501000.012\SYMEFA.SYS [2013-09-27 935512] R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2009-01-27 279376] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640] R1 BHDrvx86;BHDrvx86; \??\C:\Program Files\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140121.001\BHDrvx86.sys [2013-12-18 1098968] R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NIS\1501000.012\ccSetx86.sys [2013-09-26 127064] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2013-11-21 376920] R1 IDSVix86;IDSVix86; \??\C:\Program Files\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140124.001\IDSvix86.sys [2014-01-21 394456] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1501000.012\SRTSPX.SYS [2013-07-31 32344] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1501000.012\Ironx86.SYS [2013-07-31 206936] R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1501000.012\SYMTDIV.SYS [2013-09-26 383576] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-03-20 12920] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-04-21 4491264] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 108120] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-03-30 2350624] R3 NAVENG;NAVENG; \??\C:\Program Files\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140125.005\NAVENG.SYS [2013-10-25 93272] R3 NAVEX15;NAVEX15; \??\C:\Program Files\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140125.005\NAVEX15.SYS [2013-10-25 1612376] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480] R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-03-18 22272] R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-11-11 154272] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-04-24 163840] R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1501000.012\SRTSP.SYS [2013-09-27 651352] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2013-09-11 142936] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-03-20 208688] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2007-12-14 24200] R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 EraserUtilDrv11120;EraserUtilDrv11120; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11120.sys [] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-01-07 15384] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 ovt530;Webcam Classic; C:\Windows\System32\Drivers\ov530vid.sys [2005-03-15 161792] S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-04-08 64000] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-04-21 176128] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 camsvc;TOSHIBA Web Camera Service; C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [2009-04-16 20544] R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [2013-10-08 275696] R2 RosettaStoneDaemon;RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-04-15 1646056] R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [2009-03-23 116104] R2 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-04-01 62776] R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2009-03-30 83312] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-03-06 464224] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-04-24 176128] R2 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD/SSD-waarschuwingsservice; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-03-17 73728] R2 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-04-15 656752] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 553288] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-28 135664] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-28 135664] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-23 194032] S3 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] -----------------EOF----------------- -
Hallo Nadat ik per abuis conduit search op mijn google chrome heb gekregen had ik spy hunter 4 gedownload om het te verwijderen. Ik heb inmiddels het idee dat spy hunter 4 ook niet te vertrouwen is en kan het helaas niet van mijn laptop verwijderd krijgen. Hoe kan ik spyhunter verwijderen? Ik denk dat ik conduit wel kwijt ben omdat als ik nu google chrome open ik geen conduit website meer krijg. Kan iemand mij helpen om spyhunter verwijderen? Bij voorbaat dank Met vriendelijke groet Patrick - - - Updated - - - Goedenavond, Ik ben toch niet van conduit search af, hoe kan ik conduit search EN spyhunter verwijderen van mijn laptop? Alvast bedankt Patrick
-
SweetIm.com virus
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
Okay, alles opgelost. Heel erg bedankt voor jullie hulp! You guys are awesome! -
SweetIm.com virus
patrickngstar reageerde op patrickngstar's topic in Archief Bestrijding malware & virussen
Goedendag, nadat ik het vinkje van de c schijf heb weggehaald, had ik na het aflopen van de stappen weer een vinkje biaangekruisd bij de c schijf, achter het schijfje staat de datum van vandaag 7-1-2013, betekent dit dat het herstelpunt automatisch is aangemaakt voor vandaag?
