cloclo

hierbij mijn logje Logfile of random's system information tool 1.09 (written by random/random) Run by flokke at 2014-05-20 21:26:06 WIN_7 Service Pack 1 System drive C: has 1782 GB (95%) free of 1876 GB Total RAM: 4078 MB (68% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:26:15, on 20/05/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17041) Boot mode: Normal Running processes: C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\flokke\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\flokke.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-21-567849164-2293785916-1661875517-1000\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 (User '?') O4 - HKUS\S-1-5-21-567849164-2293785916-1661875517-1000\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User '?') O4 - HKUS\S-1-5-21-567849164-2293785916-1661875517-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-21-567849164-2293785916-1661875517-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - S-1-5-21-567849164-2293785916-1661875517-1000 Startup: Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk = ? (User '?') O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk = ? O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11249 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\HP Photo Creations Communicator.job =========Mozilla firefox=========

Goede avond, Ik heb een probleem en niet eentje vrees ik.... Om bij het begin te beginnen : - mijn gratis proefversie van AVG was verlopen, dus wilde ik die verwijderen en een nieuwe installeren, toen begonnen de problemen al, want ik kreeg steeds foutmeldingen en kreeg AVG niet volledig verwijderd, mijn pc was niet meer beveiligd... - na vanalles geprobeerd te hebben met AVG removel enzo....wou ik de pc niet onbeveiligd laten en heb ik Microsoft Security Essentials geinstalleerd... - nu zit het volledig mis : audioservice wordt niet uitgevoerd, internet niet verbonden terwijl internet gewoon werkt, mailbox kan ik openen, ik zie de binnengekomen mails maar kan er geen openen, bij start kan ik niks open klikken, kan niet op mijn configuratiescherm, niet op deze computer enzo...ik krijg steeds deze melding : er onvoldoende geheugen beschikbaar om dit te openen...?, als ik op windows update klik krijg ik geen reactie - internet lijkt gewoon te werken, ook mijn zoon kan gewoon zijn game spelen... Ik vrees dat ik er een boeltje van heb gemaakt? Merciekes

Alvast bedankt voor de moeite ;-) Logfile of random's system information tool 1.09 (written by random/random) Run by flokke at 2014-01-14 20:01:02 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 1755 GB (94%) free of 1876 GB Total RAM: 4078 MB (61% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:01:16, on 14/01/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe C:\Program Files\trend micro\flokke.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKUS\S-1-5-21-567849164-2293785916-1661875517-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-567849164-2293785916-1661875517-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - HKUS\S-1-5-21-567849164-2293785916-1661875517-1001\..\RunOnce: [screensaver] C:\Windows\Web\Wallpaper\MEDION\start.vbs (User 'UpdatusUser') O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk = ? O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11724 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=924ec372-3354-4272-b8b9-5c6c38bb2d34 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\e9368d69-a7df-4e3d-ada4-c225eba4ba7e-1dc-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" C:\Windows\system32\IProsetMonitor.exe "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Online Games Manager\ogmservice.exe" --service-run "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 2544 "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2014\avgemca.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8a61cf5d-f532-4b74-a23f-b8f63e516e7d -SystemEventPortName:HostProcess-2c8a2a72-c0c6-41bf-ac0d-73d54e699d30 -IoCancelEventPortName:HostProcess-d81011c7-ae02-40a8-94c9-e7f324c6d2ab -NonStateChangingEventPortName:HostProcess-d7e0a8d2-60a7-488b-acd1-499fbc07da97 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:742a5776-1d2d-45d8-a513-ecb2e6059736 -DeviceGroupId:WpdFsGroup "taskhost.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 "C:\Program Files (x86)\Secunia\PSI\psi_tray.exe" "C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Photosmart 6510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN1C2411DT05QB;CONNECTION=NW;MONITOR=1; "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:\Program Files\HP\HP Photosmart 6510 series\bin\HPNetworkCommunicator.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe" C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=fd065d3e-4d8e-4225-8c0e-51056dace626 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\f4e35b14-8742-4308-96cf-d41cda19c64d-dc0-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files (x86)\Windows Live\Mail\wlmail.exe" "C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "http://www.pc-helpforum.be/f167/juiste-discussie-muis-icoon-blijft-hangen-67415-new/" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3516.151a6f00.852580805 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3516 "\\.\pipe\gecko-crash-server-pipe.3516" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --proxy-stub-channel=Flash3668.606DB990.9262 --host-broker-channel=Flash3668.606DB990.17631 --host-pid=3668 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --channel=6860.0040F368.1451587429 --proxy-stub-channel=Flash3668.606DB990.9262 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --host-npapi-version=27 --type=renderer taskeng.exe {45EA1D02-0C0D-493E-A07C-F14807893BC3} C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 "C:\Users\flokke\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000UA.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HP Photo Creations Communicator.job =========Mozilla firefox========= ProfilePath - C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "https://www.google.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=C:\Windows\system32\Wat\npWatWeb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM] "Description"= "Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5] "Description"=A component of your photo software powered by RocketLife "Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=C:\Windows\system32\Wat\npWatWeb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-28 553376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-15 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-28 211360] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-15 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-09 11613288] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-04-18 39408] "HP Photosmart 6510 series (NET)"=C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2011-09-16 2676584] "Facebook Update"=C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-10 138096] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720] "NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10 49208] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-11-07 4956176] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-11-12 243200] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux5"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "aux6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "aux7"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "aux8"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv "aux9"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-01-14 20:01:02 ----D---- C:\rsit 2013-12-30 13:24:11 ----D---- C:\Program Files (x86)\MyPC Backup 2013-12-30 13:24:01 ----A---- C:\Windows\system32\roboot64.exe 2013-12-30 13:24:00 ----D---- C:\Users\flokke\AppData\Roaming\systweak 2013-12-29 12:56:48 ----D---- C:\ProgramData\McAfee 2013-12-20 11:28:01 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-12-15 11:25:04 ----D---- C:\Windows\Migration 2013-12-15 09:42:47 ----D---- C:\ProgramData\InstallMate ======List of files/folders modified in the last 1 month====== 2014-01-14 20:01:17 ----D---- C:\Windows\Prefetch 2014-01-14 20:01:14 ----D---- C:\Program Files\trend micro 2014-01-14 19:56:05 ----D---- C:\Windows\Temp 2014-01-14 19:52:57 ----D---- C:\Users\flokke\AppData\Roaming\.minecraft 2014-01-14 18:14:36 ----D---- C:\ProgramData\MFAData 2014-01-14 18:05:33 ----D---- C:\Windows\system32\config 2014-01-14 17:05:29 ----D---- C:\Windows\System32 2014-01-14 17:04:41 ----D---- C:\ProgramData\NVIDIA 2014-01-14 14:26:29 ----D---- C:\Windows\system32\wbem 2014-01-14 14:26:29 ----D---- C:\Windows 2014-01-14 14:25:07 ----SHD---- C:\Windows\Installer 2014-01-14 14:25:07 ----D---- C:\Windows\system32\DriverStore 2014-01-14 14:25:07 ----D---- C:\Windows\system32\CodeIntegrity 2014-01-14 14:25:07 ----D---- C:\Windows\system32\catroot2 2014-01-14 14:25:07 ----D---- C:\Windows\inf 2014-01-14 14:25:06 ----D---- C:\Windows\Tasks 2014-01-14 14:25:06 ----D---- C:\Windows\registration 2014-01-14 14:22:47 ----SHD---- C:\System Volume Information 2014-01-13 21:45:38 ----D---- C:\Windows\Minidump 2014-01-13 20:48:29 ----D---- C:\Config.Msi 2014-01-12 21:28:58 ----D---- C:\Windows\SoftwareDistribution 2013-12-30 21:21:11 ----D---- C:\Users\flokke\AppData\Roaming\SoftGrid Client 2013-12-30 13:28:23 ----D---- C:\Windows\system32\Tasks 2013-12-30 13:28:22 ----RD---- C:\Program Files (x86) 2013-12-30 13:26:54 ----D---- C:\ProgramData 2013-12-27 14:33:12 ----D---- C:\Program Files (x86)\Google 2013-12-20 16:17:14 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-12-17 21:10:46 ----D---- C:\Windows\system32\NDF 2013-12-15 11:45:32 ----D---- C:\Windows\Microsoft.NET 2013-12-15 11:28:46 ----RSD---- C:\Windows\assembly 2013-12-15 11:27:50 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-12-15 11:26:59 ----D---- C:\Windows\SysWOW64 2013-12-15 11:26:59 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2013-12-15 11:25:33 ----D---- C:\Windows\SYSWOW64\en-US 2013-12-15 11:25:33 ----D---- C:\Windows\system32\en-US 2013-12-15 11:25:04 ----SD---- C:\ProgramData\Microsoft 2013-12-15 11:23:08 ----D---- C:\Windows\system32\drivers 2013-12-15 11:23:02 ----D---- C:\Windows\system32\catroot ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-10-24 194872] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-05 150808] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-04 240920] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-10-31 212280] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-12-09 2565736] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-12-04 196384] R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] S1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\Users\flokke\AppData\Local\Temp\Rar$EXa0.736\Run\a2ddax64.sys [] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 cpuz136;cpuz136; \??\C:\Users\flokke\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-12-17 315568] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 IAMTVE;Driver for Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTVE.sys [2010-12-17 43416] S3 IAMTXPE;Driver for Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTXPE.sys [2010-12-17 51096] S3 ioatdma1;ioatdma1; C:\Windows\System32\Drivers\qd162x64.sys [2010-12-17 40144] S3 ioatdma2;Intel® QuickData Technology device ver.2; C:\Windows\System32\Drivers\qd262x64.sys [2010-12-17 42192] S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw64e.sys [2010-10-28 32936] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-10-25 164008] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-28 1364256] R2 ogmservice;Online Games Manager; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [2013-08-08 559552] R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 136176] S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-28 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-10 1255736] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------

Goede middag, sedert een tweetal dagen hapert mijn pc.....muis icoon blijft hangen soms als pijl, soms handje, soms stokje of stilstaan draaiicoontje.... na paar seconden kan ik weer verder...zeer vervelend, wat is er aan de hand? Merciekes, Claudia.

lol....vandaag toch nen wandelingske gemaakt hoor.....dan misschien nog nen dansje Adobe en flash player updates, dat verloopt hier niet altijd zoals het hoort ....en ik ben altijd flink achter den pc maar ja ik ben hier niet de enige in huis ... Nog een prettige zondagavond en supermerci!

wat zou ik doen zonder jullie..... kan ik die rommel op één of andere manier buiten houden? Zoek.exe Version 4.0.0.5 Updated 30-November-2013 Tool run by flokke on zo 01/12/2013 at 20:23:19,85. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\flokke\AppData\Local\Temp\Rar$EXa0.998\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-30-091426.log 22465 bytes C:\zoek-results2013-11-30-182015.log 4778 bytes ==== Deleting Files \ Folders ====================== C:\Windows\SysNative\tasks\0 deleted ==== EOF on zo 01/12/2013 at 20:24:02,62 ====================== Merciekes

Het is hier al terug een stuk rustiger Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by flokke on za 30/11/2013 at 19:09:18,45. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\flokke\AppData\Local\Temp\Rar$EXa0.080\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-30-091426.log 22465 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Windows\SysWOW64\CN1C2411DT05QB deleted C:\Windows\SysNative\tasks\4817 deleted ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default EE8D96E7899D12FC3AA5DB2034C0853C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll - Shockwave Flash 0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director F65284ABAC78410D561587F7C66043BA - C:\Users\flokke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\flokke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin EFC5F7D71CF84407ABEE5412AAD79153 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {5466DBE2-C698-46BA-B9C5-FDB0FF4E6EFD} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\flokke\AppData\Local\Mozilla\Firefox\Profiles\7oos7kup.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\flokke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 30/11/2013 at 19:20:15,12 ======================

Goedemorgen ! Hier is het logje, bedankt Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by flokke on za 30/11/2013 at 10:00:43,81. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\flokke\AppData\Local\Temp\Rar$EXa0.070\zoek.exe [script inserted] ==== System Restore Info ====================== 30/11/2013 10:02:01 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\found.000 deleted C:\Users\flokke\Downloads\avg_free_stb_all_2014_4116_cnet.exe deleted C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\jetpack deleted "C:\DelFix.txt" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP\WiseCustomCall.dll" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP\WiseCustomCalla.dll" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP\WiseCustomCalla2.dll" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP\WiseCustomCalla21.dll" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP\WiseCustomCalla31.exe" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP\WiseCustomCalla32.dll" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP\WiseCustomCalla33.dll" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP\WiseCustomCalla34.dll" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP\WiseCustomCalla37.dll" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP\WiseCustomCalla37.exe" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP\WiseData.ini" deleted "C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\flokke\AppData\Local\Temp ==== 2013-11-29 20:55:38 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\flokke\AppData\Local\Temp\ESGScanner.sys 2013-11-29 20:53:29 883DFC791AAF1298FCFC2BCF5471BBFC 46777424 ----a-w- C:\Users\flokke\AppData\Local\Temp\SHSetup.exe 2013-11-29 10:36:09 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel1.exe 2013-11-29 10:35:43 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel0.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2013-11-26 15:46:38 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\CN1C2411DT05QB ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-11-13 12:04:18 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-11-13 12:04:10 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2013-11-13 12:04:10 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2013-11-13 12:04:10 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2013-11-05 20:55:48 27CA53E91543B800E16129BCEC3247AD 150808 ----a-w- C:\Windows\Sysnative\drivers\avgdiska.sys 2013-11-04 20:52:42 57250DDDE2523115D0927DBBA745F9FA 240920 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys 2013-10-31 22:00:18 4BE8BB177B4C2BC3564845EF6D1073F1 212280 ----a-w- C:\Windows\Sysnative\drivers\avgldx64.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\flokke\AppData\Roaming ====== 2013-11-02 10:07:06 -------- d-----w- C:\Users\flokke\AppData\Roaming\NVIDIA 2013-11-02 08:58:58 -------- d-s---w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft 2013-11-02 08:58:58 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\TuneUp Software 2013-11-02 08:58:58 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs 2013-11-02 08:58:58 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp 2013-11-02 08:58:58 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft 2013-11-02 08:58:58 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-11-02 08:58:58 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories ====== C:\Users\flokke ====== 2013-11-29 21:29:50 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\flokke\Downloads\RSITx64.exe 2013-11-29 15:42:20 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(93).exe 2013-11-28 16:21:39 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(92).exe 2013-11-27 15:38:13 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(91).exe 2013-11-27 12:37:20 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(90).exe 2013-11-26 17:26:03 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(89).exe 2013-11-26 15:46:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2013-11-25 17:33:35 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(88).exe 2013-11-24 08:54:25 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(87).exe 2013-11-23 08:46:14 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(86).exe 2013-11-22 15:18:09 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(85).exe 2013-11-21 21:19:01 8141DC2382882BD14BE556D7CA8650C3 4779896 ----a-w- C:\Users\flokke\Downloads\spsetup124.exe 2013-11-21 18:03:09 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(84).exe 2013-11-21 16:11:46 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(83).exe 2013-11-20 13:15:57 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(82).exe 2013-11-19 17:51:07 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(81).exe 2013-11-18 16:22:30 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(80).exe 2013-11-18 16:00:51 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(79).exe 2013-11-17 17:37:17 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(78).exe 2013-11-17 17:05:50 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(77).exe 2013-11-17 16:51:50 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(76).exe 2013-11-17 16:44:59 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(75).exe 2013-11-17 12:54:29 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(74).exe 2013-11-17 12:53:39 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(73).exe 2013-11-17 12:52:49 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(72).exe 2013-11-17 12:51:30 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(71).exe 2013-11-17 10:17:29 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(70).exe 2013-11-16 16:46:32 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(69).exe 2013-11-16 11:38:54 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(68).exe 2013-11-16 10:46:01 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(67).exe 2013-11-16 09:47:59 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(66).exe 2013-11-02 09:02:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2013-11-02 08:59:00 -------- d-----w- C:\Users\UpdatusUser\Searches 2013-11-02 08:59:00 -------- d-----w- C:\Users\UpdatusUser\Contacts 2013-11-02 08:58:59 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\UpdatusUser\ntuser.ini 2013-11-02 08:58:58 -------- d--h--w- C:\Users\UpdatusUser\AppData 2013-11-02 08:58:58 -------- d-----w- C:\Users\UpdatusUser\Saved Games 2013-11-02 08:58:58 -------- d-----w- C:\Users\UpdatusUser\Favorites 2013-11-02 08:58:58 -------- d-----r- C:\Users\UpdatusUser\Videos 2013-11-02 08:58:58 -------- d-----r- C:\Users\UpdatusUser\Pictures 2013-11-02 08:58:58 -------- d-----r- C:\Users\UpdatusUser\Music 2013-11-02 08:58:58 -------- d-----r- C:\Users\UpdatusUser\Links 2013-11-02 08:58:58 -------- d-----r- C:\Users\UpdatusUser\Downloads 2013-11-02 08:58:58 -------- d-----r- C:\Users\UpdatusUser\Documents 2013-11-02 08:58:58 -------- d-----r- C:\Users\UpdatusUser\Desktop ====== C: exe-files == 2013-11-30 08:48:16 B762E10CFD63788897ABC11FEACBF648 17579008 ----a-w- C:\Program Files (x86)\Secunia\PSI\SUA\0a2bb793b17eb17cb6f38b9316bb53504cb86de2\AdobeFlashPlayer_11.9.900.152_ActiveX_SPS.exe 2013-11-29 21:29:50 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\flokke\Downloads\RSITx64.exe 2013-11-29 20:53:29 883DFC791AAF1298FCFC2BCF5471BBFC 46777424 ----a-w- C:\Users\flokke\AppData\Local\Temp\SHSetup.exe 2013-11-29 15:42:20 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(93).exe 2013-11-29 10:36:09 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel1.exe 2013-11-29 10:35:43 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel0.exe 2013-11-28 16:21:39 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(92).exe 2013-11-27 15:38:13 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(91).exe 2013-11-27 12:37:20 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(90).exe 2013-11-26 20:46:02 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdateBroker.exe 2013-11-26 20:46:02 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe 2013-11-26 20:46:01 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdateSetup.exe 2013-11-26 20:45:54 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe 2013-11-26 20:45:54 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdate.exe 2013-11-26 20:45:54 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe 2013-11-26 20:45:53 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe 2013-11-26 17:26:03 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(89).exe 2013-11-26 15:42:13 1616A89B0034F53FC6760B9DB7185B33 5927000 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe 2013-11-25 17:33:35 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(88).exe 2013-11-24 08:54:25 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\flokke\Downloads\Minecraft(87).exe === C: other files == 2013-11-29 20:55:38 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\flokke\AppData\Local\Temp\ESGScanner.sys 2013-11-29 19:32:09 B96CD658416258438C702A5764FE32B9 15258893 ----a-w- C:\Users\flokke\Downloads\Tutorial World II E26.zip 2013-11-27 14:58:57 614EB3EFE41950A6113DA3AE69269A66 276372 ----a-w- C:\Users\flokke\Downloads\ASKRemover.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "HP Photosmart 6510 series (NET)"="C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1C2411DT05QB:NW -scfn HP Photosmart 6510 series (NET) -AutoStart 1" "Facebook Update"="C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" [HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "HP Photosmart 6510 series (NET)"="C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1C2411DT05QB:NW -scfn HP Photosmart 6510 series (NET) -AutoStart 1" "Facebook Update"="C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Folders ====================== 2012-09-24 15:24:57 1948 ----a-w- C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk 2012-12-04 20:37:19 1110 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [27/11/2013 10:52] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000Core.job --a------ C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe [10/07/2013 10:43] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000UA.job --a------ C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe [10/07/2013 10:43] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/04/2012 20:02] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ [undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\0" [c:\program files (x86)\internet explorer\iexplore.exe] "C:\Windows\SysNative\tasks\4817" [wscript.exe C:\Users\flokke\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000Core" [C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000UA" [C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Photosmart 6510 series" ["C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\hpUrlLauncher.exe_{96523FDB-4FBC-42A6-BC18-9CEA9B80C9B2}" [C:\Program Files\HP\HP Photosmart 6510 series\Bin\utils\hpUrlLauncher.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{29DE0AE2-80F1-4CED-B4CB-18858F17747E}" [C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE] "C:\Windows\SysNative\tasks\{60668BEB-9C5F-4427-909B-EB7ADA4FBA58}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{79D74106-25E6-462C-B5C9-DAE5F358E473}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{9C3120A3-DAD5-4671-92A2-54510621BF05}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default - PutLocker Downloader - %ProfilePath%\extensions\ptl@ptl.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default EE8D96E7899D12FC3AA5DB2034C0853C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll - Shockwave Flash 0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director F65284ABAC78410D561587F7C66043BA - C:\Users\flokke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\flokke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin EFC5F7D71CF84407ABEE5412AAD79153 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies ==== Deleted Firefox Extensions ====================== C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\extensions\ptl@ptl.com.xpi deleted ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {5466DBE2-C698-46BA-B9C5-FDB0FF4E6EFD} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\flokke\AppData\Local\Mozilla\Firefox\Profiles\7oos7kup.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\flokke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 30/11/2013 at 10:14:26,62 ======================

Sedert deze avond zit het weer niet pluis op mijn pc! constant popups, bij alles wat ik intik word ik overspoeld met allerhande rommel... Heb alvast een logje gemaakt, bedankt hoor Logfile of random's system information tool 1.09 (written by random/random) Run by flokke at 2013-11-29 22:30:01 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 1769 GB (94%) free of 1876 GB Total RAM: 4078 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:30:08, on 29/11/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe C:\Program Files\trend micro\flokke.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKUS\S-1-5-21-567849164-2293785916-1661875517-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-567849164-2293785916-1661875517-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - HKUS\S-1-5-21-567849164-2293785916-1661875517-1001\..\RunOnce: [screensaver] C:\Windows\Web\Wallpaper\MEDION\start.vbs (User 'UpdatusUser') O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk = ? O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11614 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=2e4bfa1d-eb9f-4c08-93ee-6078be651f66 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\ba9d314b-8b4f-4252-8d9a-e26cfe2c9168-1dc-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" C:\Windows\system32\IProsetMonitor.exe "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Online Games Manager\ogmservice.exe" --service-run "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 2620 "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2014\avgemca.exe" "taskhost.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d161a585-f83a-4bba-93aa-05066bed877d -SystemEventPortName:HostProcess-6eb6345f-2d18-44e2-b898-33c9b604ca4f -IoCancelEventPortName:HostProcess-e911e4c1-2b68-43b4-9c71-b4827232ee2a -NonStateChangingEventPortName:HostProcess-4ce92570-d6e0-4a4f-b908-ddfd1b3fbf9d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bb989a31-ec42-4133-a66a-3b56baef9a38 -DeviceGroupId:WpdFsGroup "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 "C:\Program Files (x86)\Secunia\PSI\psi_tray.exe" "C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Photosmart 6510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN1C2411DT05QB;CONNECTION=NW;MONITOR=1; "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5744.19e4c500.1244093504 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5744 "\\.\pipe\gecko-crash-server-pipe.5744" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe" --proxy-stub-channel=Flash6108.6773DC68.14581 --host-broker-channel=Flash6108.6773DC68.20078 --host-pid=6108 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe" --channel=280.0036F604.595122237 --proxy-stub-channel=Flash6108.6773DC68.14581 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll" --host-npapi-version=27 --type=renderer C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 "C:\Users\flokke\Downloads\RSITx64.exe" taskeng.exe {2D15CFC1-2B87-41BD-B49A-1980307F7B52} C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} "C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000UA.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HP Photo Creations Communicator.job =========Mozilla firefox========= ProfilePath - C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default prefs.js - "browser.search.useDBForOrder" - true [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.152 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=C:\Windows\system32\Wat\npWatWeb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM] "Description"= "Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5] "Description"=A component of your photo software powered by RocketLife "Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.152 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=C:\Windows\system32\Wat\npWatWeb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-28 553376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-10 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-28 211360] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-10 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-09 11613288] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-04-18 39408] "HP Photosmart 6510 series (NET)"=C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2011-09-16 2676584] "Facebook Update"=C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-10 138096] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720] "NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10 49208] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-11-07 4956176] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-11-12 243200] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux5"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "aux6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "aux7"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "aux8"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv "aux9"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2013-11-29 22:30:01 ----D---- C:\rsit 2013-11-29 22:20:02 ----A---- C:\DelFix.txt 2013-11-29 21:54:04 ----D---- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP 2013-11-16 13:54:31 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-11-13 13:04:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-11-13 13:04:20 ----A---- C:\Windows\system32\crypt32.dll 2013-11-13 13:04:18 ----A---- C:\Windows\system32\drivers\afd.sys 2013-11-13 13:04:17 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll 2013-11-13 13:04:17 ----A---- C:\Windows\SYSWOW64\credui.dll 2013-11-13 13:04:17 ----A---- C:\Windows\SYSWOW64\authui.dll 2013-11-13 13:04:17 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-13 13:04:17 ----A---- C:\Windows\system32\credui.dll 2013-11-13 13:04:17 ----A---- C:\Windows\system32\authui.dll 2013-11-13 13:04:10 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2013-11-13 13:04:10 ----A---- C:\Windows\SYSWOW64\secur32.dll 2013-11-13 13:04:10 ----A---- C:\Windows\SYSWOW64\schannel.dll 2013-11-13 13:04:10 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2013-11-13 13:04:10 ----A---- C:\Windows\system32\sspisrv.dll 2013-11-13 13:04:10 ----A---- C:\Windows\system32\sspicli.dll 2013-11-13 13:04:10 ----A---- C:\Windows\system32\secur32.dll 2013-11-13 13:04:10 ----A---- C:\Windows\system32\schannel.dll 2013-11-13 13:04:10 ----A---- C:\Windows\system32\ncrypt.dll 2013-11-13 13:04:10 ----A---- C:\Windows\system32\lsass.exe 2013-11-13 13:04:10 ----A---- C:\Windows\system32\lsasrv.dll 2013-11-13 13:04:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2013-11-13 13:04:10 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2013-11-13 13:04:10 ----A---- C:\Windows\system32\drivers\cng.sys 2013-11-13 13:04:09 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2013-11-13 13:04:09 ----A---- C:\Windows\system32\gdi32.dll 2013-11-13 13:04:08 ----A---- C:\Windows\SYSWOW64\nshwfp.dll 2013-11-13 13:04:08 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL 2013-11-13 13:04:08 ----A---- C:\Windows\system32\nshwfp.dll 2013-11-13 13:04:08 ----A---- C:\Windows\system32\IKEEXT.DLL 2013-11-13 13:04:08 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2013-11-12 21:51:11 ----A---- C:\Windows\system32\IEUDINIT.EXE 2013-11-12 21:47:44 ----A---- C:\Windows\SYSWOW64\elshyph.dll 2013-11-12 21:47:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-12 21:47:41 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-11-12 21:47:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-11-12 21:47:41 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-11-12 21:47:41 ----A---- C:\Windows\SYSWOW64\msrating.dll 2013-11-12 21:47:41 ----A---- C:\Windows\SYSWOW64\msls31.dll 2013-11-12 21:47:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-11-12 21:47:41 ----A---- C:\Windows\SYSWOW64\jsIntl.dll 2013-11-12 21:47:41 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-11-12 21:47:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-11-12 21:47:41 ----A---- C:\Windows\system32\elshyph.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\wextract.exe 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\webcheck.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\url.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\pngfilt.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\occache.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\mshta.exe 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\licmgr10.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\inseng.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\imgutil.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\iexpress.exe 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\iepeers.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\icardie.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2013-11-12 21:47:40 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2013-11-12 21:47:39 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe 2013-11-12 21:47:39 ----A---- C:\Windows\SYSWOW64\mshtmler.dll 2013-11-12 21:47:39 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe 2013-11-12 21:47:39 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll 2013-11-12 21:47:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2013-11-12 21:47:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-11-12 21:47:39 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-11-12 21:47:39 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\wininet.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\urlmon.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2013-11-12 21:47:39 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-12 21:47:39 ----A---- C:\Windows\system32\msrating.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\msls31.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\mshtmler.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\msfeedssync.exe 2013-11-12 21:47:39 ----A---- C:\Windows\system32\msfeedsbs.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\jsproxy.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\jsIntl.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\jscript9diag.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\jscript9.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\ieui.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\iesysprep.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\iertutil.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\ieframe.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\ieapfltr.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\ieapfltr.dat 2013-11-12 21:47:39 ----A---- C:\Windows\system32\IEAdvpack.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\dxtrans.dll 2013-11-12 21:47:39 ----A---- C:\Windows\system32\dxtmsft.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\wextract.exe 2013-11-12 21:47:38 ----A---- C:\Windows\system32\webcheck.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\vbscript.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\url.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\pngfilt.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\occache.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\mshtmlmedia.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\mshtmled.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\MshtmlDac.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\mshtml.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\mshta.exe 2013-11-12 21:47:38 ----A---- C:\Windows\system32\msfeeds.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\licmgr10.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\jscript.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\inseng.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\imgutil.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\iexpress.exe 2013-11-12 21:47:38 ----A---- C:\Windows\system32\ieUnatt.exe 2013-11-12 21:47:38 ----A---- C:\Windows\system32\iesetup.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\iernonce.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\iepeers.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\ieetwproxystub.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\ieetwcollector.exe 2013-11-12 21:47:38 ----A---- C:\Windows\system32\iedkcs32.dll 2013-11-12 21:47:38 ----A---- C:\Windows\system32\ie4uinit.exe 2013-11-12 21:47:38 ----A---- C:\Windows\system32\icardie.dll 2013-11-05 21:55:48 ----A---- C:\Windows\system32\drivers\avgdiska.sys 2013-11-04 21:52:42 ----A---- C:\Windows\system32\drivers\avgidsdrivera.sys 2013-11-02 11:07:06 ----D---- C:\Users\flokke\AppData\Roaming\NVIDIA 2013-10-31 23:00:18 ----A---- C:\Windows\system32\drivers\avgldx64.sys 2013-10-31 22:49:46 ----A---- C:\Windows\system32\drivers\avgloga.sys ======List of files/folders modified in the last 1 month====== 2013-11-29 22:30:08 ----D---- C:\Program Files\trend micro 2013-11-29 22:29:43 ----D---- C:\Windows\Temp 2013-11-29 22:28:27 ----D---- C:\Windows\system32\config 2013-11-29 22:23:17 ----D---- C:\Windows\inf 2013-11-29 22:23:17 ----D---- C:\Windows 2013-11-29 22:21:35 ----SHD---- C:\System Volume Information 2013-11-29 22:14:36 ----D---- C:\ProgramData\NVIDIA 2013-11-29 22:14:30 ----D---- C:\Config.Msi 2013-11-29 22:12:51 ----D---- C:\ProgramData 2013-11-29 22:03:58 ----SHD---- C:\Windows\Installer 2013-11-29 22:03:57 ----D---- C:\Windows\system32\Tasks 2013-11-29 22:03:07 ----D---- C:\Windows\system32\drivers 2013-11-29 21:55:44 ----D---- C:\Windows\Prefetch 2013-11-29 20:46:58 ----RD---- C:\Program Files 2013-11-29 20:34:23 ----D---- C:\Users\flokke\AppData\Roaming\.minecraft 2013-11-29 18:32:21 ----D---- C:\ProgramData\MFAData 2013-11-28 22:01:10 ----D---- C:\Users\flokke\AppData\Roaming\SoftGrid Client 2013-11-28 16:51:38 ----D---- C:\Windows\Minidump 2013-11-27 16:34:49 ----RD---- C:\Program Files (x86) 2013-11-27 10:52:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-11-26 16:46:38 ----D---- C:\Windows\SysWOW64 2013-11-26 16:38:35 ----D---- C:\Windows\System32 2013-11-24 17:39:53 ----D---- C:\Windows\system32\catroot2 2013-11-21 19:04:46 ----D---- C:\Windows\SoftwareDistribution 2013-11-20 18:37:05 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-11-17 00:40:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-13 18:09:13 ----D---- C:\Windows\Panther 2013-11-13 18:09:12 ----D---- C:\Windows\Logs 2013-11-13 18:09:12 ----D---- C:\Windows\debug 2013-11-13 17:15:04 ----D---- C:\Windows\rescache 2013-11-13 13:32:20 ----D---- C:\Windows\winsxs 2013-11-13 13:30:06 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-11-13 13:30:06 ----D---- C:\Windows\system32\nl-NL 2013-11-13 13:21:46 ----D---- C:\Windows\system32\catroot 2013-11-13 13:21:36 ----D---- C:\Windows\system32\MRT 2013-11-13 13:20:12 ----A---- C:\Windows\system32\MRT.exe 2013-11-13 11:07:32 ----D---- C:\Program Files (x86)\Internet Explorer 2013-11-13 11:07:30 ----D---- C:\Program Files\Internet Explorer 2013-11-13 11:07:28 ----D---- C:\Windows\SYSWOW64\migration 2013-11-13 11:07:27 ----D---- C:\Windows\SYSWOW64\en-US 2013-11-13 11:07:22 ----D---- C:\Windows\PolicyDefinitions 2013-11-13 11:07:21 ----D---- C:\Windows\system32\migration 2013-11-13 11:07:21 ----D---- C:\Windows\system32\en-US 2013-11-09 21:46:12 ----D---- C:\Program Files\CCleaner 2013-11-02 09:58:58 ----RD---- C:\Users 2013-11-02 09:58:57 ----D---- C:\Program Files\NVIDIA Corporation 2013-11-02 09:58:57 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2013-11-02 09:58:49 ----D---- C:\ProgramData\NVIDIA Corporation 2013-11-02 09:57:08 ----D---- C:\Windows\system32\DriverStore ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-10-24 194872] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-05 150808] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-04 240920] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-10-31 212280] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-12-09 2565736] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-18 189288] R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288] S1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\Users\flokke\AppData\Local\Temp\Rar$EXa0.736\Run\a2ddax64.sys [] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 cpuz136;cpuz136; \??\C:\Users\flokke\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-12-17 315568] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 IAMTVE;Driver for Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTVE.sys [2010-12-17 43416] S3 IAMTXPE;Driver for Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTXPE.sys [2010-12-17 51096] S3 ioatdma1;ioatdma1; C:\Windows\System32\Drivers\qd162x64.sys [2010-12-17 40144] S3 ioatdma2;Intel® QuickData Technology device ver.2; C:\Windows\System32\Drivers\qd262x64.sys [2010-12-17 42192] S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw64e.sys [2010-10-28 32936] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-10-25 164008] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-28 1364256] R2 ogmservice;Online Games Manager; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [2013-08-08 559552] R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736] R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-27 257416] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-28 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-12 111616] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-10 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------

Beste kape, het ziet er goe uit hoor... kan ik deze problemen vermijden?? Bedankt!

Alvast bedankt....ziet er al stukken beter uit! Zoek.exe Version 4.0.0.4 Updated 31-08-2013 Tool run by flokke on zo 01/09/2013 at 19:58:43,50. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\flokke\AppData\Local\Temp\Rar$EXa0.133\zoek.exe [script inserted] [Checkboxes used] ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\jetpack" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default - PutLocker Downloader - %ProfilePath%\extensions\ptl@ptl.com.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default 0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.16 F65284ABAC78410D561587F7C66043BA - C:\Users\flokke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\flokke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director 3D3CAF586124C4E8102764C8B3063BB6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director EFC5F7D71CF84407ABEE5412AAD79153 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {5466DBE2-C698-46BA-B9C5-FDB0FF4E6EFD} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\users\flokke\AppData\Local\Mozilla\Firefox\Profiles\7oos7kup.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\flokke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\flokke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 01/09/2013 at 20:03:50,33 ======================

eerste logje dan toch terug gevonden ergens in quarantaine? xD # AdwCleaner v3.001 - Report created 31/08/2013 at 18:32:10 # Updated 24/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : flokke - FLOKKE-PC # Running from : C:\Users\flokke\Downloads\adwcleaner(1).exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\END File Found : C:\Program Files (x86)\Mozilla Firefox\user.js File Found : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\searchplugins\Askcom.xml File Found : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\user.js File Found : C:\Windows\System32\roboot64.exe Folder Found : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel Folder Found : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Folder Found : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Folder Found C:\Program Files (x86)\Common Files\337 Folder Found C:\Program Files (x86)\Conduit Folder Found C:\Program Files (x86)\FreezbGames Folder Found C:\Program Files (x86)\Protected Search Folder Found C:\Program Files (x86)\Red Sky Folder Found C:\ProgramData\Ask Folder Found C:\ProgramData\Babylon Folder Found C:\ProgramData\boost_interprocess Folder Found C:\ProgramData\eSafe Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder Folder Found C:\ProgramData\Partner Folder Found C:\ProgramData\Trymedia Folder Found C:\Users\flokke\AppData\Local\Conduit Folder Found C:\Users\flokke\AppData\Local\cool_mirage Folder Found C:\Users\flokke\AppData\Local\DownTango Folder Found C:\Users\flokke\AppData\Local\Ilivid Player Folder Found C:\Users\flokke\AppData\Local\Temp\eIntaller Folder Found C:\Users\flokke\AppData\LocalLow\Conduit Folder Found C:\Users\flokke\AppData\LocalLow\FreezbGames Folder Found C:\Users\flokke\AppData\LocalLow\PriceGong Folder Found C:\Users\flokke\AppData\LocalLow\searchquband Folder Found C:\Users\flokke\AppData\LocalLow\SimplyTech Folder Found C:\Users\flokke\AppData\LocalLow\Softonic Folder Found C:\Users\flokke\AppData\Roaming\Media Finder Folder Found C:\Users\flokke\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com Folder Found C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\jetpack Folder Found C:\Users\flokke\AppData\Roaming\Systweak ***** [ Shortcuts ] ***** Shortcut Found : C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 ) Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 ) Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 ) Shortcut Found : C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 ) Shortcut Found : C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 ) Shortcut Found : C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 ) Shortcut Found : C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 ) ***** [ Registry ] ***** Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 Key Found : HKCU\Software\1ClickDownload Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\Crossrider Key Found : HKCU\Software\AppDataLow\Software\FreezbGames Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\Blabbers Key Found : HKCU\Software\BrowserCompanion Key Found : HKCU\Software\IGearSettings Key Found : HKCU\Software\MediaFinder Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{55D7C7BC-12A7-4F9B-81C0-600D9A182395} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{55D7C7BC-12A7-4F9B-81C0-600D9A182395} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C522512A-9C2C-4DE5-9F63-976B560FEF14} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\Softonic Key Found : [x64] HKCU\Software\1ClickDownload Key Found : [x64] HKCU\Software\Blabbers Key Found : [x64] HKCU\Software\BrowserCompanion Key Found : [x64] HKCU\Software\IGearSettings Key Found : [x64] HKCU\Software\MediaFinder Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Found : [x64] HKCU\Software\Softonic Key Found : HKLM\Software\Babylon Key Found : HKLM\Software\BrowserCompanion Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKLM\SOFTWARE\Classes\CLSID\{55D7C7BC-12A7-4F9B-81C0-600D9A182395} Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{99208DAB-EE64-4DC9-8340-497DA472A062} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\MF Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\PutLockerDownloader Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\Desksvc Key Found : HKLM\Software\FreezbGames Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D240C25-B824-403D-BDCD-F8836B7A9EF7} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{728A9D16-E497-4C9F-ADEB-EF413C7FCB54} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-server_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-server_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft (1)_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft (1)_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft-server_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft-server_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_nero-kwikmedia_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_nero-kwikmedia_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55D7C7BC-12A7-4F9B-81C0-600D9A182395} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99208DAB-EE64-4DC9-8340-497DA472A062} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreezbGames Toolbar Key Found : HKLM\Software\qvo6Software Key Found : HKLM\Software\systweak Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [backup.old.Start Page] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{55D7C7BC-12A7-4F9B-81C0-600D9A182395}] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{55D7C7BC-12A7-4F9B-81C0-600D9A182395}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{55D7C7BC-12A7-4F9B-81C0-600D9A182395}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{55D7C7BC-12A7-4F9B-81C0-600D9A182395}] Value Found : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1] ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [backup.Old.Start Page] - hxxp://search.babylon.com/?affID=113480&tt=010812_hpdel_3112_4&babsrc=HP_ss&mntrId=ca8fa289000000000000485d60cef418 Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=hp&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=hp&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=hp&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [start Page] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [search Bar] - hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [search Page] - hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [start Page] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [search Bar] - hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [search Page] - hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s -\\ Mozilla Firefox v23.0.1 (nl) [ File : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\prefs.js ] Line Found : user_pref("browser.search.defaultenginename", "qvo6"); Line Found : user_pref("browser.search.order.1", "qvo6"); Line Found : user_pref("browser.search.selectedEngine", "qvo6"); Line Found : user_pref("browser.startup.homepage", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=hp&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852"); Line Found : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\AVG\\\\AVG2012\\\\Firefox4\[...] -\\ Google Chrome v [ File : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\preferences ] Found : homepage ************************* AdwCleaner[R0].txt - [18613 octets] - [30/08/2013 20:52:00] AdwCleaner[R1].txt - [18674 octets] - [30/08/2013 20:53:14] AdwCleaner[R2].txt - [18173 octets] - [31/08/2013 18:32:10] ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [18234 octets] ##########

logje na de zoek.zip....adw cleaner eerst opnieuw draaien.....logje kwijt en vind ook niet terug via linkje....of is de volgorde heel belangrijk?? Bedankt. Zoek.exe Version 4.0.0.4 Updated 31-08-2013 Tool run by flokke on za 31/08/2013 at 18:43:18,28. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\flokke\AppData\Local\Temp\Rar$EXa0.784\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 31/08/2013 18:45:38 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\SearchScopes\{84FC3FF9-4D6D-4839-A971-E88D0E5D4D1B} deleted successfully HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9C3D7599-A3B8-4C55-B942-8BD8596EAB75} deleted successfully HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9F79FBFF-3E40-4E57-AF4C-4CB6FC22E4C4} deleted successfully HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CBE17A83-0474-41D8-82DB-EFB9ECB791AD} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{22dfbf5b-a7cd-4b25-9471-3dc68c71855f} deleted successfully HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{22dfbf5b-a7cd-4b25-9471-3dc68c71855f} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\prefs.js: user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default user.js not found ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- Lines browser.startup.page modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20133108_1848_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55d7c7bc-12a7-4f9b-81c0-600d9a182395}] ==== Deleting Files \ Folders ====================== "C:\Program Files (x86)\FreezbGames" not found "C:\ProgramData\eSafe" not found "C:\Program Files (x86)\Media Finder" not found "C:\user.js" deleted "C:\Users\flokke\Downloads\SoftonicDownloader_voor_minecraft (1).exe" deleted "C:\Users\flokke\Downloads\SoftonicDownloader_voor_minecraft.exe" deleted "C:\Users\flokke\Downloads\SoftonicDownloader_voor_nero-kwikmedia.exe" deleted "C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted "C:\user.js" deleted "C:\Windows\Launcher.exe" deleted "C:\Users\flokke\AppData\LocalLow\DataMngr" deleted "C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted "C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\jetpack" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-08-31 16:36:04 DE920917C435BE2D92A99F523890AD5B 230391230 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\flokke\AppData\Local\Temp ==== 2013-08-30 18:57:11 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\flokke\AppData\Local\Temp\ESGScanner.sys 2013-08-30 18:55:56 9FF765D961D3C51E709781AA4061C5BB 46974032 ----a-w- C:\Users\flokke\AppData\Local\Temp\SHSetup.exe 2013-08-30 17:02:08 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel4.exe 2013-08-30 17:02:08 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel3.exe 2013-08-30 14:20:22 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel2.exe 2013-08-30 14:20:21 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel1.exe 2013-08-30 14:20:13 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel0.exe 2013-08-21 10:20:01 D07444BDB22757545CD2FA91654F2FD0 328019 ----a-w- C:\Users\flokke\AppData\Local\Temp\Quarantine.exe ====== C:\Windows\SysWOW64 ===== 2013-08-30 20:13:17 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-30 20:13:16 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-30 20:13:16 528D298F9914C558EA7A9809BE598E65 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2013-08-30 20:13:15 77F5D2CB80697EB96C45E79A869A6FAC 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-08-30 20:13:15 4E77948A7BD16BA5724EC79C60176B03 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-08-30 20:13:14 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-08-30 20:13:14 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-08-30 20:13:14 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-08-27 15:35:26 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-08-27 15:35:25 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-08-27 15:35:25 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-08-27 15:35:24 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-08-27 15:35:24 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-27 15:35:24 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-08-27 15:35:24 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-08-27 15:35:23 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-08-27 15:35:23 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-08-27 15:35:22 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-08-27 15:35:21 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-08-27 15:35:21 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-08-27 15:35:20 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-08-27 15:35:19 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-08-27 15:35:16 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-08-27 09:09:02 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2013-08-27 09:09:02 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2013-08-27 09:09:02 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2013-08-27 09:09:02 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2013-08-27 09:08:58 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2013-08-27 09:08:51 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-27 09:08:50 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-08-30 20:13:16 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-08-30 20:13:16 8E45DD84F8F786B2DB94AD95225B9246 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll 2013-08-30 20:13:15 D6180FBBADA79BC28E5FD8187EBE7F64 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2013-08-27 15:35:26 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-08-27 15:35:25 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-08-27 15:35:24 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-08-27 15:35:24 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-08-27 15:35:24 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-08-27 15:35:24 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-08-27 15:35:24 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-08-27 15:35:24 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe 2013-08-27 15:35:23 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-08-27 15:35:23 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-08-27 15:35:22 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-08-27 15:35:21 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-08-27 15:35:21 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-08-27 15:35:20 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-08-27 15:35:18 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-08-27 15:35:18 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-08-27 09:09:02 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2013-08-27 09:09:02 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll 2013-08-27 09:09:02 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2013-08-27 09:09:02 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll 2013-08-27 09:08:58 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2013-08-27 09:08:51 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL 2013-08-27 09:08:50 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll ====== C:\Windows\Sysnative\drivers ===== 2013-08-27 09:08:50 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-08-27 09:08:50 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-30 19:52:51 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== ======= C: ===== 2013-08-30 18:58:09 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\flokke\AppData\Roaming ====== 2013-08-27 17:10:33 -------- d-----w- C:\users\flokke\AppData\Local\MFAData 2013-08-27 17:10:33 -------- d-----w- C:\users\flokke\AppData\Local\Avg2013 ====== C:\Users\flokke ====== 2013-08-31 16:29:47 F7AF924D0D951FF8F7B05AD2E4FF50D3 994642 ----a-w- C:\Users\flokke\Downloads\adwcleaner(1).exe 2013-08-30 19:52:17 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\flokke\Downloads\RSITx64.exe 2013-08-30 18:51:31 F7AF924D0D951FF8F7B05AD2E4FF50D3 994642 ----a-w- C:\Users\flokke\Downloads\adwcleaner.exe 2013-08-30 15:33:19 EA3ECA8D0BAFB0F0921A5757EBE45ECC 302072 ----a-w- C:\Users\flokke\Downloads\WhiteLies-BigTV_4QO.rar(1).exe 2013-08-30 15:32:51 EA3ECA8D0BAFB0F0921A5757EBE45ECC 302072 ----a-w- C:\Users\flokke\Downloads\WhiteLies-BigTV_4QO.rar.exe ====== C: exe-files == 2013-08-31 16:37:50 A42FC4B9915761DD8F0AB43CBD4F3939 12252672 ----a-w- C:\Program Files (x86)\Secunia\PSI\SUA\f8659932ffa99b44542b14cbd05bdc63a26d9930\ShockwavePlayer_12.0.3.133_SPS.exe 2013-08-31 16:37:43 3750B01AB357AC4575CC047013D2BEFF 17498624 ----a-w- C:\Program Files (x86)\Secunia\PSI\SUA\0a2bb793b17eb17cb6f38b9316bb53504cb86de2\AdobeFlashPlayer_11.8.800.94_ActiveX_SPS.exe 2013-08-31 16:29:47 F7AF924D0D951FF8F7B05AD2E4FF50D3 994642 ----a-w- C:\Users\flokke\Downloads\adwcleaner(1).exe 2013-08-30 20:21:01 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP\WiseCustomCalla31.exe 2013-08-30 20:13:17 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-30 20:13:16 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-30 20:13:16 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-30 20:13:14 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-08-30 20:13:14 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-08-30 20:13:14 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-08-30 19:52:51 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\flokke.exe 2013-08-30 19:52:17 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\flokke\Downloads\RSITx64.exe 2013-08-30 18:56:27 EDB10586A061A621BBA2CB32E5E3220B 190429 ----a-w- C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP\WiseCustomCalla37.exe 2013-08-30 18:55:56 9FF765D961D3C51E709781AA4061C5BB 46974032 ----a-w- C:\Users\flokke\AppData\Local\Temp\SHSetup.exe 2013-08-30 18:51:31 F7AF924D0D951FF8F7B05AD2E4FF50D3 994642 ----a-w- C:\Users\flokke\Downloads\adwcleaner.exe 2013-08-30 17:02:08 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel4.exe 2013-08-30 17:02:08 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel3.exe 2013-08-30 15:33:19 EA3ECA8D0BAFB0F0921A5757EBE45ECC 302072 ----a-w- C:\Users\flokke\Downloads\WhiteLies-BigTV_4QO.rar(1).exe 2013-08-30 15:32:51 EA3ECA8D0BAFB0F0921A5757EBE45ECC 302072 ----a-w- C:\Users\flokke\Downloads\WhiteLies-BigTV_4QO.rar.exe 2013-08-30 14:20:22 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel2.exe 2013-08-30 14:20:21 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel1.exe 2013-08-30 14:20:13 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel0.exe 2013-08-27 17:18:42 2AE999EC5269B489F5B9986F82C79FDD 648544 ----a-w- C:\Program Files (x86)\AVG\AVG2012\idpfixx.exe 2013-08-27 17:10:32 9F96249A7823C7C2B9E0B6D46A77CAE6 15920 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrdtestx.exe 2013-08-27 17:10:32 9F96249A7823C7C2B9E0B6D46A77CAE6 15920 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgrdtestx.exe 2013-08-27 17:10:32 7DDB04EFCA15BEE73286D67270894303 44080 ----a-w- C:\ProgramData\MFAData\SelfUpd\avguirux.exe 2013-08-27 17:10:32 7DDB04EFCA15BEE73286D67270894303 44080 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avguirux.exe 2013-08-27 17:10:32 5A2F938939EAAD5B3328867D57F21ABE 7648648 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgmfapx.exe 2013-08-27 17:10:32 5A2F938939EAAD5B3328867D57F21ABE 7648648 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgmfapx.exe 2013-08-27 17:10:31 E6FED737854FF6D1A4FB2486753CFEA2 278064 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrunasx.exe 2013-08-27 17:10:31 E6FED737854FF6D1A4FB2486753CFEA2 278064 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgrunasx.exe 2013-08-27 17:10:31 69D812B395637F8FCFEA7C7CC1660AE1 628272 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgntdumpx.exe 2013-08-27 17:10:31 69D812B395637F8FCFEA7C7CC1660AE1 628272 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgntdumpx.exe 2013-08-27 17:10:31 039C9A504E58A0B97C653BD237B200B0 16944 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrdtesta.exe 2013-08-27 17:10:31 039C9A504E58A0B97C653BD237B200B0 16944 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgrdtesta.exe 2013-08-27 17:10:27 9A5F8F497F5698288007484FCF15E34D 378720 ----a-w- C:\ProgramData\MFAData\SelfUpd\fixcfg.exe 2013-08-27 17:10:27 9A5F8F497F5698288007484FCF15E34D 378720 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\fixcfg.exe 2013-08-27 17:10:27 2AE999EC5269B489F5B9986F82C79FDD 648544 ----a-w- C:\ProgramData\MFAData\SelfUpd\idpfixx.exe 2013-08-27 17:10:27 2AE999EC5269B489F5B9986F82C79FDD 648544 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\idpfixx.exe 2013-08-27 17:10:26 EA1145DEBCD508FD25BD1E95C4346929 193288 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgwdsvc.exe 2013-08-27 17:10:26 EA1145DEBCD508FD25BD1E95C4346929 193288 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgwdsvc.exe 2013-08-27 17:10:26 66BC4A7C73DF8AC00F38F2085878F750 714736 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgwsc.exe 2013-08-27 17:10:26 66BC4A7C73DF8AC00F38F2085878F750 714736 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgwsc.exe 2013-08-27 17:10:26 371BA71B566260932DCCCF843BF6C7E7 2598520 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgtray.exe 2013-08-27 17:10:26 371BA71B566260932DCCCF843BF6C7E7 2598520 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgtray.exe 2013-08-27 17:10:26 2DD7A30B6FB4CB90C40F77E560CB3125 4373552 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgui.exe 2013-08-27 17:10:26 2DD7A30B6FB4CB90C40F77E560CB3125 4373552 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgui.exe 2013-08-27 17:10:25 EAFCC38FFC6ECC3CEB86662F28FF792A 267616 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgstrmx.exe 2013-08-27 17:10:25 EAFCC38FFC6ECC3CEB86662F28FF792A 267616 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgstrmx.exe 2013-08-27 17:10:25 CC05E065818421AD83D370EF6072FDBC 740704 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsystx.exe 2013-08-27 17:10:25 CC05E065818421AD83D370EF6072FDBC 740704 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsystx.exe 2013-08-27 17:10:25 406D3F757C9E75101E6E51835AAC312B 793952 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsrmax.exe 2013-08-27 17:10:25 406D3F757C9E75101E6E51835AAC312B 793952 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsrmax.exe 2013-08-27 17:10:25 2B02B843669EDA943000F53905065E75 1204576 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsysta.exe 2013-08-27 17:10:25 2B02B843669EDA943000F53905065E75 1204576 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsysta.exe 2013-08-27 17:10:25 27C125BB0261496674CA41FBB1978C31 487776 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgstrma.exe 2013-08-27 17:10:25 27C125BB0261496674CA41FBB1978C31 487776 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgstrma.exe 2013-08-27 17:10:25 0D082FB144AC46B0ADC63E5B223E7597 11383392 ----a-w- C:\ProgramData\MFAData\SelfUpd\AVGTBInstall.exe 2013-08-27 17:10:25 0D082FB144AC46B0ADC63E5B223E7597 11383392 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\AVGTBInstall.exe 2013-08-27 17:10:24 CB7C95F140DCBC45B0937F843D63F4D8 1252192 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsrmaa.exe 2013-08-27 17:10:24 CB7C95F140DCBC45B0937F843D63F4D8 1252192 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsrmaa.exe 2013-08-27 17:10:24 C6316A424C10A25B580D86C098BB0634 1407096 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrsa.exe 2013-08-27 17:10:24 C6316A424C10A25B580D86C098BB0634 1407096 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgrsa.exe 2013-08-27 17:10:24 B6B1EFDC773741CC050203C4C4840B38 92000 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsetmgrcmd.exe 2013-08-27 17:10:24 B6B1EFDC773741CC050203C4C4840B38 92000 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsetmgrcmd.exe 2013-08-27 17:10:24 4AE532194AE7D2FE6378C1166B006B49 990840 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgscanx.exe 2013-08-27 17:10:24 4AE532194AE7D2FE6378C1166B006B49 990840 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgscanx.exe 2013-08-27 17:10:24 1DD558221D629C02C4B017D16C51B6DF 1373024 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsetmgr.exe 2013-08-27 17:10:24 1DD558221D629C02C4B017D16C51B6DF 1373024 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsetmgr.exe 2013-08-27 17:10:24 10AEE3CEE4801E5962AF1B8E17DAD353 1728120 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgscana.exe 2013-08-27 17:10:24 10AEE3CEE4801E5962AF1B8E17DAD353 1728120 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgscana.exe 2013-08-27 17:10:23 FE6ED6DE378C50774D710243F4B39CBC 1114232 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgntdumpa.exe 2013-08-27 17:10:23 FE6ED6DE378C50774D710243F4B39CBC 1114232 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgntdumpa.exe 2013-08-27 17:10:23 9348B6026ACA7F46521055EB2ACF0A61 459312 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgndisa.exe 2013-08-27 17:10:23 9348B6026ACA7F46521055EB2ACF0A61 459312 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgndisa.exe 2013-08-27 17:10:23 3C9B25C38E7A2BA07FB4F7DB351D6FF0 146784 ----a-w- C:\ProgramData\MFAData\SelfUpd\avglscanx.exe 2013-08-27 17:10:23 3C9B25C38E7A2BA07FB4F7DB351D6FF0 146784 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avglscanx.exe 2013-08-27 17:10:23 2D7F84ABE95B6AECEF89C0FBB5C9DD96 2018352 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgnsa.exe 2013-08-27 17:10:23 2D7F84ABE95B6AECEF89C0FBB5C9DD96 2018352 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgnsa.exe 2013-08-27 17:10:23 231B6AD3DB2866BC3FDB9979E6B2B61E 5174392 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgidsagent.exe 2013-08-27 17:10:23 231B6AD3DB2866BC3FDB9979E6B2B61E 5174392 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgidsagent.exe 2013-08-27 17:10:22 F3EBE5508BC9EA8AB88DB5A46397EE09 686712 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdumpx.exe 2013-08-27 17:10:22 F3EBE5508BC9EA8AB88DB5A46397EE09 686712 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgdumpx.exe 2013-08-27 17:10:22 ECC96985954185DFCF455FBBB8037A1B 338784 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcsrvx.exe 2013-08-27 17:10:22 ECC96985954185DFCF455FBBB8037A1B 338784 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgcsrvx.exe 2013-08-27 17:10:22 D312256C89C2244B435406DBB95C6E0A 5959728 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcrema.exe 2013-08-27 17:10:22 D312256C89C2244B435406DBB95C6E0A 5959728 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgcrema.exe 2013-08-27 17:10:22 B96E3E543675039FC93D14EDF627231A 520032 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcsrva.exe 2013-08-27 17:10:22 B96E3E543675039FC93D14EDF627231A 520032 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgcsrva.exe 2013-08-27 17:10:22 B082D1AA020008B26D08B838C5B1E6BB 2698112 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdiagex.exe 2013-08-27 17:10:22 B082D1AA020008B26D08B838C5B1E6BB 2698112 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgdiagex.exe 2013-08-27 17:10:22 9F0678A35B06CA75A8495762CE274495 493920 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcfgex.exe 2013-08-27 17:10:22 9F0678A35B06CA75A8495762CE274495 493920 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgcfgex.exe 2013-08-27 17:10:22 938928B014F2ABA4C1293EA4D8714020 1607040 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgemca.exe 2013-08-27 17:10:22 938928B014F2ABA4C1293EA4D8714020 1607040 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgemca.exe 2013-08-27 17:10:22 74CE9F4CBDCC147BB16042FAC323E970 1194104 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdumpa.exe 2013-08-27 17:10:22 74CE9F4CBDCC147BB16042FAC323E970 1194104 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgdumpa.exe 2013-08-27 17:10:22 6C469E3CB15CF33AD3E757096E6C7026 2321560 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgfws.exe 2013-08-27 17:10:22 6C469E3CB15CF33AD3E757096E6C7026 2321560 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgfws.exe 2013-08-27 17:10:22 343083A60B4B41C35E3F739F469763A0 879736 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcmgr.exe 2013-08-27 17:10:22 343083A60B4B41C35E3F739F469763A0 879736 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgcmgr.exe 2013-08-27 15:35:24 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-27 15:35:24 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-08-27 15:35:24 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-08-27 15:35:23 7BA1862B8A5698DC5FCFDFF3BC359DE9 770648 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-08-27 15:35:23 133CEF30905806A35606652D409EEEBA 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-08-27 09:05:01 D6E84508BBE50BBEEFAF02C865A96836 1070672 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_714BFB3B4B0991F6.exe 2013-08-27 09:04:03 42D0D34CAA293C83B4433A537DF13895 530912 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4413.1752\GoogleToolbarInstaller_updater_signed.exe === C: other files == 2013-08-30 18:58:09 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat 2013-08-30 18:57:11 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\flokke\AppData\Local\Temp\ESGScanner.sys 2013-08-27 17:18:44 F3914E3EAC657FB3795F29CB9E82378D 274718 ----a-w- C:\ProgramData\AVG2012\IDS\config\internalList.zip 2013-08-27 17:18:44 F3914E3EAC657FB3795F29CB9E82378D 274718 ----a-w- C:\Backup My Data\All Users\AVG2012\IDS\config\internalList.zip 2013-08-27 09:08:50 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-08-27 09:08:50 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "HP Photosmart 6510 series (NET)"="C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1C2411DT05QB:NW -scfn HP Photosmart 6510 series (NET) -AutoStart 1" "Facebook Update"="C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "AVG_TRAY"="C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "HP Photosmart 6510 series (NET)"="C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1C2411DT05QB:NW -scfn HP Photosmart 6510 series (NET) -AutoStart 1" "Facebook Update"="C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Folders ====================== 2012-09-24 15:24:57 1948 ----a-w- C:\users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk 2012-12-04 20:37:19 1110 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [27/08/2013 11:10] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000Core.job --a------ C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe [10/07/2013 11:43] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000UA.job --a------ C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe [10/07/2013 11:43] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/04/2012 21:02] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/04/2012 21:02] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ [undetermined Task] ==== Firefox Extensions ====================== ProfilePath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default - PutLocker Downloader - %ProfilePath%\extensions\ptl@ptl.com.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default 0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.16 F65284ABAC78410D561587F7C66043BA - C:\Users\flokke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\flokke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director 3D3CAF586124C4E8102764C8B3063BB6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director EFC5F7D71CF84407ABEE5412AAD79153 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions faklkmlkcleeoibffcbligohmkciloif - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Backup.Old.Start Page"="http://www.google.com" "Search Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" "Default_Search_URL"="http://www.google.com" "Search Bar"="http://www.google.com" "Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958" "Default_Search_URL"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" "Search Bar"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" "Search Page"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958" "Default_Search_URL"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" "Search Bar"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" "Search Page"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" "Search Bar"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" "Search Bar"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://newtab.certified-toolbar.com/nie?si=33953&tid=2958&new=true" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://newtab.certified-toolbar.com/nie?si=33953&tid=2958&new=true" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958" "Default_Search_URL"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" "Search Bar"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" "Search Page"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958" "Default_Search_URL"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" "Search Bar"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" "Search Page"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" "Default_Search_URL"="http://www.google.com/" "Search Bar"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" "Default_Search_URL"="http://www.google.com/" "Search Bar"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" "Default_Search_URL"="http://www.google.com/" "Search Bar"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.be/" "Backup.Old.Start Page"="http://www.google.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {5466DBE2-C698-46BA-B9C5-FDB0FF4E6EFD} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\users\flokke\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully C:\users\flokke\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\flokke\Desktop\Continue FoxTab PDF Reader Installation - kopie.lnk - C:\Users\flokke\AppData\Local\Temp\ICReinstall_PDFReaderSetup_V3.exe /RR C:\Users\flokke\Desktop\Continue FoxTab PDF Reader Installation.lnk - C:\Users\flokke\AppData\Local\Temp\ICReinstall_PDFReaderSetup_V3.exe /RR C:\Users\flokke\Desktop\Diaper Dash - kopie.lnk - C:\Zylom Games\Diaper Dash\diaperdash.exe C:\Users\flokke\Desktop\DVD_Indiana Jones And The Raiders Of The Lost Ark 1 - Snelkoppeling.lnk - C:\Users\flokke\Videos\DVD_Indiana Jones And The Raiders Of The Lost Ark 1 C:\Users\flokke\Desktop\Qoobox - kopie.lnk - C:\Qoobox C:\Users\flokke\Desktop\Download\DVD_Indiana Jones And The Raiders Of The Lost Ark 1 - Snelkoppeling.lnk - C:\Users\flokke\Videos\DVD_Indiana Jones And The Raiders Of The Lost Ark 1 C:\Users\flokke\Desktop\fotoos\DVD_Indiana Jones And The Raiders Of The Lost Ark 1 - Snelkoppeling - kopie.lnk - C:\Users\flokke\Videos\DVD_Indiana Jones And The Raiders Of The Lost Ark 1 C:\Users\flokke\Desktop\fotoos\flokke - Snelkoppeling (2).lnk - C:\Users\flokke C:\Users\flokke\Desktop\fotoos\flokke - Snelkoppeling (3).lnk - C:\Users\flokke C:\Users\flokke\Desktop\fotoos\flokke - Snelkoppeling.lnk - C:\Users\flokke C:\Users\flokke\Desktop\fotoos\Qoobox.lnk - C:\Qoobox ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\AVG 2012.lnk - C:\Program Files (x86)\AVG\AVG2012\avgui.exe C:\Users\Public\Desktop\Benodigdheden kopen - HP Photosmart 6510 series.lnk - C:\Program Files (x86)\HP\HP Photosmart 6510 series\Bin\hpqDTSS.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\HP ePrintCenter - HP Photosmart 6510 series.lnk - C:\Program Files (x86)\HP\HP Photosmart 6510 series\ePrintCenterShortcut.url C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe C:\Users\Public\Desktop\HP Photosmart 6510 series.lnk - C:\Program Files (x86)\HP\HP Photosmart 6510 series\Bin\HP Photosmart 6510 series.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Public\Desktop\Microsoft Office 2010.lnk - C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Nero Kwik Media.lnk - C:\Program Files (x86)\Nero\KM\KwikMedia.exe C:\Users\Public\Desktop\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe C:\Users\Public\Desktop\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe ==== shortcuts in Users Start Menu ====================== C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Photosmart 6510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN1C2411DT05QB;CONNECTION=NW;MONITOR=1; ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2012.lnk - C:\Program Files (x86)\AVG\AVG2012\avgui.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\AVG 2012.lnk - C:\Program Files (x86)\AVG\AVG2012\avgui.exe C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office 2010.lnk - C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Free launcher for Minecraft Alpha.lnk - C:\Users\flokke\Desktop\minecraft.exe C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\faklkmlkcleeoibffcbligohmkciloif deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk = ? O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\users\flokke\AppData\Local\Mozilla\Firefox\Profiles\7oos7kup.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\flokke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\flokke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 31/08/2013 at 19:05:05,64 ====================== - - - Updated - - - logje adwcleaner :# AdwCleaner v3.001 - Report created 31/08/2013 at 19:15:28 # Updated 24/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : flokke - FLOKKE-PC # Running from : C:\Users\flokke\Downloads\adwcleaner(2).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\jetpack Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [backup.old.Start Page] ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v23.0.1 (nl) [ File : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\prefs.js ] ************************* AdwCleaner[R0].txt - [18613 octets] - [30/08/2013 20:52:00] AdwCleaner[R1].txt - [18674 octets] - [30/08/2013 20:53:14] AdwCleaner[R2].txt - [18379 octets] - [31/08/2013 18:32:10] AdwCleaner[R3].txt - [1573 octets] - [31/08/2013 19:14:57] AdwCleaner[s0].txt - [15286 octets] - [31/08/2013 18:32:41] AdwCleaner[s1].txt - [1506 octets] - [31/08/2013 19:15:28] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1566 octets] ########## - - - Updated - - - logje adwcleaner :# AdwCleaner v3.001 - Report created 31/08/2013 at 19:15:28 # Updated 24/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : flokke - FLOKKE-PC # Running from : C:\Users\flokke\Downloads\adwcleaner(2).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\jetpack Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [backup.old.Start Page] ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v23.0.1 (nl) [ File : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\prefs.js ] ************************* AdwCleaner[R0].txt - [18613 octets] - [30/08/2013 20:52:00] AdwCleaner[R1].txt - [18674 octets] - [30/08/2013 20:53:14] AdwCleaner[R2].txt - [18379 octets] - [31/08/2013 18:32:10] AdwCleaner[R3].txt - [1573 octets] - [31/08/2013 19:14:57] AdwCleaner[s0].txt - [15286 octets] - [31/08/2013 18:32:41] AdwCleaner[s1].txt - [1506 octets] - [31/08/2013 19:15:28] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1566 octets] ##########

Beste, Ik vrees dat ik heel wat rommel op de pc staan heb....sedert vandaag krijg ik QVO6 er niet meer af (mijnen echtgenoot heeft muziek ofzo gedownload).....maar denk dat dit niet het enige is....heb ook spyhunter willen proberen maar die gaf massa s infecties, dan kan je die ook niet verwijderen of je moet de ganse versie aanschaffen, dus die zit er ook op, nu krijg ik ook "uw DSN instellingen zijn aangepast"? kunnen jullie mij misschien helpen om de boel weer een beetje op orde te krijgen....? Alvast superbedankt! Logfile of random's system information tool 1.09 (written by random/random) Run by flokke at 2013-08-30 21:52:50 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 1753 GB (93%) free of 1876 GB Total RAM: 4078 MB (45% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:52:56, on 30/08/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16660) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\flokke.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R3 - URLSearchHook: (no name) - {22dfbf5b-a7cd-4b25-9471-3dc68c71855f} - (no file) R3 - URLSearchHook: FreezbGames Toolbar - {55d7c7bc-12a7-4f9b-81c0-600d9a182395} - C:\Program Files (x86)\FreezbGames\prxtbFree.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: FreezbGames - {55d7c7bc-12a7-4f9b-81c0-600d9a182395} - C:\Program Files (x86)\FreezbGames\prxtbFree.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: FreezbGames Toolbar - {55d7c7bc-12a7-4f9b-81c0-600d9a182395} - C:\Program Files (x86)\FreezbGames\prxtbFree.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk = ? O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10978 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=24dbb830-5f3e-4715-95b6-9203cb207f73 /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\287f7c1c-3917-440a-935d-370494e9503a-1dc-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" C:\Windows\system32\IProsetMonitor.exe "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Online Games Manager\ogmservice.exe" --service-run "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 2540 "C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2012\avgemca.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5b6994bf-e229-49a5-a639-7b2a85af5dc1 -SystemEventPortName:HostProcess-3ad50beb-aea3-49be-8390-07aa76ebd9c1 -IoCancelEventPortName:HostProcess-e7ef998c-df9a-4294-98a6-d2ef4ba6328e -NonStateChangingEventPortName:HostProcess-8fa7991c-b134-41f6-864b-6a9f0dd71212 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f2638670-700c-4706-8742-f959038f64a6 -DeviceGroupId:WpdFsGroup "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 "C:\Program Files (x86)\Secunia\PSI\psi_tray.exe" "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Photosmart 6510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN1C2411DT05QB;CONNECTION=NW;MONITOR=1; "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\HP\HP Photosmart 6510 series\bin\HPNetworkCommunicator.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe" "C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE "C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe" -scan -tt_on "taskhost.exe" C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=46c6f644-ca21-4339-b4b6-3618f683c71e /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\388f0e36-4e6d-4912-bcf4-6752c51fbd3e-cc8-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" QVO6 C:\Windows\system32\sppsvc.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 "C:\Users\flokke\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000UA.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HP Photo Creations Communicator.job =========Mozilla firefox========= ProfilePath - C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=hp&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.8.800.94 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=C:\Windows\system32\Wat\npWatWeb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM] "Description"= "Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5] "Description"=A component of your photo software powered by RocketLife "Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.8.800.94 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=C:\Windows\system32\Wat\npWatWeb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\searchplugins\ askcom.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2012-10-15 1968248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-28 553376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-08-27 254032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-28 211360] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2012-10-15 1417336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55d7c7bc-12a7-4f9b-81c0-600d9a182395}] FreezbGames Toolbar - C:\Program Files (x86)\FreezbGames\prxtbFree.dll [2012-11-06 183112] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-27 192592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-08-27 254032] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {55d7c7bc-12a7-4f9b-81c0-600d9a182395} - FreezbGames Toolbar - C:\Program Files (x86)\FreezbGames\prxtbFree.dll [2012-11-06 183112] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-27 192592] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-09 11613288] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-04-18 39408] "HP Photosmart 6510 series (NET)"=C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2011-09-16 2676584] "Facebook Update"=C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-10 138096] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-03 103720] "NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160] "AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-11-19 2598520] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10 49208] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-03-19 247296] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux5"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "aux6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "aux7"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "aux8"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv "aux9"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2013-08-30 21:52:51 ----D---- C:\Program Files\trend micro 2013-08-30 21:52:50 ----D---- C:\rsit 2013-08-30 20:58:09 ----A---- C:\autoexec.bat 2013-08-30 20:57:11 ----A---- C:\Windows\system32\drivers\EsgScanner.sys 2013-08-30 20:56:27 ----D---- C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-08-30 20:51:38 ----D---- C:\AdwCleaner 2013-08-30 17:34:43 ----D---- C:\ProgramData\eSafe 2013-08-27 17:35:25 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-08-27 17:35:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-08-27 17:35:25 ----A---- C:\Windows\system32\ieui.dll 2013-08-27 17:35:24 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-08-27 17:35:24 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-08-27 17:35:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-08-27 17:35:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-08-27 17:35:24 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-27 17:35:24 ----A---- C:\Windows\system32\iesysprep.dll 2013-08-27 17:35:24 ----A---- C:\Windows\system32\iesetup.dll 2013-08-27 17:35:24 ----A---- C:\Windows\system32\iertutil.dll 2013-08-27 17:35:24 ----A---- C:\Windows\system32\iernonce.dll 2013-08-27 17:35:24 ----A---- C:\Windows\system32\ie4uinit.exe 2013-08-27 17:35:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-08-27 17:35:23 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-08-27 17:35:23 ----A---- C:\Windows\system32\msfeeds.dll 2013-08-27 17:35:23 ----A---- C:\Windows\system32\jscript.dll 2013-08-27 17:35:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-08-27 17:35:22 ----A---- C:\Windows\system32\jscript9.dll 2013-08-27 17:35:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-08-27 17:35:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-08-27 17:35:21 ----A---- C:\Windows\system32\urlmon.dll 2013-08-27 17:35:21 ----A---- C:\Windows\system32\jsproxy.dll 2013-08-27 17:35:20 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-08-27 17:35:20 ----A---- C:\Windows\system32\wininet.dll 2013-08-27 17:35:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-08-27 17:35:18 ----A---- C:\Windows\system32\mshtml.dll 2013-08-27 17:35:18 ----A---- C:\Windows\system32\ieframe.dll 2013-08-27 17:35:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-08-27 12:48:03 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-08-27 11:09:02 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2013-08-27 11:09:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2013-08-27 11:09:02 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2013-08-27 11:09:02 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-08-27 11:09:02 ----A---- C:\Windows\system32\wintrust.dll 2013-08-27 11:09:02 ----A---- C:\Windows\system32\cryptsvc.dll 2013-08-27 11:09:02 ----A---- C:\Windows\system32\cryptnet.dll 2013-08-27 11:09:02 ----A---- C:\Windows\system32\crypt32.dll 2013-08-27 11:08:58 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-08-27 11:08:58 ----A---- C:\Windows\system32\tzres.dll 2013-08-27 11:08:51 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL 2013-08-27 11:08:51 ----A---- C:\Windows\system32\WMVDECOD.DLL 2013-08-27 11:08:50 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2013-08-27 11:08:50 ----A---- C:\Windows\system32\rpcrt4.dll 2013-08-27 11:08:50 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2013-08-27 11:08:50 ----A---- C:\Windows\system32\drivers\tcpip.sys ======List of files/folders modified in the last 1 month====== 2013-08-30 21:52:56 ----D---- C:\Windows\Prefetch 2013-08-30 21:52:51 ----RD---- C:\Program Files 2013-08-30 21:14:26 ----D---- C:\Windows\temp 2013-08-30 20:57:37 ----SHD---- C:\Windows\Installer 2013-08-30 20:57:37 ----D---- C:\Windows\system32\drivers 2013-08-30 20:57:09 ----D---- C:\Config.Msi 2013-08-30 20:57:08 ----D---- C:\sh4ldr 2013-08-30 20:57:02 ----SHD---- C:\System Volume Information 2013-08-30 20:56:27 ----D---- C:\Windows 2013-08-30 20:46:06 ----D---- C:\Users\flokke\AppData\Roaming\.minecraft 2013-08-30 20:21:08 ----D---- C:\Windows\system32\config 2013-08-30 20:07:52 ----D---- C:\Windows\SysWOW64 2013-08-30 20:07:39 ----D---- C:\Windows\inf 2013-08-30 20:07:29 ----RD---- C:\Program Files (x86) 2013-08-30 20:00:17 ----D---- C:\Windows\system32\Tasks 2013-08-30 20:00:16 ----D---- C:\Windows\Tasks 2013-08-30 17:59:57 ----D---- C:\Windows\Minidump 2013-08-30 17:34:43 ----D---- C:\ProgramData 2013-08-30 17:34:40 ----D---- C:\Program Files (x86)\Common Files 2013-08-30 17:34:15 ----A---- C:\Windows\SYSWOW64\msvcr100.dll 2013-08-30 17:34:15 ----A---- C:\Windows\SYSWOW64\msvcp100.dll 2013-08-30 12:37:52 ----D---- C:\Windows\system32\drivers\AVG 2013-08-28 15:27:50 ----D---- C:\Windows\rescache 2013-08-28 10:55:19 ----D---- C:\Windows\Panther 2013-08-28 10:55:16 ----D---- C:\Windows\debug 2013-08-28 10:07:45 ----D---- C:\Windows\System32 2013-08-28 10:07:45 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-08-27 21:37:24 ----RSD---- C:\Windows\assembly 2013-08-27 21:37:24 ----D---- C:\Windows\Microsoft.NET 2013-08-27 19:18:01 ----D---- C:\ProgramData\MFAData 2013-08-27 19:08:03 ----D---- C:\Windows\winsxs 2013-08-27 19:05:21 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-08-27 19:05:21 ----D---- C:\Windows\system32\nl-NL 2013-08-27 19:05:18 ----D---- C:\Program Files (x86)\Internet Explorer 2013-08-27 19:05:16 ----D---- C:\Program Files\Internet Explorer 2013-08-27 17:35:46 ----D---- C:\Windows\system32\catroot2 2013-08-27 17:35:46 ----D---- C:\Windows\system32\catroot 2013-08-27 17:32:25 ----D---- C:\Windows\system32\MRT 2013-08-27 17:31:15 ----A---- C:\Windows\system32\MRT.exe 2013-08-27 17:13:57 ----D---- C:\Windows\SoftwareDistribution 2013-08-27 16:52:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-27 11:17:30 ----D---- C:\Users\flokke\AppData\Roaming\HpUpdate 2013-08-27 11:10:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-08-10 22:32:22 ----D---- C:\Users\flokke\AppData\Roaming\SoftGrid Client 2013-08-07 04:22:02 ----N---- C:\Windows\system32\MpSigStub.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-11-08 307040] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-04-11 384800] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-12-10 127328] R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-12-17 315568] R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-12-09 2565736] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-18 189288] R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] S1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\Users\flokke\AppData\Local\Temp\Rar$EXa0.736\Run\a2ddax64.sys [] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 22704] S3 IAMTVE;Driver for Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTVE.sys [2010-12-17 43416] S3 IAMTXPE;Driver for Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTXPE.sys [2010-12-17 51096] S3 ioatdma1;ioatdma1; C:\Windows\System32\Drivers\qd162x64.sys [2010-12-17 40144] S3 ioatdma2;Intel® QuickData Technology device ver.2; C:\Windows\System32\Drivers\qd262x64.sys [2010-12-17 42192] S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw64e.sys [2010-10-28 32936] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-10-25 164008] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-12-04 989800] R2 ogmservice;Online Games Manager; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [2013-08-08 559552] R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736] R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-07-17 1025408] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-27 257416] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-28 194032] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-27 117656] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-10 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------

Ik snap er nikske van xD ....

Bedankt hoor!

Hey, hierbij vind je het 'knipje'

Voila het linkje, bedankt hoor! http://speccy.piriform.com/results/NpFIeBXLBZEmKxJpv5qOKGB

Terug.... ? Blijkbaar heb ik het niet goed begrepen....ik heb die combofix gewoon via verwijderen verwijderd?....er gebeurde niets maar is niet meer terug te vinden op mijn pc Toch nog steeds het gevoel dat het nog niet helemaal ok is:thumpdown: die cursor blijft maar rondjes draaien, en alles lijkt toch wat trager te werken...? Groetjes

Beste, herstelpunten gelukt denk ik, ccleaner gedaan, hijackt en roguekiller ok , combofix/uninstall vond ik niet terug, heb die dan via verwijderen hopelijk goed verwijderd? C:\Qoobox vind ik terug maar krijg ik niet verwijderd, kan dit enkel als administrator maar weet nie hoe?? En daarna hopelijk opgelost....en nogmaals superbedankt:adore:

Ik moet zeggen dat die de laatste twee dagen niet meer is opgedoken....volledig verdwenen dan?? Ziet het er voor de rest ok?? Opgelost?

Hierbij het logje, bedankt ! ComboFix 12-09-30.01 - flokke 30/09/2012 20:28:01.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4078.2564 [GMT 2:00] Gestart vanuit: c:\users\flokke\Downloads\ComboFix.exe AV: AVG Internet Security Business Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Internet Security Business Edition 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security Business Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\DealPly c:\program files (x86)\DealPly\DealPlyTune.dll c:\program files (x86)\DealPly\sqlite3.dll c:\programdata\dsgsdgdsgdsgw.pad . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-28 to 2012-09-30 )))))))))))))))))))))))))))))) . . 2013-04-28 15:58 . 2013-04-28 15:58 -------- d--h--w- c:\programdata\Common Files 2013-04-28 15:57 . 2013-04-28 15:57 -------- d-----w- c:\program files (x86)\AVG 2013-04-28 15:54 . 2012-09-30 14:10 -------- d-----w- c:\programdata\MFAData 2012-09-30 18:31 . 2012-09-30 18:31 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-09-29 16:29 . 2012-09-29 20:48 -------- d-----w- C:\sh4ldr 2012-09-29 16:29 . 2012-09-29 16:29 -------- d-----w- c:\program files\Enigma Software Group 2012-09-29 16:28 . 2012-09-29 20:48 -------- d-----w- c:\windows\8C5C34C7BC6B48318B2C6535FE63E502.TMP 2012-09-29 16:28 . 2012-09-29 16:28 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-09-26 13:55 . 2012-09-28 19:30 -------- d-----w- c:\users\flokke\AppData\Roaming\Systweak 2012-09-26 13:55 . 2012-09-21 10:05 17080 ----a-w- c:\windows\system32\roboot64.exe 2012-09-26 13:11 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2012-09-25 16:13 . 2012-09-25 16:13 -------- d-----w- c:\program files (x86)\Online Games Manager 2012-09-24 15:21 . 2011-09-16 09:24 778088 ------w- c:\windows\system32\HPDiscoPMA511.dll 2012-09-20 17:01 . 2012-09-20 17:01 388096 ----a-r- c:\users\flokke\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-09-20 17:01 . 2012-09-20 17:01 -------- d-----w- c:\program files (x86)\Trend Micro 2012-09-19 20:47 . 2012-09-19 20:47 -------- d-----w- c:\users\flokke\AppData\Roaming\Malwarebytes 2012-09-19 20:47 . 2012-09-19 20:47 -------- d-----w- c:\programdata\Malwarebytes 2012-09-19 20:43 . 2012-09-29 21:20 -------- d-----w- c:\program files\CCleaner 2012-09-19 19:39 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-09-19 19:39 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys 2012-09-19 19:39 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-09-19 19:39 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2012-09-19 19:39 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-09-19 19:39 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-09-19 19:39 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2012-09-17 17:32 . 2012-09-19 07:44 -------- d-----w- c:\program files (x86)\Microsoft 2012-09-17 17:32 . 2012-09-24 15:22 -------- d-----w- c:\program files (x86)\HP Photo Creations 2012-09-17 17:32 . 2012-09-24 15:22 -------- d-----w- c:\programdata\HP Photo Creations 2012-09-17 17:31 . 2012-09-17 17:31 -------- d-----w- c:\users\flokke\AppData\Roaming\HpUpdate 2012-09-17 17:30 . 2012-09-17 17:30 -------- d-----w- c:\programdata\HP 2012-09-17 17:30 . 2012-09-24 15:21 -------- d-----w- c:\program files (x86)\HP 2012-09-17 17:30 . 2012-09-17 17:30 -------- d-----w- c:\program files\HP 2012-09-17 17:29 . 2012-09-24 15:24 -------- d-----w- c:\users\flokke\AppData\Local\HP 2012-09-15 20:04 . 2012-09-15 20:04 -------- d-----w- c:\users\flokke\AppData\Roaming\Oberon Media 2012-09-15 20:04 . 2012-09-19 19:33 -------- d-----w- c:\program files (x86)\Yahoo! Games 2012-09-15 09:08 . 2012-09-15 09:08 -------- d-----w- c:\program files (x86)\MSECache 2012-09-14 17:07 . 2012-09-27 15:52 -------- d-----w- C:\Zylom Games 2012-09-14 17:07 . 2012-09-27 15:52 -------- d-----w- c:\program files (x86)\RealArcade 2012-09-12 17:05 . 2012-09-14 16:19 -------- d-----w- c:\programdata\FarmFrenzy3_Madagascar 2012-09-12 17:00 . 2012-09-12 17:00 -------- d-----w- c:\programdata\Zylom 2012-09-12 16:59 . 2012-09-14 16:02 -------- d-----w- c:\programdata\Trymedia . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-21 16:10 . 2012-04-19 22:07 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-21 16:10 . 2012-04-19 22:07 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-09-19 20:02 . 2010-07-07 15:49 64462936 ----a-w- c:\windows\system32\MRT.exe 2012-08-24 13:43 . 2012-08-24 13:43 384352 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2012-07-26 01:21 . 2012-07-26 01:21 291680 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2012-07-18 18:15 . 2012-08-27 22:52 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-04 22:16 . 2012-08-27 22:52 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-07-04 22:13 . 2012-08-27 22:52 59392 ----a-w- c:\windows\system32\browcli.dll 2012-07-04 22:13 . 2012-08-27 22:52 136704 ----a-w- c:\windows\system32\browser.dll 2012-07-04 21:14 . 2012-08-27 22:52 41984 ----a-w- c:\windows\SysWow64\browcli.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-04-18 39408] "HP Photosmart 6510 series (NET)"="c:\program files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" [2011-09-16 2676584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208] . c:\users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk - c:\windows\system32\RunDll32.exe [2009-7-14 45568] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\flokke\AppData\Local\Temp\Rar$EXa0.736\Run\a2ddax64.sys [x] R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 136176] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2010-12-17 315568] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 136176] R3 IAMTVE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys [2010-12-17 43416] R3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys [2010-12-17 51096] R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2010-12-17 40144] R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [2010-12-17 42192] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-10 1255736] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-22 48992] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-07-26 291680] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-03 63928] S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2012-06-13 2321560] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-10-25 164008] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] S2 ogmservice;Online Games Manager;c:\program files (x86)\Online Games Manager\ogmservice.exe [2012-06-08 521344] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-09-07 155752] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . Inhoud van de 'Gedeelde Taken' map . 2012-09-30 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-19 16:10] . 2012-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 19:02] . 2012-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 19:02] . 2012-09-30 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-09 11613288] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Page = hxxp://search.toggle.com/?lang=nl&q={searchTerms} IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) SafeBoot-BsScanner Toolbar-10 - (no file) AddRemove-Media Player - c:\program files (x86)\FLVPlayer\Uninstall\Uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-09-30 20:32:49 ComboFix-quarantined-files.txt 2012-09-30 18:32 . Pre-Run: 1.913.404.612.608 bytes beschikbaar Post-Run: 1.913.060.720.640 bytes beschikbaar . - - End Of File - - 6517DB7A35D118EC143BAC6B5D91E226 Ik begrijp hier de 'ballen' van

Mijn pc lijkt ook steeds druk aan het werk?? Cursor blijft met momenten maar draaien :-(

oeshe da was ene keer teveel

Heb ik het goed gedaan? Zip bestandje??nie gevonden...Merciekes! RogueKiller V8.1.0 [09/28/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: RogueKiller - Geeks to Go Forums Website: RogueKiller Blog: tigzy-RK Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : flokke [Admin rights] Mode : Scan -- Date : 09/29/2012 22:56:09 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 7 ¤¤¤ [RUN][sUSP PATH] HKLM\[...]\Run : JAVA (C:\Windows\java.vbs) -> FOUND [TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe -> FOUND [TASK][ROGUE ST] 4817 : wscript.exe C:\Users\flokke\AppData\Local\Temp\launchie.vbs //B -> FOUND [TASK][bLPATH] HPCustParticipation HP Photosmart 6510 series : "C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPCustPartic.exe" /UA 9.5 /DDV 0x1000 -> FOUND [sTARTUP][bLACKLIST DLL] Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk @flokke : C:\Windows\system32\RunDll32.exe|"C:\Program Files\HP\HP Photosmart 6510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN1C2411DT05QB;CONNECTION=NW;MONITOR=1; -> FOUND [HJ SMENU] HKLM\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ SMENU] HKLM\[...]\Advanced : Start_ShowRun (0) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST32000542AS +++++ --- User --- [MBR] e9d343d5216d5be0a9eea973bb51622f [bSP] 301bf6bd99be89b946b8bb0f63e5d29e : Windows Vista/7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1875883 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3842015232 | Size: 30720 Mo 3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 3904929792 | Size: 1024 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt