elham
-
Items
132 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door elham
-
Laptop sluit automatisch af na verwijderen stroomkabel
elham reageerde op elham's topic in Archief Hardware algemeen
Dank jullie wel voor jullie tips, ik heb de nieuwe accu ontvangen en zal zeker rekening houden met jou tips Droske! Bedankt! -
Laptop sluit automatisch af na verwijderen stroomkabel
elham reageerde op elham's topic in Archief Hardware algemeen
Ondertussen had ik hardwarecity een mail gestuurd met mijn probleem en zij gaan vandaag een nieuwe accu verzenden. Dus deze nieuwere accu moet ik eigenlijk gebruiken zoals vermeld op site van batteryking: accu een nacht opladen, daarna minstens 5 maal gedeeltelijk ontladen en vervolgens volledig opladen? -
Laptop sluit automatisch af na verwijderen stroomkabel
elham reageerde op elham's topic in Archief Hardware algemeen
Maar dan zou de accu toch al meteen problemen moeten geven? De eerste 4 dagen toonde de accu eigenlijk geen problemen, het laadde prima op waarna het binnen enkele uren leeg liep waarna ik het weer nornaal kon opladen. De huidige probleem begon uit het niets gisteren ochtend..... -
Laptop sluit automatisch af na verwijderen stroomkabel
elham reageerde op elham's topic in Archief Hardware algemeen
Helaas werkt het niet, zodra ik de stroom kabel eruit doe gaat de laptop uit...ik ben op het internet verder tegengekomen dat het in sommige gevallen ook aan de power settings kan liggen...maar ik heb nooit iets aan de power settings aangepast en ik zou ook niet weten hoe dat moet. Nog verdere opties? -
Laptop sluit automatisch af na verwijderen stroomkabel
elham reageerde op elham's topic in Archief Hardware algemeen
Dit ben ik tegengekomen: "With lithium ion batteries, it doesn't matter how long you charge your new laptop before using it. This wasn't the case with nickel-based batteries, which had to be fully charged the first time. Lithium ion batteries are prepared when they are manufactured so you don't have to go through the full-charging process before using them." https://itstillworks.com/long-charge-new-laptop-battery-5261076.html -
Laptop sluit automatisch af na verwijderen stroomkabel
elham reageerde op elham's topic in Archief Hardware algemeen
Ik dacht dat je dat bij Lithium-ion accu niet hoefde toe te passen...betekent dit dat ik een nieuwe accu moet aanschaffen of is het nog te redden? -
Laptop sluit automatisch af na verwijderen stroomkabel
elham reageerde op elham's topic in Archief Hardware algemeen
Ik snap niet zo goed wat u bedoeld... -
Laptop sluit automatisch af na verwijderen stroomkabel
elham plaatste een topic in Archief Hardware algemeen
Enkele dagen terug heb ik een nieuwe accu besteld van hardwarecity.nl. De eerste dagen werke de accu prima zonder problemen, echter sinds vandaag raakt de accu plotseling razendsnel leeg; wanneer ik mijn laptop enige tijd verbonden heb met de stroomkabel geeft hij aan dat de accu 100% geladen is, zodra ik de stroomkabel loskoppel schakelt de laptop zich binnen enkele seconden uit en krijg ik hem ook niet meer aan. Wanneer ik de stroomkabel weer aansluit gaat hij vervolgens weer gewoon normaal aan en dan zie ik dat de accu 0% geladen is. Binnen enkele minuten geeft hij weer aan de accu 100% geladen. Hier is de rapport energie-efficiëntiediagnose: Accu:Accugegevens Accu-id MS-16F2 Fabrikant Serienummer Accutype LION Lange termijn 1 Ontwerpcapaciteit 73260 Laatst volledig opgeladen 109890 Hoe los ik dit op? -
[ATTACH]35423[/ATTACH] AdwCleaner[S0].txt
-
Ja! Het probleem is opgelsot m.b.v. de oplossing die in deze link vermeld staan: http://www.pc-helpforum.be/f170/office-2010-printer-weigert-af-te-71790/ De meneer had ook precies hetzelfde probleem als mij met dezelfde printer. PChelpforum.be Super bedankt!!! Kan ik deze topic als opelost beschouwen of moet er nog gekeken worden naar de logbestand?
-
[ATTACH]35411[/ATTACH] zoek-results.log
-
[ATTACH]35406[/ATTACH] zoek-results.log
-
Bijgaand treft u het logbestand.[ATTACH]35394[/ATTACH] - - - Updated - - - Ik heb wel deze logbestand gemaakt zonder dat de printer geinstalleerd is op deze laptop, omdat ik het verwijderd heb> Maakt dat wat uit voor de log bestand? log.txt
-
Weet niemand een oplossing voor mijn probleem? Update: Printen vanuit PDF, Notepad en interpagina lukken wel, maar printen van uit alle MS Office programma's lukken niet. Printen vanuit een andere laptop met MS Office gaat ook goed. Wat ik tot nu toe allemaal gedaan heb: Hp Print and Scan Doctor gebruikt --> Helpt niet Micorsoft Office Fix it --> Helpt niet Stuurprogramma's verwijderd en opnieuw geinstalleerd --> Help niet Een sfc /Scannow gedaan --> Helpt niet Microsoft en HP beiden tweemaal gebeld --> Hielpen ook niet MS Office opnieuw geinstalleerd --> Helpt niet En nog talloze andere oplossingen die ik op andere forums tegen kwam, maar echt niets helpt. De meneer in deze link http://www.pc-helpforum.be/f186/nieuwe-printer-geinstalleerd-hp-deskjet-2540-a-67879/#post444583 lijkt hetzelfde probleem te hebben als ik. Volgens mij is zijn probleem opgelost na een scan met combofix. Kan ik dit ook zomaar doen? Ik zou het erg waarderen als er iemand reageert, dit is echt ontzettend frustrerend dat ik elke dag direct na mijn colleges met deze probleem bezig ben.
-
Windows kan een update niet installeren en ik krijg telkens de deze error code: 80070490. Het gaat om een HP printer update. Wat ik tot nu toe gedaan heb: System Update Readiness Tool geïnstalleerd, dit hielp niet. Ook heb ik de Microsoft Fix it gedownload en geïnstalleerd maar tevergeefs. Ik zou het erg waarderen als iemand mij hiermee kan helpen. Ik heb een windows 64 bit systeem. [h=1][/h]
-
Excuses voor de dubbele mail: Als ik bijvoorbeeld een willekeurige afbeelding van google opsla op mijn bureaublad en als ik het vervolgens open en op afdrukken klik stuurt hij het op naar de printer en print hij het gewoon uit! Draadloos! Maar vanuit Word of PDF lukt het dus zowel draadloos als via USB aansluiting niet.
-
Ik heb onlangs een HP Deskjet 2540 gekocht. Het probleem is dat de printer niet reageert om te afdrukken uit Word of PDF, zowel draadloos niet als via een USB aansluitng. De installatie ging vrijwel foutloos, alle testafdrukken doen het prima. Ik heb ook de HP print and Scan doctor gebruikt, ook hiermee kon ik geen problemen vinden (de testafdruk hiermee ging ook goed). Verder heb ik ook de oude printer van mijn laptop verwijderd, maar dat werkte ook niet. Ook heb ik het opnieuw geïnstalleerd, maar dat werkt ook niet. Er wordt ook geen printopdrachten gestuurd naar de printerque. Wie kan mij hiermee helpen?
-
Ik wil graag weten of de HDMI kabel die met de PS4 komt goed genoeg is voor een Sony Bravia X85 3D UHD TV?
-
Hier is de inhoud: # DelFix v10.1 - Logfile created 22/03/2013 at 19:36:46 # Updated 23/02/2013 by Xplode # Username : Elham - ELHAM-MSI ~ Activating UAC ... OK ~ Removing disinfection tools ... Deleted : C:\Qoobox Deleted : C:\Program Files (x86)\Trend Micro\Hijackthis Deleted : C:\AdwCleaner[s1].txt Deleted : C:\ComboFix.txt Deleted : C:\zoek-results.log Deleted : C:\Users\Elham\Desktop\adwcleaner.exe Deleted : C:\Users\Elham\Desktop\ComboFix.exe Deleted : C:\Users\Elham\Desktop\HijackThis.exe Deleted : C:\Users\Elham\Desktop\hijackthis.log Deleted : C:\Users\Elham\Desktop\hijackthis22 Deleted : C:\Users\Elham\Desktop\Report_Voorlopige profielwerkstuk defenitief.docx.html Deleted : C:\Users\Elham\Desktop\zoek.exe Deleted : C:\windows\grep.exe Deleted : C:\windows\PEV.exe Deleted : C:\windows\NIRCMD.exe Deleted : C:\windows\MBR.exe Deleted : C:\windows\SED.exe Deleted : C:\windows\SWREG.exe Deleted : C:\windows\SWSC.exe Deleted : C:\windows\SWXCACLS.exe Deleted : C:\windows\Zip.exe Deleted : HKLM\SOFTWARE\AdwCleaner Deleted : HKLM\SOFTWARE\Swearware Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe ~ Resetting system settings ... OK ########## - EOF - ##########
-
Nee, deze maand heb ik geen problemen meer gehad. Maar, weet u ook wat dit probleem heeft veroorzaakt? En moet ik alsnog mijn netwerkkaart updaten?
-
Hier is de logje: Zoek.exe Version 4.0.0.2 Updated 18-03-2013 Tool run by Elham on di 19-03-2013 at 16:33:45,69. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting Files \ Folders ====================== "C:\users\Elham\AppData\Roaming\Riatpo" not found "C:\users\Elham\AppData\Roaming\Qyeh" not found ==== Chrome Look ====================== Google Docs - Elham - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Elham - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Elham - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Elham - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - Elham - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
-
Sorry voor mijn late antwoord, maar hier is de logje: Zoek.exe Version 4.0.0.2 Updated 14-March-2013 Tool run by Elham on vr 15-03-2013 at 21:42:37,55. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\PROGRA~2\AVG\AVG2013\avgrsa.exe C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe C:\windows\system32\csrss.exe C:\windows\system32\wininit.exe C:\windows\system32\csrss.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\nvvsvc.exe C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\winlogon.exe C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\windows\system32\svchost.exe -k bthsvcs C:\Program Files (x86)\System Control Manager\MSIService.exe C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe C:\windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe C:\Program Files (x86)\AVG\AVG2013\avgemca.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\windows\system32\nvvsvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe C:\windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\FSP\FspUip.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\MSI\EasyFace2\MessengerSignIn.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Windows\System32\StikyNot.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe C:\windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe C:\Users\Elham\Desktop\zoek.exe C:\windows\system32\conhost.exe ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-55408526-856673997-1952082211-1000\Software\Microsoft\Internet Explorer\SearchScopes\{09DFC675-A3D8-4381-BBCF-70E2B676B25E} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== @C:\\Program Files (x86)\\Intel\\Intel® Management Engine Components\\Uninstall\\Setup.exe,-2018 @C:\\Program Files (x86)\\Intel\\Intel® Rapid Storage Technology\\Uninstall\\Setup.exe,-2018 æTorrent ActiveX-kontroll f”r fj„rranslutningar f”r Windows Live Mesh Adobe Flash Player 10 ActiveX Adobe Reader X (10.1.0) - Nederlands Adobe Shockwave Player 11.6 Apple Application Support Apple Software Update ArtMoney SE v7.39.2 Assassin's Creed Revelations Batman Arkham City 1.0 Battlefield 3T Battlelog Web Plugins Bing Bar Borderlands 2 BurnRecovery Call of Duty Call of Duty® - World at War Call of Duty® - World at War 1.2 Patch Call of Duty® - World at War 1.4 Patch Call of Duty® - World at War 1.5 Patch Call of Duty® - World at War 1.6 Patch Call of Duty® - World at War 1.7 Patch Call of Duty® 4 - Modern Warfare Call of Duty® 4 - Modern Warfare 1.6 Patch Call of Duty® 4 - Modern Warfare 1.7 Patch Camera Recorder Cinema ProII Setup Cisco Connect Contr“le ActiveX Windows Live Mesh pour connexions … distance D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Deus Ex Human Revolution Dishonored Dll-Files Fixer Driver Whiz EasyFace2 EasyViewer ESN Sonar F.E.A.R. 3 Far Cry 3 FreeMind Galerie de photos Windows Live GamersFirst LIVE GameShadow Google Chrome Google Earth Google Update Helper GrabIt 1.7.2 Beta 6 (build 1008) HD Tune 2.55 HiJackThis Hitman Absolution Hitman Blood Money i-Charger Intel® Management Engine Components Intel® Rapid Storage Technology Java 7 Update 15 Java Auto Updater Junk Mail filter update Live Update 5 MAGIX Video easy SE Malwarebytes Anti-Malware versie 1.70.0.1100 MDL Chime/Chime Pro for Internet Explorer Mesh Runtime Microsoft .NET Framework 1.1 Microsoft Expression Encoder 4 Microsoft Expression Encoder 4 Screen Capture Codec Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 7.0.1 (x86 nl) MSI HOUSE msi LED Manager msi Software Install MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nuance PDF Reader NVIDIA Overclock Tool NVIDIA PhysX OpenAL Origin Pando Media Booster Portal 2 PowerISO Raccolta foto di Windows Live Rapture3D 2.4.8 Game Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Realtek USB 2.0 Reader Driver Renesas Electronics USB 3.0 Host Controller Driver RESIDENT EVIL 5 Revo Uninstaller 1.93 S?????? f?t???af??? t?? Windows Live Saints Row The Third Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2760762) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Simple Adblock SkypeT 6.1 Sniper Elite V2 St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?æa???sæ??e? s??d?se?? Steam Stone Giant 1.0 swMSM System Control Manager TeamViewer 7 The Witcher 2 The Witcher 2 Assassins of Kings version 1.0 THX TruStudio Pro TI Connect 1.6 TI NoteFolio Creator Tombraider Tunngle beta Ubisoft Game Launcher Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Uplay Viper Plagiarism Scanner Visual Studio 2008 x64 Redistributables VLC media player 1.1.11 Vuze Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Installer Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX Control for Remote Connections Windows Live Mesh ActiveX control for remote connections Windows Live Meshin et„yhteyksien ActiveX-komponentti Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennusty”kalu Windows Liven s„hk”posti Windows Liven valokuvavalikoima WinRAR archiver Xfire (remove only) ==== FireFox Fix ====================== ProfilePath: C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default user.js not found ---- Lines claro removed from prefs.js ---- ---- Lines claro modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1319364461349},\"{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\",\"mtime\":1334071771995}}},{\"name\":\"app-profile\",\"addons\":{\"bbrs_002@blabbers.com\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\bbrs_002@blabbers.com\",\"mtime\":1361218973690},\"ffxtlbr@claro.com\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\ffxtlbr@claro.com\",\"mtime\":1343761516421},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1330201246442}}}]"); ---- Lines Toggle removed from prefs.js ---- user_pref("symantec.browser.sessionstore.resume_from_crash.toggle", false); ---- Lines Toggle modified from prefs.js ---- ---- Lines ask.com removed from prefs.js ---- user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}"); user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); ---- Lines ask.com modified from prefs.js ---- ---- Lines blabbers.com removed from prefs.js ---- ---- Lines blabbers.com modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1319364461349},\"{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\",\"mtime\":1334071771995}}},{\"name\":\"app-profile\",\"addons\":{\"bbrs_002@blabbers.com\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\bbrs_002@blabbers.com\",\"mtime\":1361218973690},\"ffxtlbr@disabled.com\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\ffxtlbr@disabled.com\",\"mtime\":1343761516421},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1330201246442}}}]"); ---- FireFox user.js and prefs.js backups ---- prefs_15-03-2013_2145_.backup ==== Deleting Files \ Folders ====================== "C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\extensions\ffxtlbr@claro.com" not found "C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\extensions\bbrs_002@blabbers.com" not found ==== Files Recently Created / Modified ====================== ====== C:\windows ==== 2013-03-10 10:16:26 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\windows\PEV.exe 2013-03-10 10:16:26 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\windows\grep.exe 2013-03-10 10:16:26 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\windows\zip.exe 2013-03-10 10:16:26 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\windows\SWSC.exe 2013-03-10 10:16:26 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\windows\MBR.exe ====== C:\Users\Elham\AppData\Local\Temp ==== 2013-03-10 10:37:57 08AF557C8E6E74D7D92314F6B2C86273 4608 ----a-w- C:\Users\Elham\AppData\Local\Temp\i4jdel0.exe ====== C:\windows\SysWOW64 ===== 2013-03-14 15:16:59 E7E671A2A0159ED8D86CA98DF134BB70 73216 ----a-w- C:\windows\SysWOW64\mshtmled.dll 2013-03-14 15:16:59 D0F2CB059B2A89AD5B24FD9EB8D784BE 231936 ----a-w- C:\windows\SysWOW64\url.dll 2013-03-14 15:16:59 C9A2D460FD5E409C9320B4CE68A81549 420864 ----a-w- C:\windows\SysWOW64\vbscript.dll 2013-03-14 15:16:59 C43AFA13B552BCC4352106193F008229 142848 ----a-w- C:\windows\SysWOW64\ieUnatt.exe 2013-03-14 15:16:59 60D6B33E77A297AA1B14BF0452C20471 2382848 ----a-w- C:\windows\SysWOW64\mshtml.tlb 2013-03-14 15:16:59 15CF0E37F2B406BDE06CBA4F507B25DE 176640 ----a-w- C:\windows\SysWOW64\ieui.dll 2013-03-14 15:16:58 C798EB903A4FA90D2961E164518090C5 607744 ----a-w- C:\windows\SysWOW64\msfeeds.dll 2013-03-14 15:16:58 2A324C44A1B2352EF5F2E1C8984935C0 1427968 ----a-w- C:\windows\SysWOW64\inetcpl.cpl 2013-03-14 15:16:58 180D098704551DE37C6299AA888D6821 1103872 ----a-w- C:\windows\SysWOW64\urlmon.dll 2013-03-14 15:16:58 03728C624D05C2F157BBD46F6B7F6EA0 1129472 ----a-w- C:\windows\SysWOW64\wininet.dll 2013-03-14 15:16:57 73BDB1C0801D44BEA5F6749FD340CC0F 1796096 ----a-w- C:\windows\SysWOW64\iertutil.dll 2013-03-14 15:16:57 69F42E40A0C4344939437D86A8893DA6 1800704 ----a-w- C:\windows\SysWOW64\jscript9.dll 2013-03-14 15:16:57 6428A1B56B4F426F35A029231FF0BB1E 65024 ----a-w- C:\windows\SysWOW64\jsproxy.dll 2013-03-14 15:16:57 1895402C57C32BF8281E8F6C65522253 717824 ----a-w- C:\windows\SysWOW64\jscript.dll 2013-03-14 15:16:56 263963D93A3CA8F685EFA5966F1E6581 12321792 ----a-w- C:\windows\SysWOW64\mshtml.dll 2013-03-14 15:16:54 D3EAB9BCB2B92EFCA615781C215644C0 9738240 ----a-w- C:\windows\SysWOW64\ieframe.dll 2013-03-05 19:37:48 C3B72E7CF8EFD13431C0B45FA5E24F1B 12862400 ----a-w- C:\windows\SysWOW64\nvwgf2um.dll 2013-03-05 19:37:48 9B47B54BDF66F350493173D39EFEAE0F 20534560 ----a-w- C:\windows\SysWOW64\nvoglv32.dll 2013-03-05 19:37:48 973A0255A5DB5DFE64D78CF6E5A89440 6267240 ----a-w- C:\windows\SysWOW64\nvopencl.dll 2013-03-05 19:37:47 8BBCC9B3324FFE685C290606DCA9AC58 2726176 ----a-w- C:\windows\SysWOW64\nvcuvid.dll 2013-03-05 19:37:47 5509C47F908DAFB7AD1A14EBD485ECC9 17560352 ----a-w- C:\windows\SysWOW64\nvcompiler.dll 2013-03-05 19:37:47 22CFC35E50E07539087165EEABCBA6B0 1990944 ----a-w- C:\windows\SysWOW64\nvcuvenc.dll 2013-03-05 19:37:47 14F1FC4D5A4E95DC3F87E2F4CA0635DE 7964680 ----a-w- C:\windows\SysWOW64\nvcuda.dll 2013-03-02 15:31:01 B5037FBFE1F14169D4465C76CD4859FB 95648 ----a-w- C:\windows\SysWOW64\WindowsAccessBridge-32.dll ====== C:\windows\SysWOW64\drivers ===== ====== C:\windows\Sysnative ===== 2013-03-14 15:17:00 315BD7958BD33C71442A7383BBAD2237 2382848 ----a-w- C:\windows\Sysnative\mshtml.tlb 2013-03-14 15:16:59 F5F7A06D538619CB3B8081DF766F1D39 237056 ----a-w- C:\windows\Sysnative\url.dll 2013-03-14 15:16:59 E532E71207987BE22BEEE1F1F7E5B371 96768 ----a-w- C:\windows\Sysnative\mshtmled.dll 2013-03-14 15:16:59 ACFA7C9F9DBAE8143598F23C3DE8934A 248320 ----a-w- C:\windows\Sysnative\ieui.dll 2013-03-14 15:16:59 6BE16F52FAFFCD4BC628C6AE95C0B887 173056 ----a-w- C:\windows\Sysnative\ieUnatt.exe 2013-03-14 15:16:58 FF1AAEDD4A1A0FC3C5ED66B4EE0B254A 1346048 ----a-w- C:\windows\Sysnative\urlmon.dll 2013-03-14 15:16:58 D845B455663AE3B4AEB153D9B2E6A4C3 729088 ----a-w- C:\windows\Sysnative\msfeeds.dll 2013-03-14 15:16:58 406533EADD808A7A9B5A022F298C6841 1494528 ----a-w- C:\windows\Sysnative\inetcpl.cpl 2013-03-14 15:16:58 0A1BB8FF664EA24C2679B70F731A6F7A 2312704 ----a-w- C:\windows\Sysnative\jscript9.dll 2013-03-14 15:16:57 FA274190682AA41A46B285208ED46A74 1392128 ----a-w- C:\windows\Sysnative\wininet.dll 2013-03-14 15:16:57 B9996038ABB1664E49DE171AD14DE275 816640 ----a-w- C:\windows\Sysnative\jscript.dll 2013-03-14 15:16:57 A54A16DAE7497CDCB8C5A021C0F6FEB8 2147840 ----a-w- C:\windows\Sysnative\iertutil.dll 2013-03-14 15:16:57 7784649104ED574EC129C3282F54E846 85504 ----a-w- C:\windows\Sysnative\jsproxy.dll 2013-03-14 15:16:57 0E92BD6EBE215FA80288AFA7996A622B 599040 ----a-w- C:\windows\Sysnative\vbscript.dll 2013-03-14 15:16:55 460723A080D6F22E56D45BC8C1F15B2A 17815040 ----a-w- C:\windows\Sysnative\mshtml.dll 2013-03-14 15:16:54 E829C45F0D77852C43BE99C4B1BD215D 10925568 ----a-w- C:\windows\Sysnative\ieframe.dll 2013-03-05 19:37:50 9FCC07C6A76DF5FDACE85E1033715A2B 31672 ----a-w- C:\windows\Sysnative\nvhdap64.dll 2013-03-05 19:37:48 AB42C0D21C1FC23A60CE5D29B2A53EC5 1510176 ----a-w- C:\windows\Sysnative\nvdispgenco6420162.dll 2013-03-05 19:37:48 5A1F71CAB0B6116E597C0A656A4E5C37 26947360 ----a-w- C:\windows\Sysnative\nvoglv64.dll 2013-03-05 19:37:48 4ED76EF4A4B43D01D5411176BC09E602 1807136 ----a-w- C:\windows\Sysnative\nvdispco6420294.dll 2013-03-05 19:37:48 16CA336B82E53F77FCF7FC610EA56EC9 7569184 ----a-w- C:\windows\Sysnative\nvopencl.dll 2013-03-05 19:37:47 DF870214B9551EED01CB2F5F4D892A97 17987192 ----a-w- C:\windows\Sysnative\nvd3dumx.dll 2013-03-05 19:37:47 86B32CD237A49AB47F5EC1C4A4824A23 25256736 ----a-w- C:\windows\Sysnative\nvcompiler.dll 2013-03-05 19:37:47 25DDDEECDDBB017F4630464F6E217848 9422672 ----a-w- C:\windows\Sysnative\nvcuda.dll 2013-03-05 19:37:47 20A7BAA5A76C0359582DD4E185C3ABDB 2911008 ----a-w- C:\windows\Sysnative\nvcuvid.dll 2013-03-05 19:37:47 02F39AFF6D05B042772930FF889996D8 2350368 ----a-w- C:\windows\Sysnative\nvcuvenc.dll 2013-03-02 15:26:39 1B7DEC8CA744FF96B1AD6588CFFC7F75 108448 ----a-w- C:\windows\Sysnative\WindowsAccessBridge-64.dll ====== C:\windows\Sysnative\drivers ===== 2013-03-05 19:37:50 B4F53BCA4C688FF47F04FA90098F896E 194488 ----a-w- C:\windows\Sysnative\drivers\nvhda64v.sys 2013-03-05 19:37:48 0A2F27B5BCC45B64E152DD6AE0815198 11040544 ----a-w- C:\windows\Sysnative\drivers\nvlddmkm.sys ====== C:\windows\Tasks ====== ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2013-03-14 15:16:00 -------- d-----w- C:\Program Files\Microsoft Silverlight ======= C:\Program Files (x86) ===== 2013-03-14 15:16:00 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight 2013-03-02 16:14:06 -------- d-----w- C:\Program Files (x86)\All Answers Ltd 2013-02-28 19:32:51 -------- d-----w- C:\Program Files (x86)\Google 2013-02-26 16:52:16 -------- d-----w- C:\Program Files (x86)\Trend Micro 2013-02-15 10:22:05 -------- d-----w- C:\Program Files (x86)\Cisco Systems ======= C: ===== 2013-03-07 20:15:46 7947933F5EFCF9DC22C1213007D2792F 8072 ----a-w- C:\AdwCleaner[s1].txt ====== C:\Users\Elham\AppData\Roaming ====== 2013-03-10 10:29:10 -------- d-----w- C:\users\UpdatusUser\AppData\Local\temp 2013-03-10 10:29:10 -------- d-----w- C:\users\Public\AppData\Local\temp 2013-03-10 10:29:10 -------- d-----w- C:\users\Default\AppData\Local\temp 2013-03-10 10:29:10 -------- d-----w- C:\users\Default User\AppData\Local\temp 2013-03-08 14:00:46 -------- d-sh--w- C:\users\Elham\AppData\Roaming\wyUpdate AU 2013-03-02 16:14:26 -------- d-sh--w- C:\users\Elham\AppData\Roaming\ViperUpdate AU 2013-03-02 16:14:23 -------- d-----w- C:\users\Elham\AppData\Roaming\ViperSettingsFolder 2013-03-02 13:30:57 -------- d-----w- C:\users\Elham\AppData\Local\Programs 2013-02-28 19:34:11 -------- d-----w- C:\users\Elham\AppData\Locallow\Google 2013-02-26 17:12:50 -------- d-----w- C:\users\Elham\AppData\Roaming\AVG2013 2013-02-22 18:24:17 -------- d-----w- C:\users\Elham\AppData\Local\Avg2013 2013-02-20 09:40:20 -------- d-----w- C:\users\Elham\AppData\Roaming\Riatpo 2013-02-20 09:40:20 -------- d-----w- C:\users\Elham\AppData\Roaming\Qyeh ====== C:\Users\Elham ====== 2013-03-10 10:29:10 -------- d-----w- C:\Users\Public\AppData 2013-03-02 16:14:28 -------- d-sh--w- C:\Users\Elham\wc 2013-02-26 17:04:08 -------- d-----w- C:\ProgramData\AVG2013 2013-02-22 18:14:44 70F3B35C7754B71A347B43660D5C55ED 636 --sha-r- C:\Users\Elham\ntuser.pol 2013-02-15 09:52:02 -------- d-----w- C:\ProgramData\Cisco Systems ====== C: exe-files == 2013-03-14 15:16:59 DDE5A0DFAF7C6370FB36402D7A746ED3 757296 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-03-14 15:16:59 C43AFA13B552BCC4352106193F008229 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-03-14 15:16:59 6BE16F52FAFFCD4BC628C6AE95C0B887 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-03-14 15:16:58 A8EBEBCD9F5C49475194099FCD276992 763424 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-03-11 16:34:29 27C83242CA28917DF4D0379FAE7093CD 7605792 ----a-w- C:\Users\Elham\AppData\Roaming\Azureus\tmp\AZU5849695773544275712.tmp\Vuze_4.9.0.0a_win32.exe 2013-03-10 14:43:42 08AF557C8E6E74D7D92314F6B2C86273 4608 ----a-w- C:\Users\Elham\AppData\Local\Temp\e4jFF68.tmp_dir31298\i4jdel.exe 2013-03-10 10:37:57 08AF557C8E6E74D7D92314F6B2C86273 4608 ----a-w- C:\Users\Elham\AppData\Local\Temp\i4jdel0.exe 2013-03-10 10:16:26 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-03-10 10:16:26 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-03-10 10:16:26 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-03-10 10:16:26 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-03-10 10:16:26 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe === C: other files == 2013-03-10 10:36:11 691CE266D9A3A86702919C07688156DB 6852245 ----a-w- C:\Users\Elham\AppData\Local\Temp\Vuze_4.9.0.0a_win32.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-55408526-856673997-1952082211-1000\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "MSNAutoLogon"="C:\Program Files (x86)\msi\EasyFace2\MessengerSignIn.exe" [HKEY_USERS\S-1-5-21-55408526-856673997-1952082211-1003\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-55408526-856673997-1952082211-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "MGSysCtrl"="C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe" "Cinema ProII AP"="C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe" "Cinema ProII Controler"="C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" "THX Audio Control Panel"="C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe /r" "UpdReg"="C:\windows\UpdReg.EXE" "NVIDIAOCAP"="C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" "Nuance PDF Reader-reminder"="C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe -r C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "MSNAutoLogon"="C:\Program Files (x86)\msi\EasyFace2\MessengerSignIn.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp" "THXCfg64"="C:\windows\system32\RunDLL32.exe C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64" "fspuip"="%ProgramFiles%\FSP\fspuip.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Live Update 5] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Live Update 5" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\MSI\\Live Update 5\\LU5.exe /reminder" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msi LED Manager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msi LED Manager" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\msi\\msi LED Manager\\SLM.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PWRISOVM.EXE" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\PowerISO\\PWRISOVM.EXE -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Steam" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\GamersFirst LIVE!.lnk" "backup"="C:\\windows\\pss\\GamersFirst LIVE!.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\GAMERS~1\\LIVE!\\Live.exe /silent" "item"="GamersFirst LIVE!" ==== Task Scheduler Jobs ====================== C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-02-2013 20:32] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-02-2013 20:32] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{09DFC675-A3D8-4381-BBCF-70E2B676B25E}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09DFC675-A3D8-4381-BBCF-70E2B676B25E}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Elham\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Elham\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Elham\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\Elham\AppData\Local\Mozilla\Firefox\Profiles\ghpd7l1a.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Elham\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\Elham\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Elham\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found En hier is de nieuwe Hijackthis logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:51:51, on 15-3-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\windows\SysWOW64\notepad.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\MSI\EasyFace2\MessengerSignIn.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Users\Elham\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r O4 - HKLM\..\Run: [updReg] C:\windows\UpdReg.EXE O4 - HKLM\..\Run: [NVIDIAOCAP] C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [MSNAutoLogon] C:\Program Files (x86)\msi\EasyFace2\MessengerSignIn.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O12 - Plugin for .csm: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .csml: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cub: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cube: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .dx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .emb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .embl: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .gau: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .jdx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mol: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mop: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .pdb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .rxn: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .scr: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .skc: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .spt: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .tgf: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .xyz: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13488 bytes
-
Hier is de Combofix logje: ComboFix 13-03-10.02 - Elham 10-03-2013 11:18:25.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8169.6238 [GMT 1:00] Gestart vanuit: c:\users\Elham\Desktop\ComboFix.exe AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Elham\AppData\Local\Temp\B2F9.tmp c:\users\Elham\AppData\Roaming\Ihavx c:\users\Elham\AppData\Roaming\Ihavx\seuc.ixk c:\users\Elham\AppData\Roaming\Iniqp c:\users\Elham\AppData\Roaming\Iniqp\ecyht.azi c:\users\Elham\War_Rock_10182011_G1_Xfire.exe c:\windows\SysWow64\URTTemp c:\windows\SysWow64\URTTemp\regtlib.exe D:\install.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2013-02-10 to 2013-03-10 )))))))))))))))))))))))))))))) . . 2013-03-08 18:38 . 2013-03-08 18:38 -------- d--h--w- c:\windows\AxInstSV 2013-03-08 14:00 . 2013-03-08 14:01 -------- d-sh--w- c:\users\Elham\AppData\Roaming\wyUpdate AU 2013-03-05 19:39 . 2013-03-05 19:39 -------- d-----w- c:\program files (x86)\AGEIA Technologies 2013-03-02 16:14 . 2013-03-08 14:01 -------- d-sh--w- c:\users\Elham\wc 2013-03-02 16:14 . 2013-03-02 16:14 -------- d-sh--w- c:\users\Elham\AppData\Roaming\ViperUpdate AU 2013-03-02 16:14 . 2013-03-02 16:14 -------- d-----w- c:\users\Elham\AppData\Roaming\ViperSettingsFolder 2013-03-02 16:14 . 2013-03-02 16:14 -------- d-----w- c:\program files (x86)\All Answers Ltd 2013-03-02 15:31 . 2013-03-02 15:31 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-03-02 15:31 . 2013-03-02 15:30 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-02 15:30 . 2013-03-02 15:30 -------- d-----w- c:\program files (x86)\Java 2013-03-02 15:26 . 2013-03-02 15:26 310688 ----a-w- c:\windows\system32\javaws.exe 2013-03-02 15:26 . 2013-03-02 15:26 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2013-03-02 15:26 . 2013-03-02 15:26 188832 ----a-w- c:\windows\system32\javaw.exe 2013-03-02 15:26 . 2013-03-02 15:26 188320 ----a-w- c:\windows\system32\java.exe 2013-03-02 15:26 . 2013-03-02 15:26 -------- d-----w- c:\program files\Java 2013-03-02 13:30 . 2013-03-02 13:30 -------- d-----w- c:\users\Elham\AppData\Local\Programs 2013-03-02 13:23 . 2013-03-02 15:26 963488 ----a-w- c:\windows\system32\deployJava1.dll 2013-03-02 13:23 . 2013-03-02 15:26 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-02-28 19:32 . 2013-03-02 10:40 -------- d-----w- c:\program files (x86)\Google 2013-02-26 17:12 . 2013-02-26 17:12 -------- d-----w- c:\users\Elham\AppData\Roaming\AVG2013 2013-02-26 17:04 . 2013-02-26 17:04 -------- d-----w- c:\programdata\AVG2013 2013-02-26 17:04 . 2013-02-26 17:04 -------- d-----w- C:\$AVG 2013-02-26 16:52 . 2013-02-26 16:52 388096 ----a-r- c:\users\Elham\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-02-26 16:52 . 2013-02-26 16:52 -------- d-----w- c:\program files (x86)\Trend Micro 2013-02-26 15:39 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DFF5FC6-B49F-4029-A986-215DC3F5D661}\mpengine.dll 2013-02-22 18:24 . 2013-02-26 20:40 -------- d-----w- c:\users\Elham\AppData\Local\Avg2013 2013-02-20 09:40 . 2013-03-02 13:40 -------- d-----w- c:\users\Elham\AppData\Roaming\Qyeh 2013-02-20 09:40 . 2013-02-25 15:03 -------- d-----w- c:\users\Elham\AppData\Roaming\Riatpo 2013-02-15 10:22 . 2013-02-15 10:22 -------- d-----w- c:\program files (x86)\Cisco Systems 2013-02-15 09:52 . 2013-02-15 09:52 -------- d-----w- c:\programdata\Cisco Systems 2013-02-14 13:44 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-14 13:44 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 19:15 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 19:15 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-02-13 19:15 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-02-13 19:15 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-02-13 19:15 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 19:15 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-02-13 19:15 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-02-13 19:15 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-02-13 19:15 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-02-13 19:15 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-02-13 19:15 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-13 19:15 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-02 15:30 . 2012-05-23 22:28 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-03-02 15:30 . 2012-04-10 15:29 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-02-17 20:18 . 2011-11-19 23:34 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-02-17 20:18 . 2011-10-28 12:55 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2013-02-14 13:46 . 2011-10-23 10:16 70004024 ----a-w- c:\windows\system32\MRT.exe 2013-02-12 17:49 . 2011-10-28 13:09 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2013-02-10 03:25 . 2011-04-22 20:25 2854344 ----a-w- c:\windows\system32\nvapi64.dll 2013-02-10 03:25 . 2011-04-22 20:25 2528840 ----a-w- c:\windows\SysWow64\nvapi.dll 2013-02-10 03:25 . 2011-04-22 20:25 15275744 ----a-w- c:\windows\system32\nvwgf2umx.dll 2013-02-10 03:25 . 2011-04-22 20:25 15038296 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2013-02-10 01:04 . 2011-04-08 03:36 6393120 ----a-w- c:\windows\system32\nvcpl.dll 2013-02-10 01:04 . 2011-04-08 03:35 3472672 ----a-w- c:\windows\system32\nvsvc64.dll 2013-02-10 01:04 . 2011-04-08 03:37 877856 ----a-w- c:\windows\system32\nvvsvc.exe 2013-02-10 01:04 . 2011-04-08 03:37 63776 ----a-w- c:\windows\system32\nvshext.dll 2013-02-10 01:04 . 2011-04-08 03:37 2555680 ----a-w- c:\windows\system32\nvsvcr.dll 2013-02-10 01:04 . 2011-04-08 03:37 237856 ----a-w- c:\windows\system32\nvmctray.dll 2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe 2013-01-04 04:43 . 2013-02-13 19:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-12-18 08:31 . 2012-03-14 18:32 1510328 ----a-w- c:\windows\system32\nvhdagenco6420103.dll 2012-12-16 17:11 . 2012-12-21 15:02 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-21 15:02 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-21 15:02 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-21 15:02 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-14 15:49 . 2012-10-16 09:38 24176 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496] "MSNAutoLogon"="c:\program files (x86)\msi\EasyFace2\MessengerSignIn.exe" [2010-12-27 86528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288] "MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176] "Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192] "Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600] "THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456] "Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560] R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496] R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-12-14 58128] R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-15 327168] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys [2010-06-07 52224] R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416] R3 MGHwCtrl;MGHwCtrl;c:\program files\msi\msi Software Install\MGHwCtrl.sys [x] R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2012-05-12 121416] R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-09 33592] R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-21 14136] R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2010-08-03 290920] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-11-14 744856] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-23 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-07-03 834544] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336] S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768] S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [2010-07-16 12800] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\DRIVERS\fspad_wlh64.sys [2010-06-07 52224] S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-04-27 83080] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-04-27 184968] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680] S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-03-06 13:38 1630672 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-02-27 c:\windows\Tasks\DLL-files.com Fixer_MONTHLY.job - c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2012-07-03 09:56] . 2013-03-09 c:\windows\Tasks\DLL-files.com Fixer_UPDATES.job - c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2012-07-03 09:56] . 2013-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-28 19:32] . 2013-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-28 19:32] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080] "THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://google.nl/ mStart Page = hxxp://msi.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 FF - ProfilePath - c:\users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\ . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe Wow6432Node-HKLM-Run-AVG_TRAY - c:\program files (x86)\AVG\AVG2012\avgtray.exe Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe AddRemove-Cisco Connect - c:\program files (x86)\Cisco Systems\Cisco Connect\Cisco Connect.exe AddRemove-ESN Sonar-0.70.3 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe AddRemove-ESN Sonar-0.70.4 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe AddRemove-PunkBusterSvc - c:\program files (x86)\Ubisoft\FarCry 3\bin\pbsvc_fc3.exe AddRemove-{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B} - c:\program files (x86)\InstallShield Installation Information\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}\setup.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe . ************************************************************************** . Voltooingstijd: 2013-03-10 11:29:08 - machine werd herstart ComboFix-quarantined-files.txt 2013-03-10 10:29 . Pre-Run: 211.464.609.792 bytes beschikbaar Post-Run: 215.407.788.032 bytes beschikbaar . - - End Of File - - C735DA3938288C7955D46F51EBC67038
-
Hier is de AdwCleaner logje: # AdwCleaner v2.114 - Verslag gemaakt op 07/03/2013 om 21:15:46 # Geactualiseerd op 05/03/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Elham - ELHAM-MSI # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Elham\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml File Verwijdert : C:\user.js Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\Users\Elham\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Map Verwijdert : C:\Users\Elham\AppData\Roaming\Babylon Map Verwijdert : C:\Users\Elham\AppData\Roaming\BabylonToolbar Map Verwijdert : C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\extensions\bbrs_002@blabbers.com Map Verwijdert : C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\extensions\ffxtlbr@claro.com Map Verwijdert : C:\Users\Elham\AppData\Roaming\OpenCandy ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\BrowserCompanion Sleutel Verwijdert : HKCU\Software\Claro LTD Sleutel Verwijdert : HKCU\Software\IGearSettings Sleutel Verwijdert : HKCU\Software\Microsoft\Babylon Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\Software\BabylonToolbar Sleutel Verwijdert : HKLM\Software\BrowserCompanion Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL Sleutel Verwijdert : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193 Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\updatebho.TimerBHO Sleutel Verwijdert : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wit4ie.WitBHO Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16464 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v7.0.1 (nl) File : C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\prefs.js C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\user.js ... Verwijdert ! Verwijdert : user_pref("browser.babylon.HPOnNewTab", "isearch.claro-search.com"); Verwijdert : user_pref("browser.newtab.url", "hxxp://isearch.claro-search.com/?affID=114164&tt=3112_8&babsrc=NT_i[...] Verwijdert : user_pref("browser.search.defaultenginename", "Claro Search"); Verwijdert : user_pref("browser.search.order.1", "Claro Search"); Verwijdert : user_pref("browser.search.selectedEngine", "Claro Search"); Verwijdert : user_pref("browser.startup.homepage", "hxxp://isearch.claro-search.com/?affID=114164&tt=3112_8&babsr[...] Verwijdert : user_pref("extensions.claro.admin", false); Verwijdert : user_pref("extensions.claro.aflt", "babsst"); Verwijdert : user_pref("extensions.claro.autoRvrt", "false"); Verwijdert : user_pref("extensions.claro.bbDpng", "18"); Verwijdert : user_pref("extensions.claro.cntry", "NL"); Verwijdert : user_pref("extensions.claro.dfltLng", "en"); Verwijdert : user_pref("extensions.claro.envrmnt", "production"); Verwijdert : user_pref("extensions.claro.excTlbr", false); Verwijdert : user_pref("extensions.claro.hdrMd5", "A5260AF9958B2DD5388C6FFEF1F6C0E6"); Verwijdert : user_pref("extensions.claro.hmpg", false); Verwijdert : user_pref("extensions.claro.id", "46a4e8d500000000000000fff12858b0"); Verwijdert : user_pref("extensions.claro.instlDay", "15552"); Verwijdert : user_pref("extensions.claro.instlRef", "sst"); Verwijdert : user_pref("extensions.claro.lastVrsnTs", "1.6.4.121:24:10"); Verwijdert : user_pref("extensions.claro.mntrvrsn", "1.3.1"); Verwijdert : user_pref("extensions.claro.newTab", false); Verwijdert : user_pref("extensions.claro.prdct", "claro"); Verwijdert : user_pref("extensions.claro.prtnrId", "claro"); Verwijdert : user_pref("extensions.claro.sg", "none"); Verwijdert : user_pref("extensions.claro.smplGrp", "none"); Verwijdert : user_pref("extensions.claro.tlbrId", "iclaro"); Verwijdert : user_pref("extensions.claro.vrsn", "1.6.4.1"); Verwijdert : user_pref("extensions.claro.vrsnTs", "1.6.4.121:24:10"); Verwijdert : user_pref("extensions.claro.vrsni", "1.6.4.1"); Verwijdert : user_pref("extensions.claro_i.newTab", false); Verwijdert : user_pref("extensions.claro_i.smplGrp", "none"); Verwijdert : user_pref("extensions.claro_i.vrsnTs", "1.6.4.121:24:10"); Verwijdert : user_pref("extensions.enabledAddons", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3,ffxtlbr@claro.co[...] Verwijdert : user_pref("keyword.URL", "hxxp://isearch.claro-search.com/?affID=114164&tt=3112_8&babsrc=KW_iclro&mn[...] -\\ Google Chrome v25.0.1364.152 File : C:\Users\Elham\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [7955 octets] - [07/03/2013 21:15:46] ########## EOF - C:\AdwCleaner[s1].txt - [8015 octets] ########## --------------------------------------------------------------------- Hier is de Hijackthis logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:19:48, on 7-3-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\MSI\EasyFace2\MessengerSignIn.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Users\Elham\Desktop\HijackThis.exe C:\windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F3 - REG:win.ini: load=C:\Users\Elham\LOCALS~1\Temp\msakuovqo.pif F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r O4 - HKLM\..\Run: [updReg] C:\windows\UpdReg.EXE O4 - HKLM\..\Run: [NVIDIAOCAP] C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [MSNAutoLogon] C:\Program Files (x86)\msi\EasyFace2\MessengerSignIn.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O12 - Plugin for .csm: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .csml: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cub: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cube: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .dx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .emb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .embl: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .gau: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .jdx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mol: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mop: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .pdb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .rxn: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .scr: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .skc: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .spt: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .tgf: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .xyz: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14419 bytes
-
Hier is de niewe Hijackthis logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:25:36, on 4-3-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\MSI\EasyFace2\MessengerSignIn.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Elham\Desktop\HijackThis.exe C:\windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F3 - REG:win.ini: load=C:\Users\Elham\LOCALS~1\Temp\msakuovqo.pif F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r O4 - HKLM\..\Run: [updReg] C:\windows\UpdReg.EXE O4 - HKLM\..\Run: [NVIDIAOCAP] C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [MSNAutoLogon] C:\Program Files (x86)\msi\EasyFace2\MessengerSignIn.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O12 - Plugin for .csm: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .csml: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cub: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cube: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .dx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .emb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .embl: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .gau: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .jdx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mol: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mop: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .pdb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .rxn: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .scr: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .skc: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .spt: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .tgf: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .xyz: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14364 bytes - - - Updated - - - En hier de nieuwe Malware log: Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Databaseversie: v2013.03.03.09 Windows 7 Service Pack 1 x64 NTFS (Veilige modus/netwerkmogelijkheden) Internet Explorer 9.0.8112.16421 Elham :: ELHAM-MSI [administrator] 4-3-2013 22:16:01 mbam-log-2013-03-04 (22-16-01).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 235328 Verstreken tijd: 2 minuut/minuten, 49 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Elham\LOCALS~1\Temp\msakuovqo.pif -> Zal worden verwijderd tijdens het herstarten. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
