elham
-
Items
132 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door elham
-
-
Ondertussen had ik hardwarecity een mail gestuurd met mijn probleem en zij gaan vandaag een nieuwe accu verzenden. Dus deze nieuwere accu moet ik eigenlijk gebruiken zoals vermeld op site van batteryking: accu een nacht opladen, daarna minstens 5 maal gedeeltelijk ontladen en vervolgens volledig opladen?
-
Maar dan zou de accu toch al meteen problemen moeten geven? De eerste 4 dagen toonde de accu eigenlijk geen problemen, het laadde prima op waarna het binnen enkele uren leeg liep waarna ik het weer nornaal kon opladen. De huidige probleem begon uit het niets gisteren ochtend.....
-
Helaas werkt het niet, zodra ik de stroom kabel eruit doe gaat de laptop uit...ik ben op het internet verder tegengekomen dat het in sommige gevallen ook aan de power settings kan liggen...maar ik heb nooit iets aan de power settings aangepast en ik zou ook niet weten hoe dat moet.
Nog verdere opties?
-
Dit ben ik tegengekomen:
"With lithium ion batteries, it doesn't matter how long you charge your new laptop before using it. This wasn't the case with nickel-based batteries, which had to be fully charged the first time. Lithium ion batteries are prepared when they are manufactured so you don't have to go through the full-charging process before using them."
https://itstillworks.com/long-charge-new-laptop-battery-5261076.html -
Ik dacht dat je dat bij Lithium-ion accu niet hoefde toe te passen...betekent dit dat ik een nieuwe accu moet aanschaffen of is het nog te redden?
-
Ik snap niet zo goed wat u bedoeld...
-
Enkele dagen terug heb ik een nieuwe accu besteld van hardwarecity.nl. De eerste dagen werke de accu prima zonder problemen, echter sinds vandaag raakt de accu plotseling razendsnel leeg; wanneer ik mijn laptop enige tijd verbonden heb met de stroomkabel geeft hij aan dat de accu 100% geladen is, zodra ik de stroomkabel loskoppel schakelt de laptop zich binnen enkele seconden uit en krijg ik hem ook niet meer aan. Wanneer ik de stroomkabel weer aansluit gaat hij vervolgens weer gewoon normaal aan en dan zie ik dat de accu 0% geladen is. Binnen enkele minuten geeft hij weer aan de accu 100% geladen.
Hier is de rapport energie-efficiëntiediagnose:
Accu:AccugegevensAccu-id MS-16F2 Fabrikant Serienummer Accutype LION Lange termijn 1 Ontwerpcapaciteit 73260 Laatst volledig opgeladen 109890 Hoe los ik dit op?
-
[ATTACH]35423[/ATTACH]
-
Ja! Het probleem is opgelsot m.b.v. de oplossing die in deze link vermeld staan:
http://www.pc-helpforum.be/f170/office-2010-printer-weigert-af-te-71790/ De meneer had ook precies hetzelfde probleem als mij met dezelfde printer.
PChelpforum.be Super bedankt!!!
Kan ik deze topic als opelost beschouwen of moet er nog gekeken worden naar de logbestand?
-
[ATTACH]35411[/ATTACH]
-
[ATTACH]35406[/ATTACH]
-
Bijgaand treft u het logbestand.[ATTACH]35394[/ATTACH]
- - - Updated - - -
Ik heb wel deze logbestand gemaakt zonder dat de printer geinstalleerd is op deze laptop, omdat ik het verwijderd heb>
Maakt dat wat uit voor de log bestand?
-
Weet niemand een oplossing voor mijn probleem?
Update: Printen vanuit PDF, Notepad en interpagina lukken wel, maar printen van uit alle MS Office programma's lukken niet.
Printen vanuit een andere laptop met MS Office gaat ook goed.
Wat ik tot nu toe allemaal gedaan heb:
Hp Print and Scan Doctor gebruikt --> Helpt niet
Micorsoft Office Fix it --> Helpt niet
Stuurprogramma's verwijderd en opnieuw geinstalleerd --> Help niet
Een sfc /Scannow gedaan --> Helpt niet
Microsoft en HP beiden tweemaal gebeld --> Hielpen ook niet
MS Office opnieuw geinstalleerd --> Helpt niet
En nog talloze andere oplossingen die ik op andere forums tegen kwam, maar echt niets helpt.
De meneer in deze link http://www.pc-helpforum.be/f186/nieuwe-printer-geinstalleerd-hp-deskjet-2540-a-67879/#post444583 lijkt hetzelfde probleem te hebben als ik.
Volgens mij is zijn probleem opgelost na een scan met combofix.
Kan ik dit ook zomaar doen?
Ik zou het erg waarderen als er iemand reageert, dit is echt ontzettend frustrerend dat ik elke dag direct na mijn colleges met deze probleem bezig ben.
-
Windows kan een update niet installeren en ik krijg telkens de deze error code: 80070490.
Het gaat om een HP printer update.
Wat ik tot nu toe gedaan heb:
System Update Readiness Tool geïnstalleerd, dit hielp niet.
Ook heb ik de Microsoft Fix it gedownload en geïnstalleerd maar tevergeefs.
Ik zou het erg waarderen als iemand mij hiermee kan helpen.
Ik heb een windows 64 bit systeem.
[h=1][/h]
-
Excuses voor de dubbele mail:
Als ik bijvoorbeeld een willekeurige afbeelding van google opsla op mijn bureaublad en als ik het vervolgens open en op afdrukken klik stuurt hij het op naar de printer en print hij het gewoon uit! Draadloos!
Maar vanuit Word of PDF lukt het dus zowel draadloos als via USB aansluiting niet.
-
Ik heb onlangs een HP Deskjet 2540 gekocht.
Het probleem is dat de printer niet reageert om te afdrukken uit Word of PDF, zowel draadloos niet als via een USB aansluitng.
De installatie ging vrijwel foutloos, alle testafdrukken doen het prima. Ik heb ook de HP print and Scan doctor gebruikt, ook hiermee kon ik geen problemen vinden (de testafdruk hiermee ging ook goed).
Verder heb ik ook de oude printer van mijn laptop verwijderd, maar dat werkte ook niet.
Ook heb ik het opnieuw geïnstalleerd, maar dat werkt ook niet.
Er wordt ook geen printopdrachten gestuurd naar de printerque.
Wie kan mij hiermee helpen?
-
Ik wil graag weten of de HDMI kabel die met de PS4 komt goed genoeg is voor een Sony Bravia X85 3D UHD TV?
-
Hier is de inhoud:
# DelFix v10.1 - Logfile created 22/03/2013 at 19:36:46
# Updated 23/02/2013 by Xplode
# Username : Elham - ELHAM-MSI
~ Activating UAC ... OK
~ Removing disinfection tools ...
Deleted : C:\Qoobox
Deleted : C:\Program Files (x86)\Trend Micro\Hijackthis
Deleted : C:\AdwCleaner[s1].txt
Deleted : C:\ComboFix.txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\Elham\Desktop\adwcleaner.exe
Deleted : C:\Users\Elham\Desktop\ComboFix.exe
Deleted : C:\Users\Elham\Desktop\HijackThis.exe
Deleted : C:\Users\Elham\Desktop\hijackthis.log
Deleted : C:\Users\Elham\Desktop\hijackthis22
Deleted : C:\Users\Elham\Desktop\Report_Voorlopige profielwerkstuk defenitief.docx.html
Deleted : C:\Users\Elham\Desktop\zoek.exe
Deleted : C:\windows\grep.exe
Deleted : C:\windows\PEV.exe
Deleted : C:\windows\NIRCMD.exe
Deleted : C:\windows\MBR.exe
Deleted : C:\windows\SED.exe
Deleted : C:\windows\SWREG.exe
Deleted : C:\windows\SWSC.exe
Deleted : C:\windows\SWXCACLS.exe
Deleted : C:\windows\Zip.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
~ Resetting system settings ... OK
########## - EOF - ##########
-
Nee, deze maand heb ik geen problemen meer gehad.
Maar, weet u ook wat dit probleem heeft veroorzaakt?
En moet ik alsnog mijn netwerkkaart updaten?
-
Hier is de logje:
Zoek.exe Version 4.0.0.2 Updated 18-03-2013
Tool run by Elham on di 19-03-2013 at 16:33:45,69.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Deleting Files \ Folders ======================
"C:\users\Elham\AppData\Roaming\Riatpo" not found
"C:\users\Elham\AppData\Roaming\Qyeh" not found
==== Chrome Look ======================
Google Docs - Elham - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Elham - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Elham - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Elham - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Elham - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
-
Sorry voor mijn late antwoord, maar hier is de logje:
Zoek.exe Version 4.0.0.2 Updated 14-March-2013
Tool run by Elham on vr 15-03-2013 at 21:42:37,55.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Running Processes ======================
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\windows\system32\csrss.exe
C:\windows\system32\wininit.exe
C:\windows\system32\csrss.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\winlogon.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\System Control Manager\MSIService.exe
C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
C:\windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\FSP\FspUip.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\MSI\EasyFace2\MessengerSignIn.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
C:\Users\Elham\Desktop\zoek.exe
C:\windows\system32\conhost.exe
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-55408526-856673997-1952082211-1000\Software\Microsoft\Internet Explorer\SearchScopes\{09DFC675-A3D8-4381-BBCF-70E2B676B25E} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Installed Programs ======================
@C:\\Program Files (x86)\\Intel\\Intel® Management Engine Components\\Uninstall\\Setup.exe,-2018
@C:\\Program Files (x86)\\Intel\\Intel® Rapid Storage Technology\\Uninstall\\Setup.exe,-2018
æTorrent
ActiveX-kontroll f”r fj„rranslutningar f”r Windows Live Mesh
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.1.0) - Nederlands
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
ArtMoney SE v7.39.2
Assassin's Creed Revelations
Batman Arkham City 1.0
Battlefield 3T
Battlelog Web Plugins
Bing Bar
Borderlands 2
BurnRecovery
Call of Duty
Call of Duty® - World at War
Call of Duty® - World at War 1.2 Patch
Call of Duty® - World at War 1.4 Patch
Call of Duty® - World at War 1.5 Patch
Call of Duty® - World at War 1.6 Patch
Call of Duty® - World at War 1.7 Patch
Call of Duty® 4 - Modern Warfare
Call of Duty® 4 - Modern Warfare 1.6 Patch
Call of Duty® 4 - Modern Warfare 1.7 Patch
Camera Recorder
Cinema ProII Setup
Cisco Connect
Contr“le ActiveX Windows Live Mesh pour connexions … distance
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Deus Ex Human Revolution
Dishonored
Dll-Files Fixer
Driver Whiz
EasyFace2
EasyViewer
ESN Sonar
F.E.A.R. 3
Far Cry 3
FreeMind
Galerie de photos Windows Live
GamersFirst LIVE
GameShadow
Google Chrome
Google Earth
Google Update Helper
GrabIt 1.7.2 Beta 6 (build 1008)
HD Tune 2.55
HiJackThis
Hitman Absolution
Hitman Blood Money
i-Charger
Intel® Management Engine Components
Intel® Rapid Storage Technology
Java 7 Update 15
Java Auto Updater
Junk Mail filter update
Live Update 5
MAGIX Video easy SE
Malwarebytes Anti-Malware versie 1.70.0.1100
MDL Chime/Chime Pro for Internet Explorer
Mesh Runtime
Microsoft .NET Framework 1.1
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 7.0.1 (x86 nl)
MSI HOUSE
msi LED Manager
msi Software Install
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nuance PDF Reader
NVIDIA Overclock Tool
NVIDIA PhysX
OpenAL
Origin
Pando Media Booster
Portal 2
PowerISO
Raccolta foto di Windows Live
Rapture3D 2.4.8 Game
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
Renesas Electronics USB 3.0 Host Controller Driver
RESIDENT EVIL 5
Revo Uninstaller 1.93
S?????? f?t???af??? t?? Windows Live
Saints Row The Third
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2760762) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Simple Adblock
SkypeT 6.1
Sniper Elite V2
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?æa???sæ??e? s??d?se??
Steam
Stone Giant 1.0
swMSM
System Control Manager
TeamViewer 7
The Witcher 2
The Witcher 2 Assassins of Kings version 1.0
THX TruStudio Pro
TI Connect 1.6
TI NoteFolio Creator
Tombraider
Tunngle beta
Ubisoft Game Launcher
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Uplay
Viper Plagiarism Scanner
Visual Studio 2008 x64 Redistributables
VLC media player 1.1.11
Vuze
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Installer
Windows Live Mail
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Mesh ActiveX control for remote connections
Windows Live Meshin et„yhteyksien ActiveX-komponentti
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennusty”kalu
Windows Liven s„hk”posti
Windows Liven valokuvavalikoima
WinRAR archiver
Xfire (remove only)
==== FireFox Fix ======================
ProfilePath: C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default
user.js not found
---- Lines claro removed from prefs.js ----
---- Lines claro modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1319364461349},\"{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\",\"mtime\":1334071771995}}},{\"name\":\"app-profile\",\"addons\":{\"bbrs_002@blabbers.com\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\bbrs_002@blabbers.com\",\"mtime\":1361218973690},\"ffxtlbr@claro.com\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\ffxtlbr@claro.com\",\"mtime\":1343761516421},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1330201246442}}}]");
---- Lines Toggle removed from prefs.js ----
user_pref("symantec.browser.sessionstore.resume_from_crash.toggle", false);
---- Lines Toggle modified from prefs.js ----
---- Lines ask.com removed from prefs.js ----
user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
---- Lines ask.com modified from prefs.js ----
---- Lines blabbers.com removed from prefs.js ----
---- Lines blabbers.com modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1319364461349},\"{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\",\"mtime\":1334071771995}}},{\"name\":\"app-profile\",\"addons\":{\"bbrs_002@blabbers.com\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\bbrs_002@blabbers.com\",\"mtime\":1361218973690},\"ffxtlbr@disabled.com\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\ffxtlbr@disabled.com\",\"mtime\":1343761516421},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\Elham\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ghpd7l1a.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1330201246442}}}]");
---- FireFox user.js and prefs.js backups ----
prefs_15-03-2013_2145_.backup
==== Deleting Files \ Folders ======================
"C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\extensions\ffxtlbr@claro.com" not found
"C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\extensions\bbrs_002@blabbers.com" not found
==== Files Recently Created / Modified ======================
====== C:\windows ====
2013-03-10 10:16:26 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\windows\PEV.exe
2013-03-10 10:16:26 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\windows\grep.exe
2013-03-10 10:16:26 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\windows\zip.exe
2013-03-10 10:16:26 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\windows\SWSC.exe
2013-03-10 10:16:26 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\windows\MBR.exe
====== C:\Users\Elham\AppData\Local\Temp ====
2013-03-10 10:37:57 08AF557C8E6E74D7D92314F6B2C86273 4608 ----a-w- C:\Users\Elham\AppData\Local\Temp\i4jdel0.exe
====== C:\windows\SysWOW64 =====
2013-03-14 15:16:59 E7E671A2A0159ED8D86CA98DF134BB70 73216 ----a-w- C:\windows\SysWOW64\mshtmled.dll
2013-03-14 15:16:59 D0F2CB059B2A89AD5B24FD9EB8D784BE 231936 ----a-w- C:\windows\SysWOW64\url.dll
2013-03-14 15:16:59 C9A2D460FD5E409C9320B4CE68A81549 420864 ----a-w- C:\windows\SysWOW64\vbscript.dll
2013-03-14 15:16:59 C43AFA13B552BCC4352106193F008229 142848 ----a-w- C:\windows\SysWOW64\ieUnatt.exe
2013-03-14 15:16:59 60D6B33E77A297AA1B14BF0452C20471 2382848 ----a-w- C:\windows\SysWOW64\mshtml.tlb
2013-03-14 15:16:59 15CF0E37F2B406BDE06CBA4F507B25DE 176640 ----a-w- C:\windows\SysWOW64\ieui.dll
2013-03-14 15:16:58 C798EB903A4FA90D2961E164518090C5 607744 ----a-w- C:\windows\SysWOW64\msfeeds.dll
2013-03-14 15:16:58 2A324C44A1B2352EF5F2E1C8984935C0 1427968 ----a-w- C:\windows\SysWOW64\inetcpl.cpl
2013-03-14 15:16:58 180D098704551DE37C6299AA888D6821 1103872 ----a-w- C:\windows\SysWOW64\urlmon.dll
2013-03-14 15:16:58 03728C624D05C2F157BBD46F6B7F6EA0 1129472 ----a-w- C:\windows\SysWOW64\wininet.dll
2013-03-14 15:16:57 73BDB1C0801D44BEA5F6749FD340CC0F 1796096 ----a-w- C:\windows\SysWOW64\iertutil.dll
2013-03-14 15:16:57 69F42E40A0C4344939437D86A8893DA6 1800704 ----a-w- C:\windows\SysWOW64\jscript9.dll
2013-03-14 15:16:57 6428A1B56B4F426F35A029231FF0BB1E 65024 ----a-w- C:\windows\SysWOW64\jsproxy.dll
2013-03-14 15:16:57 1895402C57C32BF8281E8F6C65522253 717824 ----a-w- C:\windows\SysWOW64\jscript.dll
2013-03-14 15:16:56 263963D93A3CA8F685EFA5966F1E6581 12321792 ----a-w- C:\windows\SysWOW64\mshtml.dll
2013-03-14 15:16:54 D3EAB9BCB2B92EFCA615781C215644C0 9738240 ----a-w- C:\windows\SysWOW64\ieframe.dll
2013-03-05 19:37:48 C3B72E7CF8EFD13431C0B45FA5E24F1B 12862400 ----a-w- C:\windows\SysWOW64\nvwgf2um.dll
2013-03-05 19:37:48 9B47B54BDF66F350493173D39EFEAE0F 20534560 ----a-w- C:\windows\SysWOW64\nvoglv32.dll
2013-03-05 19:37:48 973A0255A5DB5DFE64D78CF6E5A89440 6267240 ----a-w- C:\windows\SysWOW64\nvopencl.dll
2013-03-05 19:37:47 8BBCC9B3324FFE685C290606DCA9AC58 2726176 ----a-w- C:\windows\SysWOW64\nvcuvid.dll
2013-03-05 19:37:47 5509C47F908DAFB7AD1A14EBD485ECC9 17560352 ----a-w- C:\windows\SysWOW64\nvcompiler.dll
2013-03-05 19:37:47 22CFC35E50E07539087165EEABCBA6B0 1990944 ----a-w- C:\windows\SysWOW64\nvcuvenc.dll
2013-03-05 19:37:47 14F1FC4D5A4E95DC3F87E2F4CA0635DE 7964680 ----a-w- C:\windows\SysWOW64\nvcuda.dll
2013-03-02 15:31:01 B5037FBFE1F14169D4465C76CD4859FB 95648 ----a-w- C:\windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2013-03-14 15:17:00 315BD7958BD33C71442A7383BBAD2237 2382848 ----a-w- C:\windows\Sysnative\mshtml.tlb
2013-03-14 15:16:59 F5F7A06D538619CB3B8081DF766F1D39 237056 ----a-w- C:\windows\Sysnative\url.dll
2013-03-14 15:16:59 E532E71207987BE22BEEE1F1F7E5B371 96768 ----a-w- C:\windows\Sysnative\mshtmled.dll
2013-03-14 15:16:59 ACFA7C9F9DBAE8143598F23C3DE8934A 248320 ----a-w- C:\windows\Sysnative\ieui.dll
2013-03-14 15:16:59 6BE16F52FAFFCD4BC628C6AE95C0B887 173056 ----a-w- C:\windows\Sysnative\ieUnatt.exe
2013-03-14 15:16:58 FF1AAEDD4A1A0FC3C5ED66B4EE0B254A 1346048 ----a-w- C:\windows\Sysnative\urlmon.dll
2013-03-14 15:16:58 D845B455663AE3B4AEB153D9B2E6A4C3 729088 ----a-w- C:\windows\Sysnative\msfeeds.dll
2013-03-14 15:16:58 406533EADD808A7A9B5A022F298C6841 1494528 ----a-w- C:\windows\Sysnative\inetcpl.cpl
2013-03-14 15:16:58 0A1BB8FF664EA24C2679B70F731A6F7A 2312704 ----a-w- C:\windows\Sysnative\jscript9.dll
2013-03-14 15:16:57 FA274190682AA41A46B285208ED46A74 1392128 ----a-w- C:\windows\Sysnative\wininet.dll
2013-03-14 15:16:57 B9996038ABB1664E49DE171AD14DE275 816640 ----a-w- C:\windows\Sysnative\jscript.dll
2013-03-14 15:16:57 A54A16DAE7497CDCB8C5A021C0F6FEB8 2147840 ----a-w- C:\windows\Sysnative\iertutil.dll
2013-03-14 15:16:57 7784649104ED574EC129C3282F54E846 85504 ----a-w- C:\windows\Sysnative\jsproxy.dll
2013-03-14 15:16:57 0E92BD6EBE215FA80288AFA7996A622B 599040 ----a-w- C:\windows\Sysnative\vbscript.dll
2013-03-14 15:16:55 460723A080D6F22E56D45BC8C1F15B2A 17815040 ----a-w- C:\windows\Sysnative\mshtml.dll
2013-03-14 15:16:54 E829C45F0D77852C43BE99C4B1BD215D 10925568 ----a-w- C:\windows\Sysnative\ieframe.dll
2013-03-05 19:37:50 9FCC07C6A76DF5FDACE85E1033715A2B 31672 ----a-w- C:\windows\Sysnative\nvhdap64.dll
2013-03-05 19:37:48 AB42C0D21C1FC23A60CE5D29B2A53EC5 1510176 ----a-w- C:\windows\Sysnative\nvdispgenco6420162.dll
2013-03-05 19:37:48 5A1F71CAB0B6116E597C0A656A4E5C37 26947360 ----a-w- C:\windows\Sysnative\nvoglv64.dll
2013-03-05 19:37:48 4ED76EF4A4B43D01D5411176BC09E602 1807136 ----a-w- C:\windows\Sysnative\nvdispco6420294.dll
2013-03-05 19:37:48 16CA336B82E53F77FCF7FC610EA56EC9 7569184 ----a-w- C:\windows\Sysnative\nvopencl.dll
2013-03-05 19:37:47 DF870214B9551EED01CB2F5F4D892A97 17987192 ----a-w- C:\windows\Sysnative\nvd3dumx.dll
2013-03-05 19:37:47 86B32CD237A49AB47F5EC1C4A4824A23 25256736 ----a-w- C:\windows\Sysnative\nvcompiler.dll
2013-03-05 19:37:47 25DDDEECDDBB017F4630464F6E217848 9422672 ----a-w- C:\windows\Sysnative\nvcuda.dll
2013-03-05 19:37:47 20A7BAA5A76C0359582DD4E185C3ABDB 2911008 ----a-w- C:\windows\Sysnative\nvcuvid.dll
2013-03-05 19:37:47 02F39AFF6D05B042772930FF889996D8 2350368 ----a-w- C:\windows\Sysnative\nvcuvenc.dll
2013-03-02 15:26:39 1B7DEC8CA744FF96B1AD6588CFFC7F75 108448 ----a-w- C:\windows\Sysnative\WindowsAccessBridge-64.dll
====== C:\windows\Sysnative\drivers =====
2013-03-05 19:37:50 B4F53BCA4C688FF47F04FA90098F896E 194488 ----a-w- C:\windows\Sysnative\drivers\nvhda64v.sys
2013-03-05 19:37:48 0A2F27B5BCC45B64E152DD6AE0815198 11040544 ----a-w- C:\windows\Sysnative\drivers\nvlddmkm.sys
====== C:\windows\Tasks ======
====== C:\windows\Temp ======
======= C:\Program Files =====
2013-03-14 15:16:00 -------- d-----w- C:\Program Files\Microsoft Silverlight
======= C:\Program Files (x86) =====
2013-03-14 15:16:00 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight
2013-03-02 16:14:06 -------- d-----w- C:\Program Files (x86)\All Answers Ltd
2013-02-28 19:32:51 -------- d-----w- C:\Program Files (x86)\Google
2013-02-26 16:52:16 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-02-15 10:22:05 -------- d-----w- C:\Program Files (x86)\Cisco Systems
======= C: =====
2013-03-07 20:15:46 7947933F5EFCF9DC22C1213007D2792F 8072 ----a-w- C:\AdwCleaner[s1].txt
====== C:\Users\Elham\AppData\Roaming ======
2013-03-10 10:29:10 -------- d-----w- C:\users\UpdatusUser\AppData\Local\temp
2013-03-10 10:29:10 -------- d-----w- C:\users\Public\AppData\Local\temp
2013-03-10 10:29:10 -------- d-----w- C:\users\Default\AppData\Local\temp
2013-03-10 10:29:10 -------- d-----w- C:\users\Default User\AppData\Local\temp
2013-03-08 14:00:46 -------- d-sh--w- C:\users\Elham\AppData\Roaming\wyUpdate AU
2013-03-02 16:14:26 -------- d-sh--w- C:\users\Elham\AppData\Roaming\ViperUpdate AU
2013-03-02 16:14:23 -------- d-----w- C:\users\Elham\AppData\Roaming\ViperSettingsFolder
2013-03-02 13:30:57 -------- d-----w- C:\users\Elham\AppData\Local\Programs
2013-02-28 19:34:11 -------- d-----w- C:\users\Elham\AppData\Locallow\Google
2013-02-26 17:12:50 -------- d-----w- C:\users\Elham\AppData\Roaming\AVG2013
2013-02-22 18:24:17 -------- d-----w- C:\users\Elham\AppData\Local\Avg2013
2013-02-20 09:40:20 -------- d-----w- C:\users\Elham\AppData\Roaming\Riatpo
2013-02-20 09:40:20 -------- d-----w- C:\users\Elham\AppData\Roaming\Qyeh
====== C:\Users\Elham ======
2013-03-10 10:29:10 -------- d-----w- C:\Users\Public\AppData
2013-03-02 16:14:28 -------- d-sh--w- C:\Users\Elham\wc
2013-02-26 17:04:08 -------- d-----w- C:\ProgramData\AVG2013
2013-02-22 18:14:44 70F3B35C7754B71A347B43660D5C55ED 636 --sha-r- C:\Users\Elham\ntuser.pol
2013-02-15 09:52:02 -------- d-----w- C:\ProgramData\Cisco Systems
====== C: exe-files ==
2013-03-14 15:16:59 DDE5A0DFAF7C6370FB36402D7A746ED3 757296 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2013-03-14 15:16:59 C43AFA13B552BCC4352106193F008229 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2013-03-14 15:16:59 6BE16F52FAFFCD4BC628C6AE95C0B887 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-03-14 15:16:58 A8EBEBCD9F5C49475194099FCD276992 763424 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-03-11 16:34:29 27C83242CA28917DF4D0379FAE7093CD 7605792 ----a-w- C:\Users\Elham\AppData\Roaming\Azureus\tmp\AZU5849695773544275712.tmp\Vuze_4.9.0.0a_win32.exe
2013-03-10 14:43:42 08AF557C8E6E74D7D92314F6B2C86273 4608 ----a-w- C:\Users\Elham\AppData\Local\Temp\e4jFF68.tmp_dir31298\i4jdel.exe
2013-03-10 10:37:57 08AF557C8E6E74D7D92314F6B2C86273 4608 ----a-w- C:\Users\Elham\AppData\Local\Temp\i4jdel0.exe
2013-03-10 10:16:26 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2013-03-10 10:16:26 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2013-03-10 10:16:26 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2013-03-10 10:16:26 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2013-03-10 10:16:26 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
=== C: other files ==
2013-03-10 10:36:11 691CE266D9A3A86702919C07688156DB 6852245 ----a-w- C:\Users\Elham\AppData\Local\Temp\Vuze_4.9.0.0a_win32.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-55408526-856673997-1952082211-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"MSNAutoLogon"="C:\Program Files (x86)\msi\EasyFace2\MessengerSignIn.exe"
[HKEY_USERS\S-1-5-21-55408526-856673997-1952082211-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-55408526-856673997-1952082211-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"MGSysCtrl"="C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe"
"Cinema ProII AP"="C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe"
"Cinema ProII Controler"="C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe"
"THX Audio Control Panel"="C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe /r"
"UpdReg"="C:\windows\UpdReg.EXE"
"NVIDIAOCAP"="C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe"
"Nuance PDF Reader-reminder"="C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe -r C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"MSNAutoLogon"="C:\Program Files (x86)\msi\EasyFace2\MessengerSignIn.exe"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp"
"THXCfg64"="C:\windows\system32\RunDLL32.exe C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64"
"fspuip"="%ProgramFiles%\FSP\fspuip.exe "
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Live Update 5]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Live Update 5"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\MSI\\Live Update 5\\LU5.exe /reminder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msi LED Manager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msi LED Manager"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\msi\\msi LED Manager\\SLM.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PWRISOVM.EXE"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\PowerISO\\PWRISOVM.EXE -startup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\GamersFirst LIVE!.lnk"
"backup"="C:\\windows\\pss\\GamersFirst LIVE!.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\GAMERS~1\\LIVE!\\Live.exe /silent"
"item"="GamersFirst LIVE!"
==== Task Scheduler Jobs ======================
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-02-2013 20:32]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-02-2013 20:32]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="Google"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{09DFC675-A3D8-4381-BBCF-70E2B676B25E}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09DFC675-A3D8-4381-BBCF-70E2B676B25E}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="Google"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Elham\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Elham\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Elham\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\users\Elham\AppData\Local\Mozilla\Firefox\Profiles\ghpd7l1a.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\users\Elham\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Elham\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Elham\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
En hier is de nieuwe Hijackthis logje:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:51, on 15-3-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\windows\SysWOW64\notepad.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\MSI\EasyFace2\MessengerSignIn.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Users\Elham\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [updReg] C:\windows\UpdReg.EXE
O4 - HKLM\..\Run: [NVIDIAOCAP] C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [MSNAutoLogon] C:\Program Files (x86)\msi\EasyFace2\MessengerSignIn.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .csm: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13488 bytes
-
Hier is de Combofix logje:
ComboFix 13-03-10.02 - Elham 10-03-2013 11:18:25.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8169.6238 [GMT 1:00]
Gestart vanuit: c:\users\Elham\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Elham\AppData\Local\Temp\B2F9.tmp
c:\users\Elham\AppData\Roaming\Ihavx
c:\users\Elham\AppData\Roaming\Ihavx\seuc.ixk
c:\users\Elham\AppData\Roaming\Iniqp
c:\users\Elham\AppData\Roaming\Iniqp\ecyht.azi
c:\users\Elham\War_Rock_10182011_G1_Xfire.exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
D:\install.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-02-10 to 2013-03-10 ))))))))))))))))))))))))))))))
.
.
2013-03-08 18:38 . 2013-03-08 18:38 -------- d--h--w- c:\windows\AxInstSV
2013-03-08 14:00 . 2013-03-08 14:01 -------- d-sh--w- c:\users\Elham\AppData\Roaming\wyUpdate AU
2013-03-05 19:39 . 2013-03-05 19:39 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-03-02 16:14 . 2013-03-08 14:01 -------- d-sh--w- c:\users\Elham\wc
2013-03-02 16:14 . 2013-03-02 16:14 -------- d-sh--w- c:\users\Elham\AppData\Roaming\ViperUpdate AU
2013-03-02 16:14 . 2013-03-02 16:14 -------- d-----w- c:\users\Elham\AppData\Roaming\ViperSettingsFolder
2013-03-02 16:14 . 2013-03-02 16:14 -------- d-----w- c:\program files (x86)\All Answers Ltd
2013-03-02 15:31 . 2013-03-02 15:31 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-03-02 15:31 . 2013-03-02 15:30 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-02 15:30 . 2013-03-02 15:30 -------- d-----w- c:\program files (x86)\Java
2013-03-02 15:26 . 2013-03-02 15:26 310688 ----a-w- c:\windows\system32\javaws.exe
2013-03-02 15:26 . 2013-03-02 15:26 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-03-02 15:26 . 2013-03-02 15:26 188832 ----a-w- c:\windows\system32\javaw.exe
2013-03-02 15:26 . 2013-03-02 15:26 188320 ----a-w- c:\windows\system32\java.exe
2013-03-02 15:26 . 2013-03-02 15:26 -------- d-----w- c:\program files\Java
2013-03-02 13:30 . 2013-03-02 13:30 -------- d-----w- c:\users\Elham\AppData\Local\Programs
2013-03-02 13:23 . 2013-03-02 15:26 963488 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-02 13:23 . 2013-03-02 15:26 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-28 19:32 . 2013-03-02 10:40 -------- d-----w- c:\program files (x86)\Google
2013-02-26 17:12 . 2013-02-26 17:12 -------- d-----w- c:\users\Elham\AppData\Roaming\AVG2013
2013-02-26 17:04 . 2013-02-26 17:04 -------- d-----w- c:\programdata\AVG2013
2013-02-26 17:04 . 2013-02-26 17:04 -------- d-----w- C:\$AVG
2013-02-26 16:52 . 2013-02-26 16:52 388096 ----a-r- c:\users\Elham\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-26 16:52 . 2013-02-26 16:52 -------- d-----w- c:\program files (x86)\Trend Micro
2013-02-26 15:39 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DFF5FC6-B49F-4029-A986-215DC3F5D661}\mpengine.dll
2013-02-22 18:24 . 2013-02-26 20:40 -------- d-----w- c:\users\Elham\AppData\Local\Avg2013
2013-02-20 09:40 . 2013-03-02 13:40 -------- d-----w- c:\users\Elham\AppData\Roaming\Qyeh
2013-02-20 09:40 . 2013-02-25 15:03 -------- d-----w- c:\users\Elham\AppData\Roaming\Riatpo
2013-02-15 10:22 . 2013-02-15 10:22 -------- d-----w- c:\program files (x86)\Cisco Systems
2013-02-15 09:52 . 2013-02-15 09:52 -------- d-----w- c:\programdata\Cisco Systems
2013-02-14 13:44 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 13:44 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 19:15 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 19:15 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 19:15 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 19:15 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 19:15 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 19:15 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 19:15 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 19:15 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 19:15 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 19:15 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 19:15 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 19:15 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-02 15:30 . 2012-05-23 22:28 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-02 15:30 . 2012-04-10 15:29 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-17 20:18 . 2011-11-19 23:34 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-02-17 20:18 . 2011-10-28 12:55 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-02-14 13:46 . 2011-10-23 10:16 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-02-12 17:49 . 2011-10-28 13:09 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-02-10 03:25 . 2011-04-22 20:25 2854344 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-10 03:25 . 2011-04-22 20:25 2528840 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-10 03:25 . 2011-04-22 20:25 15275744 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-10 03:25 . 2011-04-22 20:25 15038296 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-10 01:04 . 2011-04-08 03:36 6393120 ----a-w- c:\windows\system32\nvcpl.dll
2013-02-10 01:04 . 2011-04-08 03:35 3472672 ----a-w- c:\windows\system32\nvsvc64.dll
2013-02-10 01:04 . 2011-04-08 03:37 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-02-10 01:04 . 2011-04-08 03:37 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-02-10 01:04 . 2011-04-08 03:37 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-02-10 01:04 . 2011-04-08 03:37 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-13 19:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-18 08:31 . 2012-03-14 18:32 1510328 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2012-12-16 17:11 . 2012-12-21 15:02 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 15:02 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 15:02 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 15:02 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 15:49 . 2012-10-16 09:38 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"MSNAutoLogon"="c:\program files (x86)\msi\EasyFace2\MessengerSignIn.exe" [2010-12-27 86528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-12-14 58128]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-15 327168]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys [2010-06-07 52224]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416]
R3 MGHwCtrl;MGHwCtrl;c:\program files\msi\msi Software Install\MGHwCtrl.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2012-05-12 121416]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-09 33592]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-21 14136]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2010-08-03 290920]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-11-14 744856]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-07-03 834544]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [2010-07-16 12800]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\DRIVERS\fspad_wlh64.sys [2010-06-07 52224]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-04-27 83080]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-04-27 184968]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-06 13:38 1630672 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-02-27 c:\windows\Tasks\DLL-files.com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2012-07-03 09:56]
.
2013-03-09 c:\windows\Tasks\DLL-files.com Fixer_UPDATES.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2012-07-03 09:56]
.
2013-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-28 19:32]
.
2013-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-28 19:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.nl/
mStart Page = hxxp://msi.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 212.54.40.25 212.54.35.25
FF - ProfilePath - c:\users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-AVG_TRAY - c:\program files (x86)\AVG\AVG2012\avgtray.exe
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-Cisco Connect - c:\program files (x86)\Cisco Systems\Cisco Connect\Cisco Connect.exe
AddRemove-ESN Sonar-0.70.3 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
AddRemove-ESN Sonar-0.70.4 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\Ubisoft\FarCry 3\bin\pbsvc_fc3.exe
AddRemove-{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B} - c:\program files (x86)\InstallShield Installation Information\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}\setup.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Voltooingstijd: 2013-03-10 11:29:08 - machine werd herstart
ComboFix-quarantined-files.txt 2013-03-10 10:29
.
Pre-Run: 211.464.609.792 bytes beschikbaar
Post-Run: 215.407.788.032 bytes beschikbaar
.
- - End Of File - - C735DA3938288C7955D46F51EBC67038
-
Hier is de AdwCleaner logje:
# AdwCleaner v2.114 - Verslag gemaakt op 07/03/2013 om 21:15:46
# Geactualiseerd op 05/03/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Elham - ELHAM-MSI
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Elham\Desktop\adwcleaner.exe
# Optie [Verwijderen]
***** [Diensten] *****
***** [Files / Mappen] *****
File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Verwijdert : C:\user.js
Map Verwijdert : C:\ProgramData\Babylon
Map Verwijdert : C:\Users\Elham\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Map Verwijdert : C:\Users\Elham\AppData\Roaming\Babylon
Map Verwijdert : C:\Users\Elham\AppData\Roaming\BabylonToolbar
Map Verwijdert : C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\extensions\bbrs_002@blabbers.com
Map Verwijdert : C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\extensions\ffxtlbr@claro.com
Map Verwijdert : C:\Users\Elham\AppData\Roaming\OpenCandy
***** [Register] *****
Sleutel Verwijdert : HKCU\Software\BrowserCompanion
Sleutel Verwijdert : HKCU\Software\Claro LTD
Sleutel Verwijdert : HKCU\Software\IGearSettings
Sleutel Verwijdert : HKCU\Software\Microsoft\Babylon
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Verwijdert : HKCU\Software\Softonic
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijdert : HKLM\Software\Babylon
Sleutel Verwijdert : HKLM\Software\BabylonToolbar
Sleutel Verwijdert : HKLM\Software\BrowserCompanion
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Sleutel Verwijdert : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\updatebho.TimerBHO
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
***** [browsers] *****
-\\ Internet Explorer v9.0.8112.16464
[OK] Het register bevat geen enkele ongeoorloofde invoer.
-\\ Mozilla Firefox v7.0.1 (nl)
File : C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\prefs.js
C:\Users\Elham\AppData\Roaming\Mozilla\Firefox\Profiles\ghpd7l1a.default\user.js ... Verwijdert !
Verwijdert : user_pref("browser.babylon.HPOnNewTab", "isearch.claro-search.com");
Verwijdert : user_pref("browser.newtab.url", "hxxp://isearch.claro-search.com/?affID=114164&tt=3112_8&babsrc=NT_i[...]
Verwijdert : user_pref("browser.search.defaultenginename", "Claro Search");
Verwijdert : user_pref("browser.search.order.1", "Claro Search");
Verwijdert : user_pref("browser.search.selectedEngine", "Claro Search");
Verwijdert : user_pref("browser.startup.homepage", "hxxp://isearch.claro-search.com/?affID=114164&tt=3112_8&babsr[...]
Verwijdert : user_pref("extensions.claro.admin", false);
Verwijdert : user_pref("extensions.claro.aflt", "babsst");
Verwijdert : user_pref("extensions.claro.autoRvrt", "false");
Verwijdert : user_pref("extensions.claro.bbDpng", "18");
Verwijdert : user_pref("extensions.claro.cntry", "NL");
Verwijdert : user_pref("extensions.claro.dfltLng", "en");
Verwijdert : user_pref("extensions.claro.envrmnt", "production");
Verwijdert : user_pref("extensions.claro.excTlbr", false);
Verwijdert : user_pref("extensions.claro.hdrMd5", "A5260AF9958B2DD5388C6FFEF1F6C0E6");
Verwijdert : user_pref("extensions.claro.hmpg", false);
Verwijdert : user_pref("extensions.claro.id", "46a4e8d500000000000000fff12858b0");
Verwijdert : user_pref("extensions.claro.instlDay", "15552");
Verwijdert : user_pref("extensions.claro.instlRef", "sst");
Verwijdert : user_pref("extensions.claro.lastVrsnTs", "1.6.4.121:24:10");
Verwijdert : user_pref("extensions.claro.mntrvrsn", "1.3.1");
Verwijdert : user_pref("extensions.claro.newTab", false);
Verwijdert : user_pref("extensions.claro.prdct", "claro");
Verwijdert : user_pref("extensions.claro.prtnrId", "claro");
Verwijdert : user_pref("extensions.claro.sg", "none");
Verwijdert : user_pref("extensions.claro.smplGrp", "none");
Verwijdert : user_pref("extensions.claro.tlbrId", "iclaro");
Verwijdert : user_pref("extensions.claro.vrsn", "1.6.4.1");
Verwijdert : user_pref("extensions.claro.vrsnTs", "1.6.4.121:24:10");
Verwijdert : user_pref("extensions.claro.vrsni", "1.6.4.1");
Verwijdert : user_pref("extensions.claro_i.newTab", false);
Verwijdert : user_pref("extensions.claro_i.smplGrp", "none");
Verwijdert : user_pref("extensions.claro_i.vrsnTs", "1.6.4.121:24:10");
Verwijdert : user_pref("extensions.enabledAddons", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3,ffxtlbr@claro.co[...]
Verwijdert : user_pref("keyword.URL", "hxxp://isearch.claro-search.com/?affID=114164&tt=3112_8&babsrc=KW_iclro&mn[...]
-\\ Google Chrome v25.0.1364.152
File : C:\Users\Elham\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner[s1].txt - [7955 octets] - [07/03/2013 21:15:46]
########## EOF - C:\AdwCleaner[s1].txt - [8015 octets] ##########
---------------------------------------------------------------------
Hier is de Hijackthis logje
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:19:48, on 7-3-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal
Running processes:
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\MSI\EasyFace2\MessengerSignIn.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Users\Elham\Desktop\HijackThis.exe
C:\windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F3 - REG:win.ini: load=C:\Users\Elham\LOCALS~1\Temp\msakuovqo.pif
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [updReg] C:\windows\UpdReg.EXE
O4 - HKLM\..\Run: [NVIDIAOCAP] C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [MSNAutoLogon] C:\Program Files (x86)\msi\EasyFace2\MessengerSignIn.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .csm: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14419 bytes
-
Hier is de niewe Hijackthis logje:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:25:36, on 4-3-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal
Running processes:
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\MSI\EasyFace2\MessengerSignIn.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Elham\Desktop\HijackThis.exe
C:\windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F3 - REG:win.ini: load=C:\Users\Elham\LOCALS~1\Temp\msakuovqo.pif
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [updReg] C:\windows\UpdReg.EXE
O4 - HKLM\..\Run: [NVIDIAOCAP] C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [MSNAutoLogon] C:\Program Files (x86)\msi\EasyFace2\MessengerSignIn.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .csm: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: C:\Program Files (x86)\Internet Explorer\Plugins\npchime.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14364 bytes
- - - Updated - - -
En hier de nieuwe Malware log:
Malwarebytes Anti-Malware 1.70.0.1100
Databaseversie: v2013.03.03.09
Windows 7 Service Pack 1 x64 NTFS (Veilige modus/netwerkmogelijkheden)
Internet Explorer 9.0.8112.16421
Elham :: ELHAM-MSI [administrator]
4-3-2013 22:16:01
mbam-log-2013-03-04 (22-16-01).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 235328
Verstreken tijd: 2 minuut/minuten, 49 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Elham\LOCALS~1\Temp\msakuovqo.pif -> Zal worden verwijderd tijdens het herstarten.
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Laptop sluit automatisch af na verwijderen stroomkabel
in Archief Hardware algemeen
Geplaatst:
Dank jullie wel voor jullie tips, ik heb de nieuwe accu ontvangen en zal zeker rekening houden met jou tips Droske! Bedankt!