sweetsss
-
Items
29 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door sweetsss
-
Oke. Alleen de internetbrowser is weer ietsjes langzamer, maar dat kan ook komen door de updates die de computer aan het doen is. Ik zal het nu afsluiten. Nogmaals bedankt!
-
ik heb nog 1 laatste vraag. hij heeft alle programma's verwijderd die we bij dit probleem gebruikt hebben (adwcleaner, rsit, etc). maakt dit iets uit ? Hierna zal ik dit topic sluiten. Dank je wel voor al je hulp en tijd!
-
heb net even snel gecheckt, maar tot nu toe geen pop-ups. van de games is een deel gedownload en een deel gekocht. bij de eset scan werd er aangegeven of ik de besmette bestanden wou verwijderen. kan ik dat gewoon doen ?
-
ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=ac3855ee5ffc5f4681d42bd395c64a4b # engine=16069 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-11-30 05:14:23 # local_time=2013-11-30 06:14:23 (+0100, West-Europa (standaardtijd)) # country="Netherlands" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=5122 16777214 66 93 1775338 135666821 0 0 # compatibility_mode=5892 16776573 100 100 119104 223364391 0 0 # scanned=406746 # found=17 # cleaned=17 # scan_time=32060 sh=2DF4344B63FDDA0F7D40187FB0AB7B4A9EB901B1 ft=0 fh=0000000000000000 vn="JS/Iframe.IX trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content(85).IE5\LUM1MG8S\look[1].htm" sh=1A9805F3DFE7328C4AD41F2BE76064F59B1952D9 ft=0 fh=0000000000000000 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Joyce\AppData\Local\temp(86)\jar_cache2823018898809015237.tmp" sh=3A89DAEE2C931D0AAA7B102D3DA9D2174DC5875E ft=1 fh=d16f3ccb0b0b7a97 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Joyce\Documents\Downloads\Programma setup en updates\SetupImgBurn_2.5.5.0.exe" sh=419716F712489099B040AB846B565D808119B5E8 ft=1 fh=562d50baf79e8eca vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Joyce\Hijackthis\backups\backup-20120530-102631-506.dll" sh=EAC8C7D8D62710544E535010D891998E5CE6D58A ft=1 fh=9ed035c0b66684e8 vn="a variant of Win32/Toolbar.Visicom.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Joyce\Hijackthis\backups\backup-20120530-102631-778.dll" sh=18746373BD6597C22122BED78C4C514140150934 ft=0 fh=0000000000000000 vn="a variant of MSIL/Toolbar.Linkury.C application (deleted - quarantined)" ac=C fn="C:\Windows\Installer\31dc23b.msi" sh=6535EF1963B5B6CEE0990224524F94C314EA960A ft=1 fh=c71c00117cfe6f75 vn="Win32/BHO.OEY trojan (cleaned by deleting (after the next restart) - quarantined)" ac=C fn="C:\Windows\System32\d33dx10.dll" sh=6535EF1963B5B6CEE0990224524F94C314EA960A ft=1 fh=c71c00117cfe6f75 vn="Win32/BHO.OEY trojan (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Qoobox\Quarantine\C\Windows\System32\d33Dx10.dll.vir" sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Toolbar.Conduit.B application (deleted - quarantined)" ac=C fn="H:\Games\Hidden Object Games\Big Fish Games Pack 2011.iso" sh=6E00A773636DF122D6E65357DB47A7160DE9D61D ft=1 fh=d4f6947a436bd278 vn="Win32/TrojanDropper.Small.NMC trojan (cleaned by deleting - quarantined)" ac=C fn="H:\Games\Hidden Object Games\A - E\Aladin and the Wonderful Lamp The 1001 Nights_setup.exe" sh=67FD8E17A66785EF7725875D9A5D43D1780966B6 ft=1 fh=9c645f5d977aecbd vn="Win32/TrojanDropper.Small.NMC trojan (cleaned by deleting - quarantined)" ac=C fn="H:\Games\Hidden Object Games\A - E\Epic Adventures Cursed Onboard.exe" sh=9B602753C187F84BEECF974D74CDA42405BBA18A ft=1 fh=c485c40776eb7798 vn="Win32/TrojanDropper.Small.NMC trojan (cleaned by deleting - quarantined)" ac=C fn="H:\Games\Hidden Object Games\K - O\Mystery Agency Secrets of the Orient.exe" sh=3D74AC6D9571EF566DCAB50FCF3B548BC6AE450D ft=1 fh=ef89d1af48f58d7f vn="Win32/TrojanDropper.Small.NMC trojan (cleaned by deleting - quarantined)" ac=C fn="H:\Games\Hidden Object Games\P - S\Pirate Mysteries.exe" sh=D2BAE5E2287910A06C9E7D90D721191CD427E19A ft=1 fh=51da2927f3020882 vn="Win32/TrojanDropper.Small.NMC trojan (cleaned by deleting - quarantined)" ac=C fn="H:\Games\Hidden Object Games\T - Z\The Curse of the Thirty Denariii.exe" sh=909203426D9170CEE1FC2216EB8B8A835FC85A97 ft=1 fh=e91bc67bcc056370 vn="Win32/TrojanDropper.Small.NMC trojan (cleaned by deleting - quarantined)" ac=C fn="H:\Games\Hidden Object Games\T - Z\The Revenge.exe" sh=0772319B2C11A66C49AC28AB90A7DBCFD89C0E6A ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="H:\PC_VAN_JOYCE\Backup Set 2013-05-15 205743\Backup Files 2013-07-20 051031\Backup files 6.zip" sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/BHO.OEY trojan (contained infected files)" ac=C fn="${Memory}"
-
Klopt dat de scan heel lang duurt? hij staat al aan vanaf ongeveer 9.15 en is nu pas bij 28%
-
Vuze is verwijderd van mijn computer. Ik dacht dat het door de Zoek scan kwam. De pop-ups blijven bij die sites nog steeds komen.
-
Zoek.exe Version 4.0.0.5 Updated 24-November-2013Tool run by Joyce on wo 27-11-2013 at 15:28:38,97.Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86Running in: Normal Mode Internet Access DetectedLaunched: C:\Users\Joyce\Desktop\zoek\zoek.exe [script inserted] ==== Older Logs ======================C:\zoek-results2013-11-23-132719.log 25815 bytesC:\zoek-results2013-11-23-214420.log 31918 bytesC:\zoek-results2013-11-24-154044.log 5532 bytesC:\zoek-results2013-11-26-170617.log 46591 bytesC:\zoek-results2013-11-27-022040.log 5653 bytes==== Deleting Files \ Folders ======================C:\Program Files\Vuze deleted==== Chrome Look ======================HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensionsfheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[02-10-2013 13:05]SiteAdvisor - Joyce - Default\Extensions\fheoggkfdfchfphceeifdbepaooicahoStar Gazing - Joyce - Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme==== Chrome Fix ======================C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfullyC:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme deleted successfully==== Deleting Registry Keys ======================HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\Fheoggkfdfchfphceeifdbepaooicaho deleted successfully==== After Reboot ========================== Deleting Files / Folders ======================"C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx" not deleted==== EOF on wo 27-11-2013 at 15:48:06,11 ======================
-
Heb even snel gekeken.. Internetbrowser laad nu sneller. Wel heb ik bij die sites nog steeds last van pop-ups. Het gaat om website met torrents. Ook krijg ik bij de adwarecleaner scan steeds het bestand Vuze te zien.. Kan dit misschien ook problemen geven?
-
Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by Joyce on wo 27-11-2013 at 2:14:00,56. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Joyce\Desktop\zoek\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-23-132719.log 25815 bytes C:\zoek-results2013-11-23-214420.log 31918 bytes C:\zoek-results2013-11-24-154044.log 5532 bytes C:\zoek-results2013-11-26-170617.log 46591 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ssqqnksys"=- [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "ssqqnksys"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=- [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "crossriderapp498@crossrider.com"=- ==== Deleting Files \ Folders ====================== C:\Users\Joyce\AppData\Local\RewardsArcade not found "C:\Program Files\tanzuki\fheleffhdiajkhjhebfibagnfkoelbdk.crx" not found C:\Windows\system32\Tasks\{14C43A3D-211D-44CE-83EB-4B01C666FE55} deleted C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 deleted C:\Windows\system32\tasks\0 deleted C:\Windows\system32\tasks\4687 deleted "C:\Qoobox" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [04-10-2013 16:36] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[02-10-2013 13:05] SiteAdvisor - Joyce - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Star Gazing - Joyce - Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{273A0332-1B97-40E6-B3DF-8E3CEC101608}" {273A0332-1B97-40E6-B3DF-8E3CEC101608} AOL Zoeken Url="{searchTerms} - AOL Search resultaten" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {C113F95F-E0F1-4A2E-AF9D-4788A9D49151} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935" ==== Empty IE Cache ====================== C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XSCYE1RA will be deleted at reboot C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Joyce\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XSCYE1RA" not found ==== EOF on wo 27-11-2013 at 3:20:40,42 ======================
-
Ik had eerst nog een scan met Malwarebytes gedaan, waarmee ik weer geïnfecteerde bestanden vond. Hierbij de log: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.11.25.01 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Joyce :: PC_VAN_JOYCE [administrator] 26-11-2013 5:19:59 mbam-log-2013-11-26 (05-19-59).txt Scan type: Volledige scan (C:\|D:\|) Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 557690 Verstreken tijd: 5 uur/uren, 39 minuut/minuten, 44 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 1 C:\Users\Joyce\AppData\Local\temp\ct2504091 (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 3 C:\AdwCleaner\Quarantine\C\Program Files\Vuze\.install4j\user\mism.exe.vir (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Vuze\.install4j\user\mism.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Joyce\AppData\Local\temp\ct2504091\ism.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Hier de log van Zoek: Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by Joyce on di 26-11-2013 at 15:48:12,55. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Joyce\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-11-23-132719.log 25815 bytes C:\zoek-results2013-11-23-214420.log 31918 bytes C:\zoek-results2013-11-24-154044.log 5532 bytes ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ::1 localhost ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Internet Explorer\SearchScopes\{35651EE7-5AB8-44B2-9C31-8DC52C5DEE4E} deleted successfully HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Internet Explorer\SearchScopes\{654BA83E-FA5A-4022-83BD-C7713448FF40} deleted successfully HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Internet Explorer\SearchScopes\{84B93BE4-7605-4C78-900E-C2D50C39F337} deleted successfully HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BC69120F-1308-4496-BF16-6C22847C5AFC} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: Added to C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_23-11-2013_2154_.backup prefs_26-11-2013_1709_.backup ==== Deleting Files \ Folders ====================== C:\Users\Joyce\daemonprocess.txt deleted C:\Program Files\Mobogenie deleted C:\Program Files\BearShare Applications\MediaBar deleted C:\Program Files\tanzuki deleted C:\extensions deleted C:\Users\Joyce\AppData\Roaming\Alawar Entertainment deleted C:\Users\Joyce\AppData\Roaming\AlawarEntertainment deleted C:\Users\Joyce\AppData\Roaming\LimeWirePlus deleted C:\Users\Joyce\AppData\Local\Mobogenie deleted C:\Users\Joyce\AppData\LocalLow\uTorrentBar_NL deleted C:\Windows\system32\tasks\YourFile DownloaderUpdate deleted C:\user.js deleted C:\prefs.js deleted C:\END deleted C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-11-16 13:43:17 47D2D836EDC4D62C47A05DAED90F1AB9 305736031 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Joyce\AppData\Local\Temp ==== 2013-11-25 22:22:44 7E89844169E755775F09AA4724680281 24489269 ----a-w- C:\Users\Joyce\AppData\Local\Temp\vlc-2.1.1-win32.exe 2013-11-25 21:51:58 FBBE666FFDA9DADF43EF083F9CA78F19 104137 ----a-w- C:\Users\Joyce\AppData\Local\Temp\Uninstall.exe 2013-11-25 09:28:16 EFA14B8099DD1CC2F93213745A5AB4E6 4220936 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\HPDiagnosticCoreUI.exe 2013-11-25 09:28:15 F83D8C0CD50B825DE2976E3C54B43309 2278920 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\DeviceManager\DeviceManager.exe 2013-11-25 09:28:15 F4D5352EF00CC2B97B150AF6B36F10ED 1695752 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\FileExtractor.exe 2013-11-25 09:28:15 B12842B441FD6E76EC814A6DA5455132 58176 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\OESISCore.dll 2013-11-25 09:28:15 98ABCBD70CDA02B76E1A1E46C16192FA 35176 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\hpodss01.dll 2013-11-25 09:28:15 67EC459E42D3081DD8FD34356F7CAFC1 770384 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\msvcr100.dll 2013-11-25 09:28:15 4D144541EE2E6FB2C26653C22BC419C7 77120 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\Impl_SoftwareProductLib.dll 2013-11-25 09:28:15 38F548B446636444C00CA64D4BB8B3D0 60224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\Impl_FirewallLib.dll 2013-11-25 09:28:15 03E9314004F504A14A61C3D364B62F66 421200 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\msvcp100.dll 2013-11-25 09:28:14 960A1D195A77D873810A9CBD71DA1E93 3129864 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\HPDiagnosticCore.dll 2013-11-25 09:28:13 D671C7CC1308576B31EA69BE2D180D17 217408 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\FWManager.dll 2013-11-25 09:28:13 D199B1ADFFB14070E8C4DA9E879EDBEE 309760 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\DIFxAPI.dll 2013-11-25 09:28:13 585D2EB9FBED6B7B9D0107BFB5C94043 531512 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\DeviceManager\DIFxAPI.dll 2013-11-25 09:28:13 4046243A482465070E8336034D2BB2F6 495424 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\CoreUtils.dll 2013-11-22 17:33:17 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j6B11.tmp_dir1385141596\i4jdel.exe 2013-11-16 15:36:32 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j8601.tmp_dir1384616192\i4jdel.exe 2013-11-15 17:53:57 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j2AC7.tmp_dir1384538037\i4jdel.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2013-11-17 02:04:41 B798365F54AF889BFD7D04ED75C016B7 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-11-17 02:04:41 3CC9655434741363AF977498A2B5E425 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2013-11-17 02:04:40 677857FAC307E46E44F710B6C6F84607 420864 ----a-w- C:\Windows\System32\vbscript.dll 2013-11-17 02:04:38 E26C86DE3AC36D09D201691B9D482D5B 176640 ----a-w- C:\Windows\System32\ieui.dll 2013-11-17 02:04:38 375652E4B01E421683437896DA8D76C4 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2013-11-17 02:04:36 E2E9F49C84C49C2DB5ADAF85D8CD8F1C 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-11-17 02:04:35 E1092FB18A2D53DFC20D2EA8AC158E4B 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2013-11-17 02:04:35 C36E38AD3C7FAFF0E30C4CBCB28CE7FB 1129472 ----a-w- C:\Windows\System32\wininet.dll 2013-11-17 02:04:34 FFA200640B887CBB737DA74C299BCE62 717824 ----a-w- C:\Windows\System32\jscript.dll 2013-11-17 02:04:32 D36137E26569D22B6C395EB68CBE0018 1806848 ----a-w- C:\Windows\System32\jscript9.dll 2013-11-17 02:04:32 26ED02FA7B11FBFD87D4FF304EFFFFBF 231936 ----a-w- C:\Windows\System32\url.dll 2013-11-17 02:04:31 58C300DB5ED80A46A778DECB9D02DA57 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2013-11-17 02:04:29 B8D440F705D52D9167C572ECF6522E89 1104896 ----a-w- C:\Windows\System32\urlmon.dll 2013-11-17 02:04:29 AB3F4974C87DC6DE7E427CF713E88B28 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-11-17 02:04:27 048FF8515CE100990423E96678112CDF 9739264 ----a-w- C:\Windows\System32\ieframe.dll 2013-11-17 02:04:25 AC986A1AD35CDBF07B0E5D1AC9D527B5 12344832 ----a-w- C:\Windows\System32\mshtml.dll 2013-11-16 13:54:43 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll 2013-11-16 13:53:12 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll 2013-11-16 13:48:51 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-11-16 13:48:50 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2013-11-16 13:48:50 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF ====== C:\Windows\system32\drivers ===== 2013-11-10 06:05:11 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-11-06 21:57:58 156765F692192EA9039A6C4A809312FD 147912 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys 2013-11-06 21:56:45 12F0F8D3F84FAB8F31D073286FE131CB 2641 ----a-w- C:\Windows\System32\drivers\mfencrk.inf 2013-11-06 21:56:43 4DC47CB74EBC1D92DD445FCC5DEAE76A 2951 ----a-w- C:\Windows\System32\drivers\mfencbdc.inf ====== C:\Windows\Tasks ====== 2013-11-25 04:27:58 4FE3DFEFAE1C934C9C491946051D55E9 3150 ----a-w- C:\Windows\system32\Tasks\{14C43A3D-211D-44CE-83EB-4B01C666FE55} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-11-25 20:19:22 -------- d-----w- C:\Program Files\Vuze 2013-11-06 22:06:25 -------- d-----w- C:\Program Files\iPod ======= C: ===== ====== C:\Users\Joyce\AppData\Roaming ====== 2013-11-25 22:17:19 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Questerium - Sinister Trinity CE 2013-11-25 22:11:22 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cursery. The Crooked Man 1.0 2013-11-24 20:31:14 -------- d-----w- C:\Users\Public\AppData\Local\temp 2013-11-24 20:31:14 -------- d-----w- C:\Users\Joyce\AppData\Local\temp(86) 2013-11-24 20:31:14 -------- d-----w- C:\Users\Default\AppData\Local\temp 2013-11-24 20:31:14 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2013-11-24 06:52:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Digital Quarter 2013-11-11 12:26:02 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haunted House Mysteries 2013-11-10 04:31:52 AD20B43650D9760DA69255BB4B6939E2 5 ----a-w- C:\Users\Joyce\AppData\Roaming\mbam.context.scan 2013-11-07 00:18:41 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Witchs Green Amulet 2013-11-06 23:59:02 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Empress of the Deep III Legacy of the Phoenix CE 2013-11-06 23:03:12 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Hidden Objects TheHauntedHouse 2013-11-06 02:21:36 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Anvate Games 2013-11-06 02:19:05 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Silverback Games 2013-11-06 01:45:14 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Beast of Lycan Isle CE 2013-11-06 01:36:37 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Night Mysteries The Amphora Prisoner 1.0 2013-11-05 06:33:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Legacy Games 2013-11-05 06:16:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paranormal State - Poison Spring 2013-11-04 11:00:10 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Friendly Cactus 2013-11-03 21:35:32 -------- d-----w- C:\Users\Joyce\AppData\Roaming\TheMissingMonaLisa 2013-11-03 18:53:44 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Time Chronicles - The Missing Mona Lisa 2013-10-28 03:30:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Mad Head Games ====== C:\Users\Joyce ====== 2013-11-25 04:39:11 AFAFA655CC59872129A32CDE4F60F2DE 1091882 ----a-w- C:\Users\Joyce\Desktop\adwcleaner.exe 2013-11-06 22:08:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2013-11-06 22:06:11 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 ====== C: exe-files == 2013-11-25 22:13:08 30DD6C9D0BF2E0E2FF06E07D07ADBF79 1345024 ----a-w- C:\Program Files\Foxy Games\Questerium - Sinister Trinity CE\uninstall.exe 2013-11-25 09:28:17 CFBF037E1A6BB739D708D69768A56180 6110144 ----a-w- C:\Program Files\HP\Diagnostics\PSDR\HPPSDr.exe 2013-11-19 22:29:28 FFD052D0F464ADC243C24E71D15C9990 12344 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe 2013-11-19 22:29:28 DD79A6B15C2F28DE98DF4852AAF6B13B 21720 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe 2013-11-19 22:29:28 7B3E10D0AC50271E46A2ED00FE6C4B54 48440 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe 2013-11-19 22:29:28 3A6EB91CFADA8C4978E7EA79E3A2394B 57048 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\WarrantyObjectChecker.exe 2013-11-19 22:29:28 1C2AD4C01B0CC57094B7EF6803A1A597 151864 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil.exe 2013-11-19 22:29:26 FEE46F832FE746EB600AC65CA6451D1F 27352 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_EMEA.exe 2013-11-19 22:29:26 F86275D16121F6591B69B801DE6ED394 21408 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_NetworkCheck.exe 2013-11-19 22:29:26 F3531CF1C8A643377641A6F9D516FED2 35544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\OnlineBackupDetection.exe 2013-11-19 22:29:26 DF2AC1055C406AA66869C95C2FD84A21 17464 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSACIPDetection4.exe 2013-11-19 22:29:26 B26DFFF460A1F21A3DCD3529F3F61E14 33544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\hpsacommander.exe 2013-11-19 22:29:26 A15FA916BD02FE910C2C3017C026FF80 49880 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PostWarrantyAlert.exe 2013-11-19 22:29:26 99450E601834605668AE9E13BB26F09B 33264 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_CoolSense.exe 2013-11-19 22:29:26 87095CBDCC02AB8BB5ED4B124A70FC5B 27352 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_NSPOS.exe 2013-11-19 22:29:26 78BCA0FAD639A6877813F713FD2B2952 23256 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_RecoveryDisc.exe 2013-11-19 22:29:26 4E68E7D985D5F2EB68405CD246EBEDEB 18336 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PremiumAlert.exe 2013-11-19 22:29:26 4E3643177241FE9097606FDE53E6298C 33496 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RevGenCountry.exe 2013-11-19 22:29:26 1D80ADF858D37526CDDAE21FA595319F 17312 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSACIPDetection.exe 2013-11-19 22:29:26 136D8804CB446BB88C19856B1DC75861 32472 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe 2013-11-19 22:29:26 0986D1E655F8C3014C514F322DD49250 33496 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_CountryCode.exe 2013-11-19 22:29:26 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe 2013-11-19 22:29:24 E4F8F4F057E3164A52D9D206D1F99193 31544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness.exe 2013-11-19 22:29:24 4C5282B9AF02E930E85761395610DCA1 27864 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\SystemAgeOneYear.exe === C: other files == 2013-11-25 04:38:35 DBFD867A512C3F9FA2C241EE3B566D46 1304128 ----a-w- C:\Users\Joyce\AppData\Local\temp\azlocprov_0.1.6.3.zip 2013-11-24 20:25:28 DF2626F81C91EF456738E5D81706729D 375 ----a-w- C:\Qoobox\Quarantine\H\av2.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ssqqnksys"="rundll32.exe ssqrrs.dll,s" [HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" "HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN196091LK05NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1" "Facebook Update"="C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "ssqqnksys"="rundll32.exe ssqrrs.dll,s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "UpdatePSTShortCut"="C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter" "UpdatePDIRShortCut"="C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\PowerDirector UpdateWithCreateOnce SOFTWARE\CyberLink\PowerDirector\7.0" "UpdateP2GoShortCut"="C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0" "UpdateLBPShortCut"="C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5" "UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" "UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\2.0" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" "QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start" "Persistence"="C:\Windows\system32\igfxpers.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE -startup" "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" "mobilegeni daemon"="C:\Program Files\Mobogenie\DaemonProcess.exe" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" "HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN196091LK05NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1" "Facebook Update"="C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" ==== Startup Folders ====================== 2012-05-30 03:12:59 1658 ----a-w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk 2012-05-30 03:12:59 1115 ----a-w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000Core.job --a------ C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [17-03-2013 22:41] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000UA.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task] C:\Windows\tasks\HP Photo Creations Messager.job --a------ [undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\system32\tasks\4687" [wscript.exe C:\Users\Joyce\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000Core" [C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000UA" [C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\HP Photo Creations Messager" [C:\ProgramData\HP Photo Creations\MessageCheck.exe] "C:\Windows\system32\tasks\HPCustParticipation HP Photosmart 5510 series" ["C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe"] "C:\Windows\system32\tasks\SmartDefragUpdate" [C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe] "C:\Windows\system32\tasks\SmartDefrag_Startup" [C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{CA4AB69E-3234-4131-BE49-AAEEAD1A9489}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{4B682B6B-B23E-40CE-BC3A-FDDF583E17C0}" [C:\Program Files\Skype\Phone\Skype.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [04-10-2013 16:36] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "crossriderapp498@crossrider.com"="C:\Users\Joyce\AppData\Local\RewardsArcade\498\Firefox" [] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dcmagccbogebndpoodhhhafmofelpffh - C:\Users\Joyce\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx[] fheleffhdiajkhjhebfibagnfkoelbdk - C:\Program Files\tanzuki\fheleffhdiajkhjhebfibagnfkoelbdk.crx[] fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[02-10-2013 13:05] icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx[] SiteAdvisor - Joyce - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Star Gazing - Joyce - Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme ==== Chrome Fix ====================== C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhhndocbepopiengmnalddpofmgddkfp deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" "Search Page"="Google" "Search Bar"="Upgrade to Google Chrome" "Default_Search_URL"="Google" "Default_Page_URL"="Google" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" "Default_Page_URL"="Google" "Default_Search_URL"="Google" "Search Page"="Google" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="%s - Google Search" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="Google" "CustomizeSearch"="Google" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="Upgrade to Google Chrome" "Default_Search_URL"="Upgrade to Google Chrome" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="Bing" "Search Bar"="Bing" "Default_Search_URL"="Bing" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" "Start Page"="https://www.google.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Bing" "Search Page"="Bing" "Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Bing" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{273A0332-1B97-40E6-B3DF-8E3CEC101608}" {273A0332-1B97-40E6-B3DF-8E3CEC101608} AOL Zoeken Url="{searchTerms} - AOL Search resultaten" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {C113F95F-E0F1-4A2E-AF9D-4788A9D49151} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935" ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\crossriderapp498@crossrider.com deleted successfully ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyOverride"="*.local" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fheleffhdiajkhjhebfibagnfkoelbdk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {4DB74D06-491C-440D-305E-012400990F3E} - C:\Windows\system32\d33dx10.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [NCPluginUpdater] "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN196091LK05NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKUS\S-1-5-18\..\Run: [ssqqnksys] rundll32.exe "ssqrrs.dll",s (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [ssqqnksys] rundll32.exe "ssqrrs.dll",s (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - (no file) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Updateservice (gupdate1cad429e4fae9f9) (gupdate1cad429e4fae9f9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe ==== Empty IE Cache ====================== C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Joyce\AppData\Local\temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U73RZH2Q will be deleted at reboot C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Joyce\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U73RZH2Q" not found ==== EOF on di 26-11-2013 at 18:06:17,88 ======================
-
Alleen de internet browser laadt wel langzamer dan gisteren, maar voor de rest merk ik weinig verschil.
-
# AdwCleaner v3.013 - Report created 25/11/2013 at 14:34:49 # Updated 24/11/2013 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (32 bits) # Username : Joyce - PC_VAN_JOYCE # Running from : C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQVX44VN\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files\Vuze File Deleted : C:\END ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Conduit ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16520 -\\ Mozilla Firefox v [ File : C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ] ************************* AdwCleaner[R0].txt - [927 octets] - [25/11/2013 14:29:29] AdwCleaner[s0].txt - [857 octets] - [25/11/2013 14:34:49] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [916 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.11.25.01 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Joyce :: PC_VAN_JOYCE [administrator] 25-11-2013 4:39:25 mbam-log-2013-11-25 (04-39-25).txt Scan type: Volledige scan (C:\|D:\|) Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 554282 Verstreken tijd: 8 uur/uren, 49 minuut/minuten, 33 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 1 C:\Users\Joyce\AppData\Local\temp\ct2504091 (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 1 C:\Users\Joyce\AppData\Local\temp\ct2504091\ism.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
-
Ik heb een klein probleempje denk ik. Ik heb vannacht mijn computer moeten herstellen naar een herstelpunt op 23-11 .. Ik weet niet wat de gevolgen daarvan zijn voor alle handelingen die we gedaan hebben. De computer is nu een scan van MalwareBytes aan het doen. Ook heb ik net de adwcleaner al een keer gedaan.. Moet alles weer opnieuw gescand worden??
-
De internet browser laadde heel snel, maar nadat ik me computer opnieuw opgestart had, laadde die heel langzaam. Ook heb ik 2 websites gecheckt, waar ik normaal altijd een pop up venster krijg. Maar ik kreeg weer 2 pop up vensters. Kan dat misschien toch aan de websites zelf liggen?
-
ComboFix 13-11-23.02 - Joyce 24-11-2013 20:57:58.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3002.1217 [GMT 1:00] Gestart vanuit: c:\users\Joyce\Desktop\ComboFix.exe AV: McAfee Antivirus en antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} SP: McAfee Antivirus en antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Aanwezig AV is actief . . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\tanzuki_iels c:\users\Joyce\AppData\Roaming\inst.exe c:\users\Joyce\AppData\Roaming\log.txt c:\windows\system32\d33Dx10.dll c:\windows\system32\FlashPlayerApp.exe H:\Autorun.inf . . (((((((((((((((((((( Bestanden Gemaakt van 2013-10-24 to 2013-11-24 )))))))))))))))))))))))))))))) . . 2013-11-24 20:25 . 2013-11-24 20:25 -------- d-----w- c:\users\Joyce\AppData\Local\temp 2013-11-24 20:25 . 2013-11-24 20:25 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-11-24 20:25 . 2013-11-24 20:25 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-11-24 15:28 . 2013-11-24 14:06 24064 ----a-w- c:\windows\zoek-delete.exe 2013-11-24 10:39 . 2013-11-24 10:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-11-24 10:39 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-11-24 06:52 . 2013-11-24 06:52 -------- d-----w- c:\users\Joyce\AppData\Roaming\Digital Quarter 2013-11-23 12:26 . 2013-11-24 15:03 -------- d-----w- C:\zoek_backup 2013-11-22 18:01 . 2013-11-08 01:15 7772552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F2E9CE69-A2F1-415E-894C-1D7BF3BB8DE3}\mpengine.dll 2013-11-16 13:57 . 2013-11-16 14:03 -------- d-----w- c:\windows\system32\MRT 2013-11-16 13:54 . 2013-10-03 12:45 297984 ----a-w- c:\windows\system32\gdi32.dll 2013-11-16 13:53 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll 2013-11-16 13:48 . 2013-10-11 02:08 444928 ----a-w- c:\windows\system32\IKEEXT.DLL 2013-11-16 13:48 . 2013-10-11 02:07 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL 2013-11-10 19:36 . 2013-11-10 19:37 -------- d-----w- C:\rsit 2013-11-10 09:33 . 2013-11-24 19:13 -------- d-----w- C:\AdwCleaner 2013-11-06 23:40 . 2013-11-06 23:40 -------- d-----w- c:\users\Joyce\AppData\Local\McAfee File Lock 2013-11-06 23:03 . 2013-11-06 23:04 -------- d-----w- c:\users\Joyce\AppData\Roaming\Hidden Objects TheHauntedHouse 2013-11-06 22:06 . 2013-11-06 22:06 -------- d-----w- c:\program files\iPod 2013-11-06 22:06 . 2013-11-06 22:08 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-11-06 21:57 . 2013-09-23 12:48 147912 ----a-w- c:\windows\system32\drivers\HipShieldK.sys 2013-11-06 02:21 . 2013-11-06 02:21 -------- d-----w- c:\users\Joyce\AppData\Roaming\Anvate Games 2013-11-06 02:19 . 2013-11-07 00:00 -------- d-----w- c:\users\Joyce\AppData\Roaming\Silverback Games 2013-11-06 00:58 . 2013-11-12 00:43 -------- d-----w- C:\Games 2013-11-05 06:33 . 2013-11-05 06:33 -------- d-----w- c:\users\Joyce\AppData\Roaming\Legacy Games 2013-11-04 22:41 . 2013-11-05 05:23 -------- d-----w- c:\users\Joyce\AppData\Local\Mobogenie 2013-11-04 22:36 . 2013-11-05 05:25 -------- d-----w- c:\program files\Mobogenie 2013-11-04 11:00 . 2013-11-04 11:00 -------- d-----w- c:\users\Joyce\AppData\Roaming\Friendly Cactus 2013-11-03 21:35 . 2013-11-03 21:35 -------- d-----w- c:\users\Joyce\AppData\Roaming\TheMissingMonaLisa 2013-11-03 18:42 . 2013-11-03 18:42 -------- d-----w- c:\windows\Hidden Mysteries - Notre Dame 2013-11-03 05:51 . 2013-11-03 05:51 -------- d-----w- c:\windows\Rite of Passage 2- Child of the Forest CE 2013-10-28 03:30 . 2013-11-03 22:00 -------- d-----w- c:\users\Joyce\AppData\Roaming\Mad Head Games . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-11-23 12:20 . 2011-05-18 10:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-11-11 04:50 . 2010-05-18 21:43 230048 ------w- c:\windows\system32\MpSigStub.exe 2013-09-24 19:53 . 2012-07-08 11:03 60920 ----a-w- c:\windows\system32\drivers\cfwids.sys 2013-09-24 19:49 . 2012-07-08 11:03 213200 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2013-09-24 19:49 . 2011-07-07 21:04 172416 ----a-w- c:\windows\system32\mfevtps.exe 2013-09-24 19:45 . 2011-03-13 09:20 571608 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2013-09-24 19:44 . 2012-07-08 11:03 365256 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2013-09-24 19:44 . 2012-07-08 11:03 65928 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2013-09-24 19:43 . 2012-07-08 11:03 235488 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2013-09-24 19:42 . 2011-03-13 09:20 133928 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2013-09-20 08:37 . 2013-09-20 08:37 10152 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys 2013-09-20 08:37 . 2013-09-20 08:37 80656 ----a-w- c:\windows\system32\drivers\mfencrk.sys 2013-09-20 08:37 . 2013-09-20 08:37 301248 ----a-w- c:\windows\system32\drivers\mfencbdc.sys 2013-09-10 21:18 . 2013-09-10 21:18 97008 ----a-w- c:\windows\system32\drivers\RapportKELL.sys 2013-09-09 10:11 . 2012-10-28 06:04 66296 ----a-w- c:\windows\system32\drivers\McPvDrv.sys 2013-08-29 07:36 . 2013-10-11 16:11 2050048 ----a-w- c:\windows\system32\win32k.sys 2013-08-27 02:47 . 2013-10-11 16:12 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2013-08-27 02:47 . 2013-10-11 16:12 189952 ----a-w- c:\windows\system32\d3d10core.dll 2013-08-27 02:47 . 2013-10-11 16:12 1029120 ----a-w- c:\windows\system32\d3d10.dll 2013-08-27 02:47 . 2013-10-11 16:12 160768 ----a-w- c:\windows\system32\d3d10_1.dll 2013-08-27 01:52 . 2013-10-11 16:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2013-08-27 01:50 . 2013-10-11 16:12 486400 ----a-w- c:\windows\system32\d3d10level9.dll 2013-08-27 01:32 . 2013-10-11 16:12 683008 ----a-w- c:\windows\system32\d2d1.dll 2013-08-27 01:28 . 2013-10-11 16:12 1069056 ----a-w- c:\windows\system32\DWrite.dll 2013-08-27 01:28 . 2013-10-11 16:12 798208 ----a-w- c:\windows\system32\FntCache.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-06 39408] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392] "AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-06-06 102400] "HP Photosmart 5510 series (NET)"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-05-25 1801064] "Facebook Update"="c:\users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-03-17 138096] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-03-01 18643560] "KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-09-04 1564528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432] "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-12-24 210216] "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216] "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-28 154136] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-28 150040] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-28 178712] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 516912] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2013-04-15 337432] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-09-04 311152] "mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 516912] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-01 152392] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-11-19 21720] . c:\users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 . S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [2009-03-02 81920] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-11-17 09:47 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 12:20] . 2013-11-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000Core.job - c:\users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-17 21:41] . 2013-11-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000UA.job - c:\users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-17 21:41] . 2013-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-04-04 19:05] . 2013-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-04-04 19:05] . 2013-11-24 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . . ------- Bijkomende Scan ------- . uStart Page = https://www.google.nl/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.254 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) HKLM-Run-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe HKU-Default-Run-ssqqnksys - ssqrrs.dll c:\users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe -startup SafeBoot-Wdf01000.sys SafeBoot-WudfPf SafeBoot-WudfRd AddRemove-8461-7759-5462-8226 - c:\program files\Vuze\uninstall.exe AddRemove-Activation Assistant for the 2007 Microsoft Office suites - c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-11-24 21:25 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run mobilegeni daemon = c:\program files\Mobogenie\DaemonProcess.exe????????????????????????????????????????????????????????????????????????????????????? . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2013-11-24 21:31:08 ComboFix-quarantined-files.txt 2013-11-24 20:31 ComboFix2.txt 2012-05-30 14:30 ComboFix3.txt 2012-05-30 13:43 . Pre-Run: 47.010.701.312 bytes beschikbaar Post-Run: 46.971.252.736 bytes beschikbaar . - - End Of File - - A9183AD598640C59EBD6E6B6214E476C 588AE8F0C685C02BA11F30D9CD7E61A0
-
Ik had ComboFix nog op mijn bureaublad staan, kan ik die gewoon gebruiken of moet ik het opnieuw downloaden?
-
# AdwCleaner v3.013 - Report created 24/11/2013 at 20:13:27 # Updated 24/11/2013 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (32 bits) # Username : Joyce - PC_VAN_JOYCE # Running from : C:\Users\Joyce\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files\Vuze ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16520 -\\ Mozilla Firefox v [ File : C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ] ************************* AdwCleaner[R0].txt - [19864 octets] - [10/11/2013 10:35:45] AdwCleaner[R1].txt - [18198 octets] - [10/11/2013 18:28:40] AdwCleaner[R2].txt - [1927 octets] - [24/11/2013 07:34:17] AdwCleaner[R3].txt - [1165 octets] - [24/11/2013 20:02:07] AdwCleaner[s0].txt - [1863 octets] - [10/11/2013 10:37:12] AdwCleaner[s1].txt - [15993 octets] - [10/11/2013 18:30:34] AdwCleaner[s2].txt - [2011 octets] - [24/11/2013 10:11:01] AdwCleaner[s3].txt - [1091 octets] - [24/11/2013 20:13:27] ########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [1151 octets] ########## - - - Updated - - -
-
Alvast bedankt voor uw/je hulp! Het openen van de browser gaat nu prima. De snelheid van de laptop/ internet is soms nog wel langzaam, maar misschien dat dat aan onze internetverbinding ligt? Wel duurt het even als ik een nieuwe browser of tabblad open, voordat de pagina geladen is. Ook het opstarten van de laptop duurt vrij lang (in vergelijking met de laptops van mijn ouders), zou dat kunnen komen doordat ik veel bestanden op mijn computer heb staan?? Wel heb ik bij sommige websites, dat er van die pop up vensters komen met reclame, de website reageert ook dan even niet totdat de pop up venster geladen is. Kan dit ook door specifieke websites komen ? Ik hoop dat u/je mijn vragen kunt beantwoorden. Nogmaals bedankt voor de hulp.
-
Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by Joyce on zo 24-11-2013 at 15:07:56,63. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Joyce\Desktop\zoek\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-23-132719.log 25815 bytes C:\zoek-results2013-11-23-214420.log 31918 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 "ssqqnksys"=- "ssqqnksys"=- [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "crossriderapp498@crossrider.com"=- ==== Deleting Files \ Folders ====================== C:\Windows\system32\tasks\0 deleted C:\Windows\system32\tasks\4687 deleted C:\Program Files\tanzuki deleted C:\Users\Joyce\AppData\Local\TubeSing-34 deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [04-10-2013 16:36] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "crossriderapp498@crossrider.com"="C:\Users\Joyce\AppData\Local\RewardsArcade\498\Firefox" [] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[02-10-2013 13:05] SiteAdvisor - Joyce - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Star Gazing - Joyce - Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{273A0332-1B97-40E6-B3DF-8E3CEC101608}" {273A0332-1B97-40E6-B3DF-8E3CEC101608} AOL Zoeken Url="{searchTerms} - AOL Search resultaten" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {C113F95F-E0F1-4A2E-AF9D-4788A9D49151} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\crossriderapp498@crossrider.com deleted successfully ==== Empty IE Cache ====================== C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UWZV8BUW will be deleted at reboot C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Joyce\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UWZV8BUW" not found ==== EOF on zo 24-11-2013 at 16:40:44,08 ======================
-
Hoi, Wegens omstandigheden een late reactie, maar had niet eerder de tijd om hiermee verder te gaan. Hierbij de log van zoek.exe : Zoek.exe Version 4.0.0.5 Updated 14-November-2013 Tool run by Joyce on za 23-11-2013 at 20:42:42,08. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Joyce\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-11-23-132719.log 25815 bytes ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\Program Files\BearShare Applications deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-11-16 13:43:17 47D2D836EDC4D62C47A05DAED90F1AB9 305736031 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Joyce\AppData\Local\Temp ==== 2013-11-22 17:33:17 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j6B11.tmp_dir1385141596\i4jdel.exe 2013-11-16 15:36:32 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j8601.tmp_dir1384616192\i4jdel.exe 2013-11-15 17:53:57 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j2AC7.tmp_dir1384538037\i4jdel.exe 2013-11-11 03:14:48 76E389EC4C8EA6CD77E97B4F717E21C9 1153968 ----a-w- C:\Users\Joyce\AppData\Local\Temp\Offercast29_SGT5_.exe 2013-11-10 22:38:45 4DDCDB412E8897D5BEFA20D4B24D10E3 104138 ----a-w- C:\Users\Joyce\AppData\Local\Temp\Uninstall.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2013-11-17 02:04:41 B798365F54AF889BFD7D04ED75C016B7 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-11-17 02:04:41 3CC9655434741363AF977498A2B5E425 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2013-11-17 02:04:40 677857FAC307E46E44F710B6C6F84607 420864 ----a-w- C:\Windows\System32\vbscript.dll 2013-11-17 02:04:38 E26C86DE3AC36D09D201691B9D482D5B 176640 ----a-w- C:\Windows\System32\ieui.dll 2013-11-17 02:04:38 375652E4B01E421683437896DA8D76C4 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2013-11-17 02:04:36 E2E9F49C84C49C2DB5ADAF85D8CD8F1C 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-11-17 02:04:35 E1092FB18A2D53DFC20D2EA8AC158E4B 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2013-11-17 02:04:35 C36E38AD3C7FAFF0E30C4CBCB28CE7FB 1129472 ----a-w- C:\Windows\System32\wininet.dll 2013-11-17 02:04:34 FFA200640B887CBB737DA74C299BCE62 717824 ----a-w- C:\Windows\System32\jscript.dll 2013-11-17 02:04:32 D36137E26569D22B6C395EB68CBE0018 1806848 ----a-w- C:\Windows\System32\jscript9.dll 2013-11-17 02:04:32 26ED02FA7B11FBFD87D4FF304EFFFFBF 231936 ----a-w- C:\Windows\System32\url.dll 2013-11-17 02:04:31 58C300DB5ED80A46A778DECB9D02DA57 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2013-11-17 02:04:29 B8D440F705D52D9167C572ECF6522E89 1104896 ----a-w- C:\Windows\System32\urlmon.dll 2013-11-17 02:04:29 AB3F4974C87DC6DE7E427CF713E88B28 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-11-17 02:04:27 048FF8515CE100990423E96678112CDF 9739264 ----a-w- C:\Windows\System32\ieframe.dll 2013-11-17 02:04:25 AC986A1AD35CDBF07B0E5D1AC9D527B5 12344832 ----a-w- C:\Windows\System32\mshtml.dll 2013-11-16 13:54:43 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll 2013-11-16 13:53:12 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll 2013-11-16 13:48:51 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-11-16 13:48:50 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2013-11-16 13:48:50 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF ====== C:\Windows\system32\drivers ===== 2013-11-10 06:05:11 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-11-06 21:57:58 156765F692192EA9039A6C4A809312FD 147912 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys 2013-11-06 21:56:45 12F0F8D3F84FAB8F31D073286FE131CB 2641 ----a-w- C:\Windows\System32\drivers\mfencrk.inf 2013-11-06 21:56:43 4DC47CB74EBC1D92DD445FCC5DEAE76A 2951 ----a-w- C:\Windows\System32\drivers\mfencbdc.inf ====== C:\Windows\Tasks ====== 2013-10-27 13:20:31 3BE0AAA28D881C5CAFD51CEA4FF3DC02 3054 ----a-w- C:\Windows\system32\Tasks\{88D0D5EF-228F-4918-9104-B971CD51457D} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-11-11 03:15:19 -------- d-----w- C:\Program Files\Vuze 2013-11-06 22:06:25 -------- d-----w- C:\Program Files\iPod 2013-11-06 00:58:03 -------- d-----w- C:\Program Files\tanzuki 2013-11-04 22:36:33 -------- d-----w- C:\Program Files\Mobogenie ======= C: ===== ====== C:\Users\Joyce\AppData\Roaming ====== 2013-11-12 00:45:51 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Age 3. Liberation of Souls 1.0 2013-11-11 12:26:02 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haunted House Mysteries 2013-11-10 04:31:52 AD20B43650D9760DA69255BB4B6939E2 5 ----a-w- C:\Users\Joyce\AppData\Roaming\mbam.context.scan 2013-11-07 00:18:41 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Witchs Green Amulet 2013-11-06 23:59:02 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Empress of the Deep III Legacy of the Phoenix CE 2013-11-06 23:03:12 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Hidden Objects TheHauntedHouse 2013-11-06 02:21:36 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Anvate Games 2013-11-06 02:19:05 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Silverback Games 2013-11-06 01:45:14 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Beast of Lycan Isle CE 2013-11-06 01:36:37 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Night Mysteries The Amphora Prisoner 1.0 2013-11-05 06:33:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Legacy Games 2013-11-05 06:16:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paranormal State - Poison Spring 2013-11-04 22:46:26 -------- d-----w- C:\Users\Joyce\AppData\Local\TubeSing-34 2013-11-04 22:41:03 -------- d-----w- C:\Users\Joyce\AppData\Local\Mobogenie 2013-11-04 11:00:10 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Friendly Cactus 2013-11-03 21:35:32 -------- d-----w- C:\Users\Joyce\AppData\Roaming\TheMissingMonaLisa 2013-11-03 18:53:44 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Time Chronicles - The Missing Mona Lisa 2013-10-28 03:30:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Mad Head Games 2013-10-26 12:18:23 F5C907D9F6B2C00552778B42BCFEC76B 299084 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\WPFFontCache_v0400-System.dat 2013-10-25 00:31:46 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Hidden Objects LesMiserables 2013-10-25 00:07:26 -------- d-----w- C:\Users\Joyce\AppData\Roaming\8Floor 2013-10-24 23:34:35 -------- d-----w- C:\Users\Joyce\AppData\Roaming\blg ====== C:\Users\Joyce ====== 2013-11-06 22:08:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2013-11-06 22:06:11 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-11-04 22:41:03 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Joyce\daemonprocess.txt 2013-10-24 23:34:35 -------- d-----w- C:\ProgramData\blg ====== C: exe-files == 2013-11-19 22:29:28 FFD052D0F464ADC243C24E71D15C9990 12344 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe 2013-11-19 22:29:28 DD79A6B15C2F28DE98DF4852AAF6B13B 21720 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe 2013-11-19 22:29:28 7B3E10D0AC50271E46A2ED00FE6C4B54 48440 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe 2013-11-19 22:29:28 3A6EB91CFADA8C4978E7EA79E3A2394B 57048 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\WarrantyObjectChecker.exe 2013-11-19 22:29:28 1C2AD4C01B0CC57094B7EF6803A1A597 151864 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil.exe 2013-11-19 22:29:26 FEE46F832FE746EB600AC65CA6451D1F 27352 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_EMEA.exe 2013-11-19 22:29:26 F86275D16121F6591B69B801DE6ED394 21408 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_NetworkCheck.exe 2013-11-19 22:29:26 F3531CF1C8A643377641A6F9D516FED2 35544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\OnlineBackupDetection.exe 2013-11-19 22:29:26 DF2AC1055C406AA66869C95C2FD84A21 17464 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSACIPDetection4.exe 2013-11-19 22:29:26 B26DFFF460A1F21A3DCD3529F3F61E14 33544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\hpsacommander.exe 2013-11-19 22:29:26 A15FA916BD02FE910C2C3017C026FF80 49880 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PostWarrantyAlert.exe 2013-11-19 22:29:26 99450E601834605668AE9E13BB26F09B 33264 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_CoolSense.exe 2013-11-19 22:29:26 87095CBDCC02AB8BB5ED4B124A70FC5B 27352 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_NSPOS.exe 2013-11-19 22:29:26 78BCA0FAD639A6877813F713FD2B2952 23256 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_RecoveryDisc.exe 2013-11-19 22:29:26 4E68E7D985D5F2EB68405CD246EBEDEB 18336 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PremiumAlert.exe 2013-11-19 22:29:26 4E3643177241FE9097606FDE53E6298C 33496 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RevGenCountry.exe 2013-11-19 22:29:26 1D80ADF858D37526CDDAE21FA595319F 17312 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSACIPDetection.exe 2013-11-19 22:29:26 136D8804CB446BB88C19856B1DC75861 32472 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe 2013-11-19 22:29:26 0986D1E655F8C3014C514F322DD49250 33496 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_CountryCode.exe 2013-11-19 22:29:26 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe 2013-11-19 22:29:24 E4F8F4F057E3164A52D9D206D1F99193 31544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness.exe 2013-11-19 22:29:24 4C5282B9AF02E930E85761395610DCA1 27864 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\SystemAgeOneYear.exe 2013-11-17 09:47:16 E714A26715478EAC94DEB4514BF68EA2 35300192 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.57\31.0.1650.57_chrome_installer.exe 2013-11-17 04:47:08 1A7C91AC6F14EBB22688704A13DC8D17 12598112 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.57\31.0.1650.57_30.0.1599.101_chrome_updater.exe 2013-11-17 02:04:32 06085B62BC7E0C8E2605CEA38774D956 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ssqqnksys"="rundll32.exe ssqrrs.dll,s" [HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" "HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN196091LK05NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1" "Facebook Update"="C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "ssqqnksys"="rundll32.exe ssqrrs.dll,s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "UpdatePSTShortCut"="C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter" "UpdatePDIRShortCut"="C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\PowerDirector UpdateWithCreateOnce SOFTWARE\CyberLink\PowerDirector\7.0" "UpdateP2GoShortCut"="C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0" "UpdateLBPShortCut"="C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5" "UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" "UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\2.0" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" "QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start" "Persistence"="C:\Windows\system32\igfxpers.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE -startup" "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" "mobilegeni daemon"="C:\Program Files\Mobogenie\DaemonProcess.exe" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" "HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN196091LK05NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1" "Facebook Update"="C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" ==== Startup Folders ====================== 2012-05-30 03:12:59 1658 ----a-w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk 2012-05-30 03:12:59 1115 ----a-w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [23-11-2013 13:20] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000Core.job --a------ C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [17-03-2013 22:41] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000UA.job --a------ C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [17-03-2013 22:41] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04-04-2010 20:05] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task] C:\Windows\tasks\HP Photo Creations Messager.job --a------ C:\ProgramData\HP Photo Creations\MessageCheck.exe [15-02-2011 11:11] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\system32\tasks\4687" [wscript.exe C:\Users\Joyce\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000Core" [C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000UA" [C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\HP Photo Creations Messager" [C:\ProgramData\HP Photo Creations\MessageCheck.exe] "C:\Windows\system32\tasks\HPCustParticipation HP Photosmart 5510 series" ["C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe"] "C:\Windows\system32\tasks\SmartDefragUpdate" [C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe] "C:\Windows\system32\tasks\SmartDefrag_Startup" [C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{CA4AB69E-3234-4131-BE49-AAEEAD1A9489}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{4B682B6B-B23E-40CE-BC3A-FDDF583E17C0}" [C:\Program Files\Skype\Phone\Skype.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [04-10-2013 16:36] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "crossriderapp498@crossrider.com"="C:\Users\Joyce\AppData\Local\RewardsArcade\498\Firefox" [] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dcmagccbogebndpoodhhhafmofelpffh - C:\Users\Joyce\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx[] fheleffhdiajkhjhebfibagnfkoelbdk - C:\Program Files\tanzuki\fheleffhdiajkhjhebfibagnfkoelbdk.crx[] fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[02-10-2013 13:05] hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx[] icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx[] mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx[] pfndaklgolladniicklehhancnlgocpp - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx[] SiteAdvisor - Joyce - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Ebay Shopping Assistant by Spigot - Joyce - Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj Domain Error Assistant - Joyce - Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj Star Gazing - Joyce - Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme Slick Savings - Joyce - Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk TubeSing-34 - Joyce - Default\Extensions\nhhndocbepopiengmnalddpofmgddkfp Amazon Shopping Assistant by Spigot - Joyce - Default\Extensions\pfndaklgolladniicklehhancnlgocpp ==== Chrome Fix ====================== C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dcmagccbogebndpoodhhhafmofelpffh_0 deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fheleffhdiajkhjhebfibagnfkoelbdk_0.localstorage deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhhndocbepopiengmnalddpofmgddkfp deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" "Search Page"="Google" "Search Bar"="Upgrade to Google Chrome" "Default_Search_URL"="Google" "Default_Page_URL"="Google" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" "Default_Page_URL"="Google" "Default_Search_URL"="Google" "Search Page"="Google" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="%s - Google Search" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="Google" "CustomizeSearch"="Google" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="Upgrade to Google Chrome" "Default_Search_URL"="Upgrade to Google Chrome" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="Bing" "Search Bar"="Bing" "Default_Search_URL"="Bing" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="https://www.google.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Bing" "Search Page"="Bing" "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Bing" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{273A0332-1B97-40E6-B3DF-8E3CEC101608}" {273A0332-1B97-40E6-B3DF-8E3CEC101608} AOL Zoeken Url="{searchTerms} - AOL Search resultaten" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {C113F95F-E0F1-4A2E-AF9D-4788A9D49151} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935" ==== Reset Google Chrome ====================== C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyOverride"="*.local" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fheleffhdiajkhjhebfibagnfkoelbdk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully ==== Empty IE Cache ====================== C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Joyce\AppData\Local\temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKQGQ1QE will be deleted at reboot C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Joyce\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKQGQ1QE" not found ==== EOF on za 23-11-2013 at 22:44:20,87 ======================
-
Logfile of random's system information tool 1.09 (written by random/random) Run by Joyce at 2013-11-10 20:36:42 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 44 GB (19%) free of 228 GB Total RAM: 3002 MB (53% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000UA.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HP Photo Creations Messager.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DB74D06-491C-440D-305E-012400990F3E}] Groove GFS Browser Helper - C:\Windows\system32\d33dx10.dll [2006-11-29 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-07-02 329480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-08 194640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2013-10-02 250896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-07-02 59144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2013-10-02 250896] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-08 194640] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-12-08 432432] "UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-12-24 210216] "UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216] "UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-10-30 210216] "UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216] "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408] "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-06-03 450652] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640] "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-10-10 206128] "Persistence"=C:\Windows\system32\igfxpers.exe [2008-10-28 154136] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-10-28 150040] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-10-28 178712] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-10-06 59240] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2013-09-24 516912] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888] "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2013-04-15 337432] "KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-09-04 311152] "mobilegeni daemon"=C:\Program Files\Mobogenie\DaemonProcess.exe [] "mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2013-09-24 516912] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-06 39408] "LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392] "AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-06-06 102400] "HP Photosmart 5510 series (NET)"=C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2011-05-25 1801064] "Facebook Update"=C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-17 138096] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-03-01 18643560] "KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-09-04 1564528] ""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-09-04 844656] C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2008-10-28 221184] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "DisableTaskMgr"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 "NoDrives"=0 "NoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "msacm.l3codecp"=l3codecp.acm "vidc.XVID"=xvidvfw.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "vidc.VP60"=C:\Windows\system32\vp6vfw.dll "vidc.VP61"=C:\Windows\system32\vp6vfw.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "vidc.divx"=divx.dll "vidc.yv12"=divx.dll "vidc.ffds"=ff_vfw.dll "vidc.vp62"=vp6vfw.dll "msacm.ac3filter"=ac3filter.acm "msacm.lameacm"=LameACM.acm "msacm.siren"=sirenacm.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2013-11-10 20:36:43 ----D---- C:\Program Files\trend micro 2013-11-10 20:36:42 ----D---- C:\rsit 2013-11-10 10:33:57 ----D---- C:\AdwCleaner 2013-11-10 07:51:50 ----ASH---- C:\hiberfil.sys 2013-11-10 07:45:50 ----A---- C:\Windows\ntbtlog.txt 2013-11-10 07:05:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2013-11-10 07:05:11 ----A---- C:\Windows\system32\drivers\mbam.sys 2013-11-07 00:03:12 ----D---- C:\Users\Joyce\AppData\Roaming\Hidden Objects TheHauntedHouse 2013-11-06 23:06:25 ----D---- C:\Program Files\iPod 2013-11-06 23:06:11 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-11-06 22:57:58 ----A---- C:\Windows\system32\drivers\HipShieldK.sys 2013-11-06 03:21:36 ----D---- C:\Users\Joyce\AppData\Roaming\Anvate Games 2013-11-06 03:19:05 ----D---- C:\Users\Joyce\AppData\Roaming\Silverback Games 2013-11-06 01:58:26 ----D---- C:\Games 2013-11-06 01:58:03 ----D---- C:\Program Files\tanzuki 2013-11-05 07:33:07 ----D---- C:\Users\Joyce\AppData\Roaming\Legacy Games 2013-11-04 23:36:33 ----D---- C:\Program Files\Mobogenie 2013-11-04 23:33:19 ----A---- C:\Windows\Hidden Mysteries - Notre Dame Uninstall Log.txt 2013-11-04 12:00:10 ----D---- C:\Users\Joyce\AppData\Roaming\Friendly Cactus 2013-11-03 22:35:32 ----D---- C:\Users\Joyce\AppData\Roaming\TheMissingMonaLisa 2013-11-03 19:42:37 ----D---- C:\Windows\Hidden Mysteries - Notre Dame 2013-11-03 19:38:04 ----A---- C:\Windows\Hidden Mysteries - Notre Dame Setup Log.txt 2013-11-03 13:46:38 ----A---- C:\Windows\Rite of Passage 2- Child of the Forest CE Uninstall Log.txt 2013-11-03 06:51:00 ----D---- C:\Windows\Rite of Passage 2- Child of the Forest CE 2013-11-03 06:50:31 ----A---- C:\Windows\Rite of Passage 2- Child of the Forest CE Setup Log.txt 2013-10-28 04:30:07 ----D---- C:\Users\Joyce\AppData\Roaming\Mad Head Games 2013-10-25 01:31:46 ----D---- C:\Users\Joyce\AppData\Roaming\Hidden Objects LesMiserables 2013-10-25 01:07:26 ----D---- C:\Users\Joyce\AppData\Roaming\8Floor 2013-10-25 00:34:35 ----D---- C:\Users\Joyce\AppData\Roaming\blg 2013-10-25 00:34:35 ----D---- C:\ProgramData\blg 2013-10-23 10:33:45 ----A---- C:\Windows\system32\drivers\ssudmdm.sys 2013-10-23 10:33:45 ----A---- C:\Windows\system32\drivers\ssudbus.sys 2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadwhnt.sys 2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadwh.sys 2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadmdm.sys 2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadmdfl.sys 2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadcmnt.sys 2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadcm.sys 2013-10-23 10:32:00 ----A---- C:\Windows\system32\drivers\ssadbus.sys 2013-10-23 10:14:13 ----A---- C:\Windows\system32\Redemption.dll 2013-10-23 10:12:03 ----A---- C:\Windows\system32\drivers\dgderdrv.sys 2013-10-23 10:12:03 ----A---- C:\Windows\system32\dgderapi.dll 2013-10-23 10:03:01 ----D---- C:\ProgramData\Samsung 2013-10-13 16:36:21 ----A---- C:\Windows\system32\mshtmled.dll 2013-10-13 16:36:20 ----A---- C:\Windows\system32\vbscript.dll 2013-10-13 16:36:18 ----A---- C:\Windows\system32\ieui.dll 2013-10-13 16:36:17 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-13 16:36:17 ----A---- C:\Windows\system32\ieUnatt.exe 2013-10-13 16:36:16 ----A---- C:\Windows\system32\wininet.dll 2013-10-13 16:36:16 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-13 16:36:15 ----A---- C:\Windows\system32\jscript9.dll 2013-10-13 16:36:15 ----A---- C:\Windows\system32\jscript.dll 2013-10-13 16:36:14 ----A---- C:\Windows\system32\url.dll 2013-10-13 16:36:13 ----A---- C:\Windows\system32\iertutil.dll 2013-10-13 16:36:11 ----A---- C:\Windows\system32\urlmon.dll 2013-10-13 16:36:10 ----A---- C:\Windows\system32\mshtml.dll 2013-10-13 16:36:08 ----A---- C:\Windows\system32\ieframe.dll 2013-10-11 17:12:07 ----A---- C:\Windows\system32\DWrite.dll 2013-10-11 17:12:06 ----A---- C:\Windows\system32\FntCache.dll 2013-10-11 17:12:05 ----A---- C:\Windows\system32\d3d10warp.dll 2013-10-11 17:12:05 ----A---- C:\Windows\system32\d3d10level9.dll 2013-10-11 17:12:04 ----A---- C:\Windows\system32\d3d10core.dll 2013-10-11 17:12:04 ----A---- C:\Windows\system32\d3d10_1core.dll 2013-10-11 17:12:04 ----A---- C:\Windows\system32\d3d10.dll 2013-10-11 17:12:04 ----A---- C:\Windows\system32\d2d1.dll 2013-10-11 17:12:03 ----A---- C:\Windows\system32\d3d10_1.dll 2013-10-11 17:11:54 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2013-10-11 17:11:53 ----A---- C:\Windows\system32\cdd.dll 2013-10-11 17:11:46 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-11 17:11:41 ----A---- C:\Windows\system32\win32k.sys 2013-10-11 17:10:16 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-10-11 17:10:15 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2013-10-11 17:10:14 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-10-11 17:10:14 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-10-11 17:10:13 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-10-11 17:10:12 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2013-10-11 17:09:58 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2013-10-11 17:09:44 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-11 17:09:31 ----A---- C:\Windows\system32\atmfd.dll 2013-10-11 17:09:28 ----A---- C:\Windows\system32\atmlib.dll 2013-10-11 17:09:17 ----A---- C:\Windows\system32\comctl32.dll 2013-10-11 17:09:04 ----A---- C:\Windows\system32\drivers\usbscan.sys 2013-10-11 17:09:02 ----A---- C:\Windows\system32\drivers\hidparse.sys ======List of files/folders modified in the last 1 month====== 2013-11-10 20:37:00 ----D---- C:\Windows\Temp 2013-11-10 20:36:43 ----D---- C:\Program Files 2013-11-10 20:36:23 ----A---- C:\ProgramData\HPWALog.txt 2013-11-10 20:36:05 ----D---- C:\Windows\System32 2013-11-10 20:36:05 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-11-10 20:36:04 ----D---- C:\Windows\inf 2013-11-10 20:35:50 ----D---- C:\Windows\system32\drivers 2013-11-10 20:30:29 ----D---- C:\ProgramData 2013-11-10 18:31:24 ----D---- C:\Windows\Tasks 2013-11-10 18:31:24 ----D---- C:\Windows\system32\Tasks 2013-11-10 18:31:24 ----D---- C:\Program Files\Mozilla Firefox 2013-11-10 18:31:18 ----D---- C:\Users\Joyce\AppData\Roaming\Uniblue 2013-11-10 18:22:36 ----RSD---- C:\Windows\assembly 2013-11-10 17:26:58 ----D---- C:\Windows\ServiceProfiles 2013-11-10 10:40:41 ----D---- C:\Program Files\Common Files 2013-11-10 10:39:30 ----D---- C:\ProgramData\Uniblue 2013-11-10 07:55:53 ----D---- C:\Users\Joyce\AppData\Roaming\Skype 2013-11-10 07:45:50 ----D---- C:\Windows 2013-11-10 05:31:55 ----SHD---- C:\System Volume Information 2013-11-07 03:56:21 ----D---- C:\Windows\system32\catroot 2013-11-07 03:56:06 ----D---- C:\Program Files\Common Files\McAfee 2013-11-07 03:53:28 ----D---- C:\ProgramData\McAfee 2013-11-07 02:46:06 ----D---- C:\Users\Joyce\AppData\Roaming\Azureus 2013-11-07 01:52:51 ----D---- C:\Users\Joyce\AppData\Roaming\Funlinker 2013-11-07 01:18:09 ----D---- C:\Program Files\Foxy Games 2013-11-06 23:10:05 ----SHD---- C:\Windows\Installer 2013-11-06 23:08:09 ----D---- C:\Program Files\iTunes 2013-11-06 23:06:24 ----D---- C:\Program Files\Common Files\Apple 2013-11-06 22:50:22 ----D---- C:\Users\Joyce\AppData\Roaming\BlamGames 2013-11-06 15:31:38 ----D---- C:\Users\Joyce\AppData\Roaming\AlawarEntertainment 2013-11-06 02:19:38 ----D---- C:\Users\Joyce\AppData\Roaming\Deep Shadows 2013-11-06 02:15:49 ----D---- C:\Users\Joyce\AppData\Roaming\YoudaGames 2013-11-06 00:36:56 ----D---- C:\Users\Joyce\AppData\Roaming\PlayFavoriteGames 2013-11-05 23:32:41 ----D---- C:\Users\Joyce\AppData\Roaming\ERS Game Studios 2013-11-05 16:23:51 ----D---- C:\Users\Joyce\AppData\Roaming\Elephant Games 2013-11-05 06:45:32 ----AD---- C:\ProgramData\Temp 2013-11-04 22:21:36 ----D---- C:\Program Files\BigJig 2013-11-04 21:56:07 ----D---- C:\Zylom Games 2013-11-04 21:55:46 ----D---- C:\Program Files\RealArcade 2013-11-04 16:50:40 ----D---- C:\Users\Joyce\AppData\Roaming\Gogii 2013-11-04 08:00:32 ----D---- C:\Users\Joyce\AppData\Roaming\DailyMagic 2013-11-04 08:00:32 ----D---- C:\ProgramData\DailyMagic 2013-11-03 21:52:26 ----D---- C:\Users\Joyce\AppData\Roaming\GameMill Entertainment 2013-11-03 20:33:32 ----D---- C:\Program Files\Denda Games 2013-11-03 03:33:56 ----D---- C:\Users\Joyce\AppData\Roaming\SulusGames 2013-11-03 03:33:56 ----D---- C:\ProgramData\SulusGames 2013-11-03 03:32:02 ----D---- C:\Program Files\Games 2013-11-02 16:00:45 ----D---- C:\Users\Joyce\AppData\Roaming\vlc 2013-10-28 04:49:00 ----D---- C:\Users\Joyce\AppData\Roaming\casualArts 2013-10-28 04:49:00 ----D---- C:\ProgramData\casualArts 2013-10-26 08:49:51 ----D---- C:\Users\Joyce\AppData\Roaming\Artifex Mundi 2013-10-25 00:02:46 ----D---- C:\Users\Joyce\AppData\Roaming\Boolat Games 2013-10-24 12:28:44 ----D---- C:\Windows\Debug 2013-10-24 00:39:50 ----D---- C:\Users\Joyce\AppData\Roaming\ShamanGS 2013-10-24 00:23:18 ----D---- C:\Users\Joyce\AppData\Roaming\Artogon 2013-10-23 23:08:04 ----D---- C:\Users\Joyce\AppData\Roaming\TuneUpMedia 2013-10-23 22:47:53 ----D---- C:\Users\Joyce\AppData\Roaming\Apple Computer 2013-10-23 20:01:43 ----D---- C:\ProgramData\TuneUpMedia 2013-10-23 20:01:40 ----D---- C:\Users\Joyce\AppData\Roaming\Mozilla 2013-10-23 10:47:37 ----D---- C:\Users\Joyce\AppData\Roaming\Samsung 2013-10-23 10:40:22 ----D---- C:\Windows\Microsoft.NET 2013-10-23 10:34:41 ----D---- C:\Windows\system32\catroot2 2013-10-23 10:31:25 ----D---- C:\Windows\system32\Samsung_USB_Drivers 2013-10-23 10:29:13 ----D---- C:\Program Files\Samsung 2013-10-23 10:11:48 ----HD---- C:\Program Files\InstallShield Installation Information 2013-10-19 13:04:26 ----D---- C:\Windows\Prefetch 2013-10-13 17:39:36 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-13 17:35:02 ----D---- C:\Windows\system32\wbem 2013-10-13 17:35:02 ----D---- C:\Windows\system32\migration 2013-10-13 17:34:59 ----D---- C:\Program Files\Internet Explorer 2013-10-13 17:13:03 ----D---- C:\Windows\winsxs 2013-10-13 17:10:24 ----D---- C:\ProgramData\Microsoft Help 2013-10-13 16:52:10 ----A---- C:\Windows\system32\mrt.exe 2013-10-11 16:44:57 ----A---- C:\Windows\system32\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 McPvDrv;McPvDrv Driver; C:\Windows\system32\drivers\McPvDrv.sys [2013-09-09 66296] R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-09-24 571608] R0 RapportKELL;RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [2013-09-10 97008] R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 15672] R1 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-09-24 213200] R1 RapportCerberus_56758;RapportCerberus_56758; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_56758.sys [2013-08-19 330960] R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2013-09-10 148688] R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2013-07-25 222416] R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-04-15 113608] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-30 1184768] R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2013-09-24 60920] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-07-15 36608] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-10-28 2476544] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-09-22 112128] R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-09-24 133928] R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-09-24 235488] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-09-24 365256] R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2013-09-20 301248] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-12-23 138240] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-06-03 407040] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936] R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S3 catchme;catchme; \??\C:\Users\Joyce\AppData\Local\Temp\catchme.sys [] S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys [] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-21 84248] S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584] S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2013-09-23 147912] S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408] S3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2013-09-24 65928] S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2013-09-20 80656] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632] S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-12-29 60416] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-06-21 136904] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-06-21 17864] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-06-21 153672] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-21 181912] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [2009-03-02 81920] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-07-15 233472] R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560] R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2012-08-31 167784] R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2013-09-24 145088] R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560] R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560] R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560] R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560] R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-09-20 638976] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-09-24 169320] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-09-24 172416] R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 ogmservice;Online Games Manager; C:\Program Files\Online Games Manager\ogmservice.exe [2013-08-08 559552] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-09-10 1435928] R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-12-23 365952] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-11-26 247152] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe [2009-06-03 217170] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512] R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2011-01-25 791608] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate1cad429e4fae9f9;Google Updateservice (gupdate1cad429e4fae9f9); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-04 133104] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-03-01 161384] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-11 257416] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-04 133104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-17 194032] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2013-08-02 471592] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] -----------------EOF-----------------
-
Hallo, Sinds een paar dagen heb ik problemen met mijn laptop. De internetbrowser kan ik niet meer openen en mijn laptop is behoorlijk traag geworden. Ik hoop dat jullie mij hierbij kunnen helpen. met vriendelijke groet, Joyce
-
Hallo, Bij het opstarten van mijn pc kreeg ik de melding dat er een trojaans paard (ZeroAccess) is gedetecteerd en dat deze niet te verwijderen kon worden. Hopelijk kunnen jullie mij hierbij helpen. Alvast bedankt! Met vriendelijke groeten, joyce Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:14:55, on 9-7-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Windows\System32\hkcmd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\McAfee\MAT\McPvTray.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\users\joyce\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Webmeter - Intomart GfK - Nedstat R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Compaq | MSN R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120708130457.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [McPvTray_exe] "C:\Program Files\McAfee\MAT\McPvTray.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN196091LK05NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Azureus] C:\Program Files\Vuze\Azureus.exe O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: McAfee Application Installer Cleanup (0207891341841212) (0207891341841212mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\020789~1.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate1cad429e4fae9f9) (gupdate1cad429e4fae9f9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe -- End of file - 14448 bytes
-
Wat raar, ik heb dat berichtje nooit gekregen/gezien. Sorry dat ik daar niet op gereageerd heb, maar ik zie dit berichtje pas voor het eerst. Maar het gaat inderdaad over dezelfde pc. Ik ben juist altijd alert op terug reageren, dus ik vind het echt vervelend dat ik dit bericht gemist hebt.
-
Hallo, Bij het opstarten van mijn pc kreeg ik de melding dat er een trojaans paard (ZeroAccess) is gedetecteerd en dat deze niet te verwijderen kon worden. Hopelijk kunnen jullie mij hierbij helpen. Ik voeg meteen het logbestand van hijack erbij. Alvast bedankt! Met vriendelijke groeten, joyce Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:05:06, on 9-7-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Windows\System32\hkcmd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\McAfee\MAT\McPvTray.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Vuze\Azureus.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\users\joyce\hijackthis\HijackThis.exe C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Webmeter - Intomart GfK - Nedstat R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Compaq | MSN R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120708130457.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [McPvTray_exe] "C:\Program Files\McAfee\MAT\McPvTray.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN196091LK05NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Azureus] C:\Program Files\Vuze\Azureus.exe O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: McAfee Application Installer Cleanup (0207891341841212) (0207891341841212mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\020789~1.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate1cad429e4fae9f9) (gupdate1cad429e4fae9f9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe -- End of file - 14679 bytes
