Ga naar inhoud

Anja1960

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    50

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Anja1960

  1. Anja1960
    Heb nog wel een vraagje. We hebben een aantal programma's gebruikt om op te schonen ed. Die kan ik straffeloos verwijderen of heb je daar nog een tooltje voor?
  2. Anja1960
    Hallo, Het heeft even geduurd maar na het direct aansluiten van de laptop met een draad. bleek dat de snelheid ook niet helemaal goed was. Contact opgenomen met KPN en KPN heeft naar de router gekeken en de download snelheid. en nu werkt het prima. Het trage downloaden is nu dus opgelost. Vriendelijke groet, Anja
  3. Anja1960
    Ik heb begrepen dat het 60MB zou moeten zijn. gecheckt bij KPN. waarschijnlijk heb je 30 MB gemeten, dat wordt gemeten op de eerste poort; er is echter een peerverbinding met een tweede poort gemaakt.
  4. Anja1960
    Nwe poging. Speedtest.net by Ookla - My Results
  5. Anja1960
    Bijgaand de link http://www.pingtest.net/result/106883723.png
  6. Anja1960
    Ja er is enige verbetering merkbaar. Het downloaden is echter nog niet verbeterd. maar weet niet of jullie daar iets aan kunnen doen, gr Anja
  7. Anja1960
    Hoi ik heb een logje gestuurd maar niets meer gehoord. Nog maar een keer bijgesloten. Groetjes Anja AdwCleaner[S0].txt
  8. Anja1960
    Bijgaand het logje na draaien van AdwCleaner. groetjes Anja AdwCleaner[S0].txt
  9. Anja1960
    Bijgaand het logje retour zoek-results.txt
  10. Anja1960
    Bijgaand het log bestandje. groetjes Anja log.txt
  11. Anja1960
    [h=2]Krijg onderstaand bericht als ik op de link klik. Deze discussie is te vinden op: http://www.pc-helpforum.be/f163/pc-traag-72789-new/ Om de reactie te bekijken, klikt u op bovenstaande link. PC Helpforum Systeembericht[/h]Geen Discussie opgegeven. Neem contact op met de beheerder als je een geldige link hebt aangeklikt.
  12. Anja1960
    Hallo. Mijn PC wordt steeds trager. Ik heb zo het idee dat er met het surfen op internet het één en ander is meegekomen wat mijn pc een stuk trager maakt. Plus ik download via Dutplanet.net wel eens het één en ander en de laatste tijd komt het steeds vaker voor dat ik steeds meer moeite heb met het downloaden. De download snelheid is de ene keer gewoon goed en de andere keer dan krijg je bijvoorbeeld een afleveren van een bepaalde serie niet eens gedownload. Kunnen jullie misschien helpen? thanks Anja
  13. Anja1960
    Ja de foto's zijn nog steeds aanwezig op mijn account
  14. Anja1960
    Dank je wel voor je snelle reactie. Als ik de foto's daar verwijder, ben ik ze dan helemaal kwijt? ik heb ze nl. nog nergens opgeslagen. Ze staan wel ook in de galerij-app op mijn telefoon. En als ik ze van mijn telefoon verwijder. Zijn ze dan ook van mijn Google+ account af? Dat is nl ook wel de bedoeling.
  15. Anja1960
    Ik heb een probleem. Er zijn foto's die op mijn Smartphone staan die geupload zijn naar mijn Google+ account. Die foto's wil ik verwijderen van mijn GOOGLE+ account maar ik krijg dat niet voor elkaar. Ik kan me ook niet herinneren dat ik toestemming heb gegeven voor het uploaden maar het is gebeurd nu en ik wil die foto's verwijderen. Foto's staan op een Samsung S3 telefoon. Hoop dat jullie kunnen helpen. Bedankt
  16. Anja1960
    Hallo, Ik kreeg vanmorgen bij het opstarten van laptop, na een update ontvangen te hebben, dat internet explorer niet gestart kon worden omdat gdiplus.dll ontbreekt op de computer. Dat moest ik dan downloaden dan was probleem weer opgelost. Heb de computer opnieuw opgestart en dat ging daarna zonder problemen. Is er iets wat ik moet doen om dit op te lossen? vriendelijke groet Anja
  17. Anja1960
    Hallo, Ik heb MBAM ook even over mijn desktop laten gaan. Zie hieronder mijn logje. Kan iemand mij verder helpen om mijn pc weer op te schonen? Met vriendelijke groet, Anja 22-3-2014 19:43:17 mbam-log-2014-03-22 (19-43-17).txt Scan type: Volledige scan (C:\|D:\|E:\|F:\|H:\|) Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 649307 Verstreken tijd: 3 uur/uren, 43 minuut/minuten, 2 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 2 HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\AppDataLow\Software\PriceGong (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 1 C:\Users\Anja\AppData\Local\Temp\ct2504091 (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 11 C:\Program Files\Vuze\.install4j\user\mism.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Anja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACSQW6X8\FreeCodecPackSetup.exe (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Anja\AppData\Local\Temp\ct2504091\ism.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Anja\Downloads\SoftonicDownloader_voor_winrar.exe (PUP.Optional.Softonic.A) -> Succesvol in quarantaine geplaatst en verwijderd. D:\Documents and Settings\DCWDA\Local Settings\Temp\{F6991519-BAB0-7891-A378-377EE83F0636}\MyBabylonTB.exe (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd. D:\Documents and Settings\DCWDA\Mijn documenten\1. Yvonne\Ook nog overzetten\Winamp\Aod\AolOnDesktop.exe (Trojan.Winlock) -> Succesvol in quarantaine geplaatst en verwijderd. D:\System Volume Information\_restore{453E9D87-5CD9-430E-A7CD-5E0E19DEEABD}\RP1178\A0117631.exe (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd. D:\System Volume Information\_restore{453E9D87-5CD9-430E-A7CD-5E0E19DEEABD}\RP1178\A0117632.dll (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd. D:\System Volume Information\_restore{453E9D87-5CD9-430E-A7CD-5E0E19DEEABD}\RP1178\A0117633.dll (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd. D:\System Volume Information\_restore{453E9D87-5CD9-430E-A7CD-5E0E19DEEABD}\RP1178\A0117634.dll (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  18. Anja1960
    Helemaal top. Dank je wel. Groetjes Anja.
  19. Anja1960
    Hoi Jion, Hierbij het logje van adware. Groetjes Anja. # AdwCleaner v3.022 - Report created 22/03/2014 at 17:33:32 # Updated 13/03/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Gebruiker - GEBRUIKER-PC10 # Running from : C:\Users\Gebruiker\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1 Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_7-zip_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_7-zip_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_media-player-codec-pack_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_media-player-codec-pack_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_winrar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_winrar_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
  20. Anja1960
    Zoek.exe v5.0.0.0 Updated 02-March-2014 Tool run by Gebruiker on ma 03-03-2014 at 21:16:18,03. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 3-3-2014 21:18:21 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Garmin deleted successfully C:\Users\Gebruiker\AppData\Roaming\rmi deleted successfully C:\Users\Gebruiker\AppData\Local\DriverToolkit deleted successfully ==== Creating Sample_03-03-2014_2132.zip ====================== Process iexplore.exe killed Copied file C:\Users\Gebruiker\ImgBurn 2.5.7.exe to sample\ImgBurn 2.5.7.exe Copied file C:\Users\Gebruiker\ImgBurn.exe to sample\ImgBurn.exe Copied file C:\Users\Gebruiker\ImgBurnPreview.exe to sample\ImgBurnPreview.exe Copied file C:\Users\Gebruiker\uninstall.exe to sample\uninstall.exe sample\ImgBurn 2.5.7.exe renamed to EC894FEC7B0A13ED522F0C738DB92504 sample\ImgBurn.exe renamed to 935E8BBEF7137F3DD51D2BE9C4256463 sample\ImgBurnPreview.exe renamed to 2A0A61483B2A74B9207BDC333FC18A26 sample\uninstall.exe renamed to A6D7D4FF3B656E8B001D6810C5D788D7 C:\Users\Public\Desktop\sample_03-03-2014_2132.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_CLASSES_ROOT\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Partner Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Partner Service deleted successfully ==== Deleting Files \ Folders ====================== C:\ProgramData\Partner deleted C:\ProgramData\NCH Software deleted C:\Program Files (x86)\NCH Software deleted C:\Users\Gebruiker\AppData\Roaming\NCH Software deleted C:\Windows\SYSWOW64\SearchProtect deleted C:\PROGRA~2\GUT6DF0.tmp deleted C:\PROGRA~2\GUM6DEF.tmp deleted C:\PROGRA~2\MyFree Codec deleted C:\PROGRA~3\OberonGameConsole deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted C:\END deleted C:\Users\Gebruiker\ImgBurn 2.5.7.exe deleted C:\Users\Gebruiker\ImgBurn.exe deleted C:\Users\Gebruiker\ImgBurnPreview.exe deleted C:\Users\Gebruiker\uninstall.exe deleted "C:\Users\Gebruiker\AppData\Local\{BA6806B4-D59B-435F-B461-88C0DB2F4A2C}" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-03-02 17:27:45 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys ====== C:\Windows\Tasks ====== 2014-03-02 17:19:28 -------- d-----w- C:\Windows\Sysnative\Tasks\NCH Software ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-03-03 18:14:18 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2014-03-02 17:16:24 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\uTorrent 2014-02-16 23:54:36 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2014-02-16 12:56:30 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking ====== C:\Users\Gebruiker ====== 2014-03-03 18:11:37 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe 2014-03-02 17:19:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite 2014-03-02 17:19:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs 2014-02-15 14:38:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn ====== C: exe-files == 2014-03-03 18:14:18 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2014-03-03 18:11:37 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe 2014-03-02 17:26:56 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FU1CRSTA\mbam-setup-1.75.0.1300.exe 2014-03-02 17:17:35 44D196DC25FBA21D90B3633014049B21 1852496 ----a-w- C:\Users\Gebruiker\AppData\Roaming\uTorrent\updates\3.4.0_30620.exe 2014-03-02 17:17:30 44D196DC25FBA21D90B3633014049B21 1852496 ----a-w- C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe 2014-03-02 17:14:37 44D196DC25FBA21D90B3633014049B21 1852496 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K1LJ68FQ\uTorrent.exe 2014-03-01 15:31:17 D7AD25C0266C9D43353DB1B13146646B 92574 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JP2C6XCD\cdcovers.exe === C: other files == 2014-03-03 20:32:25 836BC22B6325A80453C172036109B91D 5853059 ----a-w- C:\Users\Public\Desktop\sample_03-03-2014_2132.zip 2014-03-03 17:01:07 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\_MEI20322\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2014-03-02 17:27:45 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-03-01 17:08:18 16CE5BE912816AA79D1D1198225872BE 5205713 ----a-w- C:\Users\Gebruiker\Downloads\Hansel e Gretel label by Tripp.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "F-Secure Manager"="C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE /splash" "F-Secure TNB"="C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "MediaFace Integration"="C:\Program Files (x86)\Fellowes\MediaFACE 4.0\SetHook.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray] "command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe" "hkey"="HKLM" "item"="ADSMTray" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS WebStorage] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ASUS WebStorage" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\SERVICE\\AsusWSService.exe MySyncFolder" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HotKeysCmds" "hkey"="HKLM" "command"="C:\\Windows\\system32\\hkcmd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IgfxTray" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxtray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Persistence" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxpers.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Setwallpaper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Setwallpaper" "hkey"="HKLM" "command"="c:\\programdata\\SetWallpaper.cmd" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdateLBPShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\LabelPrint\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\LabelPrint\" UpdateWithCreateOnce \"Software\\CyberLink\\LabelPrint\\2.5\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdateP2GoShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\Power2Go\" UpdateWithCreateOnce \"SOFTWARE\\CyberLink\\Power2Go\\6.0\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\SRS Premium Sound.lnk" "backup"="C:\\Windows\\pss\\SRS Premium Sound.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Windows\\Installer\\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h" "item"="SRS Premium Sound" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Partner Service] ==== Startup Folders ====================== 2013-10-26 22:06:23 1041 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.lnk 2011-10-11 20:17:08 2101 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [23-02-2014 12:09] C:\Windows\tasks\DriverToolkit Autorun.job --a------ C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-04-2010 04:37] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-04-2010 04:37] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DriverToolkit Autorun" [C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\{7E458B57-284B-4A22-B991-67DD9091951C}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe] "C:\Windows\SysNative\tasks\NCH Software\DisketchSevenDays" [C:\Program Files (x86)\NCH Software\Disketch\Disketch.exe] "C:\Windows\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [11-10-2011 21:18] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [11-10-2011 21:18] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17-01-2012 10:45] llmcibonccojooiboenghfafpieoabpl - C:\Program Files (x86)\glindorus\llmcibonccojooiboenghfafpieoabpl.crx[] glindorus - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe Skype Click to Call - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Chrome Fix ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_llmcibonccojooiboenghfafpieoabpl_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\llmcibonccojooiboenghfafpieoabpl deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6LM6MJRE will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DAO66XHM will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FJ19P2RY will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KEIOXZWM will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LBCIOIMF will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O126REI3 will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UIX166ZC will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WIB2XZKW will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=755 folders=80 49099662 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6LM6MJRE" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DAO66XHM" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FJ19P2RY" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KEIOXZWM" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LBCIOIMF" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O126REI3" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UIX166ZC" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WIB2XZKW" not found ==== EOF on ma 03-03-2014 at 22:35:32,55 ====================== - - - Updated - - - Zoek.exe v5.0.0.0 Updated 02-March-2014 Tool run by Gebruiker on ma 03-03-2014 at 21:16:18,03. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 3-3-2014 21:18:21 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Garmin deleted successfully C:\Users\Gebruiker\AppData\Roaming\rmi deleted successfully C:\Users\Gebruiker\AppData\Local\DriverToolkit deleted successfully ==== Creating Sample_03-03-2014_2132.zip ====================== Process iexplore.exe killed Copied file C:\Users\Gebruiker\ImgBurn 2.5.7.exe to sample\ImgBurn 2.5.7.exe Copied file C:\Users\Gebruiker\ImgBurn.exe to sample\ImgBurn.exe Copied file C:\Users\Gebruiker\ImgBurnPreview.exe to sample\ImgBurnPreview.exe Copied file C:\Users\Gebruiker\uninstall.exe to sample\uninstall.exe sample\ImgBurn 2.5.7.exe renamed to EC894FEC7B0A13ED522F0C738DB92504 sample\ImgBurn.exe renamed to 935E8BBEF7137F3DD51D2BE9C4256463 sample\ImgBurnPreview.exe renamed to 2A0A61483B2A74B9207BDC333FC18A26 sample\uninstall.exe renamed to A6D7D4FF3B656E8B001D6810C5D788D7 C:\Users\Public\Desktop\sample_03-03-2014_2132.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_CLASSES_ROOT\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Partner Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Partner Service deleted successfully ==== Deleting Files \ Folders ====================== C:\ProgramData\Partner deleted C:\ProgramData\NCH Software deleted C:\Program Files (x86)\NCH Software deleted C:\Users\Gebruiker\AppData\Roaming\NCH Software deleted C:\Windows\SYSWOW64\SearchProtect deleted C:\PROGRA~2\GUT6DF0.tmp deleted C:\PROGRA~2\GUM6DEF.tmp deleted C:\PROGRA~2\MyFree Codec deleted C:\PROGRA~3\OberonGameConsole deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted C:\END deleted C:\Users\Gebruiker\ImgBurn 2.5.7.exe deleted C:\Users\Gebruiker\ImgBurn.exe deleted C:\Users\Gebruiker\ImgBurnPreview.exe deleted C:\Users\Gebruiker\uninstall.exe deleted "C:\Users\Gebruiker\AppData\Local\{BA6806B4-D59B-435F-B461-88C0DB2F4A2C}" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-03-02 17:27:45 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys ====== C:\Windows\Tasks ====== 2014-03-02 17:19:28 -------- d-----w- C:\Windows\Sysnative\Tasks\NCH Software ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-03-03 18:14:18 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2014-03-02 17:16:24 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\uTorrent 2014-02-16 23:54:36 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2014-02-16 12:56:30 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking ====== C:\Users\Gebruiker ====== 2014-03-03 18:11:37 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe 2014-03-02 17:19:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite 2014-03-02 17:19:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs 2014-02-15 14:38:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn ====== C: exe-files == 2014-03-03 18:14:18 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2014-03-03 18:11:37 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe 2014-03-02 17:26:56 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FU1CRSTA\mbam-setup-1.75.0.1300.exe 2014-03-02 17:17:35 44D196DC25FBA21D90B3633014049B21 1852496 ----a-w- C:\Users\Gebruiker\AppData\Roaming\uTorrent\updates\3.4.0_30620.exe 2014-03-02 17:17:30 44D196DC25FBA21D90B3633014049B21 1852496 ----a-w- C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe 2014-03-02 17:14:37 44D196DC25FBA21D90B3633014049B21 1852496 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K1LJ68FQ\uTorrent.exe 2014-03-01 15:31:17 D7AD25C0266C9D43353DB1B13146646B 92574 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JP2C6XCD\cdcovers.exe === C: other files == 2014-03-03 20:32:25 836BC22B6325A80453C172036109B91D 5853059 ----a-w- C:\Users\Public\Desktop\sample_03-03-2014_2132.zip 2014-03-03 17:01:07 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\_MEI20322\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2014-03-02 17:27:45 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-03-01 17:08:18 16CE5BE912816AA79D1D1198225872BE 5205713 ----a-w- C:\Users\Gebruiker\Downloads\Hansel e Gretel label by Tripp.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "F-Secure Manager"="C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE /splash" "F-Secure TNB"="C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "MediaFace Integration"="C:\Program Files (x86)\Fellowes\MediaFACE 4.0\SetHook.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray] "command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe" "hkey"="HKLM" "item"="ADSMTray" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS WebStorage] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ASUS WebStorage" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\SERVICE\\AsusWSService.exe MySyncFolder" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HotKeysCmds" "hkey"="HKLM" "command"="C:\\Windows\\system32\\hkcmd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IgfxTray" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxtray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Persistence" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxpers.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Setwallpaper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Setwallpaper" "hkey"="HKLM" "command"="c:\\programdata\\SetWallpaper.cmd" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdateLBPShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\LabelPrint\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\LabelPrint\" UpdateWithCreateOnce \"Software\\CyberLink\\LabelPrint\\2.5\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdateP2GoShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\Power2Go\" UpdateWithCreateOnce \"SOFTWARE\\CyberLink\\Power2Go\\6.0\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\SRS Premium Sound.lnk" "backup"="C:\\Windows\\pss\\SRS Premium Sound.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Windows\\Installer\\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h" "item"="SRS Premium Sound" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Partner Service] ==== Startup Folders ====================== 2013-10-26 22:06:23 1041 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.lnk 2011-10-11 20:17:08 2101 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [23-02-2014 12:09] C:\Windows\tasks\DriverToolkit Autorun.job --a------ C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-04-2010 04:37] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-04-2010 04:37] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DriverToolkit Autorun" [C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\{7E458B57-284B-4A22-B991-67DD9091951C}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe] "C:\Windows\SysNative\tasks\NCH Software\DisketchSevenDays" [C:\Program Files (x86)\NCH Software\Disketch\Disketch.exe] "C:\Windows\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [11-10-2011 21:18] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [11-10-2011 21:18] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17-01-2012 10:45] llmcibonccojooiboenghfafpieoabpl - C:\Program Files (x86)\glindorus\llmcibonccojooiboenghfafpieoabpl.crx[] glindorus - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe Skype Click to Call - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Chrome Fix ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_llmcibonccojooiboenghfafpieoabpl_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\llmcibonccojooiboenghfafpieoabpl deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6LM6MJRE will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DAO66XHM will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FJ19P2RY will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KEIOXZWM will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LBCIOIMF will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O126REI3 will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UIX166ZC will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WIB2XZKW will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=755 folders=80 49099662 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6LM6MJRE" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DAO66XHM" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FJ19P2RY" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KEIOXZWM" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LBCIOIMF" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O126REI3" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UIX166ZC" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WIB2XZKW" not found ==== EOF on ma 03-03-2014 at 22:35:32,55 ======================
  21. Anja1960
    Hallo, Onderstaand het log van RSIT (64 bit) Groetjes Anja Logfile of random's system information tool 1.09 (written by random/random) Run by Gebruiker at 2014-03-03 19:14:17 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 15 GB (19%) free of 76 GB Total RAM: 3037 MB (36% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:14:24, on 3-3-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\SABnzbd\SABnzbd.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Gebruiker.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files (x86)\Fellowes\MediaFACE 4.0\SetHook.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: SABnzbd.lnk = C:\Program Files (x86)\SABnzbd\SABnzbd.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/BE/Core/Player/2020PlayerAX_Win32.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15290 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Windows\system32\FBAgent.exe" "C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe" "C:\Program Files\ATKGFNEX\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\PC Veilig\Anti-Virus\FSGK32.EXE" /service /stopevent=168 /ipcexch=184 "C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE" C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt oid 1.3.6.1.4.1.2213.11.1.27 HosterGroupType 0 "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "taskhost.exe" taskeng.exe {41EBF084-5DF8-43CE-9A38-514D4E9C5DCF} "C:\Windows\system32\Dwm.exe" "C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" oid 1.3.6.1.4.1.2213.11.1.27.64 HosterGroupType 0 "C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe" Atouch64.exe "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Windows\AsScrPro.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" ATKOSD.exe KBFiltr.exe WDC.exe "C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe" WLIDSvcM.exe 2728 C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding C:\Windows\system32\svchost.exe -k HPService "C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe" "C:\Program Files (x86)\PC Veilig\Anti-Virus\fssm32.exe" 3 612 616 620 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart "C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload "C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r "C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" "C:\Program Files (x86)\SABnzbd\SABnzbd.exe" -b0 "C:\Program Files (x86)\PC Veilig\Anti-Virus\fsav32.exe" "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart "C:\Program Files (x86)\PC Veilig\Spam Control\fsscoepl_x64.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart B110 series#1318364455" -Startup "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding "C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --disable-accelerated-2d-canvas --channel="3796.0.286266214\373170473" /prefetch:673131151 "C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --disable-accelerated-2d-canvas --channel="3796.1.521793505\742558794" /prefetch:673131151 "C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --disable-accelerated-2d-canvas --channel="3796.2.264847896\1790370672" /prefetch:673131151 "C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --disable-accelerated-2d-canvas --channel="3796.3.1910460301\1232443993" /prefetch:673131151 "C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="3796.4.2062053464\478312060" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2202 --lang=en-US --log-severity=disable /prefetch:822062411 C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files (x86)\Nero\Update\NASvc.exe" C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 "C:\Program Files (x86)\Windows Live\Mail\wlmail.exe" "C:\Program Files\Windows Mail\WinMail.exe" -Embedding "C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding C:\Windows\splwow64.exe 8192 taskhost.exe C:\Windows\system32\rundll32.exe aepdu.dll,AePduRunUpdate "C:\Program Files\Internet Explorer\iexplore.exe" Windows 7 MBAM detecteerde 63 infecties! "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7072 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_70_ActiveX.exe -Embedding C:\Windows\system32\AUDIODG.EXE 0x984 "C:\Users\Gebruiker\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\DriverToolkit Autorun.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] Partner BHO Class - C:\ProgramData\Partner\Partner64.dll [2010-04-04 750064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-04 346736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-04-04 318960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2010-04-04 433648] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-04 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-04-04 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}] Browsing Protection Class - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll [2014-01-20 556072] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-04-04 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-04 346736] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-04 256112] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072] {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll [2014-01-20 556072] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440] "AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584] "Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"=C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-15 1171968] "Spotify"=C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe [2014-01-15 6118400] "GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-01-30 21822128] "KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-11-06 1564528] "KiesAirMessage"=C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [] ""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-11-06 845168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe [2010-04-04 3058304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] C:\Windows\system32\hkcmd.exe [2010-08-25 386584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] C:\Windows\system32\igfxtray.exe [2010-08-25 161304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] C:\Windows\system32\igfxpers.exe [2010-08-25 415256] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper] c:\programdata\SetWallpaper.cmd [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk] C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-04-04 156952] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120] "HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016] "ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392] "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624] "F-Secure Manager"=C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE [2009-11-18 201128] "F-Secure TNB"=C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe [2011-09-05 1655464] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208] ""= [] "MediaFace Integration"=C:\Program Files (x86)\Fellowes\MediaFACE 4.0\SetHook.exe [2003-08-18 53248] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-11-06 311152] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup SABnzbd.lnk - C:\Program Files (x86)\SABnzbd\SABnzbd.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2010-08-25 271360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=0 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-03-03 19:14:18 ----D---- C:\Program Files\trend micro 2014-03-03 19:14:17 ----D---- C:\rsit 2014-03-02 18:28:07 ----D---- C:\Users\Gebruiker\AppData\Roaming\Malwarebytes 2014-03-02 18:27:47 ----D---- C:\ProgramData\Malwarebytes 2014-03-02 18:27:45 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-03-02 18:27:45 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-03-02 18:19:28 ----D---- C:\ProgramData\NCH Software 2014-03-02 18:18:59 ----D---- C:\Program Files (x86)\NCH Software 2014-03-02 18:18:52 ----D---- C:\Users\Gebruiker\AppData\Roaming\NCH Software 2014-03-02 18:16:24 ----D---- C:\Users\Gebruiker\AppData\Roaming\uTorrent 2014-02-26 07:02:07 ----D---- C:\Windows\Migration 2014-02-15 15:42:37 ----D---- C:\Windows\SYSWOW64\SearchProtect 2014-02-15 15:36:23 ----D---- C:\Users\Gebruiker\AppData\Roaming\rmi 2014-02-14 00:27:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-02-14 00:27:14 ----A---- C:\Windows\system32\vbscript.dll 2014-02-14 00:26:30 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-02-14 00:26:30 ----A---- C:\Windows\system32\msrating.dll 2014-02-14 00:26:29 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-02-14 00:26:29 ----A---- C:\Windows\system32\ieui.dll 2014-02-14 00:26:29 ----A---- C:\Windows\system32\iernonce.dll 2014-02-14 00:26:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-02-14 00:26:29 ----A---- C:\Windows\system32\ie4uinit.exe 2014-02-14 00:26:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-02-14 00:26:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-02-14 00:26:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-02-14 00:26:28 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-14 00:26:28 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-14 00:26:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-02-14 00:26:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-02-14 00:26:27 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-02-14 00:26:27 ----A---- C:\Windows\system32\mshtml.dll 2014-02-14 00:26:27 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-14 00:26:27 ----A---- C:\Windows\system32\iesetup.dll 2014-02-14 00:26:27 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-02-14 00:26:27 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-02-14 00:26:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-02-14 00:26:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-02-14 00:26:26 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-02-14 00:26:26 ----A---- C:\Windows\system32\jscript9diag.dll 2014-02-14 00:26:26 ----A---- C:\Windows\system32\iertutil.dll 2014-02-14 00:26:26 ----A---- C:\Windows\system32\ieapfltr.dll 2014-02-14 00:26:25 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-02-14 00:26:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-02-14 00:26:25 ----A---- C:\Windows\system32\wininet.dll 2014-02-14 00:26:25 ----A---- C:\Windows\system32\urlmon.dll 2014-02-14 00:26:24 ----A---- C:\Windows\system32\ieframe.dll 2014-02-14 00:26:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-02-14 00:26:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-02-14 00:26:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-02-14 00:26:22 ----A---- C:\Windows\system32\jscript9.dll 2014-02-13 18:51:20 ----A---- C:\Windows\system32\msxml3.dll 2014-02-13 18:51:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-02-13 18:51:19 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-02-13 18:51:19 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-13 18:50:14 ----A---- C:\Windows\system32\RMActivate_isv.exe 2014-02-13 18:50:14 ----A---- C:\Windows\system32\RMActivate.exe 2014-02-13 18:50:13 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe 2014-02-13 18:50:13 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe 2014-02-13 18:50:13 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe 2014-02-13 18:50:13 ----A---- C:\Windows\SYSWOW64\RMActivate.exe 2014-02-13 18:50:13 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-13 18:50:13 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2014-02-13 18:50:12 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll 2014-02-13 18:50:12 ----A---- C:\Windows\system32\secproc_isv.dll 2014-02-13 18:50:12 ----A---- C:\Windows\system32\secproc.dll 2014-02-13 18:50:12 ----A---- C:\Windows\system32\msdrm.dll 2014-02-13 18:50:11 ----A---- C:\Windows\SYSWOW64\secproc.dll 2014-02-13 18:50:11 ----A---- C:\Windows\SYSWOW64\msdrm.dll 2014-02-13 18:50:11 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2014-02-13 18:50:11 ----A---- C:\Windows\system32\secproc_ssp.dll 2014-02-13 18:50:10 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll 2014-02-13 18:50:10 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll 2014-02-13 18:49:35 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-02-13 18:49:34 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-13 18:49:33 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2014-02-13 18:49:33 ----A---- C:\Windows\system32\d2d1.dll ======List of files/folders modified in the last 1 month====== 2014-03-03 19:14:24 ----D---- C:\Windows\Prefetch 2014-03-03 19:14:21 ----D---- C:\Windows\Temp 2014-03-03 19:14:18 ----RD---- C:\Program Files 2014-03-03 18:39:48 ----D---- C:\Users\Gebruiker\AppData\Roaming\Spotify 2014-03-03 18:15:16 ----D---- C:\Windows\system32\config 2014-03-03 18:00:39 ----RD---- C:\Program Files (x86) 2014-03-03 18:00:14 ----A---- C:\Windows\system32\ServiceFilter.ini 2014-03-02 18:27:47 ----HD---- C:\ProgramData 2014-03-02 18:27:45 ----D---- C:\Windows\system32\drivers 2014-03-02 18:19:28 ----D---- C:\Windows\system32\Tasks 2014-03-02 18:08:10 ----D---- C:\Program Files (x86)\DriverToolkit 2014-03-02 00:35:55 ----D---- C:\Program Files (x86)\Newzbin 2014-02-28 19:27:16 ----SHD---- C:\System Volume Information 2014-02-27 21:06:40 ----D---- C:\Windows\Microsoft.NET 2014-02-27 00:51:29 ----SHD---- C:\Windows\Installer 2014-02-27 00:47:31 ----D---- C:\Windows\SysWOW64 2014-02-27 00:47:31 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-02-27 00:47:24 ----D---- C:\Windows\inf 2014-02-27 00:47:22 ----D---- C:\Windows\System32 2014-02-27 00:47:22 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-26 07:05:06 ----D---- C:\Windows\SYSWOW64\en-US 2014-02-26 07:05:05 ----D---- C:\Windows\system32\en-US 2014-02-26 07:02:07 ----SD---- C:\ProgramData\Microsoft 2014-02-26 07:02:07 ----D---- C:\Windows 2014-02-23 12:09:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-02-17 00:50:47 ----D---- C:\Windows\system32\MRT 2014-02-17 00:50:36 ----A---- C:\Windows\system32\MRT.exe 2014-02-15 19:41:15 ----D---- C:\Windows\rescache 2014-02-15 18:31:24 ----RSD---- C:\Windows\assembly 2014-02-15 14:39:31 ----D---- C:\Windows\winsxs 2014-02-15 14:37:35 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-02-15 14:37:34 ----D---- C:\Windows\system32\nl-NL 2014-02-15 14:37:32 ----D---- C:\Program Files\Internet Explorer 2014-02-15 14:37:32 ----D---- C:\Program Files (x86)\Internet Explorer 2014-02-14 00:47:01 ----D---- C:\ProgramData\Microsoft Help 2014-02-14 00:37:47 ----D---- C:\Windows\system32\catroot 2014-02-14 00:27:20 ----D---- C:\Windows\system32\catroot2 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 27216] R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2012-08-31 56016] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\PC Veilig\HIPS\drivers\fshs.sys [2009-11-18 59784] R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2009-11-18 94024] R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\PC Veilig\Anti-Virus\minifilter\fsvista.sys [2009-11-18 16768] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760] R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\PC Veilig\Anti-Virus\minifilter\fsgk.sys [2013-07-10 202176] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416] R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2011-09-05 50384] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 48488] S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-10-28 204568] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208] R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe [2009-11-18 221608] R2 FSMA;F-Secure Management Agent; C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE [2009-11-18 188840] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe [2009-11-18 846248] R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe [2013-06-05 60352] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-04 135664] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-23 257928] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-04 135664] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-01 1255736] S4 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-04 182768] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2010-04-04 332272] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------
  22. Anja1960
    Hallo, Ik dacht dat het wel weer eens tijd was om MBAM te laten draaien en dat bleek niet voor niets. 63 infecties gedetecteerd. Zie hieronder mijn logje. Kan iemand mij verder helpen om mijn pc weer op te schonen? Met vriendelijke groet, Anja Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 www.malwarebytes.org Databaseversie: v2014.03.02.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Gebruiker :: GEBRUIKER-PC10 [administrator] Bescherming: Ingeschakeld 2-3-2014 18:31:38 mbam-log-2014-03-02 (18-31-38).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 235274 Verstreken tijd: 14 minuut/minuten, 23 seconde(n) Geheugenprocessen gedetecteerd: 2 C:\Program Files (x86)\glindorus\updateglindorus.exe (PUP.Optional.Glindorus.A) -> 2668 -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\glindorus\bin\utilglindorus.exe (PUP.Optional.Glindorus.A) -> 1872 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 19 HKLM\SYSTEM\CurrentControlSet\Services\Update glindorus (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SYSTEM\CurrentControlSet\Services\Util glindorus (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{9598e82a-7e09-4438-b425-b9e9718c3c73} (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{8b6f8214-21e9-40b2-a483-83a12836cf54} (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{886CB8E6-B6B1-492B-8FE6-CE8AC83F6AC5} (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9598E82A-7E09-4438-B425-B9E9718C3C73} (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9598E82A-7E09-4438-B425-B9E9718C3C73} (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9598E82A-7E09-4438-B425-B9E9718C3C73} (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683} (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{9598e82a-7e09-4438-b425-b9e9718c3c73} (Adware.Superweb) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683} (Adware.Superweb) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{8b6f8214-21e9-40b2-a483-83a12836cf54} (Adware.Superweb) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{886CB8E6-B6B1-492B-8FE6-CE8AC83F6AC5} (Adware.Superweb) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9598E82A-7E09-4438-B425-B9E9718C3C73} (Adware.Superweb) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9598E82A-7E09-4438-B425-B9E9718C3C73} (Adware.Superweb) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9598E82A-7E09-4438-B425-B9E9718C3C73} (Adware.Superweb) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\glindorus (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\glindorus (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 6 C:\Program Files (x86)\glindorus (PUP.Optional.Glindorus.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\glindorus\bin (PUP.Optional.Glindorus.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\glindorus\bin\plugins (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\OpenCandy\A361F0B50EE940FDAE1399F2BE53BD23 (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\OpenCandy\D8CCE2FD79AF45588425AA800E5B2395 (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 36 C:\Program Files (x86)\glindorus\updateglindorus.exe (PUP.Optional.Glindorus.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\glindorus\bin\utilglindorus.exe (PUP.Optional.Glindorus.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\glindorus\glindorusBHO.dll (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\glindorus\glindorusBHO.dll (Adware.Superweb) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\OpenCandy\A361F0B50EE940FDAE1399F2BE53BD23\SSStub_SearchProtect_p1v0.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\OpenCandy\D8CCE2FD79AF45588425AA800E5B2395\SearchProtect_p1v1.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\OpenCandy\D8CCE2FD79AF45588425AA800E5B2395\sp-downloader.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\rmi\imgburn-2.5.8.0.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\nsc7FE1.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\nsf725.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\nsh409D.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\nsm4407.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\nsm45EB.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\nsm7D12.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\nsx3E2D.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\nsx56DD.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\nsx5AD4.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\utt88CF.tmp (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\nsb233C\SpSetup.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\nsm24F1\SpSetup.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Temp\nsj1DE1.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Temp\nsjD7BE.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Temp\nst1DD1.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Temp\nst85B8.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Downloads\imgburn-2.5.8.0.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Downloads\Java.exe (PUP.Optional.BundleInstaller.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\glindorus\glindorus.ico (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\glindorus\glindorusUninstall.exe (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\glindorus\llmcibonccojooiboenghfafpieoabpl.crx (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\glindorus\sqlite3.exe (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\glindorus\updateglindorus.InstallState (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\glindorus\bin\sqlite3.dll (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\glindorus\bin\utilglindorus.InstallState (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\glindorus\bin\plugins\glindorus.FFUpdate.dll (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\glindorus\bin\plugins\glindorus.GCUpdate.dll (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\glindorus\bin\plugins\glindorus.IEUpdate.dll (PUP.Optional.Glindorus.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) En ook maar een HJT-logje: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 19:01:10, on 2-3-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\SABnzbd\SABnzbd.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\Gebruiker\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files (x86)\Fellowes\MediaFACE 4.0\SetHook.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: SABnzbd.lnk = C:\Program Files (x86)\SABnzbd\SABnzbd.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/BE/Core/Player/2020PlayerAX_Win32.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15251 bytes
  23. Anja1960
    Nou das mooi. Ontzettend bedankt dat je er even naar hebt willen kijken ) Groetjes Anja
  24. Anja1960
    Volgens mij ziet het er allemaal goed uit ) Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.06.30.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Anja :: ANJA-PC [administrator] 30-6-2012 18:47:13 mbam-log-2012-06-30 (18-47-13).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 237252 Verstreken tijd: 7 minuut/minuten, 59 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:56:25, on 30-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Users\Anja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Wireless\WPS\jswtrayutil.exe C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Users\Anja\HijackThis.exe C:\windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files (x86)\Wireless\WPS\jswtrayutil.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe /auto O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Anja\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Anja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: LiveSafer.lnk = C:\Windows\System32\oobe\LiveSafer\LiveSaferSetup.exe (User 'Default user') O4 - Startup: LiveSafer.lnk = C:\Windows\System32\oobe\LiveSafer\LiveSaferSetup.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anja\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\windows\system32\IProsetMonitor.exe (file missing) O23 - Service: JSW Hardware Button Service (JSWHwBtn) - Unknown owner - C:\Program Files (x86)\Wireless\WPS\HwBtnSvc.exe O23 - Service: WPS (jswpsapi) - Unknown owner - C:\Program Files (x86)\Wireless\WPS\jswpsapi.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13041 bytes
  25. Anja1960
    Beste, Ik heb via via van jullie forum gehoord. Graag zou ik even een chekup willen doen van mijn PC en of deze dus virus of spyware vrij is. Hier de log van hijackthis. Bedankt alvast. Anja ogfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:44:07, on 30-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Users\Anja\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Anja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Wireless\WPS\jswtrayutil.exe C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Users\Anja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OSOQXCW7\HijackThis.exe C:\Users\Anja\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files (x86)\Wireless\WPS\jswtrayutil.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe /auto O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Anja\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Anja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: LiveSafer.lnk = C:\Windows\System32\oobe\LiveSafer\LiveSaferSetup.exe (User 'Default user') O4 - Startup: LiveSafer.lnk = C:\Windows\System32\oobe\LiveSafer\LiveSaferSetup.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anja\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\windows\system32\IProsetMonitor.exe (file missing) O23 - Service: JSW Hardware Button Service (JSWHwBtn) - Unknown owner - C:\Program Files (x86)\Wireless\WPS\HwBtnSvc.exe O23 - Service: WPS (jswpsapi) - Unknown owner - C:\Program Files (x86)\Wireless\WPS\jswpsapi.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13434 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.