Ga naar inhoud

jopke

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    216

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door jopke

  1. jopke

    update

    jopke reageerde op jopke's topic in Archief Windows 8.1

    Ik gebruik windows defender niet.Hier is het speccy logje speccy.htm
  2. jopke

    update

    jopke reageerde op jopke's topic in Archief Windows 8.1

    Hallo clarkie,bedankt alvast voor uw antwoord.Mijn maandelijks basisvolume = 153600 mb en ik heb nog maar 13102 mb verbruikt. Dit is de update
  3. jopke

    update

    jopke plaatste een topic in Archief Windows 8.1

    Hallo,ik heb een update die niet wil lukken.Er staat "u hebt een verbinding met een datalimiet,u moet mogelijk betalen voor downloads" Dit versta ik niet goed,ik heb whop van telenet. mvg Jopke
  4. jopke
    Ok Kape,hartelijk dank en groetjes Jopke
  5. jopke
    Hier het logje van adwcleaner # AdwCleaner v4.105 - Rapport aangemaakt 15/12/2014 op 12:10:17 # Laatste Update 08/12/2014 door Xplode # Database : 2014-12-13.4 [Live] # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : User - USER-PC # Gestart vanuit : C:\Users\User\Downloads\adwcleaner_4.105.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** ***** [ Taken ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17496 -\\ Mozilla Firefox v34.0 (x86 nl) ************************* AdwCleaner[R0].txt - [775 octets] - [15/12/2014 12:06:28] AdwCleaner[s0].txt - [700 octets] - [15/12/2014 12:10:17] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [759 octets] ##########
  6. jopke
    Hallo Kape,alvast bedankt voor de hulp en hier is het logje Zoek.exe v5.0.0.0 Updated 14-December-2014 Tool run by User on ma 15/12/2014 at 8:54:14,37. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\User\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 15/12/2014 8:56:51 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully C:\Users\User\AppData\Roaming\Malwarebytes deleted successfully C:\Users\User\AppData\Local\Adobe deleted successfully C:\Users\User\AppData\Local\MigWiz deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1786167400-2633826401-982318652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{81534B13-4FB5-4FCE-B4EC-58511D3C5FA9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\actsc9ga.default user.js not found ---- Lines iminent modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"webbooster@iminent.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141512_0910_.backup ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l3bcnw6i.default-1399439885221 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141512_0910_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\User\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-12-12 18:37:07 FF0A6E76FAE624AC74780AB008752F98 3209728 ----a-w- C:\Windows\SysWOW64\mf.dll 2014-12-12 18:33:09 E1456E7396022EBE4E5434188D1AC8B0 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-12 18:32:58 BB25F69463AD8E7E51B5D9D158B5F8DF 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-12-12 18:32:58 2EADED07BDA52C1FC5A6D4E1CC5858F0 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-12-12 18:32:57 F25284C763E728E4DAC248C211D1FC5B 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-12-12 18:32:56 F98B3860BB47089EA8C1504F043E90E9 342200 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-12-12 18:32:56 F34F6DC38A21FCDBB50CDD1EE97B1EA3 1307136 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-12-12 18:32:56 2ABC5587D582ACCEA30B4CF968C2A4A5 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-12-12 18:32:55 D7A98A4CEA2E89F544065A00BF37FC10 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-12-12 18:32:55 69AC6FD5B0B4DC963723E1EBDEE10A2C 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-12-12 18:32:54 DEB9476A3CD1A5819DD4504BB7C6BA66 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-12-12 18:32:54 220505B0B3E96C857DD01729AF0CD369 19749376 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-12-12 18:32:53 F0BCBD8FCDA145EED53ED66C45CC378B 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-12-12 18:32:53 41AFA61E061E98E97272AC02184C8C2C 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-12-12 18:32:52 543ADCEA31CF9C2B4EEB900D4AAFD0F9 2052096 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-12-12 18:32:51 EC5A3E4E21079B9D423AA0760828D678 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-12-12 18:32:51 D90585C3BE942DAAFBDC868FDC061844 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-12-12 18:32:51 759E2FAD5371512C6679FA346719493E 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-12-12 18:32:51 01777AB557997E98691E322225314E57 2277888 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-12-12 18:32:49 CF9D05678B02B44FBC8D8AD8C9F30D58 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-12-12 18:32:49 35BD045804B67E78F4CAB72CB820AF7F 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-12-12 18:32:48 B59E370277EDB6643083B62297175628 12836864 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-12-12 18:32:45 F728E7E9937117E0F32F39840EB6D737 4299264 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-12-12 18:32:45 2E9E105037AC1274656C3D1125323352 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-12-12 18:32:44 5E4E0E43E0A5BF9F089696DFA7A3D677 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-12-12 18:32:44 37F078B5B435AFC6BF316F2AD14B469A 501248 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-12-12 18:32:43 29CED1A4777A43526A4ED8A7B6936883 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-12 18:32:42 930F63D6BC43D4BCD937DFCECDA95F82 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-12-12 18:31:07 9EA3783672D21817B9DF1061B54C3B3C 155136 ----a-w- C:\Windows\SysWOW64\charmap.exe 2014-12-12 18:31:05 1DE9BD23AFA36150586C732D876D9B74 1177088 ----a-w- C:\Windows\SysWOW64\WsmSvc.dll 2014-12-12 18:31:04 B975C202F590BBC5AA63225FBD148791 198656 ----a-w- C:\Windows\SysWOW64\WSManHTTPConfig.exe 2014-12-12 18:31:04 B6AC69FFBAA159DD5CEED814245A286D 214016 ----a-w- C:\Windows\SysWOW64\WsmWmiPl.dll 2014-12-12 18:31:04 5D9A1A3E5824CECE65871C60E5A08A1A 145920 ----a-w- C:\Windows\SysWOW64\WsmAuto.dll 2014-12-12 18:31:04 2C28FEC61C4AC68480A99CB7AA197FA9 248832 ----a-w- C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2014-12-12 18:30:54 50C73E54062BA252350F3F29580E28DA 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-12-12 18:37:06 6E1DDE0E72FB8268F42F6777CE4C5036 4121600 ----a-w- C:\Windows\Sysnative\mf.dll 2014-12-12 18:33:22 F0356290BA3940F31AFF5566501495F7 192000 ----a-w- C:\Windows\Sysnative\aepic.dll 2014-12-12 18:33:22 985558125FEEC89AB4AD142158B066D7 830976 ----a-w- C:\Windows\Sysnative\appraiser.dll 2014-12-12 18:33:22 8E64BB62AB3810D3C29ED50C405AD3BD 1232040 ----a-w- C:\Windows\Sysnative\aitstatic.exe 2014-12-12 18:33:21 E00981CF227CEEBE7B5A8D99C76D1116 741376 ----a-w- C:\Windows\Sysnative\invagent.dll 2014-12-12 18:33:21 D257AF48934D2167BE15AA4008176381 1083392 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-12-12 18:33:18 DAF13A81A5FC895D68B1D9A72F65F4CB 413184 ----a-w- C:\Windows\Sysnative\generaltel.dll 2014-12-12 18:33:16 5CD6E919CE938A98AB25A2EA2C8C4EDA 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-12-12 18:33:11 A9A0BFD706B3A24C403EEFEB0790D011 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2014-12-12 18:32:58 D471F7A428C21DB04D810445D12D68E0 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-12-12 18:32:58 0FABE2AB8CA2D5CC7C95798533B4D057 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-12-12 18:32:57 39B512C643812FC2D4843C0D4206C759 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-12-12 18:32:57 077AEB068A51B396F25BBCAB0944FC3A 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-12-12 18:32:56 F987718A5CA053DC23E94A531F1754A4 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-12-12 18:32:55 9F07E8FC75C5F98A783ABFD3005EFC22 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-12-12 18:32:52 E7A2061ADF0F4D430FECDA1E8D6B7BA6 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-12-12 18:32:52 5BF0BAA1E5EF724287565E97C9219254 389296 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-12-12 18:32:51 B4E481E9498CE22113628C4E9EA24427 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-12-12 18:32:50 EBC8C9F61F4C148B8C6A28EDE80C51E4 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-12-12 18:32:49 14BA910E7731FC84EB85328BD0F1EE81 800768 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-12-12 18:32:49 0AF0AEF0BA9EF6169E61C78504DCAE55 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-12-12 18:32:48 23AE7A3B44D5C550B81347288CE3230E 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-12-12 18:32:47 EFBA893429814EA3244C87C2D1256618 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-12-12 18:32:46 982B871A25B5078093FAD82D0AB0E3FC 2885120 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-12-12 18:32:46 3FE71E2A5BD3EC652E64FC8BCEFEDD2C 2125312 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-12-12 18:32:44 DFECAE6D925FBC9078870E16F98C471F 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-12-12 18:32:44 5F24313333AB409251152CAFADA40015 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-12-12 18:32:41 F7CCA58B973FB5EAED8D1F12DD3E51F6 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-12-12 18:32:41 8EF01E2EF21D41A23FF70B28179F9ABE 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-12-12 18:32:40 556D271F4243B273EDA353512BF3608A 14412800 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-12-12 18:32:39 DB10D681314714E0D4623E4C0CF6654A 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-12-12 18:32:39 7AC115968B8856004920057B2271224C 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-12-12 18:32:39 021DFF3CB0ADCD19B3AAA00A650FDEE2 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-12-12 18:32:38 8D64466AD12CA5677CD0099C43C58569 6039552 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-12-12 18:32:38 1D294810D3A8A8F722E86AA001F54DCC 580096 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-12-12 18:32:37 4AF089160FE082E5EA5C4AA72782DCA2 2358272 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-12-12 18:32:34 89296EF4A3729A049DA25B7D67A04078 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-12-12 18:32:34 17A157A4225CF562202AC71DB8103177 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-12-12 18:32:32 D478A4CF07FB8ADF72FB16B88E8030B8 25059840 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-12-12 18:31:08 36E5E9D0400475230A7F57F274B88321 165888 ----a-w- C:\Windows\Sysnative\charmap.exe 2014-12-12 18:31:05 FDEB5EE2E4DB9DE9251DDAF6A5BCA070 346624 ----a-w- C:\Windows\Sysnative\WSManMigrationPlugin.dll 2014-12-12 18:31:05 D929ABD465A2DED963DA8B30946A8D5C 2020352 ----a-w- C:\Windows\Sysnative\WsmSvc.dll 2014-12-12 18:31:05 5C642B7B0365305451D579F3EFAD57D4 310272 ----a-w- C:\Windows\Sysnative\WsmWmiPl.dll 2014-12-12 18:31:05 41457C1909F6D1100C0F9B9CFF7960FC 266240 ----a-w- C:\Windows\Sysnative\WSManHTTPConfig.exe 2014-12-12 18:31:04 9B44CABE3536D0E3BF627176318AAFC9 181248 ----a-w- C:\Windows\Sysnative\WsmAuto.dll 2014-12-12 18:30:54 A026998E927FD2095505154CBD72F35B 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2014-12-12 18:21:22 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\Sysnative\aswBoot.exe 2014-12-10 02:37:09 4253086737D81D7C9C160FDE6C037F44 396800 ----a-w- C:\Windows\Sysnative\devinv.dll ====== C:\Windows\Sysnative\drivers ===== 2014-12-12 18:33:05 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-15 02:31:34 -------- d-----w- C:\Program Files\trend micro 2014-11-17 06:27:06 -------- d-----w- C:\Program Files\Canon 2014-11-17 06:25:48 -------- d--h--w- C:\Program Files\CanonBJ ======= C:\PROGRA~2 ===== 2014-11-30 09:38:27 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2014-11-17 06:24:15 -------- d-----w- C:\PROGRA~2\Canon ======= C: ===== ====== C:\Users\User\AppData\Roaming ====== 2014-11-18 09:37:21 -------- d-sh--w- C:\Users\User\AppData\Locallow\EmieBrowserModeList 2014-11-17 06:48:59 -------- d-----w- C:\Users\User\AppData\Roaming\Canon 2014-11-17 06:30:55 -------- d-----w- C:\Users\User\AppData\Locallow\Canon Easy-WebPrint EX2 2014-11-17 06:30:55 -------- d-----w- C:\Users\User\AppData\Locallow\Canon Easy-WebPrint EX 2014-11-17 04:44:08 -------- d-sh--w- C:\Users\User\AppData\Local\EmieBrowserModeList ====== C:\Users\User ====== 2014-12-15 02:29:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\User\Downloads\RSITx64.exe 2014-12-14 16:21:07 0A2DC6C6868D071352D25A4B475ECCB2 32814675 ----a-w- C:\Users\User\Downloads\K-Lite_Codec_Pack_1085_Full.exe 2014-11-17 06:51:55 -------- d--h--w- C:\ProgramData\CanonIJMIG 2014-11-17 06:49:28 -------- d-----w- C:\ProgramData\CanonIJPLM 2014-11-17 06:49:11 -------- d--h--w- C:\ProgramData\CanonIJScan 2014-11-17 06:48:56 -------- d--h--w- C:\ProgramData\CanonIJQuickMenu 2014-11-17 06:31:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gebruikersregistratie voor Canon MG2500 series 2014-11-17 06:30:08 -------- d-----w- C:\ProgramData\CanonIJWSpt 2014-11-17 06:27:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-11-17 06:26:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2500 series Manual 2014-11-17 06:26:28 -------- d--h--w- C:\ProgramData\CanonBJ ====== C: exe-files == 2014-12-15 02:31:34 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\User.exe 2014-12-15 02:29:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\User\Downloads\RSITx64.exe 2014-12-14 16:21:07 0A2DC6C6868D071352D25A4B475ECCB2 32814675 ----a-w- C:\Users\User\Downloads\K-Lite_Codec_Pack_1085_Full.exe 2014-12-12 18:33:22 8E64BB62AB3810D3C29ED50C405AD3BD 1232040 ----a-w- C:\Windows\System32\aitstatic.exe 2014-12-12 18:33:22 65536EB5F53B76562BBE0DE332A8BA3C 66216 ----a-w- C:\Windows\System32\CompatTel\diagtrackrunner.exe 2014-12-12 18:33:15 CCEE34CF7D700825AD839FAB298A0129 46760 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe 2014-12-12 18:33:15 A192555B09BD2A45940D7E449F311AF6 161960 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe 2014-12-12 18:32:58 0FABE2AB8CA2D5CC7C95798533B4D057 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-12-12 18:32:57 A8A8FD02E3A9264A603892DE1F522166 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-12-12 18:32:57 39B512C643812FC2D4843C0D4206C759 718848 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-12-12 18:32:53 B7BCC767AC0E76384BCDC292184DD8C8 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-12-12 18:32:52 43CE0C99DBC0F96DB2B7259B0BE0930E 468992 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-12-12 18:32:51 D90585C3BE942DAAFBDC868FDC061844 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-12-12 18:32:51 A24BFBAE8B50A6780B68FF3673FAB52F 815280 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-12-12 18:32:50 EBC8C9F61F4C148B8C6A28EDE80C51E4 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-12-12 18:32:47 C3D17F3199D39A2AB85956A63731F188 484352 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-12-12 18:32:45 2A9DA9E7462EBA3F6D2036E8D18FF773 813744 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-12-12 18:32:44 5F24313333AB409251152CAFADA40015 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-12-12 18:31:08 36E5E9D0400475230A7F57F274B88321 165888 ----a-w- C:\Windows\System32\charmap.exe 2014-12-12 18:31:07 9EA3783672D21817B9DF1061B54C3B3C 155136 ----a-w- C:\Windows\SysWOW64\charmap.exe 2014-12-12 18:31:05 41457C1909F6D1100C0F9B9CFF7960FC 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe 2014-12-12 18:31:04 B975C202F590BBC5AA63225FBD148791 198656 ----a-w- C:\Windows\SysWOW64\WSManHTTPConfig.exe 2014-12-12 18:30:54 BE8F985609BE0809B7E29960AC997511 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe 2014-12-12 18:21:22 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\System32\aswBoot.exe === C: other files == 2014-12-12 18:33:05 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "UpdatePRCShortCut"="C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Hewlett-Packard\Recovery UpdateWithCreateOnce Software\CyberLink\PowerRecover" "AvastUI.exe"="C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CamserviceOG] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CamserviceOG" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hercules\\Hercules Optical Glass\\XtrCtrlEx.exe /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonQuickMenu] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonQuickMenu" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Canon\\Quick Menu\\CNQMMAIN.EXE /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="c:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPADVISOR" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe view=DOCKVIEW" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpsysdrv] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="hpsysdrv" "hkey"="HKLM" "command"="c:\\program files (x86)\\hewlett-packard\\HP odometer\\hpsysdrv.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/12/2014 19:26] C:\Windows\tasks\PCDRScheduledMaintenance.job --a------ C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [02/07/2009 12:04] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\PCDRScheduledMaintenance" [C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{30D1319F-78B2-4244-889F-DB8772A05CF6}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Assistant\HP Total Care Tune-Up" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [12/12/2014 19:20] ==== Firefox Extensions ====================== ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\actsc9ga.default - Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l3bcnw6i.default-1399439885221 - Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF - Undetermined - wrc@avast.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l3bcnw6i.default-1399439885221 424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash 2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.16 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[14/11/2014 06:57] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://be.msn.com/default.aspx" "Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_BE&c=94&bd=Presario&pf=cndt" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://be.msn.com/default.aspx" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {D8B354F1-BCC9-4537-915B-19C8D6C9F316} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\l3bcnw6i.default-1399439885221\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5 folders=2 33224 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\User\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\User\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 15/12/2014 at 9:22:28,61 ======================
  7. jopke
    Dit is de pc van mijn vrouw en ze zegt dat ze vorige week ineens een beest op het scherm zag.Ik heb het zelf niet gezien want in paniek heeft ze het direct weggeklikt.Ik heb malwarebytes en adwcleaner al gebruikt.Malwarebytes heeft niets gevonden en adwcleaner heeft een paar dingen verwijdert.Kan iemand dit logje eens nazien of er misschien nog iets niet juist is. Alvast bedankt mvg Jopke ALogfile of random's system information tool 1.10 (written by random/random) Run by User at 2014-12-15 03:31:33 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 409 GB (88%) free of 463 GB Total RAM: 2815 MB (55% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 3:31:43, on 15/12/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17496) Boot mode: Normal Running processes: C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\User.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_BE&c=94&bd=Presario&pf=cndt R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://be.msn.com/default.aspx R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9103 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\nvvsvc.exe -session -first "C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /service C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" taskeng.exe {60DD1069-3271-480F-B834-B83E48301B6A} C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe" "C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE" "c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 408 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\servicing\TrustedInstaller.exe "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d157441e-3642-4b4c-abc3-648771cf8c9e -SystemEventPortName:HostProcess-88c85263-23f9-4554-9769-ef994d6d017d -IoCancelEventPortName:HostProcess-e8da7a15-28ab-4336-af3a-56592285dcd1 -NonStateChangingEventPortName:HostProcess-aad02706-e4bd-4922-9b2e-c4f9638de851 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b38c8dae-29d1-4676-9bd8-d4d9b8687c96 -DeviceGroupId:WpdFsGroup "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files\Microsoft IntelliType Pro\itype.exe" "C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe" "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "http://www.pc-helpforum.be/forum/" "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs "C:\Users\User\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\PCDRScheduledMaintenance.job - C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe -fh scripts\monthly.xml -st PCDRScheduledMaintenance =========Mozilla firefox========= ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l3bcnw6i.default-1399439885221 prefs.js - "browser.startup.homepage" - "http://preview.msn.com/?FORM=MI1206&OCID=MI1206" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 16.0.0.235 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX] "Description"=Canon My Image Garden "Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf] "Description"= "Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3] "Description"=Office Live Update v1.3 "Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5] "Description"=Office Live Update v1.5 "Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 16.0.0.235 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.6.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}] Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 209504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2014-11-14 705448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}] Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-11-14 586968] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 6133848] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-05-21 2342800] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamserviceOG] C:\Program Files (x86)\Hercules\Hercules Optical Glass\XtrCtrlEx.exe [2011-09-07 3382568] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2013-05-02 1282120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2010-06-29 1689144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22066272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""= [] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2009-06-22 60464] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-12-12 5227112] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2009-10-23 52272] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 "SoftwareSASGeneration"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux5"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-12-15 03:31:34 ----D---- C:\Program Files\trend micro 2014-12-15 03:31:33 ----D---- C:\rsit 2014-12-12 19:46:45 ----D---- C:\Windows\system32\appraiser 2014-12-12 19:37:07 ----A---- C:\Windows\SYSWOW64\mf.dll 2014-12-12 19:37:06 ----A---- C:\Windows\system32\mf.dll 2014-12-12 19:33:22 ----A---- C:\Windows\system32\appraiser.dll 2014-12-12 19:33:22 ----A---- C:\Windows\system32\aitstatic.exe 2014-12-12 19:33:22 ----A---- C:\Windows\system32\aepic.dll 2014-12-12 19:33:21 ----A---- C:\Windows\system32\invagent.dll 2014-12-12 19:33:21 ----A---- C:\Windows\system32\aeinv.dll 2014-12-12 19:33:18 ----A---- C:\Windows\system32\generaltel.dll 2014-12-12 19:33:16 ----A---- C:\Windows\system32\aepdu.dll 2014-12-12 19:33:11 ----A---- C:\Windows\system32\WindowsCodecs.dll 2014-12-12 19:33:09 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2014-12-12 19:33:05 ----A---- C:\Windows\system32\drivers\tdx.sys 2014-12-12 19:32:58 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-12-12 19:32:58 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-12-12 19:32:58 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-12-12 19:32:58 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-12-12 19:32:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-12-12 19:32:57 ----A---- C:\Windows\system32\ie4uinit.exe 2014-12-12 19:32:56 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-12-12 19:32:56 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-12-12 19:32:56 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-12-12 19:32:56 ----A---- C:\Windows\system32\iernonce.dll 2014-12-12 19:32:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-12-12 19:32:55 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-12-12 19:32:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-12 19:32:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-12-12 19:32:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-12-12 19:32:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-12-12 19:32:52 ----A---- C:\Windows\system32\urlmon.dll 2014-12-12 19:32:52 ----A---- C:\Windows\system32\iedkcs32.dll 2014-12-12 19:32:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-12-12 19:32:51 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-12-12 19:32:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-12-12 19:32:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-12-12 19:32:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-12-12 19:32:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-12 19:32:49 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-12-12 19:32:49 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-12-12 19:32:49 ----A---- C:\Windows\system32\msfeeds.dll 2014-12-12 19:32:49 ----A---- C:\Windows\system32\dxtrans.dll 2014-12-12 19:32:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-12-12 19:32:48 ----A---- C:\Windows\system32\iesetup.dll 2014-12-12 19:32:47 ----A---- C:\Windows\system32\ieapfltr.dll 2014-12-12 19:32:46 ----A---- C:\Windows\system32\iertutil.dll 2014-12-12 19:32:45 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-12-12 19:32:45 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-12-12 19:32:44 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-12-12 19:32:44 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-12-12 19:32:44 ----A---- C:\Windows\system32\jsproxy.dll 2014-12-12 19:32:44 ----A---- C:\Windows\system32\ieUnatt.exe 2014-12-12 19:32:43 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-12-12 19:32:42 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-12-12 19:32:41 ----A---- C:\Windows\system32\ieui.dll 2014-12-12 19:32:41 ----A---- C:\Windows\system32\dxtmsft.dll 2014-12-12 19:32:40 ----A---- C:\Windows\system32\ieframe.dll 2014-12-12 19:32:39 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-12-12 19:32:39 ----A---- C:\Windows\system32\mshtmled.dll 2014-12-12 19:32:39 ----A---- C:\Windows\system32\jscript9diag.dll 2014-12-12 19:32:38 ----A---- C:\Windows\system32\vbscript.dll 2014-12-12 19:32:38 ----A---- C:\Windows\system32\jscript9.dll 2014-12-12 19:32:37 ----A---- C:\Windows\system32\wininet.dll 2014-12-12 19:32:34 ----A---- C:\Windows\system32\msrating.dll 2014-12-12 19:32:34 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-12-12 19:32:32 ----A---- C:\Windows\system32\mshtml.dll 2014-12-12 19:31:08 ----A---- C:\Windows\system32\charmap.exe 2014-12-12 19:31:07 ----A---- C:\Windows\SYSWOW64\charmap.exe 2014-12-12 19:31:05 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll 2014-12-12 19:31:05 ----A---- C:\Windows\system32\WsmWmiPl.dll 2014-12-12 19:31:05 ----A---- C:\Windows\system32\WsmSvc.dll 2014-12-12 19:31:05 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-12 19:31:05 ----A---- C:\Windows\system32\WSManHTTPConfig.exe 2014-12-12 19:31:04 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll 2014-12-12 19:31:04 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll 2014-12-12 19:31:04 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll 2014-12-12 19:31:04 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe 2014-12-12 19:31:04 ----A---- C:\Windows\system32\WsmAuto.dll 2014-12-12 19:30:54 ----A---- C:\Windows\SYSWOW64\tzres.dll 2014-12-12 19:30:54 ----A---- C:\Windows\system32\tzres.dll 2014-12-12 19:21:22 ----A---- C:\Windows\system32\aswBoot.exe 2014-12-10 03:37:09 ----A---- C:\Windows\system32\devinv.dll 2014-12-02 05:44:32 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-11-30 10:38:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-19 04:05:37 ----A---- C:\Windows\SYSWOW64\pku2u.dll 2014-11-19 04:05:37 ----A---- C:\Windows\system32\pku2u.dll 2014-11-19 04:05:37 ----A---- C:\Windows\system32\kerberos.dll 2014-11-19 04:05:36 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-11-18 14:56:48 ----A---- C:\Windows\SYSWOW64\FM20.DLL 2014-11-17 07:51:55 ----HD---- C:\ProgramData\CanonIJMIG 2014-11-17 07:49:28 ----D---- C:\ProgramData\CanonIJPLM 2014-11-17 07:49:11 ----HD---- C:\ProgramData\CanonIJScan 2014-11-17 07:48:59 ----D---- C:\Users\User\AppData\Roaming\Canon 2014-11-17 07:48:56 ----HD---- C:\ProgramData\CanonIJQuickMenu 2014-11-17 07:40:09 ----A---- C:\Windows\SYSWOW64\CNC_BXL.dll 2014-11-17 07:40:08 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll 2014-11-17 07:30:08 ----D---- C:\ProgramData\CanonIJWSpt 2014-11-17 07:27:06 ----D---- C:\Program Files\Canon 2014-11-17 07:26:28 ----HD---- C:\ProgramData\CanonBJ 2014-11-17 07:26:17 ----A---- C:\Windows\system32\CNHMCA6.dll 2014-11-17 07:26:17 ----A---- C:\Windows\system32\CNC_BXL.dll 2014-11-17 07:26:17 ----A---- C:\Windows\system32\CNC_BXI.dll 2014-11-17 07:26:17 ----A---- C:\Windows\system32\CNC_BXC.dll 2014-11-17 07:25:59 ----A---- C:\Windows\system32\CNMLMBX.DLL 2014-11-17 07:25:48 ----HD---- C:\Program Files\CanonBJ 2014-11-17 07:24:15 ----D---- C:\Program Files (x86)\Canon ======List of files/folders modified in the last 1 month====== 2014-12-15 03:31:43 ----D---- C:\Windows\Prefetch 2014-12-15 03:31:35 ----D---- C:\Windows\Temp 2014-12-15 03:31:34 ----D---- C:\Program Files 2014-12-15 03:25:26 ----D---- C:\Windows\system32\config 2014-12-13 04:43:37 ----D---- C:\Windows\rescache 2014-12-13 04:40:03 ----D---- C:\Windows\inf 2014-12-12 19:49:02 ----D---- C:\Windows\winsxs 2014-12-12 19:48:24 ----D---- C:\Windows 2014-12-12 19:47:04 ----D---- C:\Windows\system32\catroot 2014-12-12 19:46:45 ----SD---- C:\Windows\system32\CompatTel 2014-12-12 19:46:45 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-12-12 19:46:45 ----D---- C:\Windows\SYSWOW64\en-US 2014-12-12 19:46:45 ----D---- C:\Windows\SysWOW64 2014-12-12 19:46:45 ----D---- C:\Windows\system32\drivers 2014-12-12 19:46:45 ----D---- C:\Windows\System32 2014-12-12 19:46:45 ----D---- C:\Windows\AppCompat 2014-12-12 19:46:45 ----D---- C:\Program Files\Internet Explorer 2014-12-12 19:46:44 ----D---- C:\Windows\system32\nl-NL 2014-12-12 19:46:44 ----D---- C:\Windows\system32\en-US 2014-12-12 19:46:44 ----D---- C:\Windows\PolicyDefinitions 2014-12-12 19:46:44 ----D---- C:\Program Files (x86)\Internet Explorer 2014-12-12 19:45:43 ----SHD---- C:\Windows\Installer 2014-12-12 19:45:39 ----D---- C:\ProgramData\Microsoft Help 2014-12-12 19:45:13 ----D---- C:\Windows\system32\MRT 2014-12-12 19:40:27 ----A---- C:\Windows\system32\MRT.exe 2014-12-12 19:34:32 ----SHD---- C:\System Volume Information 2014-12-12 19:26:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-12-12 19:24:03 ----D---- C:\Windows\system32\catroot2 2014-12-12 19:21:55 ----D---- C:\Windows\system32\Tasks 2014-12-12 19:18:28 ----D---- C:\Windows\system32\wbem 2014-12-12 19:17:47 ----D---- C:\Windows\Tasks 2014-12-12 19:17:47 ----D---- C:\Windows\system32\wfp 2014-12-12 19:17:47 ----D---- C:\Windows\system32\DriverStore 2014-12-12 19:17:43 ----D---- C:\Windows\system32\CodeIntegrity 2014-12-12 19:17:43 ----D---- C:\Windows\servicing 2014-12-12 19:17:42 ----D---- C:\Program Files\Microsoft Silverlight 2014-12-12 19:17:41 ----D---- C:\Program Files\Common Files\Microsoft Shared 2014-12-12 19:17:41 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-12-12 19:17:25 ----D---- C:\Windows\registration 2014-12-12 19:16:33 ----SD---- C:\ProgramData\Microsoft 2014-12-10 04:30:07 ----D---- C:\Windows\debug 2014-12-07 15:20:53 ----D---- C:\Users\User\AppData\Roaming\Skype 2014-12-05 13:51:44 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-12-02 19:06:18 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-12-02 10:15:05 ----RD---- C:\Program Files (x86) 2014-11-28 04:38:56 ----SD---- C:\Users\User\AppData\Roaming\Microsoft 2014-11-17 07:51:55 ----HD---- C:\ProgramData 2014-11-17 07:40:11 ----RSD---- C:\Windows\Media 2014-11-17 07:40:08 ----D---- C:\Windows\twain_32 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-14 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-14 267632] R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-06-22 240672] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-14 93568] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1050432] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-14 436624] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-14 29208] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-14 83280] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-14 116728] R2 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys [2014-04-09 93144] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-20 4720616] R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6264.sys [2009-05-19 339360] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 hxctlflt;hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [2009-02-08 111104] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888] S3 SNP2UVC;Hercules Webcam; C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-04-29 3565056] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-11-14 50344] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-03-11 241728] R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2014-04-09 1876816] R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-07-09 124928] R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-05-18 73728] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-01 159336] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-11-29 3463080] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-05-22 250616] S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-02 114800] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
  8. jopke
    Hallo Kape, ik wil het u niet moeilijker maken als dat het al is want nu is ook IE verdwenen en kan ik eigenlijk niets meer want ik heb geen andere browser meer.Ik ben nu met de pc van mijn vrouw bezig. Ik waardeer jullie hulp enorm.Ik was toch al een tijdje van plan om een nieuwe pc te kopen en wou wachten op windows 10.Ik zal dan nu maar gaan zien voor een nieuwe.Nogmaals bedankt voor uw deskundige hulp. Mvg,Jopke
  9. jopke
    ja dat heb ik ook gedaan
  10. jopke
    Hallo Kape, ik heb dat gisteren al gedaan ( ik gebruik ccleaner regelmatig )en heb ff nog eens proberen te lade maar het ging nog steeds niet.
  11. jopke
    Nee Kape,krijg de melding : kan firefox setup stub 33_1_exe niet downloaden.
  12. jopke
    Zoek.exe v5.0.0.0 Updated 11-November-2014 Tool run by Leo on wo 12/11/2014 at 7:55:20,20. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Leo\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-11-12-043518.log 27386 bytes ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"=- ==== Deleting Files \ Folders ====================== C:\Users\Leo\AppData\Roaming\Mozilla\Firefox deleted C:\Users\Leo\AppData\Local\Mozilla\Firefox deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [24/06/2009 14:27] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{57E72829-C158-4341-BBED-58F0AD1740FD}"="C:\Program Files\Google\Google Photos Screensaver\FF_ext" [18/02/2008 21:17] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1062 folders=52 64038134 bytes) ==== EOF on wo 12/11/2014 at 7:57:29,19 ======================
  13. jopke
    Zoek.exe v5.0.0.0 Updated 11-November-2014 Tool run by Leo on wo 12/11/2014 at 4:31:14,41. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Leo\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\STacSV.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Program Files\HitmanPro.Alert\hmpalert.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\taskeng.exe C:\Windows\ehome\ehsched.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\ehome\ehRecvr.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Alwil Software\Avast5\avastui.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_189_ActiveX.exe C:\Windows\System32\notepad.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Leo\Downloads\zoek.exe C:\Windows\system32\conime.exe ==== System Restore Info ====================== 12/11/2014 4:33:46 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\FreeAllInOneMediaPlayer deleted successfully C:\Program Files\Hercules deleted successfully C:\Program Files\Malwarebytes' Anti-Malware deleted successfully C:\Program Files\Mozilla Firefox(60) deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\VS Revo Group deleted successfully C:\Program Files\ZenSearch deleted successfully C:\Program Files\Common Files\SWF Studio deleted successfully C:\PROGRA~2\Apple Computer deleted successfully C:\PROGRA~2\Avira deleted successfully C:\PROGRA~2\Symantec deleted successfully C:\Users\Gast\AppData\Roaming\Google deleted successfully C:\Users\Leo\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Leo\AppData\Roaming\PeerNetworking deleted successfully C:\Users\Leo\AppData\Local\Secunia PSI deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-858147225-2523881857-3955173118-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Adobe Flash Player 15 ActiveX Adobe Flash Player 15 Plugin Adobe Flash Player ActiveX Free Download Packages Adobe Shockwave Player 12.1 AMD APP SDK Runtime AMD Catalyst Install Manager Application Profiles avast Free Antivirus Canon Easy-WebPrint EX Canon IJ Scan Utility Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MG2500 series MP Drivers Canon MG2500 series On-screen Manual Canon My Image Garden Canon My Image Garden Design Files Canon My Printer Canon Quick Menu Catalyst Control Center - Branding Catalyst Control Center Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner D3DX10 Defraggler EvilLyrics Foxit Cloud Foxit Reader Gebruikersregistratie voor Canon MG2500 series Google Photos Screensaver Google Updater HitmanPro.Alert Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Japanese Fonts Support For Adobe Reader 8 Junk Mail filter update Malwarebytes Anti-Malware versie 2.0.2.1012 Mesh Runtime Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel Viewer 2003 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Maintenance Service MSVC80_x86 MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) OGA Notifier 2.0.0048.0 Paint.NET v2.61 PC Connectivity Solution PhotoFiltre 6.5.2 PhotoFiltre 7 PVSonyDll RamBooster ScanSoft OmniPage SE 4.0 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2883031) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2883032) 32-Bit Edition Segoe UI Shockwave Director 10.4 Smart Menu's (Windows Live Toolbar) Speccy Spelling Dictionaries Support For Adobe Reader 8 SpywareBlaster 4.6 SpywareGuard v2.2 swMSM Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL TextMaker Viewer Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VC80CRTRedist - 8.0.50727.6195 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live MIME IFilter Windows Live Movie Maker Windows Live OneCare safety scanner Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live Toolbar Feedzoeker (Windows Live Toolbar) Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin YoWindow ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\Mozilla Firefox(60) not found C:\Program Files\Mozilla Firefox(8) deleted C:\Program Files\EvilLyrics deleted C:\Users\Public\sdelevURL.tmp deleted C:\Users\Gast\AppData\LocalLow\AVGTOOLBAR deleted C:\Users\Leo\AppData\LocalLow\AVGTOOLBAR deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Leo\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== 2014-10-15 02:04:18 4E404505B3F62ECFBDBCBBCF0A72DBC5 143360 ----a-w- C:\Windows\System32\drivers\fastfat.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Users\Leo\AppData\Roaming ====== ====== C:\Users\Leo ====== 2014-11-11 15:20:44 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Leo\Downloads\RSIT.exe ====== C: exe-files == 2014-11-11 15:20:44 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Leo\Downloads\RSIT.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-858147225-2523881857-3955173118-1000\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "AvastUI.exe"="C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui" "SysTrayApp"="%ProgramFiles%\IDT\WDM\sttray.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\20131121] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="20131121" "hkey"="HKLM" "command"="C:\\Program Files\\Alwil Software\\Avast5\\setup\\emupdate\\cdcb7f0b-ca6c-47cc-8eef-02a4ef18a312.exe /check" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonQuickMenu] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonQuickMenu" "hkey"="HKLM" "command"="C:\\Program Files\\Canon\\Quick Menu\\CNQMMAIN.EXE /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DivXUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes' Anti-Malware (reboot)] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Malwarebytes' Anti-Malware (reboot)" "hkey"="HKLM" "command"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe\" /runcleanupscript" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OpwareSE4] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OpwareSE4" "hkey"="HKLM" "command"="\"C:\\Program Files\\ScanSoft\\OmniPageSE4.0\\OpwareSE4.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SSBkgdUpdate] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SSBkgdUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" -Embedding -boot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\BTTray.lnk" "backup"="C:\\Windows\\pss\\BTTray.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\ANYCOM\\BLUEUS~1\\BTTray.exe " "item"="BTTray" ==== Startup Folders ====================== 2007-09-23 12:30:10 796 ----a-w- C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [18/10/2014 03:52] C:\Windows\tasks\Google Software Updater.job --a------ C:\GC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\Google Software Updater" [C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [11/11/2014 13:33] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{57E72829-C158-4341-BBED-58F0AD1740FD}"="C:\Program Files\Google\Google Photos Screensaver\FF_ext" [18/02/2008 21:17] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9m0a0pqe.default-1399440365916 - avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF - Undetermined - {c36177c0-224a-11da-8cd6-0800200c9a91} - Undetermined - wrc@avast.com - Fasterfox - %ProfilePath%\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9m0a0pqe.default-1399440365916 63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash 893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.1.0.30716.0.dll - Silverlight Plug-In 893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In 0E8B2D0D9E3415A91EF259CE1112C579 - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll - Shockwave for Director / Shockwave for Director 209F58DECE7A511BB81A7A172F4346E8 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll - Foxit Reader Plugin for Mozilla ADC539F67D3198679F480974EE203678 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.210.11 C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 3239619A441E23A20EC923DF92FF2D70 - C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll - CANON iMAGE GATEWAY Album Plugin Utility for IJ 24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox FE96E37953A1080FBC5E71D34FFFB894 - C:\Program Files\Google\Google Updater\2.4.1508.6312\npCIDetect13.dll - Google Updater AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[10/07/2014 04:31] YouTube - Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "Google", "homepage": "Google", ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="msn" "Search Bar"="Bing" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Zita" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="Bing" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="Bing" "Start Page"="msn" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="msn" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="{searchTerms - Google Search}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\EvilLyrics deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot) deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched deleted successfully ==== Empty IE Cache ====================== C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Leo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Leo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Leo\AppData\Local\Mozilla\Firefox\Profiles\9m0a0pqe.default-1399440365916\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=65 folders=14 4042378 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Gast\AppData\Local\temp emptied successfully C:\Users\Leo\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Leo\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Leo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehmsdri.log" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehRecvr.log" not found ==== EOF on wo 12/11/2014 at 5:35:18,81 ======================
  14. jopke
    Hallo Kape,bedankt voor uw antwoord,hier volgt het logje Logfile of random's system information tool 1.10 (written by random/random) Run by Leo at 2014-11-11 16:24:23 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 161 GB (67%) free of 238 GB Total RAM: 2044 MB (51% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:24:26, on 11/11/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16584) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Alwil Software\Avast5\avastui.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\ehome\ehtray.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Users\Leo\Downloads\RSIT.exe C:\Program Files\trend micro\Leo.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = msn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Zita R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-858147225-2523881857-3955173118-501\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Gast') O4 - HKUS\S-1-5-21-858147225-2523881857-3955173118-501\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Gast') O4 - HKUS\S-1-5-21-858147225-2523881857-3955173118-501\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Gast') O4 - Startup: MSN België Hotmail, Skype, nieuws, entertainment, lifestyle en meer!.URL O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files\HitmanPro.Alert\hmpalert.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe -- End of file - 5786 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\Google Software Updater.job - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}] Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}] SpywareGuardDLBLOCK.CBrowserHelper - C:\Program Files\SpywareGuard\dlprotect.dll [2003-08-02 192512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-07-10 457712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-20 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808] "AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-07-31 4085896] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-02-13 409600] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131121] C:\Program Files\Alwil Software\Avast5\setup\emupdate\cdcb7f0b-ca6c-47cc-8eef-02a4ef18a312.exe [2013-11-23 180184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2013-05-02 1282120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe [2014-09-26 4811032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-21 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] C:\PROGRA~1\ANYCOM\BLUEUS~1\BTTray.exe [] C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup MSN België Hotmail, Skype, nieuws, entertainment, lifestyle en meer!.URL SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-11-10 17:27:59 ----D---- C:\Program Files\Mozilla Firefox(8) 2014-10-15 03:30:54 ----A---- C:\Windows\system32\mscories.dll 2014-10-15 03:30:54 ----A---- C:\Windows\system32\mscorier.dll 2014-10-15 03:30:53 ----A---- C:\Windows\system32\dfshim.dll 2014-10-15 03:27:53 ----A---- C:\Windows\system32\win32k.sys 2014-10-15 03:04:18 ----A---- C:\Windows\system32\drivers\fastfat.sys 2014-10-15 03:01:17 ----A---- C:\Windows\system32\packager.dll 2014-10-15 03:00:10 ----A---- C:\Windows\system32\msfeedssync.exe 2014-10-15 03:00:09 ----A---- C:\Windows\system32\vbscript.dll 2014-10-15 03:00:09 ----A---- C:\Windows\system32\msfeedsbs.dll 2014-10-15 03:00:09 ----A---- C:\Windows\system32\jsproxy.dll 2014-10-15 03:00:09 ----A---- C:\Windows\system32\dxtmsft.dll 2014-10-15 03:00:08 ----A---- C:\Windows\system32\urlmon.dll 2014-10-15 03:00:08 ----A---- C:\Windows\system32\mshta.exe 2014-10-15 03:00:08 ----A---- C:\Windows\system32\msfeeds.dll 2014-10-15 03:00:07 ----A---- C:\Windows\system32\ieUnatt.exe 2014-10-15 03:00:05 ----A---- C:\Windows\system32\wininet.dll 2014-10-15 03:00:05 ----A---- C:\Windows\system32\url.dll 2014-10-15 03:00:05 ----A---- C:\Windows\system32\iertutil.dll 2014-10-15 03:00:04 ----A---- C:\Windows\system32\ieframe.dll 2014-10-15 03:00:03 ----A---- C:\Windows\system32\mshtmled.dll 2014-10-15 03:00:03 ----A---- C:\Windows\system32\ieui.dll 2014-10-15 03:00:03 ----A---- C:\Windows\system32\dxtrans.dll 2014-10-15 03:00:02 ----A---- C:\Windows\system32\jscript.dll 2014-10-15 03:00:00 ----A---- C:\Windows\system32\mshtml.dll 2014-10-15 02:59:59 ----A---- C:\Windows\system32\jscript9.dll ======List of files/folders modified in the last 1 month====== 2014-11-11 16:24:26 ----D---- C:\Windows\temp 2014-11-11 16:24:25 ----D---- C:\Program Files\trend micro 2014-11-11 16:21:40 ----D---- C:\Windows\Prefetch 2014-11-11 14:32:47 ----D---- C:\Program Files\Mozilla Firefox(60) 2014-11-11 14:30:08 ----D---- C:\Program Files 2014-11-11 14:08:25 ----SHD---- C:\System Volume Information 2014-11-11 13:35:38 ----D---- C:\Windows\system32\Tasks 2014-11-11 13:34:09 ----D---- C:\Windows 2014-11-11 13:33:37 ----D---- C:\Windows\System32 2014-11-11 13:33:37 ----D---- C:\Windows\inf 2014-11-11 13:33:37 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-11-11 13:26:39 ----D---- C:\Windows\system32\Msdtc 2014-11-11 13:26:36 ----D---- C:\Windows\system32\wbem 2014-11-11 13:23:20 ----D---- C:\Windows\system32\config 2014-11-11 13:23:01 ----D---- C:\Windows\Tasks 2014-11-11 13:23:01 ----D---- C:\Windows\system32\spool 2014-11-11 13:23:01 ----D---- C:\Windows\system32\drivers 2014-11-11 13:23:01 ----D---- C:\Windows\system32\catroot2 2014-11-11 13:23:00 ----D---- C:\Program Files\Mozilla Maintenance Service 2014-11-11 13:22:49 ----D---- C:\Windows\registration 2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe 2014-10-18 03:52:42 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-10-15 05:59:11 ----D---- C:\Windows\Microsoft.NET 2014-10-15 05:28:31 ----RSD---- C:\Windows\assembly 2014-10-15 03:32:44 ----D---- C:\Windows\system32\migration 2014-10-15 03:32:43 ----D---- C:\Program Files\Internet Explorer 2014-10-15 03:31:20 ----D---- C:\Windows\winsxs 2014-10-15 03:31:18 ----D---- C:\Windows\system32\catroot 2014-10-15 03:30:52 ----SHD---- C:\Windows\Installer 2014-10-15 03:30:46 ----D---- C:\ProgramData\Microsoft Help 2014-10-15 03:25:57 ----D---- C:\Windows\system32\MRT 2014-10-15 03:05:03 ----D---- C:\Windows\Debug 2014-10-15 03:04:58 ----A---- C:\Windows\system32\mrt.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-10 49944] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-10 192352] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-07-10 55112] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-10 779536] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-10 414520] R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-07-10 57800] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-10 24184] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-10 67824] R2 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys [2014-04-10 75640] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 9647104] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 442368] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH3.sys [2012-02-23 83984] R3 E100B;Intel® PRO-adapterstuurprogramma; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-02-13 356352] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208] S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2007-02-06 78128] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-02-06 80688] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-06 16560] S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2009-01-21 49904] S3 catchme;catchme; \??\C:\Users\Leo\AppData\Local\Temp\catchme.sys [] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] S3 hxctlflt;hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [2009-02-08 99968] S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 SNP2UVC;Hercules Webcam; C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-04-29 3563648] S3 USB28xxBGA;PCTV 330e/800e Device; C:\Windows\system32\DRIVERS\emBDA.sys [2007-01-29 361728] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM.sys [2007-01-29 39680] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016] S4 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 219136] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-07-10 50344] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216] R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files\HitmanPro.Alert\hmpalert.exe [2014-04-10 1876816] R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 STacSV;Audio Service; C:\Windows\system32\STacSV.exe [2008-02-13 212992] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-18 267440] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF-----------------
  15. jopke
    Hallo,mijn pc bleef een paar keer hangen en ik dacht van eerst eens een systeemherstel te doen alvorens verder te zoeken. Na het systeemherstel kwam er een klein vernstertje met de tekst "couldn't load xpcom".Waarschijnlijk is dat iets van firefox, want ik kan firefox niet meer openen.Ik heb dan firefox verwijdert om hem er dan eens opnieuw op te zetten.Nu kan ik firefox niet downloaden,ik krijg dit bericht : kan firefox 33_1_exe niet downloaden. Wat nu? mvg Jopke
  16. jopke
    Hallo emmanujan,ik ben ook geen specialist maar ik veronderstel dat de manier die stegisoft opgeeft om aan 'opstarten' te geraken alleen in windows 8 werkt.Bij windows 7 klik je op de startknop en typ dan in het zoekveld onder programma's msconfig,druk dan enter en dan krijgt ge een venster waar opstarten ook staat en daar kunt ge dan doen wat stegisoft bedoelde. Mvg,Jopke
  17. jopke
    Ja ik dacht dat ook wel dat jullie gelijktijdig een antwoord stuurde zonder het te weten van elkaar.Dan is het voor mij voldoende zo en zal ik het topic afsluiten.Nogmaals dank voor jullie alweer deskundige hulp. mvg,Jopke
  18. jopke
    Hallo Jion en kape,alvast bedankt voor jullie antwoord.Jion heeft ook avast en heeft dat kadertje ook gekregen en het is gewoon reclame.Kape,moet ik nu die scanner nog uitvoeren?
  19. jopke
    Ik zal ook ineens een logje van adwcleaner en mbam posten. # AdwCleaner v3.101 - Rapport aangemaakt 21/04/2014 op 05:36:07 # Laatste Update 20/04/2014 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits) # Gebruikersnaam : Leo - PC_VAN_LEO # Gestart vanuit : C:\Users\Leo\Downloads\adwcleaner.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKLM\SOFTWARE\classes\STacAPI.CODECCtrls Sleutel Verwijderd : HKLM\SOFTWARE\classes\STacAPI.CODECCtrls.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1870557A-4CDC-4EAD-A0A0-A7DAD5304E90} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5A2377F6-2544-4BBF-A88B-0DA903465BFF} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16545 -\\ Mozilla Firefox v28.0 (nl) [ Bestand : C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\aedfkydm.default-1374033718114\prefs.js ] -\\ Google Chrome v [ Bestand : C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1743 octets] - [21/04/2014 05:32:13] AdwCleaner[R1].txt - [1803 octets] - [21/04/2014 05:34:43] AdwCleaner[s0].txt - [1743 octets] - [21/04/2014 05:36:07] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1803 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes | Free Anti-Malware & Internet Security Software Databaseversie: v2014.04.21.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Leo :: PC_VAN_LEO [administrator] 21/04/2014 5:12:09 mbam-log-2014-04-21 (05-12-09).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 268927 Verstreken tijd: 8 minuut/minuten, 48 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  20. jopke
    Hallo,na de laatste update van avast (een tijdje geleden)krijg ik 1 tot 2 keer in de week dit venstertje van avast.Ik klik er niet op omdat ik zoiets niet betrouw. Ik heb dan ook maar een logje geplaatst.Mijn pc werkt gewoon,volgens mij zijn er geen problemen.Alvast bedankt voor de hulp. Logfile of random's system information tool 1.09 (written by random/random) Run by Leo at 2014-04-21 04:46:38 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 163 GB (68%) free of 238 GB Total RAM: 2044 MB (57% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 4:46:45, on 21/04/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16545) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\ehome\ehtray.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Users\Leo\Downloads\RSIT.exe C:\Program Files\trend micro\Leo.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Zita R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files\HitmanPro.Alert\hmpalert.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe -- End of file - 4538 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\Google Software Updater.job =========Mozilla firefox========= ProfilePath - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\aedfkydm.default-1374033718114 prefs.js - "browser.startup.homepage" - "http://be.msn.com/" "{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 13.0.0.182 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf] "Description"= "Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3] "Description"=Office Live Update v1.3 "Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5] "Description"=Office Live Update v1.5 "Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=13] "Description"=Google Updater "Path"=C:\Program Files\Google\Google Updater\2.4.1508.6312\npCIDetect13.dll C:\Program Files\Mozilla Firefox\plugins\ np-mswmp.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}] SpywareGuardDLBLOCK.CBrowserHelper - C:\Program Files\SpywareGuard\dlprotect.dll [2003-08-02 192512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-04-02 597816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-20 657904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808] "AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-04-02 3854640] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-02-13 409600] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131121] C:\Program Files\Alwil Software\Avast5\setup\emupdate\cdcb7f0b-ca6c-47cc-8eef-02a4ef18a312.exe [2013-11-23 180184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2013-04-04 887432] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-21 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] C:\PROGRA~1\ANYCOM\BLUEUS~1\BTTray.exe [] C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-04-10 11:31:34 ----D---- C:\Windows\CryptoGuard 2014-04-09 05:46:37 ----A---- C:\Windows\system32\mshtmled.dll 2014-04-09 05:46:36 ----A---- C:\Windows\system32\vbscript.dll 2014-04-09 05:46:35 ----A---- C:\Windows\system32\jsproxy.dll 2014-04-09 05:46:35 ----A---- C:\Windows\system32\ieui.dll 2014-04-09 05:46:34 ----A---- C:\Windows\system32\ieUnatt.exe 2014-04-09 05:46:33 ----A---- C:\Windows\system32\wininet.dll 2014-04-09 05:46:33 ----A---- C:\Windows\system32\msfeeds.dll 2014-04-09 05:46:32 ----A---- C:\Windows\system32\url.dll 2014-04-09 05:46:32 ----A---- C:\Windows\system32\jscript9.dll 2014-04-09 05:46:32 ----A---- C:\Windows\system32\jscript.dll 2014-04-09 05:46:31 ----A---- C:\Windows\system32\iertutil.dll 2014-04-09 05:46:30 ----A---- C:\Windows\system32\urlmon.dll 2014-04-09 05:46:28 ----A---- C:\Windows\system32\ieframe.dll 2014-04-09 05:46:26 ----A---- C:\Windows\system32\mshtml.dll 2014-04-09 05:40:10 ----A---- C:\Windows\system32\kernel32.dll 2014-04-02 08:23:38 ----A---- C:\Windows\avastSS.scr ======List of files/folders modified in the last 1 month====== 2014-04-21 04:46:45 ----D---- C:\Windows\Prefetch 2014-04-21 04:46:44 ----D---- C:\Windows\temp 2014-04-21 04:46:40 ----D---- C:\Program Files\trend micro 2014-04-21 03:59:10 ----D---- C:\Windows\System32 2014-04-21 03:59:10 ----D---- C:\Windows\inf 2014-04-21 03:59:10 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-04-20 12:11:51 ----SHD---- C:\System Volume Information 2014-04-12 05:35:42 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-04-11 08:14:43 ----D---- C:\Windows\system32\catroot2 2014-04-10 11:31:34 ----D---- C:\Windows 2014-04-10 11:31:19 ----D---- C:\Windows\system32\drivers 2014-04-10 11:31:19 ----D---- C:\Program Files\HitmanPro.Alert 2014-04-10 04:33:48 ----A---- C:\Windows\system32\hmpalert.dll 2014-04-09 05:51:40 ----D---- C:\Windows\system32\migration 2014-04-09 05:51:40 ----D---- C:\Program Files\Internet Explorer 2014-04-09 05:50:32 ----D---- C:\Windows\winsxs 2014-04-09 05:50:27 ----D---- C:\Windows\system32\catroot 2014-04-09 05:46:25 ----SHD---- C:\Windows\Installer 2014-04-09 05:46:15 ----D---- C:\ProgramData\Microsoft Help 2014-04-09 05:45:47 ----D---- C:\Windows\system32\MRT 2014-04-09 05:43:12 ----D---- C:\Windows\Debug 2014-04-09 05:43:07 ----A---- C:\Windows\system32\mrt.exe 2014-04-02 08:23:50 ----D---- C:\Windows\system32\Tasks 2014-04-02 08:23:38 ----A---- C:\Windows\system32\aswBoot.exe 2014-03-31 09:35:10 ----N---- C:\Windows\system32\MpSigStub.exe 2014-03-26 14:24:02 ----D---- C:\Program Files\CCleaner ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-02 49944] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-02 180760] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-04-02 54832] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-02 776976] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-02 411552] R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-04-02 57672] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-02 67824] R2 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys [2014-04-10 75640] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 9647104] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 442368] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH3.sys [2012-02-23 83984] R3 E100B;Intel® PRO-adapterstuurprogramma; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-02-13 356352] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208] S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2007-02-06 78128] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-02-06 80688] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-06 16560] S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2009-01-21 49904] S3 catchme;catchme; \??\C:\Users\Leo\AppData\Local\Temp\catchme.sys [] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] S3 hxctlflt;hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [2009-02-09 99968] S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 SNP2UVC;Hercules Webcam; C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-04-29 3563648] S3 USB28xxBGA;PCTV 330e/800e Device; C:\Windows\system32\DRIVERS\emBDA.sys [2007-01-29 361728] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM.sys [2007-01-29 39680] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016] S4 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 219136] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-04-02 50344] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files\HitmanPro.Alert\hmpalert.exe [2014-04-10 1876816] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 STacSV;Audio Service; C:\Windows\system32\STacSV.exe [2008-02-13 212992] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-12 257712] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-18 119408] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF-----------------
  21. jopke
    Hartelijk dank Kape,het is toch wel een prettig gevoel dat mensen zoals jullie ons op die manier kunnen geruststellen. Groetjes,Jopke
  22. jopke
    Hallo,waarschijnlijk heb ik niet goed opgelet want bij een update van adobe is rommel meegekomen 'optimizer'.Ik klik zeker nooit bewust zoiets aan. Mbam en adwcleaner hebben goed hun best gedaan.Nadat beide vanalles verwijdert hadden heb ik nogmaals gescand en dit zijn de laatste logjes + het logje dat jullie gewoonlijk vragen bij malware.Ben benieuwd of er nog rommel tussen zit.Alvast bedankt. mvg Jopke Logfile of random's system information tool 1.09 (written by random/random) Run by Leo at 2014-02-21 15:44:15 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 164 GB (69%) free of 238 GB Total RAM: 2044 MB (62% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:44:20, on 21/02/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16533) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\ehome\ehtray.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\conime.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Windows\System32\notepad.exe C:\Users\Leo\Downloads\RSIT.exe C:\Program Files\trend micro\Leo.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Zita R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files\HitmanPro.Alert\hmpalert.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe -- End of file - 4806 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\Google Software Updater.job =========Mozilla firefox========= ProfilePath - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\aedfkydm.default-1374033718114 prefs.js - "browser.startup.homepage" - "http://be.msn.com/" "{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.44 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf] "Description"= "Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3] "Description"=Office Live Update v1.3 "Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5] "Description"=Office Live Update v1.5 "Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=13] "Description"=Google Updater "Path"=C:\Program Files\Google\Google Updater\2.4.1508.6312\npCIDetect13.dll C:\Program Files\Mozilla Firefox\plugins\ np-mswmp.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}] SpywareGuardDLBLOCK.CBrowserHelper - C:\Program Files\SpywareGuard\dlprotect.dll [2003-08-02 192512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-02-11 1143168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-20 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-02-11 1143168] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808] "AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-02-11 3767096] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-02-13 409600] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131121] C:\Program Files\Alwil Software\Avast5\setup\emupdate\cdcb7f0b-ca6c-47cc-8eef-02a4ef18a312.exe [2013-11-23 180184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2013-04-04 887432] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-21 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] C:\PROGRA~1\ANYCOM\BLUEUS~1\BTTray.exe [] C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-02-21 15:44:16 ----D---- C:\Program Files\trend micro 2014-02-21 15:44:15 ----D---- C:\rsit 2014-02-21 13:45:23 ----D---- C:\ProgramData\TEMP 2014-02-15 06:04:20 ----D---- C:\Program Files\Mozilla Firefox 2014-02-12 07:12:37 ----A---- C:\Windows\system32\vbscript.dll 2014-02-12 07:12:37 ----A---- C:\Windows\system32\mshtmled.dll 2014-02-12 07:12:35 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-12 07:12:35 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-12 07:12:35 ----A---- C:\Windows\system32\ieui.dll 2014-02-12 07:12:25 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-12 07:12:24 ----A---- C:\Windows\system32\wininet.dll 2014-02-12 07:12:24 ----A---- C:\Windows\system32\jscript.dll 2014-02-12 07:12:23 ----A---- C:\Windows\system32\url.dll 2014-02-12 07:12:23 ----A---- C:\Windows\system32\jscript9.dll 2014-02-12 07:12:22 ----A---- C:\Windows\system32\iertutil.dll 2014-02-12 07:12:21 ----A---- C:\Windows\system32\urlmon.dll 2014-02-12 07:12:20 ----A---- C:\Windows\system32\ieframe.dll 2014-02-12 07:12:18 ----A---- C:\Windows\system32\mshtml.dll 2014-02-12 07:10:53 ----A---- C:\Windows\system32\msxml3.dll 2014-02-06 17:52:04 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe 2014-02-05 05:28:50 ----D---- C:\Program Files\Mozilla Maintenance Service 2014-02-05 04:57:08 ----D---- C:\Users\Leo\AppData\Roaming\1O1L1I1PtF1F1C1N 2014-01-29 11:28:34 ----D---- C:\Users\Leo\AppData\Roaming\vlc 2014-01-29 11:27:43 ----D---- C:\Program Files\VideoLAN 2014-01-23 17:18:44 ----D---- C:\Program Files\CCleaner 2014-01-22 13:22:27 ----D---- C:\Program Files\ZenSearch 2014-01-22 13:22:18 ----D---- C:\Program Files\File Type Assistant 2014-01-22 13:22:07 ----D---- C:\Program Files\FreeAllInOneMediaPlayer ======List of files/folders modified in the last 1 month====== 2014-02-21 15:44:18 ----D---- C:\Windows\temp 2014-02-21 15:44:16 ----RD---- C:\Program Files 2014-02-21 15:21:07 ----D---- C:\Windows\system32\drivers 2014-02-21 14:44:03 ----SHD---- C:\System Volume Information 2014-02-21 14:24:02 ----D---- C:\Windows\Prefetch 2014-02-21 14:21:26 ----D---- C:\Windows\system32\Tasks 2014-02-21 14:19:49 ----D---- C:\Windows 2014-02-21 14:15:33 ----D---- C:\Windows\system32\Msdtc 2014-02-21 14:15:33 ----D---- C:\Windows\System32 2014-02-21 14:15:29 ----D---- C:\Windows\system32\wbem 2014-02-21 14:14:39 ----D---- C:\Windows\system32\config 2014-02-21 14:14:23 ----D---- C:\Windows\Tasks 2014-02-21 14:14:23 ----D---- C:\Windows\system32\spool 2014-02-21 14:14:23 ----D---- C:\Windows\system32\catroot2 2014-02-21 14:14:23 ----D---- C:\Windows\inf 2014-02-21 14:14:23 ----D---- C:\Users\Leo\AppData\Roaming\PhotoFiltre 7 2014-02-21 14:14:22 ----D---- C:\Windows\registration 2014-02-21 13:45:23 ----D---- C:\ProgramData 2014-02-14 07:12:47 ----D---- C:\Program Files\Defraggler 2014-02-13 19:04:40 ----D---- C:\Windows\Debug 2014-02-13 15:51:36 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-12 07:48:31 ----D---- C:\Windows\Microsoft.NET 2014-02-12 07:45:16 ----RSD---- C:\Windows\assembly 2014-02-12 07:24:59 ----D---- C:\Windows\system32\migration 2014-02-12 07:24:59 ----D---- C:\Program Files\Internet Explorer 2014-02-12 07:22:31 ----D---- C:\Windows\winsxs 2014-02-12 07:18:44 ----D---- C:\Windows\system32\MRT 2014-02-12 07:18:37 ----A---- C:\Windows\system32\mrt.exe 2014-02-12 07:18:24 ----SHD---- C:\Windows\Installer 2014-02-12 07:15:52 ----D---- C:\Windows\system32\catroot 2014-02-11 14:39:50 ----A---- C:\Windows\system32\aswBoot.exe 2014-02-06 17:52:34 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-02-06 15:27:46 ----D---- C:\Program Files\Canon 2014-02-06 15:27:25 ----D---- C:\Users\Leo\AppData\Roaming\Canon 2014-02-06 15:26:41 ----D---- C:\Windows\twain_32 2014-02-05 05:22:14 ----D---- C:\Users\Leo\AppData\Roaming\Foxit Software 2014-02-02 08:05:42 ----D---- C:\Program Files\Speccy ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-07 49944] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-02 180248] R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys [2014-02-11 54832] R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-11 775952] R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-11 410784] R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2014-02-11 57672] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-11 67824] R2 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys [2013-11-20 14376] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 9647104] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 442368] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH3.sys [2012-02-23 83984] R3 E100B;Intel® PRO-adapterstuurprogramma; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-02-13 356352] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208] S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2007-02-06 78128] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-02-06 80688] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-06 16560] S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2009-01-21 49904] S3 catchme;catchme; \??\C:\Users\Leo\AppData\Local\Temp\catchme.sys [] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] S3 hxctlflt;hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [2009-02-08 99968] S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 SNP2UVC;Hercules Webcam; C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-04-29 3563648] S3 USB28xxBGA;PCTV 330e/800e Device; C:\Windows\system32\DRIVERS\emBDA.sys [2007-01-29 361728] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM.sys [2007-01-29 39680] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016] S4 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 219136] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-02-11 50344] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files\HitmanPro.Alert\hmpalert.exe [2013-11-20 1830768] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 STacSV;Audio Service; C:\Windows\system32\STacSV.exe [2008-02-13 212992] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-06 257928] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF----------------- Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes : Free Anti-Malware Databaseversie: v2014.02.21.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Leo :: PC_VAN_LEO [administrator] 21/02/2014 15:12:15 mbam-log-2014-02-21 (15-12-15).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 249454 Verstreken tijd: 7 minuut/minuten, 33 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) # AdwCleaner v3.019 - Report created 21/02/2014 at 15:24:59 # Updated 17/02/2014 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (32 bits) # Username : Leo - PC_VAN_LEO # Running from : C:\Users\Leo\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Leo\AppData\Local\filetypeassistant ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16533 -\\ Mozilla Firefox v27.0.1 (nl) [ File : C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\aedfkydm.default-1374033718114\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [959 octets] - [21/02/2014 15:24:22] AdwCleaner[s0].txt - [885 octets] - [21/02/2014 15:24:59] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [944 octets] ##########
  23. jopke
    Hallo atir,ge kunt misschien deze test van telenet eens proberen. Speedtest
  24. jopke
    Ok Stegisoft,bedankt en groetjes, Jopke
  25. jopke
    Hallo,als ik een speedtest doe heb ik een normale downloadsnelheid van ongeveer 60 (whop telenet). Nu heb ik de speedtest ook eens gedaan op mijn vrouw haar pc en daar kom ik maar aan ongeveer een downloadsnelheid van 10. Ik ben verbonden met een kabel en mijn vrouw haar pc is draadloos verbonden met een router. Nu vraag ik maar uit nieuwsgierigheid of dit normaal is want mijn vrouw heeft nergens last van met de pc (wij gebruiken hem maar voor gewone dingen).De uploadsnelheid is bij beide hetzelfde. Mvg Jopke
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.