Ga naar inhoud

TVA

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    23

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door TVA

  1. TVA

    Opschonen

    TVA reageerde op TVA's topic in Archief Windows 7

    http://speccy.piriform.com/results/kQWuRINGTw1aA0HVkzWIf0W
  2. TVA

    Opschonen

    TVA reageerde op TVA's topic in Archief Windows 7

    [ATTACH]31065[/ATTACH] hierbij het logje ComboFix.txt
  3. TVA

    Opschonen

    TVA reageerde op TVA's topic in Archief Windows 7

    Ik heb er slechts 3 kunnen afvinken in de msconfig, dus heb er nog 7 aan staan, maar ik merk eigenlijk geen verschil in snelheid en het halve vastlopen gebeurd nog steeds:dong:
  4. TVA

    Opschonen

    TVA reageerde op TVA's topic in Archief Windows 7

    En hoe doe ik dat?
  5. TVA

    Opschonen

    TVA reageerde op TVA's topic in Archief Windows 7

    Ik had al wel het vermoeden dat er iets aardig "vol" zat en dat dat de werking en snelheid aantastte. Vandaar dat ik ook de titel "opschonen" aangaf. Hoe zou ik het gebruikte RAM geheugen kunnen legen of verminderen dan?
  6. TVA

    Opschonen

    TVA reageerde op TVA's topic in Archief Windows 7

    Excuses! Had niet door dat ik al een bericht terug had omdat ik daar geen mail van ontving. En dat klopt er werd vorige keer ook gezegd dat er niks mis lijkt te zijn met mijn laptop, maar ik heb er wel degelijk problemen mee. Wanneer hij aan staat loopt hij 100000 keer vast (bij wijze van spreke natuurlijk). Dit is het logje: Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Tanneke on ma 31-03-2014 at 16:21:07,87. Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tanneke\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-12-17-123430.log 25801 bytes ==== Empty Folders Check ====================== C:\Users\Tanneke\AppData\Local\CrashDumps deleted successfully C:\Users\Tanneke\AppData\Local\GHISLER deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default user.js not found ---- Lines ask.com removed from prefs.js ---- user_pref("weboftrust.search.ask.display", "Ask.com Web Search"); ---- FireFox user.js and prefs.js backups ---- prefs_31-03-2014_1651_.backup ==== Deleting Files \ Folders ====================== C:\Windows\wininit.ini deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Tanneke\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Users\Tanneke\AppData\Roaming ====== 2014-03-13 18:37:39 -------- d-----w- C:\Users\Tanneke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ 2014-03-13 18:36:20 -------- d-----w- C:\Users\Tanneke\AppData\Roaming\ICQM 2014-03-13 18:36:20 -------- d-----w- C:\Users\Tanneke\AppData\Roaming\ICQ-Profile ====== C:\Users\Tanneke ====== 2014-03-13 18:44:10 -------- d-----w- C:\Users\Tanneke\voip ====== C: exe-files == === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3154680278-51844745-3711090763-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner"="C:\Program Files\CCleaner\CCleaner.exe /AUTO" "icq"="C:\Users\Tanneke\AppData\Roaming\ICQM\icq.exe -CU" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "LManager"="C:\Program Files\Launch Manager\LManager.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner"="C:\Program Files\CCleaner\CCleaner.exe /AUTO" "icq"="C:\Users\Tanneke\AppData\Roaming\ICQM\icq.exe -CU" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AcerCloud] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AcerCloud" "hkey"="HKCU" "command"="C:\\Program Files\\Acer\\Acer Cloud\\acpanel_win.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cobian Backup 10] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Cobian Backup 10" "hkey"="HKLM" "command"="\"C:\\Program Files\\Cobian Backup 10\\Cobian.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Corel Photo Downloader] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Corel Photo Downloader" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\Corel\\Corel PhotoDownloader\\Corel Photo Downloader.exe\" -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\Tanneke\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Tanneke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Webshots.lnk] "item"="Webshots" "path"="C:\\Users\\Tanneke\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Webshots.lnk" "backup"="C:\\Windows\\pss\\Webshots.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\Webshots\\Launcher.exe" ==== Startup Folders ====================== 2013-06-07 04:08:34 1021 ----a-w- C:\Users\Tanneke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2012-01-25 14:11:49 1728 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Acer Registration - Reminder Recall task.job --a------ C:\Program Files\Acer\Registration\GREG.exe [] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12-03-2014 17:01] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000Core.job --a------ C:\Users\Tanneke\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 19:16] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000UA.job --a------ C:\Users\Tanneke\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 19:16] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Acer Registration - Reminder Recall task" [C:\Program Files\Acer\Registration\GREG.exe] "C:\Windows\system32\tasks\Adobe ARM" ["C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe Reader Speed Launcher" ["C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000Core" [C:\Users\Tanneke\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000UA" [C:\Users\Tanneke\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\{66B661D4-0355-484D-86AF-84B07A42BB18}" [C:\Program Files\Mozilla Firefox\firefox.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default - Forecastfox - %ProfilePath%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - DivX Web Player - %ProfilePath%\extensions\DivXWebPlayer@divx.com.xpi - Last tab close button - %ProfilePath%\extensions\last-tab-close-button@victor.sacharin.xpi - X-notifier - %ProfilePath%\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi - Easy YouTube Video Downloader - %ProfilePath%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - BetterPrivacy - %ProfilePath%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default 95812430959AE88CDD0301AB3A71913B - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash 01D93217A9EE48DD37072B671378CC9C - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In 3220B1254AEF7A191187EC03F51B3D61 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat B2576571746839180833E048AC2CCA5C - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat 3B00376AE69AC2E815425E54DEBFF750 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery 2F4781F84C92E8C4B1586E47A78E8A61 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.50.255 18C6A57B569F088C2BD7B828A211AC06 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java Platform SE 7 U5 28986F0A2342A033345EF9E70D395E4F - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6079F4C8-6DCA-DF57-469F-5A5A043E97DD} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tanneke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=181 folders=48 3865158 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Tanneke\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Tanneke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 31-03-2014 at 17:05:44,69 ======================
  7. TVA

    Opschonen

    TVA reageerde op TVA's topic in Archief Windows 7

    Logfile of random's system information tool 1.09 (written by random/random) Run by Tanneke at 2014-03-11 21:25:53 Microsoft Windows 7 Starter Service Pack 1 System drive C: has 25 GB (48%) free of 51 GB Total RAM: 747 MB (8% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:26:56, on 11-3-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Launch Manager\LMworker.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Users\Tanneke\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe C:\Users\Tanneke\Desktop\RSIT.exe C:\Program Files\trend micro\Tanneke.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\Tanneke\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Acer VCM.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 10\cbVSCService.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files\Acer\Acer Cloud\CCDMonitorService.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 6440 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Acer Registration - Reminder Recall task.job C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000UA.job =========Mozilla firefox========= ProfilePath - C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default prefs.js - "browser.search.useDBForOrder" - true [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.70 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1] "Description"= "Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default\extensions\ {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-02 453104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-02 157680] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-25 336384] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632] "Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 715368] "LManager"=C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-11-26 5074384] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner"=C:\Program Files\CCleaner\CCleaner.exe [2013-12-17 4370712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcerCloud] C:\Program Files\Acer\Acer Cloud\acpanel_win.exe [2013-06-21 19503176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 10] C:\Program Files\Cobian Backup 10\Cobian.exe [2010-09-23 421376] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2011-09-07 522752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] C:\Users\Tanneke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tanneke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Webshots.lnk] C:\PROGRA~1\Webshots\Launcher.exe [2007-10-29 157008] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe C:\Users\Tanneke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Tanneke\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-02-25 23:05:41 ----D---- C:\Windows\Migration 2014-02-14 14:58:17 ----A---- C:\Windows\system32\ieui.dll 2014-02-14 14:58:16 ----A---- C:\Windows\system32\ie4uinit.exe 2014-02-14 14:58:15 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-02-14 14:58:13 ----A---- C:\Windows\system32\msrating.dll 2014-02-14 14:58:13 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-14 14:58:12 ----A---- C:\Windows\system32\iesetup.dll 2014-02-14 14:58:12 ----A---- C:\Windows\system32\iernonce.dll 2014-02-14 14:58:11 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-14 14:58:11 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-02-14 14:58:10 ----A---- C:\Windows\system32\jscript9diag.dll 2014-02-14 14:58:10 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-02-14 14:58:09 ----A---- C:\Windows\system32\ieapfltr.dll 2014-02-14 14:58:07 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-14 14:58:05 ----A---- C:\Windows\system32\iertutil.dll 2014-02-14 14:58:03 ----A---- C:\Windows\system32\wininet.dll 2014-02-14 14:58:01 ----A---- C:\Windows\system32\urlmon.dll 2014-02-14 14:57:52 ----A---- C:\Windows\system32\ieframe.dll 2014-02-14 14:57:43 ----A---- C:\Windows\system32\mshtml.dll 2014-02-14 14:57:41 ----A---- C:\Windows\system32\jscript9.dll 2014-02-14 14:41:12 ----A---- C:\Windows\system32\vbscript.dll 2014-02-13 16:48:16 ----A---- C:\Windows\system32\RMActivate_isv.exe 2014-02-13 16:48:16 ----A---- C:\Windows\system32\RMActivate.exe 2014-02-13 16:48:15 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-13 16:48:14 ----A---- C:\Windows\system32\secproc_isv.dll 2014-02-13 16:48:14 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2014-02-13 16:48:13 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2014-02-13 16:48:13 ----A---- C:\Windows\system32\secproc_ssp.dll 2014-02-13 16:48:13 ----A---- C:\Windows\system32\secproc.dll 2014-02-13 16:48:13 ----A---- C:\Windows\system32\msdrm.dll 2014-02-13 16:47:35 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-13 16:47:35 ----A---- C:\Windows\system32\msxml3.dll 2014-02-13 16:38:42 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-13 16:38:42 ----A---- C:\Windows\system32\d2d1.dll ======List of files/folders modified in the last 1 month====== 2014-03-11 21:26:14 ----D---- C:\Windows\Temp 2014-03-11 21:26:06 ----D---- C:\Program Files\Trend Micro 2014-03-11 21:00:46 ----D---- C:\Windows\system32\config 2014-03-11 20:54:25 ----D---- C:\Windows\Prefetch 2014-03-11 20:53:54 ----D---- C:\Windows 2014-03-11 20:44:18 ----D---- C:\Users\Tanneke\AppData\Roaming\Dropbox 2014-03-11 16:11:07 ----D---- C:\Windows\SoftwareDistribution 2014-03-11 16:10:11 ----D---- C:\Windows\inf 2014-03-11 15:22:27 ----D---- C:\Windows\system32\drivers 2014-03-11 15:00:16 ----SHD---- C:\System Volume Information 2014-03-07 14:33:14 ----D---- C:\Windows\system32\catroot2 2014-03-04 22:48:24 ----SHD---- C:\Windows\Installer 2014-03-04 22:48:16 ----RD---- C:\Program Files\Skype 2014-03-04 22:47:59 ----D---- C:\ProgramData\Skype 2014-02-28 19:37:33 ----D---- C:\Windows\Microsoft.NET 2014-02-27 15:10:06 ----D---- C:\Windows\System32 2014-02-27 15:10:06 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-25 23:12:23 ----RSD---- C:\Windows\assembly 2014-02-25 23:06:33 ----D---- C:\Windows\system32\en-US 2014-02-25 23:05:41 ----SD---- C:\ProgramData\Microsoft 2014-02-22 03:21:15 ----D---- C:\Users\Tanneke\AppData\Roaming\Skype 2014-02-21 20:01:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-02-17 03:49:06 ----D---- C:\Program Files 2014-02-17 03:46:31 ----D---- C:\ProgramData\Spybot - Search & Destroy 2014-02-17 03:46:24 ----D---- C:\Windows\debug 2014-02-16 19:36:30 ----D---- C:\Windows\system32\LogFiles 2014-02-16 18:02:26 ----D---- C:\ProgramData\BootRacer 2014-02-16 18:00:38 ----D---- C:\Program Files\Mozilla Maintenance Service 2014-02-16 02:44:55 ----D---- C:\Program Files\Mozilla Firefox 2014-02-14 23:40:16 ----D---- C:\Windows\winsxs 2014-02-14 23:37:30 ----D---- C:\Program Files\Internet Explorer 2014-02-14 15:01:53 ----D---- C:\Windows\system32\catroot 2014-02-14 14:37:53 ----D---- C:\Windows\system32\nl-NL 2014-02-13 16:22:21 ----D---- C:\Windows\system32\MRT 2014-02-13 16:21:33 ----A---- C:\Windows\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-11-28 47056] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-10-08 170656] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-10-08 121216] R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 46056] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-10-08 149568] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-24 7800832] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-24 245760] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-04-29 2171904] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-03-30 100880] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2010-11-10 1221760] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2011-01-25 68720] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-28 35968] S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 EUCR;EUCR; C:\Windows\system32\drivers\EUCR6SK.SYS [2010-08-09 82768] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2012-01-18 16472] S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2012-01-18 11104] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-24 176128] R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service; C:\Program Files\Cobian Backup 10\cbVSCService.exe [2010-09-23 67584] R2 CCDMonitorService;CCDMonitorService; C:\Program Files\Acer\Acer Cloud\CCDMonitorService.exe [2013-06-21 2651208] R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-11-26 1329304] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 739944] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21 257928] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 108032] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-16 118896] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
  8. TVA

    Opschonen

    TVA plaatste een topic in Archief Windows 7

    Kan iemand mij helpen met het sneller maken van mijn laptop? Hij moet nodig opgeschoond worden maar weet niet precies wat er allemaal voor nodig is. Ik heb hier 2 maanden geleden eerder een discussie gemaakt over dat mijn laptop super traag is maar uiteindelijk was het niet veel sneller dan het eerder was. Wederom, of eerder gezegd "nog steeds", heeft mijn laptop problemen met het fatsoenlijk functioneren. Hij loopt gewoon voortdurend vast. Bij elk programma, bij elke site. Keer op keer staat er "reageert niet".. Het is erg vervelend op dit moment want ik ben momenteel een stage aan het uitvoeren in Ecuador en ik heb me laptop echt nodig. Ik weet niet wat ik allemaal moet doen om hem succesvol schoner/sneller. te krijgen?
  9. TVA
    Boot Result: 61.958 sec windows boot: 25 sec desktop: 36 sec Maar ik moet er wel bij zeggen dat de desktop veel sneller "bruikbaar" was na het heropstarten.. Toen ik de laptop vandaag voor het eerst opstartte (voordat ik bootracer had geïnstalleerd) duurde het op z'n minst twee keer zo lang
  10. TVA
    Acer Crystal Eye Webcam CyberLink Corp. 12-10-2011 33,7 MB 1.0.1904 Acer ePower Management Acer Incorporated 12-10-2011 6.00.3007 Acer eRecovery Management Acer Incorporated 22-7-2011 5.00.3502 AcerCloud Portal Acer Incorporated 28-6-2013 2.02.3011 AcerCloud Portal Acer Incorporated 28-6-2013 2.02.3011 Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 11-12-2013 6,00 MB 11.9.900.170 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 11-12-2013 6,00 MB 11.9.900.170 Adobe Reader X (10.1.8) - Nederlands Adobe Systems Incorporated 30-9-2013 121 MB 10.1.8 Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Atheros Communications Inc. 22-7-2011 1.0.0.39 ATI Catalyst Install Manager ATI Technologies, Inc. 12-10-2011 16,6 MB 3.0.829.0 CCleaner Piriform 29-12-2013 4.09 Cobian Backup 10 27-1-2012 Compatibiliteitspakket voor het 2007 Microsoft Office system Microsoft Corporation 13-12-2013 203 MB 12.0.6612.1000 Conexant HD Audio Conexant 12-10-2011 8.41.0.0 Corel PaintShop Photo Pro X3 Corel Corporation 26-1-2012 1,37 GB 1.6.1.98 Defraggler Piriform 27-1-2012 2.09 Dropbox Dropbox, Inc. 7-6-2013 2.0.22 ENE USB Card Reader Driver ENE 12-10-2011 5.89.0.71 ESET Smart Security ESET, spol s r. o. 13-2-2013 90,3 MB 6.0.306.4 Facebook Video Calling 1.2.0.159 Skype Limited 22-3-2012 4,76 MB 1.2.159 HiJackThis Trend Micro 14-2-2013 369 KB 1.0.0 Identity Card Acer Incorporated 12-10-2011 1.00.3501 IrfanView (remove only) Irfan Skiljan 2-2-2012 1,50 MB 4.32 Java 7 Update 5 Oracle 2-8-2012 99,3 MB 7.0.50 JavaFX 2.1.1 Oracle Corporation 2-8-2012 20,8 MB 2.1.1 Launch Manager Acer Inc. 12-10-2011 5.1.7 Malwarebytes Anti-Malware versie 1.75.0.1300 Malwarebytes Corporation 13-4-2013 19,2 MB 1.75.0.1300 Media Player Classic - Home Cinema v1.5.2.3456 MPC-HC Team 2-2-2012 19,7 MB 1.5.2.3456 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 26-1-2012 38,8 MB 4.0.30319 Microsoft Office File Validation Add-In Microsoft Corporation 27-1-2012 7,95 MB 14.0.5130.5003 Microsoft Office Professional Editie 2003 Microsoft Corporation 13-12-2013 1,54 GB 11.0.8173.0 Microsoft Silverlight Microsoft Corporation 10-10-2013 131 MB 5.1.20913.0 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 18-3-2013 1,69 MB 3.1.0000 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 25-1-2012 300 KB 8.0.56336 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 22-7-2011 240 KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 22-7-2011 596 KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 25-1-2012 600 KB 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 25-1-2012 11,0 MB 10.0.30319 MiniTool Partition Wizard Home Edition 7.1 MiniTool Solution Ltd. 2-2-2012 24,2 MB Mozilla Firefox 26.0 (x86 nl) Mozilla 23-12-2013 51,8 MB 26.0 Mozilla Maintenance Service Mozilla 23-12-2013 338 KB 26.0 Office Addin Acer 28-6-2013 288 KB 2.02.2009 Office Addin 2003 Acer 28-6-2013 180 KB 2.02.2009 Partition Wizard Home Edition 4.0 MT Solution Ltd. 24-1-2012 Revo Uninstaller 1.93 VS Revo Group 24-1-2012 1.93 Skype™ 6.3 Skype Technologies S.A. 30-4-2013 21,1 MB 6.3.105 StarterBackgroundChanger Renaud Gerson 15-2-2012 0.8.0.0 Sun Java Runtime Environment and JMF 9-10-2012 Synaptics Pointing Device Driver Synaptics Incorporated 12-10-2011 46,4 MB 15.1.18.0 Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Microsoft Corporation 26-1-2012 2,93 MB 4.0.30319 Total Commander (Remove or Repair) Ghisler Software GmbH 24-1-2012 7.50a Visual Studio 2005 Tools for Office tweede editie runtime Microsoft Corporation 7-6-2013 Visual Studio Tools for the Office system 3.0 Runtime Microsoft Corporation 28-6-2013 Webshots Desktop AGCM 2-2-2012 Windows Live Essentials Microsoft Corporation 22-7-2011 16.4.3505.0912 WinZip 16.0 WinZip Computing, S.L. 24-1-2012 68,1 MB 16.0.9661
  11. TVA
    Nee HKCU:Run AcerCloud Acer Incorporated C:\Program Files\Acer\Acer Cloud\acpanel_win.exe Nee HKCU:Run Corel Photo Downloader Corel, Inc. "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup Nee HKCU:Run Facebook Update Facebook Inc. "C:\Users\Tanneke\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver Ja HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Nee HKLM:Run Cobian Backup 10 Luis Cobian, CobianSoft "C:\Program Files\Cobian Backup 10\Cobian.exe" Ja HKLM:Run egui ESET "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice Ja HKLM:Run LManager Dritek System Inc. C:\Program Files\Launch Manager\LManager.exe Ja HKLM:Run Power Management Acer Incorporated C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe Ja HKLM:Run StartCCC Advanced Micro Devices, Inc. "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun Ja HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe Ja Startup Common Acer VCM.lnk C:\Program Files\Acer\Acer VCM\AcerVCM.exe Ja Startup User Dropbox.lnk Dropbox, Inc. C:\Users\Tanneke\AppData\Roaming\Dropbox\bin\Dropbox.exe Nee Startup User Webshots.lnk Webshots.com C:\PROGRA~1\Webshots\Launcher.exe
  12. TVA
    Hmm ik merk weinig verschil qua snelheid
  13. TVA
    De snelheid binnen de programma's is redelijk verbeterd, maar de snelheid bij het opstarten van de programma's valt helaas nog best tegen.
  14. TVA
    # AdwCleaner v3.016 - Report created 24/12/2013 at 00:10:03 # Updated 23/12/2013 by Xplode # Operating System : Windows 7 Starter Service Pack 1 (32 bits) # Username : Tanneke - ASPIREONE # Running from : C:\Users\Tanneke\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Deleted : C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default\user.js File Deleted : C:\Users\Tanneke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_starter-background-changer_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_starter-background-changer_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\mysearchdial Key Deleted : HKCU\Software\mysearchdial.com Key Deleted : HKLM\Software\InstallCore Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v26.0 (nl) [ File : C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default\prefs.js ] Line Deleted : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,last-tab-close-button%40victor.sacharin:0.3.7,%7B0538E3E3-7E9B-4d49-8831-A227C80A7AD3%7D:2.2.2,%7Ba0d7ccb3-214d-498b-b4aa-0e8f[...] ************************* AdwCleaner[R0].txt - [2570 octets] - [24/12/2013 00:08:18] AdwCleaner[s0].txt - [2533 octets] - [24/12/2013 00:10:03] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2593 octets] ##########
  15. TVA
    Wat kan ik nog meer doen?
  16. TVA
    Die optie van Firefox Default stond er niet bij, dus dat heb ik niet aan kunnen vinken. Dit is het resultaat: Zoek.exe v5.0.0.0 Updated 16-December-2013 Tool run by Tanneke on di 17-12-2013 at 12:54:22,82. Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tanneke\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 17-12-2013 12:59:37 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\ProgramData\newsXpresso deleted successfully C:\Users\Tanneke\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Tanneke\AppData\Local\CrashDumps deleted successfully C:\Users\Tanneke\AppData\Local\GHISLER deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3154680278-51844745-3711090763-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-3154680278-51844745-3711090763-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1F6A9A58-CBC0-4706-A926-8282F58FEC29} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default ---- Lines mysearchdial removed from prefs.js ---- user_pref("browser.search.order.1", "Mysearchdial"); user_pref("browser.startup.homepage", "http://start.mysearchdial.com/?f=1&a=ironmsd04&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyE0F0ByD0DyD0DtDyE0DtDtN0D0Tzu0SyEz user_pref("extensions.mysearchdial.aflt", "ironmsd04"); user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); user_pref("extensions.mysearchdial.cntry", "NL"); user_pref("extensions.mysearchdial.dfltLng", ""); user_pref("extensions.mysearchdial.dfltSrch", true); user_pref("extensions.mysearchdial.dnsErr", true); user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,304628180 user_pref("extensions.mysearchdial.excTlbr", false); user_pref("extensions.mysearchdial.hdrMd5", "A2E4DEB35ED86975860485C2A7D2E810"); user_pref("extensions.mysearchdial.hmpg", true); user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=ironmsd04&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyE0F0ByD0DyD0DtDyE0DtDtN0D0T user_pref("extensions.mysearchdial.id", "B870F4FB5D5D04D0"); user_pref("extensions.mysearchdial.instlDay", "15838"); user_pref("extensions.mysearchdial.instlRef", ""); user_pref("extensions.mysearchdial.lastB", "http://start.mysearchdial.com/?f=1&a=ironmsd04&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyE0F0ByD0DyD0DtDyE0DtDtN0D0Tzu user_pref("extensions.mysearchdial.lastVrsnTs", "13:49:58"); user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=ironmsd04&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyE0F0ByD0DyD0DtDyE0DtDtN0D user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"14\",\"lastVrsn\":\"14\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\ user_pref("extensions.mysearchdial.prdct", "mysearchdial"); user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); user_pref("extensions.mysearchdial.sg", "none"); user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); user_pref("extensions.mysearchdial.tlbrId", "base"); user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=ironmsd04&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyE0F0ByD0DyD0DtDyE0DtDtN user_pref("extensions.mysearchdial.vrsn", ""); user_pref("extensions.mysearchdial.vrsni", ""); user_pref("extensions.mysearchdial_i.hmpg", true); user_pref("extensions.mysearchdial_i.newTab", false); user_pref("extensions.mysearchdial_i.smplGrp", "none"); user_pref("extensions.mysearchdial_i.vrsnTs", "13:49:58"); ---- Lines mysearchdial removed from user.js ---- user_pref("extensions.mysearchdial.hmpg", true); user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=ironmsd04&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyE0F0ByD0DyD0DtDyE0DtDtN0D0Tzu0SyEzyzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=579157976&ir="); user_pref("extensions.mysearchdial.dfltSrch", true); user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); user_pref("extensions.mysearchdial.dnsErr", true); user_pref("extensions.mysearchdial_i.newTab", false); user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=ironmsd04&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyE0F0ByD0DyD0DtDyE0DtDtN0D0Tzu0SyEzyzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=579157976&ir="); user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=ironmsd04&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyE0F0ByD0DyD0DtDyE0DtDtN0D0Tzu0SyEzyzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=579157976&ir=&q="); user_pref("extensions.mysearchdial.id", "B870F4FB5D5D04D0"); user_pref("extensions.mysearchdial.instlDay", "15838"); user_pref("extensions.mysearchdial.vrsn", ""); user_pref("extensions.mysearchdial.vrsni", ""); user_pref("extensions.mysearchdial_i.vrsnTs", "13:49:58"); user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); user_pref("extensions.mysearchdial.prdct", "mysearchdial"); user_pref("extensions.mysearchdial.aflt", "ironmsd04"); user_pref("extensions.mysearchdial_i.smplGrp", "none"); user_pref("extensions.mysearchdial.tlbrId", "base"); user_pref("extensions.mysearchdial.instlRef", ""); user_pref("extensions.mysearchdial.dfltLng", ""); user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); user_pref("extensions.mysearchdial.excTlbr", false); user_pref("extensions.mysearchdial_i.hmpg", true); ---- Lines ask.com removed from prefs.js ---- user_pref("weboftrust.search.ask.display", "Ask.com Web Search"); ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 0); ---- FireFox user.js and prefs.js backups ---- user_17-12-2013_1318_.backup prefs_17-12-2013_1318_.backup ==== Deleting Files \ Folders ====================== "C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default\searchplugins\Myseachdial.xml" not found C:\Windows\system32\appdata deleted C:\Users\Tanneke\AppData\Roaming\mysearchdial deleted C:\Users\Tanneke\AppData\Local\CRE deleted C:\Windows\wininit.ini deleted C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default\searchplugins\Mysearchdial.xml deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Tanneke\AppData\Local\Temp ==== 2013-12-15 15:44:00 EA77325B4FAF6EBC8ACEB42011747DA1 571472 ----a-w- C:\Users\Tanneke\AppData\Local\Temp\MSS\3.8.130.10\McInstallerStartup.dll 2013-12-15 15:44:00 919160525DA7A3D5D09E0DD5A6B16454 264008 ----a-w- C:\Users\Tanneke\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes.dll 2013-12-15 15:44:00 8D15BBCBA2B1A6096C0D15E3D1893B5F 153280 ----a-w- C:\Users\Tanneke\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes_LD.dll 2013-12-15 15:44:00 206A83BDC11D09FB1B3740236ED5E9EE 418568 ----a-w- C:\Users\Tanneke\AppData\Local\Temp\MSS\3.8.130.10\mcbrwsr2.dll 2013-12-15 15:43:59 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\Tanneke\AppData\Local\Temp\MSS\3.8.130.10\McUICnt.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2013-12-13 16:13:45 C74500A1BCB4113A7310295DD3FA4440 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2013-12-13 16:13:43 A6B0B7F006F1CB84B48981499F6B7210 208896 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-12-13 16:13:41 3D43EAC957F2F797BE82CF6B04A933F8 43008 ----a-w- C:\Windows\System32\jsproxy.dll 2013-12-13 16:13:40 BE8480727660354B93E32B0ED709BF0E 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2013-12-13 16:13:40 355BF103E2CF862B00EEB3731E25E802 440832 ----a-w- C:\Windows\System32\ieui.dll 2013-12-13 16:13:39 491B4F34BA2CD7EFCAC934C7EFF48F52 61952 ----a-w- C:\Windows\System32\iesetup.dll 2013-12-13 16:13:39 08881C59F795C356DE12067E44FFD260 703488 ----a-w- C:\Windows\System32\ieapfltr.dll 2013-12-13 16:13:38 36D150C4F80DF88ED97D14598C24692F 32768 ----a-w- C:\Windows\System32\iernonce.dll 2013-12-13 16:13:38 35DE59C975A0C97E8DBBE095BCC3644E 553472 ----a-w- C:\Windows\System32\jscript9diag.dll 2013-12-13 16:13:37 7C7FF72C48AF9DD8CA7ABA2EA97A6670 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2013-12-13 16:13:37 3DE9521C90F7CC4413CBF6569A8B85B5 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-12-13 16:13:36 C8AF3CF3030C3962B978FA3871D759FF 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-12-13 16:13:34 927FA6456AD6D7630F6854828D2FD16B 1820160 ----a-w- C:\Windows\System32\wininet.dll 2013-12-13 16:13:33 B2E1F7B212502BB49AAD4EFAD37C5CF5 2166784 ----a-w- C:\Windows\System32\iertutil.dll 2013-12-13 16:13:33 0763C5D8660436D4D961F72609E33BBE 1157632 ----a-w- C:\Windows\System32\urlmon.dll 2013-12-13 16:13:32 84EAF0A08C7742697816E148C066D757 1928192 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-12-13 16:13:30 4B638CE3DAA3A082E576C0DDF9D635D4 11221504 ----a-w- C:\Windows\System32\ieframe.dll 2013-12-13 16:13:27 BFAFE990C4A191E83843362B5AC64A9B 17112576 ----a-w- C:\Windows\System32\mshtml.dll 2013-12-13 16:13:26 A60A222D3126DD9E380F9D8B651BC13D 4243968 ----a-w- C:\Windows\System32\jscript9.dll 2013-12-13 11:16:57 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\System32\msieftp.dll 2013-12-13 11:16:56 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\System32\imagehlp.dll 2013-12-13 11:16:54 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\System32\wscript.exe 2013-12-13 11:16:54 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\System32\wshom.ocx 2013-12-13 11:16:53 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\System32\scrrun.dll 2013-12-13 11:16:53 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\System32\cscript.exe 2013-12-13 11:15:33 E9504E484076585F6DA3C59F0E20E122 417792 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-12-13 11:15:25 4EC2C3B15B9EC41AD0D6CD918D20376E 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-12-13 11:13:21 8ACB33EF85F9EA87D18FECEAD593A255 2349056 ----a-w- C:\Windows\System32\win32k.sys 2013-12-13 10:50:56 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\System32\wmp.dll 2013-12-13 10:50:53 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\System32\wmploc.DLL ====== C:\Windows\system32\drivers ===== 2013-12-13 11:13:16 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys 2013-12-13 11:13:15 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Users\Tanneke\AppData\Roaming ====== ====== C:\Users\Tanneke ====== 2013-12-16 17:34:25 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Tanneke\Desktop\RSIT.exe ====== C: exe-files == 2013-12-16 17:35:31 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Tanneke.exe 2013-12-16 17:34:25 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Tanneke\Desktop\RSIT.exe 2013-12-15 15:47:29 C7B990E4E2362AB1EDCD80E6439DEEAB 35094528 ----a-w- C:\Users\Tanneke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\13489UCS\SkypeSetupFull[1].exe 2013-12-15 15:43:59 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\Tanneke\AppData\Local\Temp\MSS\3.8.130.10\McUICnt.exe 2013-12-13 16:13:43 A6B0B7F006F1CB84B48981499F6B7210 208896 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-12-13 16:13:37 3DE9521C90F7CC4413CBF6569A8B85B5 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-12-13 16:13:36 C8AF3CF3030C3962B978FA3871D759FF 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-12-13 16:13:34 0E1D755673453108415F802C90704327 469504 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2013-12-13 11:16:54 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\System32\wscript.exe 2013-12-13 11:16:53 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\System32\cscript.exe 2013-12-13 10:50:51 9AED8E824CF5FAAB67957EDBC5512060 164864 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe === C: other files == 2013-12-13 11:13:21 8ACB33EF85F9EA87D18FECEAD593A255 2349056 ----a-w- C:\Windows\System32\win32k.sys 2013-12-13 11:13:16 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_df2ea65e936720f7\portcls.sys 2013-12-13 11:13:16 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys 2013-12-13 11:13:15 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_df2ea65e936720f7\drmk.sys 2013-12-13 11:13:15 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "LManager"="C:\Program Files\Launch Manager\LManager.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AcerCloud] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AcerCloud" "hkey"="HKCU" "command"="C:\\Program Files\\Acer\\Acer Cloud\\acpanel_win.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cobian Backup 10] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Cobian Backup 10" "hkey"="HKLM" "command"="\"C:\\Program Files\\Cobian Backup 10\\Cobian.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Corel File Shell Monitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Corel File Shell Monitor" "hkey"="HKLM" "command"="C:\\Program Files\\Corel\\Corel PaintShop Photo Pro\\X3\\PSPClassic\\CorelIOMonitor.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Corel Photo Downloader] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Corel Photo Downloader" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\Corel\\Corel PhotoDownloader\\Corel Photo Downloader.exe\" -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\Tanneke\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Tanneke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Webshots.lnk] "item"="Webshots" "path"="C:\\Users\\Tanneke\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Webshots.lnk" "backup"="C:\\Windows\\pss\\Webshots.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\Webshots\\Launcher.exe" ==== Startup Folders ====================== 2013-06-07 04:08:34 1021 ----a-w- C:\Users\Tanneke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2012-01-25 14:11:49 1728 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Acer Registration - Reminder Recall task.job --a------ C:\Program Files\Acer\Registration\GREG.exe [] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-12-2013 18:00] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000Core.job --a------ C:\Users\Tanneke\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 18:16] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000UA.job --a------ C:\Users\Tanneke\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 18:16] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Acer Registration - Reminder Recall task" [C:\Program Files\Acer\Registration\GREG.exe] "C:\Windows\system32\tasks\Adobe ARM" ["C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe Reader Speed Launcher" ["C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000Core" [C:\Users\Tanneke\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000UA" [C:\Users\Tanneke\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\{66B661D4-0355-484D-86AF-84B07A42BB18}" [C:\Program Files\Mozilla Firefox\firefox.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default - Forecastfox - %ProfilePath%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - MySearchDial - %ProfilePath%\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} - DivX Web Player - %ProfilePath%\extensions\DivXWebPlayer@divx.com.xpi - Last tab close button - %ProfilePath%\extensions\last-tab-close-button@victor.sacharin.xpi - X-notifier - %ProfilePath%\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi - Easy YouTube Video Downloader - %ProfilePath%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - BetterPrivacy - %ProfilePath%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In 04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat 3B00376AE69AC2E815425E54DEBFF750 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery 2F4781F84C92E8C4B1586E47A78E8A61 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.50.255 18C6A57B569F088C2BD7B828A211AC06 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java Platform SE 7 U5 B932CB0D859B981C99B90F3BEAE017B7 - C:\Users\Tanneke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight ==== Deleted Firefox Extensions ====================== C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Tanneke\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Tanneke\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://start.mysearchdial.com/?f=2&a=ironmsd04&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyE0F0ByD0DyD0DtDyE0DtDtN0D0Tzu0SyEzyzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=579157976&ir=" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6079F4C8-6DCA-DF57-469F-5A5A043E97DD} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tanneke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Tanneke\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Tanneke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 17-12-2013 at 13:34:30,60 ======================
  17. TVA
    Logfile of random's system information tool 1.09 (written by random/random) Run by Tanneke at 2013-12-16 18:35:25 Microsoft Windows 7 Starter Service Pack 1 System drive C: has 25 GB (49%) free of 51 GB Total RAM: 747 MB (3% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:36:19, on 16-12-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Launch Manager\LMworker.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\Tanneke\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\taskhost.exe C:\totalcmd\TOTALCMD.EXE C:\Users\Tanneke\Desktop\RSIT.exe C:\Program Files\trend micro\Tanneke.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\Tanneke\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Acer VCM.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 10\cbVSCService.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files\Acer\Acer Cloud\CCDMonitorService.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 6696 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Acer Registration - Reminder Recall task.job C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3154680278-51844745-3711090763-1000UA.job =========Mozilla firefox========= ProfilePath - C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://start.mysearchdial.com/?f=1&a=ironmsd04&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyE0F0ByD0DyD0DtDyE0DtDtN0D0Tzu0SyEzyzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=579157976&ir=" [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1] "Description"= "Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default\extensions\ {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} {ad9a41d2-9a49-4fa6-a79e-71a0785364c8} C:\Users\Tanneke\AppData\Roaming\Mozilla\Firefox\Profiles\kyzxi0ed.default\searchplugins\ Mysearchdial.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-02 453104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-02 157680] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-25 336384] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632] "Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 715368] "LManager"=C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-11-26 5074384] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcerCloud] C:\Program Files\Acer\Acer Cloud\acpanel_win.exe [2013-06-21 19503176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 10] C:\Program Files\Cobian Backup 10\Cobian.exe [2010-09-23 421376] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor] C:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2011-09-07 522752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] C:\Users\Tanneke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tanneke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Webshots.lnk] C:\PROGRA~1\Webshots\Launcher.exe [2007-10-29 157008] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe C:\Users\Tanneke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Tanneke\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-12-16 18:35:25 ----D---- C:\rsit 2013-12-13 17:13:43 ----A---- C:\Windows\system32\ie4uinit.exe 2013-12-13 17:13:41 ----A---- C:\Windows\system32\jsproxy.dll 2013-12-13 17:13:40 ----A---- C:\Windows\system32\ieui.dll 2013-12-13 17:13:40 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2013-12-13 17:13:39 ----A---- C:\Windows\system32\iesetup.dll 2013-12-13 17:13:39 ----A---- C:\Windows\system32\ieapfltr.dll 2013-12-13 17:13:38 ----A---- C:\Windows\system32\jscript9diag.dll 2013-12-13 17:13:38 ----A---- C:\Windows\system32\iernonce.dll 2013-12-13 17:13:37 ----A---- C:\Windows\system32\ieUnatt.exe 2013-12-13 17:13:37 ----A---- C:\Windows\system32\ieetwproxystub.dll 2013-12-13 17:13:36 ----A---- C:\Windows\system32\ieetwcollector.exe 2013-12-13 17:13:34 ----A---- C:\Windows\system32\wininet.dll 2013-12-13 17:13:33 ----A---- C:\Windows\system32\urlmon.dll 2013-12-13 17:13:33 ----A---- C:\Windows\system32\iertutil.dll 2013-12-13 17:13:30 ----A---- C:\Windows\system32\ieframe.dll 2013-12-13 17:13:27 ----A---- C:\Windows\system32\mshtml.dll 2013-12-13 17:13:26 ----A---- C:\Windows\system32\jscript9.dll 2013-12-13 12:16:57 ----A---- C:\Windows\system32\msieftp.dll 2013-12-13 12:16:56 ----A---- C:\Windows\system32\imagehlp.dll 2013-12-13 12:16:54 ----A---- C:\Windows\system32\wscript.exe 2013-12-13 12:16:53 ----A---- C:\Windows\system32\scrrun.dll 2013-12-13 12:16:53 ----A---- C:\Windows\system32\cscript.exe 2013-12-13 12:15:33 ----A---- C:\Windows\system32\WMPhoto.dll 2013-12-13 12:15:25 ----A---- C:\Windows\system32\tzres.dll 2013-12-13 12:13:21 ----A---- C:\Windows\system32\win32k.sys 2013-12-13 12:13:16 ----A---- C:\Windows\system32\drivers\portcls.sys 2013-12-13 12:13:15 ----A---- C:\Windows\system32\drivers\drmk.sys 2013-12-13 11:50:56 ----A---- C:\Windows\system32\wmp.dll 2013-12-13 11:50:53 ----A---- C:\Windows\system32\wmploc.DLL 2013-11-26 01:20:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-26 01:20:07 ----A---- C:\Windows\system32\elshyph.dll 2013-11-26 01:20:06 ----A---- C:\Windows\system32\jsIntl.dll 2013-11-26 01:20:05 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-26 01:20:04 ----A---- C:\Windows\system32\msls31.dll 2013-11-26 01:20:02 ----A---- C:\Windows\system32\msrating.dll 2013-11-26 01:20:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-26 01:20:00 ----A---- C:\Windows\system32\ieapfltr.dat 2013-11-26 01:20:00 ----A---- C:\Windows\system32\dxtrans.dll 2013-11-26 01:20:00 ----A---- C:\Windows\system32\dxtmsft.dll 2013-11-26 01:19:59 ----A---- C:\Windows\system32\icardie.dll 2013-11-26 01:19:58 ----A---- C:\Windows\system32\url.dll 2013-11-26 01:19:58 ----A---- C:\Windows\system32\mshtmlmedia.dll 2013-11-26 01:19:58 ----A---- C:\Windows\system32\iedkcs32.dll 2013-11-26 01:19:57 ----A---- C:\Windows\system32\webcheck.dll 2013-11-26 01:19:57 ----A---- C:\Windows\system32\licmgr10.dll 2013-11-26 01:19:56 ----A---- C:\Windows\system32\wextract.exe 2013-11-26 01:19:56 ----A---- C:\Windows\system32\mshtmled.dll 2013-11-26 01:19:56 ----A---- C:\Windows\system32\inseng.dll 2013-11-26 01:19:55 ----A---- C:\Windows\system32\vbscript.dll 2013-11-26 01:19:55 ----A---- C:\Windows\system32\msfeeds.dll 2013-11-26 01:19:55 ----A---- C:\Windows\system32\iexpress.exe 2013-11-26 01:19:49 ----A---- C:\Windows\system32\pngfilt.dll 2013-11-26 01:19:49 ----A---- C:\Windows\system32\occache.dll 2013-11-26 01:19:48 ----A---- C:\Windows\system32\mshta.exe 2013-11-26 01:19:47 ----A---- C:\Windows\system32\MshtmlDac.dll 2013-11-26 01:19:47 ----A---- C:\Windows\system32\jscript.dll 2013-11-26 01:19:46 ----A---- C:\Windows\system32\msfeedsbs.dll 2013-11-26 01:19:46 ----A---- C:\Windows\system32\imgutil.dll 2013-11-26 01:19:46 ----A---- C:\Windows\system32\iepeers.dll 2013-11-26 01:19:45 ----A---- C:\Windows\system32\msfeedssync.exe 2013-11-26 01:19:44 ----A---- C:\Windows\system32\IEAdvpack.dll 2013-11-26 01:19:43 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2013-11-26 01:19:42 ----A---- C:\Windows\system32\mshtmler.dll 2013-11-26 01:19:42 ----A---- C:\Windows\system32\iesysprep.dll 2013-11-17 17:13:53 ----D---- C:\Program Files\Mozilla Firefox ======List of files/folders modified in the last 1 month====== 2013-12-16 18:36:19 ----D---- C:\Program Files\Trend Micro 2013-12-16 18:35:43 ----D---- C:\Windows\Prefetch 2013-12-16 18:35:40 ----D---- C:\Windows\Temp 2013-12-16 17:52:16 ----D---- C:\Users\Tanneke\AppData\Roaming\Skype 2013-12-16 17:34:30 ----D---- C:\Windows\system32\config 2013-12-16 16:59:04 ----D---- C:\Users\Tanneke\AppData\Roaming\Dropbox 2013-12-16 16:52:04 ----D---- C:\Windows 2013-12-16 16:51:55 ----D---- C:\Program Files 2013-12-15 19:16:26 ----SHD---- C:\System Volume Information 2013-12-15 16:44:18 ----HD---- C:\ProgramData 2013-12-15 16:43:19 ----HD---- C:\Program Files\InstallShield Installation Information 2013-12-15 16:43:19 ----D---- C:\Program Files\Dialang 2013-12-15 16:38:43 ----D---- C:\Users\Tanneke\AppData\Roaming\Media Player Classic 2013-12-15 16:38:41 ----D---- C:\Windows\Panther 2013-12-15 16:38:41 ----D---- C:\Windows\inf 2013-12-15 16:38:40 ----D---- C:\Windows\Logs 2013-12-15 16:38:40 ----D---- C:\Windows\debug 2013-12-15 16:07:52 ----D---- C:\Windows\System32 2013-12-15 16:07:52 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-12-15 16:00:31 ----D---- C:\Windows\winsxs 2013-12-15 15:57:53 ----D---- C:\Program Files\Internet Explorer 2013-12-15 15:57:50 ----D---- C:\Windows\system32\nl-NL 2013-12-15 15:57:48 ----D---- C:\Windows\system32\DriverStore 2013-12-15 15:57:47 ----D---- C:\Windows\system32\drivers 2013-12-13 17:16:45 ----SHD---- C:\Windows\Installer 2013-12-13 17:14:02 ----D---- C:\Windows\system32\catroot2 2013-12-13 17:14:02 ----D---- C:\Windows\system32\catroot 2013-12-13 16:26:13 ----D---- C:\Program Files\Windows Media Player 2013-12-13 11:53:26 ----D---- C:\Windows\system32\MRT 2013-12-13 11:52:50 ----A---- C:\Windows\system32\MRT.exe 2013-12-11 18:00:34 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2013-12-03 17:41:25 ----RSD---- C:\Windows\assembly 2013-11-27 20:46:26 ----D---- C:\ProgramData\McAfee 2013-11-26 11:13:04 ----D---- C:\Windows\PolicyDefinitions 2013-11-26 11:13:03 ----D---- C:\Windows\system32\migration 2013-11-26 11:13:03 ----D---- C:\Windows\system32\en-US 2013-11-24 20:11:25 ----D---- C:\Windows\system32\NDF 2013-11-18 20:49:52 ----D---- C:\Program Files\Mozilla Maintenance Service ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-11-28 47056] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-10-08 170656] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-10-08 121216] R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 46056] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-10-08 149568] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-24 7800832] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-24 245760] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-04-29 2171904] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-03-30 100880] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2010-11-10 1221760] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2011-01-25 68720] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-28 35968] S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 EUCR;EUCR; C:\Windows\system32\drivers\EUCR6SK.SYS [2010-08-09 82768] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2012-01-18 16472] S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2012-01-18 11104] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-24 176128] R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service; C:\Program Files\Cobian Backup 10\cbVSCService.exe [2010-09-23 67584] R2 CCDMonitorService;CCDMonitorService; C:\Program Files\Acer\Acer Cloud\CCDMonitorService.exe [2013-06-21 2651208] R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-11-26 1329304] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 739944] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 108032] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-17 119408] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] -----------------EOF-----------------
  18. TVA
    Mijn laptop (netbook) werkt al enige tijd niet meer naar behoren qua snelheid. Om te beginnen start hij verschrikkelijk traag op. Het startscherm komt wel gauw genoeg in beeld, maar voordat je fatsoenlijk ergens op kan klikken duurt het 5 - 10 minuten. Als ik vervolgens een programma of internetbrowser aanklik, duurt het ook weer 5 minuten voordat dat is opgestart. Gedurende het internetten lopen de browser en alle andere openstaande programma's continu vast. Onder andere internet valt niet meer fatsoenlijk te gebruiken omdat alles zo traag werkt. Ik krijg voortdurend meldingen over dat de plug-in en het script niet meer reageren. Kan iemand mij van dit probleem afhelpen?
  19. TVA
    De snelheid werkt nu redelijk naar behoren! Het service pack heb ik nu ook geïnstalleerd ja, zonder problemen. Ik denk dat het nu wel goed moet komen?
  20. TVA
    Bijgaand het logje van AdwCleaner: # AdwCleaner v2.112 - Verslag gemaakt op 18/02/2013 om 20:27:16 # Geactualiseerd op 10/02/2013 door Xplode # Besturingssysteem : Windows 7 Starter (32 bits) # Gebruiker : muhammed - MUHAMMED-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\muhammed\Desktop\adwcleaner0.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Verwijdert : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml File Verwijdert : C:\user.js File Verwijdert : C:\Users\muhammed\AppData\Local\Temp\Searchqu.ini File Verwijdert : C:\Users\muhammed\AppData\Local\Temp\searchqutoolbar-manifest.xml File Verwijdert : C:\Users\muhammed\AppData\Local\Temp\SetupDataMngr_Searchqu.exe Map Verwijdert : C:\Program Files\ConduitEngine Map Verwijdert : C:\Program Files\Softonic_Netherlands Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\ProgramData\boost_interprocess Map Verwijdert : C:\ProgramData\Partner Map Verwijdert : C:\Users\muhammed\AppData\Local\Babylon Map Verwijdert : C:\Users\muhammed\AppData\Local\Conduit Map Verwijdert : C:\Users\muhammed\AppData\Local\Ilivid Player Map Verwijdert : C:\Users\muhammed\AppData\Local\Temp\BabylonToolbar Map Verwijdert : C:\Users\muhammed\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\muhammed\AppData\LocalLow\ConduitEngine Map Verwijdert : C:\Users\muhammed\AppData\LocalLow\PriceGong Map Verwijdert : C:\Users\muhammed\AppData\LocalLow\Softonic_Netherlands Map Verwijdert : C:\Users\muhammed\AppData\Roaming\Babylon ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\conduitEngine Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Softonic_Netherlands Sleutel Verwijdert : HKCU\Software\AppDataLow\Toolbar Sleutel Verwijdert : HKCU\Software\Blabbers Sleutel Verwijdert : HKCU\Software\BrowserCompanion Sleutel Verwijdert : HKCU\Software\DataMngr Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{30AB1423-5ACA-4999-AB75-21CCE7713E9D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Conduit.Engine Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2603445 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wit4ie.WitBHO Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2 Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\conduitEngine Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29A662D5-0FC2-467C-A1D7-5848AFF1B2FC} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A21E6C8F-2BDC-4D38-8010-82CE21756877} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{30AB1423-5ACA-4999-AB75-21CCE7713E9D} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic_Netherlands Toolbar Sleutel Verwijdert : HKLM\Software\Softonic_Netherlands Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{65CA59EE-9920-4D7F-8C41-BFA12403261A}] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{65CA59EE-9920-4D7F-8C41-BFA12403261A}] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16464 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v18.0.2 (nl) File : C:\Users\muhammed\AppData\Roaming\Mozilla\Firefox\Profiles\gejbkphl.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [7295 octets] - [18/02/2013 20:27:16] ########## EOF - C:\AdwCleaner[s1].txt - [7355 octets] ##########
  21. TVA
    Ik heb McAfee verwijderd en na de MBAM scan werkt hij weer een stuk sneller! Malwarebytes Anti-Malware 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.02.17.02 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 muhammed :: MUHAMMED-PC [administrator] 17-2-2013 17:08:35 mbam-log-2013-02-17 (13-08-35).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 200956 Verstreken tijd: 20 minuut/minuten, 43 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Users\muhammed\Downloads\installer_total_commander.exe (PUP.BundleInstaller.BT) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\muhammed\AppData\Local\Temp\blabbers-ff-le.xpi (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  22. TVA
    Ik heb een systeemherstel gedaan, maar alleen terug naar voor de allerlaatste updates, want ik had een hele hoop onzinnige programma’s verwijderd en die wilde ik echt niet allemaal weer terug.. Wilde ook dat service pack 1 installeren maar zag dat het meer dan een uur duurt en de laptop gedurende de installatie opnieuw zal opstarten etc. Dit lijkt me nu nog geen goed idee aangezien hij niet fatsoenlijk opstart en 9 van de 10 keer vastloopt. En ik was juist van plan Eset te gaan gebruiken. Die heb ik 2 dagen geleden geïnstalleerd omdat de McAfee al verlopen is. Wat er nu van Eset opstaat is nog een proefversie, die ga ik nog kopen en dan McAfee verwijderen. Ik heb ook na de scan van hijackthis die items verwijderd, maar daarna moest ik de laptop opnieuw opstarten wat weer fout ging. Hij liep vast met een zwart scherm en had hem weer handmatig moeten afsluiten. Weet niet of dit nadelig was voor de verwijdering van die items? De laptop start in elk geval nu wel op de normale manier op gelukkig. Helaas is alles wel nog steeds enorm traag.. bijvoorbeeld windows verkenner doet er 14 min over voordat hij opstart.. Hier is hoe het nieuwe logje is geworden: (zijn de running processes niet overdreven veel??) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:39:43, on 17-2-2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\csrss.exe C:\windows\system32\wininit.exe C:\windows\system32\csrss.exe C:\windows\system32\services.exe C:\windows\system32\winlogon.exe C:\windows\system32\lsass.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\taskhost.exe C:\windows\system32\taskeng.exe C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\windows\system32\rundll32.exe C:\windows\SYSTEM32\Rezip.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\Dwm.exe C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe C:\windows\system32\igfxext.exe C:\windows\system32\igfxsrvc.exe C:\windows\Explorer.exe C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\wuauclt.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE C:\windows\servicing\TrustedInstaller.exe C:\windows\system32\SearchProtocolHost.exe C:\hijackthis\HijackThis.exe C:\windows\system32\SearchFilterHost.exe C:\windows\System32\svchost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100820224836.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing) O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [APLangApp] "C:\Program Files\AnyPC Client\APLangApp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [fsn] C:\Program Files\Phoenix Technologies Ltd\FailSafe\FailSafeNotifier.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\muhammed\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Windows Live Family Safety Service (fsssvc) - Unknown owner - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (file missing) O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 11489 bytes
  23. TVA
    De laptop is al een tijdje ontzettend traag en krijgt bij ELK programma even dat "reageert niet". Nou moesten er laatst updates gedaan worden bij het uitschakelen. Na 6 UUR lang updaten kwam hij eindelijk bij de update 12 van 12, en bleef vervolgens nog 3 uur lang daarop haken. Handmatig afgesloten. Vervolgens bij t opstarten kwam de configuratie melding, waarbij hij een uur bleef haken bij 67%.. Wederom afgesloten en nu krijg ik bij het opstarten elke keer "Fout bij configureren". De laptop komt nu helemaal niet meer verder dan dat. Hij kan alleen nog opstarten in veilige modus. Ik heb het idee dat er teveel troep op de laptop zit, en hij "nadenkt" met 100 programma's tegelijk.. Ook zit er nog een virus op volgens mij.. Hoe kan ik hem nou weer normaal opstarten?? En hoe krijg ik die traagheid minder/weg? Heb wel alvast een Hijack logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:44:25, on 15-2-2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Safe mode Running processes: C:\windows\System32\smss.exe C:\windows\system32\csrss.exe C:\windows\system32\wininit.exe C:\windows\system32\csrss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe C:\windows\system32\ctfmon.exe C:\windows\Explorer.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\windows\system32\igfxsrvc.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\hijackthis\HijackThis.exe C:\windows\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) R3 - URLSearchHook: Softonic Netherlands Toolbar - {65ca59ee-9920-4d7f-8c41-bfa12403261a} - C:\Program Files\Softonic_Netherlands\prxtbSoft.dll O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: Softonic Netherlands - {65ca59ee-9920-4d7f-8c41-bfa12403261a} - C:\Program Files\Softonic_Netherlands\prxtbSoft.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100820224836.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - (no file) O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (file missing) O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Softonic Netherlands Toolbar - {65ca59ee-9920-4d7f-8c41-bfa12403261a} - C:\Program Files\Softonic_Netherlands\prxtbSoft.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [APLangApp] "C:\Program Files\AnyPC Client\APLangApp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [fsn] C:\Program Files\Phoenix Technologies Ltd\FailSafe\FailSafeNotifier.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\muhammed\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (file missing) O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Windows Live Family Safety Service (fsssvc) - Unknown owner - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (file missing) O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 11992 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.