jeevee
-
Items
22 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door jeevee
-
Ik heb (met het zweet in mijn handen) de instructies opgevolgd en heb Skype (gebruik ik weinig) en Google uitgeschakeld. Hiermee is het probleem opgelost. Ik denk dat Google de boosdoener is, dat was mijn favoriete browser maar bij installatie van Windows 10 heb ik gekozen voor Explorer cq Edge Ik denk van dit het probleem heeft veroorzaakt. Nogmaals dank voor uw hulp
-
Goede morgen PrintScreen reageert in deze situatie helaas niet. Ik heb een foto gemaakt die ik heb bijgevoegd. met vriendelijke groet
-
Helaas niet ik heb het eerste bericht op het scherm bijgevoegd
-
Ik heb een upgrade uitgevoerd van mijn beide pc's naar Windows.10 Bij de andere pc is dit probleemloos verlopen. Bij deze pc krijg ik foutmeldingen bij het afsluiten (of herstarten) Dit zijn:: 2 apps worden gesloten en de pc wordt opnieuw opgestart Icoon DDE server Icoon program manager Daarna volgt: 1 app wordt gesloten en de pc wordt opnieuw opgestart - klik op annuleren icoon program manager De pc functioneert verder prima Ik heb ook gekeken of er misschien nog oude pc's staan aangemeld op mijn account. Dat is niet het geval er staan uitsluitend de 2 pc's die ik in gebruik heb
-
Nogmaals mijn dank voor uw hulp mvg Jaap Vermeulen
-
Mijn startpagina inderdaad weer prima waarvoor mijn dank Er zijn in totaal 3 bestanden gegenereerd voor alle zekerheid de 2 andere ook bijgevoegd mvg Jaap AdwCleanerR0.txt AdwCleanerR1.txt AdwCleanerS0.txt
-
Bijgaand de resultaten mvg Jaap zoek-results.txt
-
Bijgaand het log bestand mvg Logfile of random's system information tool 1.10 (written by random/random) Run by jaap at 2015-01-03 18:26:36 Microsoft Windows 8.1 System drive C: has 104 GB (73%) free of 142 GB Total RAM: 6132 MB (75% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:26:50, on 3-1-2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17416) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\jaap.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1420285047&from=wpm12311&uid=WDCXWD1500HLFS-01G6U0_WD-WXLY0802187121871 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1420285047&from=wpm12311&uid=WDCXWD1500HLFS-01G6U0_WD-WXLY0802187121871&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1420285047&from=wpm12311&uid=WDCXWD1500HLFS-01G6U0_WD-WXLY0802187121871&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1420285047&from=wpm12311&uid=WDCXWD1500HLFS-01G6U0_WD-WXLY0802187121871 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1395140622&from=cor&uid=WDCXWD1500HLFS-01G6U0_WD-WXLY0802187121871&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1395140622&from=cor&uid=WDCXWD1500HLFS-01G6U0_WD-WXLY0802187121871&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1420285047&from=wpm12311&uid=WDCXWD1500HLFS-01G6U0_WD-WXLY0802187121871 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginService\PluginService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 6115 bytes ======Listing Processes====== wininit.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\ProgramData\IePluginService\PluginService.exe -service C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" dashost.exe {30892fe3-4bd3-4fb0-b3b1060233456cfd} "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d9922dbd-5b5a-4c9d-81ab-50525531b885 -SystemEventPortName:HostProcess-b2d3d5cf-4b2d-42f7-9127-c29f0c62d989 -IoCancelEventPortName:HostProcess-c63f0767-9f99-4b0a-a863-f64b70f68cd1 -NonStateChangingEventPortName:HostProcess-71fb2bfd-47f8-4e23-a907-6f7e4a4b8903 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:06a077d7-d7dd-4271-bf45-b4651f0651bc -DeviceGroupId:WpdFsGroup C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" taskhost.exe $(Arg0) "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service "C:\Program Files (x86)\WinZipper\winzipersvc.exe" C:\Windows\System32\WinLogon.exe -SpecialSession -hiberboot "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\Windows\system32\conhost.exe 0x4 C:\Windows\Explorer.EXE taskhostex.exe "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server C:\Windows\System32\skydrive.exe -Embedding "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Windows\System32\SettingSyncHost.exe" -Embedding C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files\Internet Explorer\iexplore.exe" http://www.delta-homes.com/?type=sc&ts=1420285047&from=wpm12311&uid=WDCXWD1500HLFS-01G6U0_WD-WXLY0802187121871 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:532 CREDAT:267521 /prefetch:2 "C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:532 CREDAT:529714 /prefetch:2 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe71_ Global\UsGthrCtrlFltPipeMssGthrPipe71 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584 "C:\Users\jaap\Downloads\RSITx64.exe" "C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey DE5E57FD-2232-9D35-C5BD-4A5671488945 -Reinvoke ======Scheduled tasks folder====== C:\Windows\tasks\Digital Sites.job - C:\Users\jaap\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE /Check ======Registry dump====== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-02-05 1179576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\SupTab\SEARCH~2.DLL" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.yuy2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "vidc.yvyu"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "vidc.uyvy"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-01-03 18:26:36 ----D---- C:\rsit 2015-01-03 18:26:36 ----D---- C:\Program Files\trend micro 2015-01-03 12:37:35 ----D---- C:\Users\jaap\AppData\Roaming\WinZipper 2015-01-03 12:37:35 ----D---- C:\Program Files (x86)\WinZipper 2015-01-03 12:37:35 ----A---- C:\Windows\SYSWOW64\msvcr100.dll 2015-01-03 12:37:35 ----A---- C:\Windows\SYSWOW64\msvcp100.dll 2015-01-03 12:37:25 ----D---- C:\ProgramData\WindowsMangerProtect 2014-12-23 23:53:14 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe 2014-12-23 23:51:20 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll 2014-12-23 23:51:20 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll 2014-12-23 23:51:20 ----A---- C:\Windows\SYSWOW64\nvopencl.dll 2014-12-23 23:51:20 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll 2014-12-23 23:51:20 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll 2014-12-23 23:51:20 ----A---- C:\Windows\SYSWOW64\nvinit.dll 2014-12-23 23:51:20 ----A---- C:\Windows\SYSWOW64\NvIFR.dll 2014-12-23 23:51:20 ----A---- C:\Windows\SYSWOW64\NvFBC.dll 2014-12-23 23:51:20 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll 2014-12-23 23:51:20 ----A---- C:\Windows\SYSWOW64\nvcuda.dll 2014-12-23 23:51:20 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvumdshimx.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvopencl.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvoglv64.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvoglshim64.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvinitx.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\NvIFR64.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvhdap64.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvhdagenco64.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\NvFBC64.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvdispgenco6434709.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvdispco6434709.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvd3dumx.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvcuvid.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvcuda.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\nvcompiler.dll 2014-12-23 23:51:20 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys 2014-12-23 23:51:20 ----A---- C:\Windows\system32\drivers\nvhda64v.sys 2014-12-20 12:37:17 ----A---- C:\Windows\SYSWOW64\poqexec.exe 2014-12-20 12:37:17 ----A---- C:\Windows\system32\poqexec.exe 2014-12-11 11:00:19 ----D---- C:\Windows\system32\appraiser 2014-12-11 10:54:25 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll 2014-12-11 10:54:25 ----A---- C:\Windows\system32\shell32.dll 2014-12-11 10:54:24 ----A---- C:\Windows\SYSWOW64\shell32.dll 2014-12-11 10:54:24 ----A---- C:\Windows\system32\SyncEngine.dll 2014-12-11 10:54:22 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll 2014-12-11 10:54:21 ----A---- C:\Windows\SYSWOW64\msctf.dll 2014-12-11 10:54:21 ----A---- C:\Windows\system32\wuaueng.dll 2014-12-11 10:54:21 ----A---- C:\Windows\system32\ntoskrnl.exe 2014-12-11 10:54:21 ----A---- C:\Windows\system32\msctf.dll 2014-12-11 10:54:21 ----A---- C:\Windows\system32\drivers\netio.sys 2014-12-11 10:54:20 ----A---- C:\Windows\SYSWOW64\mfplat.dll 2014-12-11 10:54:20 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll 2014-12-11 10:54:20 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll 2014-12-11 10:54:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2014-12-11 10:54:20 ----A---- C:\Windows\system32\spoolsv.exe 2014-12-11 10:54:20 ----A---- C:\Windows\system32\SkyDrive.exe 2014-12-11 10:54:20 ----A---- C:\Windows\system32\mfplat.dll 2014-12-11 10:54:20 ----A---- C:\Windows\system32\mfmp4srcsnk.dll 2014-12-11 10:54:20 ----A---- C:\Windows\system32\MFMediaEngine.dll 2014-12-11 10:54:20 ----A---- C:\Windows\system32\IKEEXT.DLL 2014-12-11 10:54:20 ----A---- C:\Windows\system32\drivers\rasl2tp.sys 2014-12-11 10:54:20 ----A---- C:\Windows\system32\crypt32.dll 2014-12-11 10:54:19 ----A---- C:\Windows\SYSWOW64\WSDApi.dll 2014-12-11 10:54:19 ----A---- C:\Windows\SYSWOW64\WinSCard.dll 2014-12-11 10:54:19 ----A---- C:\Windows\SYSWOW64\untfs.dll 2014-12-11 10:54:19 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL 2014-12-11 10:54:19 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2014-12-11 10:54:19 ----A---- C:\Windows\SYSWOW64\AppxAllUserStore.dll 2014-12-11 10:54:19 ----A---- C:\Windows\system32\wuauclt.exe 2014-12-11 10:54:19 ----A---- C:\Windows\system32\WSDMon.dll 2014-12-11 10:54:19 ----A---- C:\Windows\system32\WSDApi.dll 2014-12-11 10:54:19 ----A---- C:\Windows\system32\WinSCard.dll 2014-12-11 10:54:19 ----A---- C:\Windows\system32\vpnike.dll 2014-12-11 10:54:19 ----A---- C:\Windows\system32\untfs.dll 2014-12-11 10:54:19 ----A---- C:\Windows\system32\QSVRMGMT.DLL 2014-12-11 10:54:19 ----A---- C:\Windows\system32\ntdll.dll 2014-12-11 10:54:19 ----A---- C:\Windows\system32\nshwfp.dll 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\wfplwfs.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\wanarp.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\vhdmp.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\sdbus.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\pdc.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\mouclass.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\kbdclass.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\intelpep.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\i8042prt.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\dumpsd.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\drivers\dam.sys 2014-12-11 10:54:19 ----A---- C:\Windows\system32\dnsrslvr.dll 2014-12-11 10:54:19 ----A---- C:\Windows\system32\BFE.DLL 2014-12-11 10:54:19 ----A---- C:\Windows\system32\AppxAllUserStore.dll 2014-12-11 10:54:18 ----A---- C:\Windows\SYSWOW64\wuwebv.dll 2014-12-11 10:54:18 ----A---- C:\Windows\SYSWOW64\wuapi.dll 2014-12-11 10:54:18 ----A---- C:\Windows\SYSWOW64\vssapi.dll 2014-12-11 10:54:18 ----A---- C:\Windows\SYSWOW64\rasapi32.dll 2014-12-11 10:54:18 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL 2014-12-11 10:54:18 ----A---- C:\Windows\SYSWOW64\nshwfp.dll 2014-12-11 10:54:18 ----A---- C:\Windows\SYSWOW64\dnsapi.dll 2014-12-11 10:54:18 ----A---- C:\Windows\SYSWOW64\DevicePairing.dll 2014-12-11 10:54:18 ----A---- C:\Windows\system32\wuwebv.dll 2014-12-11 10:54:18 ----A---- C:\Windows\system32\WUSettingsProvider.dll 2014-12-11 10:54:18 ----A---- C:\Windows\system32\wudriver.dll 2014-12-11 10:54:18 ----A---- C:\Windows\system32\wucltux.dll 2014-12-11 10:54:18 ----A---- C:\Windows\system32\wuapi.dll 2014-12-11 10:54:18 ----A---- C:\Windows\system32\VSSVC.exe 2014-12-11 10:54:18 ----A---- C:\Windows\system32\vsstrace.dll 2014-12-11 10:54:18 ----A---- C:\Windows\system32\vssapi.dll 2014-12-11 10:54:18 ----A---- C:\Windows\system32\SkyDriveTelemetry.dll 2014-12-11 10:54:18 ----A---- C:\Windows\system32\rasapi32.dll 2014-12-11 10:54:18 ----A---- C:\Windows\system32\QSHVHOST.DLL 2014-12-11 10:54:18 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2014-12-11 10:54:18 ----A---- C:\Windows\system32\drivers\sermouse.sys 2014-12-11 10:54:18 ----A---- C:\Windows\system32\drivers\ndproxy.sys 2014-12-11 10:54:18 ----A---- C:\Windows\system32\drivers\ndistapi.sys 2014-12-11 10:54:18 ----A---- C:\Windows\system32\drivers\mouhid.sys 2014-12-11 10:54:18 ----A---- C:\Windows\system32\drivers\kbdhid.sys 2014-12-11 10:54:18 ----A---- C:\Windows\system32\drivers\agilevpn.sys 2014-12-11 10:54:18 ----A---- C:\Windows\system32\dnsapi.dll 2014-12-11 10:54:18 ----A---- C:\Windows\system32\DevicePairing.dll 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\wudriver.dll 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\wuapp.exe 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\wow32.dll 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\vsstrace.dll 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\user.exe 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\setup16.exe 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\rasser.dll 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\rasmxs.dll 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\rasdiag.dll 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\rascfg.dll 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\instnm.exe 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL 2014-12-11 10:54:17 ----A---- C:\Windows\SYSWOW64\eventcls.dll 2014-12-11 10:54:17 ----A---- C:\Windows\system32\wuapp.exe 2014-12-11 10:54:17 ----A---- C:\Windows\system32\wow64cpu.dll 2014-12-11 10:54:17 ----A---- C:\Windows\system32\wow64.dll 2014-12-11 10:54:17 ----A---- C:\Windows\system32\rasser.dll 2014-12-11 10:54:17 ----A---- C:\Windows\system32\rasmxs.dll 2014-12-11 10:54:17 ----A---- C:\Windows\system32\rasdiag.dll 2014-12-11 10:54:17 ----A---- C:\Windows\system32\rascfg.dll 2014-12-11 10:54:17 ----A---- C:\Windows\system32\ntvdm64.dll 2014-12-11 10:54:17 ----A---- C:\Windows\system32\eventcls.dll 2014-12-11 10:54:17 ----A---- C:\Windows\splwow64.exe 2014-12-11 10:54:11 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll 2014-12-11 10:54:11 ----A---- C:\Windows\system32\SystemSettingsAdminFlowUI.dll 2014-12-11 10:54:11 ----A---- C:\Windows\system32\SettingsHandlers.dll 2014-12-11 10:54:11 ----A---- C:\Windows\system32\MrmCoreR.dll 2014-12-11 10:54:10 ----A---- C:\Windows\system32\SystemSettingsDatabase.dll 2014-12-11 10:54:10 ----A---- C:\Windows\system32\SystemSettingsAdminFlows.exe 2014-12-11 10:54:10 ----A---- C:\Windows\system32\SystemSettings.Handlers.dll 2014-12-11 10:54:10 ----A---- C:\Windows\system32\MDMAgent.exe 2014-12-11 10:21:57 ----A---- C:\Windows\SYSWOW64\DeviceSetupStatusProvider.dll 2014-12-11 10:21:57 ----A---- C:\Windows\system32\DeviceSetupStatusProvider.dll 2014-12-11 10:12:44 ----A---- C:\Windows\system32\appraiser.dll 2014-12-11 10:12:44 ----A---- C:\Windows\system32\aepic.dll 2014-12-11 10:12:44 ----A---- C:\Windows\system32\aeinv.dll 2014-12-11 10:12:43 ----A---- C:\Windows\system32\invagent.dll 2014-12-11 10:12:43 ----A---- C:\Windows\system32\generaltel.dll 2014-12-11 10:12:43 ----A---- C:\Windows\system32\devinv.dll 2014-12-11 10:12:42 ----A---- C:\Windows\system32\aepdu.dll 2014-12-11 10:12:41 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2014-12-11 10:12:41 ----A---- C:\Windows\system32\WindowsCodecs.dll 2014-12-11 10:12:38 ----A---- C:\Windows\system32\mshtml.dll 2014-12-11 10:12:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-12-11 10:12:34 ----A---- C:\Windows\system32\ieframe.dll 2014-12-11 10:12:33 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-12-11 10:12:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-12-11 10:12:33 ----A---- C:\Windows\system32\wininet.dll 2014-12-11 10:12:33 ----A---- C:\Windows\system32\jscript9.dll 2014-12-11 10:12:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-12-11 10:12:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-12-11 10:12:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-12-11 10:12:32 ----A---- C:\Windows\system32\urlmon.dll 2014-12-11 10:12:32 ----A---- C:\Windows\system32\iertutil.dll 2014-12-11 10:12:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-12-11 10:12:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-12-11 10:12:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-12-11 10:12:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-12-11 10:12:31 ----A---- C:\Windows\system32\vbscript.dll 2014-12-11 10:12:31 ----A---- C:\Windows\system32\msfeeds.dll 2014-12-11 10:12:31 ----A---- C:\Windows\system32\iedkcs32.dll 2014-12-11 10:12:31 ----A---- C:\Windows\system32\ieapfltr.dll 2014-12-11 10:12:31 ----A---- C:\Windows\system32\ie4uinit.exe 2014-12-11 10:12:30 ----A---- C:\Windows\SYSWOW64\webcheck.dll 2014-12-11 10:12:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-12-11 10:12:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-12-11 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript.dll 2014-12-11 10:12:30 ----A---- C:\Windows\SYSWOW64\inetcomm.dll 2014-12-11 10:12:30 ----A---- C:\Windows\SYSWOW64\iepeers.dll 2014-12-11 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-12-11 10:12:30 ----A---- C:\Windows\system32\webcheck.dll 2014-12-11 10:12:30 ----A---- C:\Windows\system32\mshtmled.dll 2014-12-11 10:12:30 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-12-11 10:12:30 ----A---- C:\Windows\system32\jscript.dll 2014-12-11 10:12:30 ----A---- C:\Windows\system32\inetcomm.dll 2014-12-11 10:12:30 ----A---- C:\Windows\system32\iepeers.dll 2014-12-11 10:12:30 ----A---- C:\Windows\system32\dxtrans.dll ======List of files/folders modified in the last 1 month====== 2015-01-03 18:26:41 ----D---- C:\Windows\Prefetch 2015-01-03 18:26:36 ----RD---- C:\Program Files 2015-01-03 18:26:29 ----D---- C:\Windows\Temp 2015-01-03 18:17:42 ----D---- C:\Windows\system32\sru 2015-01-03 13:16:37 ----D---- C:\Windows\system32\config 2015-01-03 13:12:58 ----D---- C:\Windows\system32\DriverStore 2015-01-03 12:37:35 ----RD---- C:\Program Files (x86) 2015-01-03 12:37:35 ----D---- C:\Windows\SysWOW64 2015-01-03 12:37:25 ----HD---- C:\ProgramData 2015-01-03 12:37:24 ----D---- C:\ProgramData\WPM 2015-01-03 12:30:42 ----D---- C:\Windows\Microsoft.NET 2015-01-03 12:19:30 ----D---- C:\Windows\AppReadiness 2014-12-26 09:16:49 ----D---- C:\Users\jaap\AppData\Roaming\vlc 2014-12-26 09:13:15 ----RD---- C:\Windows\System32 2014-12-26 09:13:15 ----D---- C:\Windows\Inf 2014-12-26 09:13:15 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-12-25 15:59:42 ----SHD---- C:\System Volume Information 2014-12-25 15:48:44 ----D---- C:\Windows\WinSxS 2014-12-25 15:33:39 ----D---- C:\Windows\system32\catroot2 2014-12-25 15:31:15 ----D---- C:\Windows 2014-12-23 23:53:27 ----D---- C:\ProgramData\NVIDIA 2014-12-23 23:53:09 ----D---- C:\Windows\system32\drivers 2014-12-23 23:40:04 ----HD---- C:\Program Files\WindowsApps 2014-12-23 23:34:34 ----D---- C:\Windows\CbsTemp 2014-12-13 11:08:08 ----A---- C:\Windows\SYSWOW64\OpenCL.dll 2014-12-13 11:08:08 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll 2014-12-13 11:08:08 ----A---- C:\Windows\SYSWOW64\nvapi.dll 2014-12-13 11:08:08 ----A---- C:\Windows\system32\OpenCL.dll 2014-12-13 11:08:08 ----A---- C:\Windows\system32\nvwgf2umx.dll 2014-12-13 11:08:08 ----A---- C:\Windows\system32\nvapi64.dll 2014-12-13 09:03:15 ----A---- C:\Windows\system32\nvsvc64.dll 2014-12-13 09:03:15 ----A---- C:\Windows\system32\nvcpl.dll 2014-12-13 09:03:13 ----A---- C:\Windows\system32\nvvsvc.exe 2014-12-13 09:03:13 ----A---- C:\Windows\system32\nvsvcr.dll 2014-12-13 09:03:13 ----A---- C:\Windows\system32\nvshext.dll 2014-12-13 09:03:13 ----A---- C:\Windows\system32\nvmctray.dll 2014-12-11 11:00:19 ----SD---- C:\Windows\system32\CompatTel 2014-12-11 11:00:19 ----SD---- C:\ProgramData\Microsoft 2014-12-11 11:00:19 ----RD---- C:\Windows\ImmersiveControlPanel 2014-12-11 11:00:19 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-12-11 11:00:19 ----D---- C:\Windows\system32\wbem 2014-12-11 11:00:19 ----D---- C:\Windows\system32\nl-NL 2014-12-11 11:00:19 ----D---- C:\Windows\system32\en-US 2014-12-11 11:00:19 ----D---- C:\Windows\PolicyDefinitions 2014-12-11 11:00:19 ----D---- C:\Program Files\Internet Explorer 2014-12-11 11:00:19 ----D---- C:\Program Files (x86)\Internet Explorer 2014-12-11 11:00:18 ----RD---- C:\Windows\ToastData 2014-12-11 11:00:16 ----D---- C:\Windows\SYSWOW64\setup 2014-12-11 11:00:16 ----D---- C:\Windows\system32\setup 2014-12-11 11:00:16 ----D---- C:\Windows\apppatch 2014-12-11 11:00:14 ----D---- C:\Windows\system32\sr-Latn-RS 2014-12-11 11:00:14 ----D---- C:\Windows\system32\sr-Latn-CS 2014-12-11 10:56:41 ----D---- C:\Windows\system32\MRT 2014-12-11 10:55:40 ----A---- C:\Windows\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 157016] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680] R3 e1yexpress;@net1yx64.inf,%E1YExpress.Service.DispName%;Stuurprogramma voor Intel® Gigabit-netwerkverbindingen; C:\Windows\system32\DRIVERS\e1y60x64.sys [2013-06-18 283136] R3 NVHDA;@oem27.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-10-09 195728] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-12-13 10345280] R3 nvvad_WaveExtensible;@oem9.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200] R3 RtlWlanu;@netrtwlanu.inf,%RtlWlanu.DeviceDesc.DispName%;Realtek draadloze LAN 802.11n USB 2.0-netwerkadapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2013-07-31 1975000] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912] R3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;UMDF-reflectorservice voor LocationProvider; C:\Windows\System32\drivers\WUDFRd.sys [2014-10-29 226304] R3 WUDFWpdFs;WUDFWpdFs; C:\Windows\System32\drivers\WUDFRd.sys [2014-10-29 226304] S3 WSDPrintDevice;@WSDPrint.Inf,%WSDPrintDevice.SVCDESC%;WSD Print Support; C:\Windows\System32\drivers\WSDPrint.sys [2013-08-22 20992] S3 WSDScan;@sti.inf,%WSDScan.SvcDesc%;Ondersteuning voor WSD-scan; C:\Windows\System32\drivers\WSDScan.sys [2014-10-29 23040] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 IePluginService;IePlugin Service; C:\ProgramData\IePluginService\PluginService.exe [2014-04-11 705136] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-12-13 935240] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-12-13 410768] R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-12-31 469504] R2 winzipersvc;WinZiper service; C:\Program Files (x86)\WinZipper\winzipersvc.exe [2014-12-31 425136] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792] -----------------EOF-----------------
-
Goede middag, De startpagina van deze pc is gekaapt. Als ik internet opstart, wordt de pagina van deltahomes getoond Deze pagina raadt me aan de pc te laten scannen om zo waarschijnlijk een programma te kunnen verkopen. Terugzetten naar mijn startpagina (MSN.COM) helpt niet wordt geblokkeerd Wat moet ik doen om hier van af te komen?
-
Ik heb poblemen met de virusscanner op mijn laptopje. De virusscanner (macafee) die op de laptop geinstalleerd was, is verlopen. Ik gebruik Windows 8 en wil overstappen op Windows Defender. Ik krijg doorlopend melding dat de laptop niet langer beschermd is Ik kan de virusscanner niet uitschakelen ook niet met administrator-optie. Een mogelijkheid zo zijn om Mcafee compleet van de pc te halen. Gaarne advies.
-
Goede middag, Alles uitvoerd zoals opgegeven. Ik zal markeren als opgelost, voordat ik dat doe, wil ik u langs deze weg dankzeggen voor alle moeite die u heeft gedaan om mij te helpen. De komende week zal ik een donatie overmaken mvg Jaap Vermeulen
-
Goede middag, Onderstaand het log.file. Ik heb het prgr. 2 x gedraaid. 1 x nadat MSE handmating had geactiveerd en 1 x zonder dat ik MSE had geactiveerd. Beide keren hetzelfde resultaat. mvg Jaap Vermeulen Results of screen317's Security Check version 0.99.73 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 25 Adobe Reader 8 Adobe Reader out of Date! Adobe Reader 9 Adobe Reader out of Date! Google Chrome 22.0.1229.95 Google Chrome 28.0.1500.71 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
-
Goede middag, Ik denk dat pc schoon is start en werkt goed. MSE staat nog niet in de balk rechtsonder (groen/rode icoontje) Ik heb het blauwe icoontje van MSE links onder in de balk geplaatst. Nadat de pc opgestart is, klikt ik hier even op, geeft altijd de status beveiligd geen probleem mvg Jaap Vermeulen
-
Goede morgen Java7 geinstalleerd, staat nu in de programmalijst mvg Jaap Vermeulen
-
Goedenavond, Ik heb alles afgesloten en heb daarna verwijderd: java 6update24 (dat is de enige versie die in de programmalijst voorkomt) opnieuw opgestart naar bureaublad gedownload versie: jre-7u25-windows-i586.tag.gz aansluitend uitgepakt. Dit ging heel snel. (ik kan me herinneren dat het installeren van een vorige versie veel meer tijd in beslag nam) Programma is terug te vinden op de pc, maar staat NIET in de programmalijst en is waarschijnlijk niet actief. Hoewel de icoontjes rechts naast dit reactiescherm normaal werken Heb ik de verkeerde versie heb gedownload? Eventueel kan ik deze versie verwijderen en opnieuw installeren via de optie uitvoeren. Gaarne advies mvg
-
Goede middag, bijgaand het script, mvg Zoek.exe Version 4.0.0.4 Updated 26-08-2013 Tool run by Jaap on do 29-08-2013 at 12:51:44,83. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jaap\Desktop\zoek.exe [script inserted] ==== System Restore Info ====================== 29-8-2013 12:53:19 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-287512712-1839797093-578937918-1000\Software\Microsoft\Internet Explorer\SearchScopes\{946FD91E-6C25-975A-452E-1BFF20B59012} deleted successfully HKEY_USERS\S-1-5-21-287512712-1839797093-578937918-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-287512712-1839797093-578937918-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-287512712-1839797093-578937918-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\Users\Jaap\AppData\Roaming\AutoGK.ini" deleted "C:\ProgramData\BM2b3a8c98.txt" deleted "C:\Users\Jaap\AppData\Roaming\Ohol\pady.ufa" deleted "C:\Users\Jaap\AppData\Roaming\Ypfy\voefcea.tmp" deleted "C:\Users\Jaap\AppData\Roaming\Teodi\imek.tmp" deleted "C:\Users\Jaap\AppData\Roaming\Ohol" deleted "C:\Users\Jaap\AppData\Roaming\Osci" deleted "C:\Users\Jaap\AppData\Roaming\Ypfy" deleted "C:\Users\Jaap\AppData\Roaming\Teodi" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Jaap\AppData\Local\Temp ==== 2013-08-25 13:04:57 2FF9B590342C62748885D459D082295F 89248 --sha-w- C:\Users\Jaap\AppData\Local\Temp\InstallFlashPlayer.exe ====== C:\Windows\system32 ===== 2013-08-27 21:48:57 C43A71C2845C88D7E5A8A26D3850BDFB 1548288 ----a-w- C:\Windows\System32\WMVDECOD.DLL ====== C:\Windows\system32\drivers ===== 2013-08-14 13:01:59 F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 24064 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2013-08-14 13:01:58 6D0D344F643E28B31262AC2682109A3C 914880 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-08-14 13:01:58 5877A786EF27E42C4E84D1356F922302 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Users\Jaap\AppData\Roaming ====== ====== C:\Users\Jaap ====== ====== C: exe-files == 2013-08-29 07:57:37 60CEFABAC2C573B266B567534CE7567E 1178424 ----a-w- C:\Users\Jaap\Desktop\mbar\mbar.exe 2013-08-29 07:57:28 373A0226FCB397B0C4031AD27FC429EE 757048 ----a-w- C:\Users\Jaap\Desktop\mbar\Plugins\fixdamage.exe 2013-08-27 14:55:36 25A16EEF1648D6A049C3C4FDA43B78BC 923136 ----a-w- C:\Users\Jaap\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0JSW4AJL\RogueKiller.exe 2013-08-27 13:02:53 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Jaap.exe 2013-08-25 13:04:57 2FF9B590342C62748885D459D082295F 89248 --sha-w- C:\Users\Jaap\AppData\Local\temp\InstallFlashPlayer.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-287512712-1839797093-578937918-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nmctxth"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" "nmapp"="C:\Program Files\Pure Networks\Network Magic\nmapp.exe -autorun -nosplash" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon" "Skytel"="Skytel.exe" "RtHDVCpl"="RtHDVCpl.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "MSC"="c:\Program Files\Microsoft Security Client\mssecex.exe -hide -runkey" "PMBVolumeWatcher"="C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes Anti-Malware (reboot)] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Malwarebytes Anti-Malware (reboot)" "hkey"="HKLM" "command"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe\" /runcleanupscript" ==== Startup Folders ====================== 2011-10-13 09:14:45 1101 ----a-w- C:\users\Jaap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="UPC Live - UPC Nederland" "Start Page Restore"="UPC Live - UPC Nederland" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="UPC Live - UPC Nederland" "Start Page Restore"="UPC Live - UPC Nederland" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jaap\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Jaap\AppData\Local\temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jaap\AppData\Local\temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jaap\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Jaap\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Jaap\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on do 29-08-2013 at 13:06:35,13 ======================
-
Goede morgen Allereerst excuses voor de late beantwoording, eerder lukte niet. Ik heb de scan uitgevoerd en er is geen malware ontdekt. mvg Jaap Vermeulen
-
Goedenavond Bijgaand het 2e rapport van Rogue, mvg: RogueKiller V8.6.6 [Aug 19 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : Forum Website : RogueKiller download Blog : tigzy-RK besturingssysteem : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Gestart vanuit : Normale modus Gebruiker : Jaap [Administrator rechten] Modus : Verwijder -- Datum : 08/28/2013 00:00:07 | ARK || FAK || MBR | ¤¤¤ Kwaadaardige processen : 0 ¤¤¤ ¤¤¤ Register verwijzingen : 8 ¤¤¤ [RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\?��?��?��\?��?��?��\???ﯹ๛\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\GoogleUpdate.exe" >) -> Verwijderd [RUN][ZeroAccess] HKUS\S-1-5-21-287512712-1839797093-578937918-1000\[...]\Run : Google Update ("C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\?��?��?��\?��?��?��\???ﯹ๛\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\GoogleUpdate.exe" >) -> [0xc0000034] Unknown error [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> Verwijderd [HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> Verwijderd [HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> VERVANGEN (0) [HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> VERVANGEN (0) [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> VERVANGEN (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> VERVANGEN (0) ¤¤¤ geplande taken : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ webbrowsers : 0 ¤¤¤ ¤¤¤ Speciale Files / Folders: ¤¤¤ [ZeroAccess][map] Install : C:\Users\Jaap\AppData\Local\Google\Desktop\Install [-] --> Verwijderd [ZeroAccess][map] L : C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\?��?��?��\?��?��?��\???ﯹ๛\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\L [-] --> Verwijderd [ZeroAccess][map] U : C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\?��?��?��\?��?��?��\???ﯹ๛\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\U [-] --> Verwijderd [ZeroAccess][map] {4f55bdcd-2140-17f6-4dc1-a98e21f1b076} : C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\?��?��?��\?��?��?��\???ﯹ๛\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076} [-] --> Verwijderd [ZeroAccess][map] ???ﯹ๛ : C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\?��?��?��\?��?��?��\???ﯹ๛ [-] --> Verwijderd [ZeroAccess][map] ?��?��?�� : C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\?��?��?��\?��?��?�� [-] --> Verwijderd [ZeroAccess][map] ?��?��?�� : C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\?��?��?�� [-] --> Verwijderd [ZeroAccess][map] {4f55bdcd-2140-17f6-4dc1-a98e21f1b076} : C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076} [-] --> Verwijderd ¤¤¤ Driver : [Geladen] ¤¤¤ ¤¤¤ Externe Hives: ¤¤¤ ¤¤¤ Infectie : ZeroAccess ¤¤¤ ¤¤¤ HOSTS Bestand: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Controle: ¤¤¤ +++++ PhysicalDrive0: Hitachi HDS721075KLA330 ATA Device +++++ --- User --- [MBR] 9ef7e88ca9f7ef2c124cbdff317aee26 [bSP] f601d23d605d4bc52c5a60be0693d5e3 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 715402 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: Hitachi HDS721075KLA330 ATA Device +++++ --- User --- [MBR] 4af44b2c829a168cf39107546cd4188b [bSP] 79ba2d75ec3434d4234c1c114cb084f5 : Windows Vista MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476938 Mo User = LL1 ... OK! User = LL2 ... OK! Gereed : << RKreport[0]_D_08282013_000007.txt >> RKreport[0]_S_08272013_165812.txt;RKreport[0]_S_08272013_235733.txt
-
Bijgaand logfile Rogue, mvg: RogueKiller V8.6.6 [Aug 19 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : Forum Website : RogueKiller download Blog : tigzy-RK besturingssysteem : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Gestart vanuit : Normale modus Gebruiker : Jaap [Administrator rechten] Modus : Scan -- Datum : 08/27/2013 16:58:12 | ARK || FAK || MBR | ¤¤¤ Kwaadaardige processen : 0 ¤¤¤ ¤¤¤ Register verwijzingen : 8 ¤¤¤ [RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\?��?��?��\?��?��?��\???ﯹ๛\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\GoogleUpdate.exe" >) -> gevonden [RUN][ZeroAccess] HKUS\S-1-5-21-287512712-1839797093-578937918-1000\[...]\Run : Google Update ("C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\?��?��?��\?��?��?��\???ﯹ๛\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\GoogleUpdate.exe" >) -> gevonden [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> gevonden [HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> gevonden [HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> gevonden [HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> gevonden [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> gevonden [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden ¤¤¤ geplande taken : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ webbrowsers : 0 ¤¤¤ ¤¤¤ Speciale Files / Folders: ¤¤¤ [ZeroAccess][map] Install : C:\Users\Jaap\AppData\Local\Google\Desktop\Install [-] --> gevonden ¤¤¤ Driver : [Geladen] ¤¤¤ ¤¤¤ Externe Hives: ¤¤¤ ¤¤¤ Infectie : ZeroAccess ¤¤¤ ¤¤¤ HOSTS Bestand: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Controle: ¤¤¤ +++++ PhysicalDrive0: Hitachi HDS721075KLA330 ATA Device +++++ --- User --- [MBR] 9ef7e88ca9f7ef2c124cbdff317aee26 [bSP] f601d23d605d4bc52c5a60be0693d5e3 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 715402 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: Hitachi HDS721075KLA330 ATA Device +++++ --- User --- [MBR] 4af44b2c829a168cf39107546cd4188b [bSP] 79ba2d75ec3434d4234c1c114cb084f5 : Windows Vista MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476938 Mo User = LL1 ... OK! User = LL2 ... OK! Gereed : << RKreport[0]_S_08272013_165812.txt >>
-
Onderstand het logfile van hi-jackthis, mvg Logfile of random's system information tool 1.09 (written by random/random) Run by Jaap at 2013-08-27 15:02:52 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 357 GB (75%) free of 477 GB Total RAM: 3070 MB (55% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:03:36, on 27-8-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16502) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe C:\Users\Jaap\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\157DINZV\RSIT.exe C:\Program Files\trend micro\Jaap.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = UPC Live - UPC Nederland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\???\???\???\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\GoogleUpdate.exe" > O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 9214 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}] Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-06-28 202144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-24 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-10 842296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-07-24 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-16 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-24 256112] {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-06-28 1615256] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "nmctxth"=C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [2009-07-07 647216] "nmapp"=C:\Program Files\Pure Networks\Network Magic\nmapp.exe [2009-07-08 472112] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-11-01 2508104] "CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-03 767312] "Skytel"=C:\Windows\Skytel.exe [2007-04-13 1822720] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-23 4435968] "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "MSC"=c:\Program Files\Microsoft Security Client\mssecex.exe -hide -runkey [] "PMBVolumeWatcher"=C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2013-04-24 740888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-13 39408] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2012-03-08 4280184] "OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-03-09 720064] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240] "Google Update"= [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2013-04-04 887432] C:\Users\Jaap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "msacm.siren"=sirenacm.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2013-08-27 15:02:52 ----D---- C:\rsit 2013-08-14 17:28:51 ----A---- C:\Windows\system32\vbscript.dll 2013-08-14 17:28:51 ----A---- C:\Windows\system32\mshtmled.dll 2013-08-14 17:28:50 ----A---- C:\Windows\system32\jsproxy.dll 2013-08-14 17:28:50 ----A---- C:\Windows\system32\ieui.dll 2013-08-14 17:28:49 ----A---- C:\Windows\system32\wininet.dll 2013-08-14 17:28:49 ----A---- C:\Windows\system32\msfeeds.dll 2013-08-14 17:28:49 ----A---- C:\Windows\system32\ieUnatt.exe 2013-08-14 17:28:48 ----A---- C:\Windows\system32\jscript9.dll 2013-08-14 17:28:48 ----A---- C:\Windows\system32\jscript.dll 2013-08-14 17:28:47 ----A---- C:\Windows\system32\url.dll 2013-08-14 17:28:47 ----A---- C:\Windows\system32\iertutil.dll 2013-08-14 17:28:46 ----A---- C:\Windows\system32\urlmon.dll 2013-08-14 17:28:45 ----A---- C:\Windows\system32\ieframe.dll 2013-08-14 17:28:44 ----A---- C:\Windows\system32\mshtml.dll 2013-08-14 15:01:59 ----A---- C:\Windows\system32\icaapi.dll 2013-08-14 15:01:59 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2013-08-14 15:01:58 ----A---- C:\Windows\system32\drivers\tcpipreg.sys 2013-08-14 15:01:58 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-08-14 15:01:49 ----A---- C:\Windows\system32\tzres.dll 2013-08-14 15:01:44 ----A---- C:\Windows\system32\rpcrt4.dll 2013-08-14 15:01:40 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-08-14 15:01:40 ----A---- C:\Windows\system32\ntkrnlpa.exe 2013-08-14 15:01:40 ----A---- C:\Windows\system32\ntdll.dll 2013-08-14 15:01:35 ----A---- C:\Windows\system32\cryptsvc.dll 2013-08-14 15:01:35 ----A---- C:\Windows\system32\crypt32.dll 2013-08-14 15:01:34 ----A---- C:\Windows\system32\wintrust.dll 2013-08-14 15:01:34 ----A---- C:\Windows\system32\cryptnet.dll 2013-07-29 13:08:22 ----D---- C:\Windows\system32\MRT ======List of files/folders modified in the last 1 month====== 2013-08-27 15:03:36 ----D---- C:\Program Files\Trend Micro 2013-08-27 15:03:27 ----D---- C:\Windows\temp 2013-08-27 15:03:03 ----D---- C:\Windows\Prefetch 2013-08-27 15:00:54 ----D---- C:\Windows\system32\drivers 2013-08-27 13:02:02 ----SHD---- C:\System Volume Information 2013-08-27 11:14:44 ----D---- C:\ProgramData\NVIDIA 2013-08-27 01:05:12 ----D---- C:\Users\Jaap\AppData\Roaming\NewsBin 2013-08-25 15:29:31 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2013-08-25 01:52:29 ----D---- C:\Windows\System32 2013-08-25 01:52:29 ----D---- C:\Windows\inf 2013-08-25 01:52:29 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-08-24 11:53:57 ----D---- C:\ProgramData\CanonIJPLM 2013-08-24 11:41:07 ----D---- C:\ProgramData\CanonIJ 2013-08-23 00:13:39 ----D---- C:\Users\Jaap\AppData\Roaming\vlc 2013-08-21 17:45:29 ----D---- C:\Windows\system32\Tasks 2013-08-21 17:45:14 ----SHD---- C:\Windows\Installer 2013-08-20 01:06:43 ----D---- C:\Windows\system32\catroot2 2013-08-14 18:09:45 ----D---- C:\Windows\Microsoft.NET 2013-08-14 18:09:44 ----RSD---- C:\Windows\assembly 2013-08-14 18:09:04 ----D---- C:\Windows\winsxs 2013-08-14 18:02:33 ----D---- C:\Windows\rescache 2013-08-14 17:47:09 ----D---- C:\Windows\system32\catroot 2013-08-14 17:42:57 ----D---- C:\Windows\system32\nl-NL 2013-08-14 17:42:57 ----D---- C:\Windows\system32\migration 2013-08-14 17:42:57 ----D---- C:\Program Files\Internet Explorer 2013-08-14 17:34:49 ----A---- C:\Windows\system32\mrt.exe 2013-08-07 15:10:14 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2013-07-29 13:00:06 ----D---- C:\Program Files\Microsoft Security Client 2013-07-29 12:59:38 ----D---- C:\Windows 2013-07-29 12:46:12 ----D---- C:\ProgramData\Microsoft Help ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 211560] R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\drivers\siwinacc.sys [2004-11-01 10368] R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\drivers\siremfil.sys [2006-10-18 5504] R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\Windows\system32\drivers\xfilt.sys [2006-10-18 17920] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392] R2 pnarp;Pure Networks Device Discovery Driver; C:\Windows\system32\DRIVERS\pnarp.sys [2009-07-07 26672] R2 purendis;Pure Networks Wireless Driver; C:\Windows\system32\DRIVERS\purendis.sys [2009-07-07 27696] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-23 1769952] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-26 8939296] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176] R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S3 catchme;catchme; \??\C:\Users\Jaap\AppData\Local\Temp\catchme.sys [] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272] S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 25112] S3 MagicTune;MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [2006-08-28 13312] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016] S3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [] S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-09-29 47360] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328] S3 viaagp1;VIA AGP Filter; C:\Windows\system32\drivers\viaagp1.sys [2003-07-02 27904] S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2006-09-07 10112] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S4 nvrd32;NVIDIA nForce RAID Driver ; C:\Windows\system32\drivers\nvrd32.sys [2007-07-02 131616] S4 nvsmu;nvsmu; C:\Windows\system32\drivers\nvsmu.sys [2007-02-16 12032] S4 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2007-07-02 110112] S4 Si3114r5;SiI-3114 SoftRaid 5 Controller; C:\Windows\system32\drivers\si3114r5.sys [2005-05-26 175104] S4 SI3132;SiI-3132 SATALink Controller; C:\Windows\system32\drivers\si3132.sys [2006-04-19 67712] S4 Si3132r5;SiI-3132 SoftRaid 5 Controller; C:\Windows\system32\drivers\si3132r5.sys [2006-01-12 199680] S4 Si3531;SiI-3531 SATA Controller; C:\Windows\system32\drivers\si3531.sys [2006-11-17 210224] S4 UGURU;UGURU; C:\Windows\system32\drivers\uguru.sys [2006-10-02 21048] S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-11-08 102912] S4 videX32;videX32; C:\Windows\system32\drivers\videx32.sys [2006-10-17 9216] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504] R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2009-09-08 116104] R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 22208] R2 nmservice;Pure Networks Platform Service; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [2009-07-07 647216] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2013-04-24 483864] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 295376] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-07 257416] S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-09-23 79360] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 182768] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF-----------------
-
Goede middag, Onderstaand het logbestand van Malware, aansluitend ga ik het door u opgeven prgr uitvoeren en stuur ik op: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.08.25.04 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Jaap :: KOMPLETT [administrator] 25-8-2013 15:30:02 mbam-log-2013-08-25 (15-30-02).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 260560 Verstreken tijd: 12 minuut/minuten, 12 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Google Update (Malware.Packer.ZA) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Google Update (Trojan.Zaccess) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 3 C:\Users\Jaap\AppData\Local\Google\Desktop\Install\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\❤≸⋙\Ⱒ☠⍨\*ﯹ๛\{4f55bdcd-2140-17f6-4dc1-a98e21f1b076}\GoogleUpdate.exe (Malware.Packer.ZA) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Jaap\AppData\Local\temp\msimg32.dll (Malware.Packer.ZA) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Jaap\AppData\Local\temp\~tmf3368759876987452054.tmp (Malware.Packer.ZA) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
-
Goede middag, Ik was zondagmiddag op het net en kreeg op een gegeven moment de melding, dat ik de pc opnieuw moest opstarten om het =opschonen= van de pc te voltooien. Zonder hierover GOED na te denken heb dat gedaan. Ik heb de pc opnieuw opgestart, hierbij viel me op dat het (groene) icoontje MS Essentials onderaan de balk verdwenen is. Het zou kunnen dat de pc is geinfecteerd, maar weet niet hoe ik dat ik kan controleren. Omdat het forum Breekpunt.nl me al eens eerder heeft geholpen heb ik met hen contact opgenomen enheb ik Malwarebytes gedraaid, daarbij zijn 5 bestandjes gelokaliseerd die ik heb laten verwijderen. Het logbestand heb ik bewaard. Ik heb echter begrepen dat Breekpunt.nl niet langer actief is. Kunt mij helpen? Het verwijderen van Malwarebytes van mijn pc als deze conflicteert met Avast is geen probleem
