Ga naar inhoud

serjo

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    47

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door serjo

  1. serjo
    Beste, De pc draait, maar: - de opstart verloopt traag - overgang en afsluiten van toepassingen loopt zeer traag - zelfs voor het opstarten van een firefox explorer Bij dit laatste verschijnt meermaals: 'intensief schijfgebruik - waarschuwing' Als ik via taakbeheer een kijkje neem: - processor is niet meer dan 10-15 % in gebruik - memory: 35 % Eénmaal in een programma lukt het wel, alhoewel ik op dat moment een overgang wil maken naar bv. verkenner is het weer een tijdje wachten. mvg serjo
  2. serjo
    Beste, Na alles nog eens gecheckt te hebben, verder gezocht naar mogelijke updates die het probleem kunnen veroorzaken. Via internet gezocht en gevonden: Update KB2670838:eviltongue:Deze is verwijderd en de boel draait goed, al 2 updates gedaan en de laptop draait nog steeds ! Bedankt bij deze voor de begeleiding van de herstelprocedure. mvg serjo:-)
  3. serjo
    Beste, Ik ben al een beetje verder, dwz ik bezit de productspecificaties van het toestel: Hardware Software Hardware Productnaam g7-1150sb Productnummer QA531EA Microprocessor 2,3 GHz Intel Core i5-2410M Microprocessorcache 3 MB L3-cache Geheugen 4 GB DDR3 Maximaal... Het toestel meermaals opgestart in normale modus: - men vraagt een framedriver te installeren, gedownload, blauw scherm - meermaals dit uitgeprobeerd, echter zonder resultaat. Dwz ik ben niet in de mogelijkheid om het toestel te scannen op zijn eventueel ontbrekende drivers. Verder heb ik nog een systeemherstel doorgevoerd in veilige modus, maar ook daarna nog steeds een fysieke geheugendump. mvg Serjo
  4. serjo
    beste, Ik ben mee. Het toestel is geleverd door 'Elektrocorner'. Toestellen van hp met normale garantie, die komen uit overstock, demo, ... Spijtig genoeg geen greintje naservice. Geen klachten tot hiertoe hierover: heb daar reeds vier toestellen besteld, lopen (buiten deze) allemaal vlot. (Omdat ikzelf niet helemaal leek ben, doe ik via teamviewer wat service voor die personen) Ik blijf toch zoeken naar meer info en laat dan iets weten. En al reuzebedankt ! mvg serjo;-)
  5. serjo
    Beste, Het lukt me niet de intelsoftware te draaien. In bijlage info over het systeem. Het toestel heeft lange tijd, een uur of meer standaard gedraaid. Daarnet wat opdrachten uitgevoerd, werkte. Daarna de intelopdracht uitgevoerd, naar firewall gegaan om deze uit te schakelen een dump. Terug opgestart, doet nu spontaan een dump zonder er een actie wordt uitgevoerd. mvg serjo:hmmmm:
  6. serjo
    - - - Updated - - - Beste, Voorgaande heb ik kunnen vastleggen als screenshot in normale opstart. Daarna terug een dump, op het moment dat ik het gegeven op het forum plaatste. mvg serjo
  7. serjo
    Beste, De intelcontrole wordt niet uitgevoerd, ook niet met ie en uitgeschakelde firewall. Ik krijg een foutmelding en dan een verwijzing naar een x.../java die ook niet uit te voeren is. Dan de specy uitgevoerd: beperkt dwz dll niet te verkrijgen. http://speccy.piriform.com/results/l0pHbJYupcAsjJ6vd8ZC6FC Verder een screenshot van de bestaande pc. mvg serjo
  8. serjo
    Beste, laatste geheugendump: Dump File : 070914-26114-01.dmp Crash Time : 9/07/2014 8:43:07 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`204e0560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`067825a8 Parameter 4 : 00000000`00000005 Caused By Driver : igdpmd64.sys Caused By Address : igdpmd64.sys+30f6b6 File Description : Intel Graphics Kernel Mode Driver Product Name : Intel Graphics Accelerator Drivers for Windows 7® Company : Intel Corporation File Version : 8.15.10.2279 Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070914-26114-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 9/07/2014 8:44:08 ================================================== hddisk test: zie bijlage memtest: 10 uren gedraaid, geen errors mvg serjo
  9. serjo
    Beste Asus, Inderdaad met de memtest ben ik bezig. Loopt op dit moment nog goed. Nogmaals bedankt voor de vervangende harddisktester. mvg serjo
  10. serjo
    Beste, Ik heb de schijf aangemaakt. (seagate - SeaTools for Dos) Opgestart vanaf de cd. Programma voor de schijfcontrole start op, MAAR VIND GEEN HARDDISK !!! mvg serjo
  11. serjo
    beste kweezie wabbit, Ondertussen heb ik de laptop opgestart in normale modus: - nieuwe versie van 'acrobad reader ' gedownload en geïnstalleerd. - nieuwe versie van 'Java' gedownload en geïnstalleerd. - norton antivirus even opgestart en instellingen aangepast. En nog steeds loopt alles als een klok, waarvoor mijn oprechte dank ! Ik heb steeds gewerkt met 2 laptops: deze die normaal werkt en het andere toestel van 'roos'. Ik kan de door jou voorgestelde werkwijze uitvoeren. mvg serjo:-) - - - Updated - - - haha, Te vlug victorie gekraaid, het toestel doet net een nieuwe dump.xD serjo
  12. serjo
    Beste, Ik heb dit nog steeds uitgevoerd in veilige modus. De reden: deze ochtend had ik nog een dump zoals je kan merken in de bestanden. Van harte dank voor al het begeleidingswerk. mvg serjo ================================================== Dump File : 070814-28719-01.dmp Crash Time : 8/07/2014 9:25:51 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff880`ea4fe560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`059805a8 Parameter 4 : 00000000`00000005 Caused By Driver : atikmdag.sys Caused By Address : atikmdag.sys+e547f File Description : ATI Radeon Kernel Mode Driver Product Name : ATI Radeon Family Company : ATI Technologies Inc. File Version : 8.01.01.1114 Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070814-28719-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 8/07/2014 9:27:07 ================================================== ================================================== Dump File : 070814-27861-01.dmp Crash Time : 7/07/2014 23:15:12 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff880`fcd64560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`059665a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070814-27861-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 8/07/2014 8:40:55 ================================================== ================================================== Dump File : 070714-76658-01.dmp Crash Time : 7/07/2014 22:09:41 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`23c3f560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`059a15a8 Parameter 4 : 00000000`00000005 Caused By Driver : iaStor.sys Caused By Address : iaStor.sys+21a67 File Description : Intel Rapid Storage Technology driver - x64 Product Name : Intel Rapid Storage Technology driver Company : Intel Corporation File Version : 10.1.2.1004 Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070714-76658-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 7/07/2014 22:11:43 ================================================== ================================================== Dump File : 070714-78811-01.dmp Crash Time : 7/07/2014 20:53:21 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`0efd7560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`059795a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070714-78811-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 7/07/2014 20:55:28 ================================================== ================================================== Dump File : 070714-36395-01.dmp Crash Time : 7/07/2014 19:58:19 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`2d4eb560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`0675b5a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070714-36395-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 7/07/2014 19:59:40 ================================================== ================================================== Dump File : 070714-64132-01.dmp Crash Time : 7/07/2014 19:51:28 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`1ab16560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`067665a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070714-64132-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 7/07/2014 19:53:09 ================================================== ================================================== Dump File : 070714-49311-01.dmp Crash Time : 7/07/2014 18:06:33 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`2f46c560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`0678e5a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070714-49311-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 7/07/2014 18:08:03 ================================================== ================================================== Dump File : 070714-46753-01.dmp Crash Time : 7/07/2014 12:02:40 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`2bdc2560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`059a45a8 Parameter 4 : 00000000`00000005 Caused By Driver : iaStor.sys Caused By Address : iaStor.sys+6388 File Description : Intel Rapid Storage Technology driver - x64 Product Name : Intel Rapid Storage Technology driver Company : Intel Corporation File Version : 10.1.2.1004 Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070714-46753-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 7/07/2014 12:04:11 ================================================== ================================================== Dump File : 070714-52806-01.dmp Crash Time : 7/07/2014 11:53:03 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`4627a560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`0675c5a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070714-52806-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 7/07/2014 11:54:26 ================================================== ================================================== Dump File : 070614-22854-01.dmp Crash Time : 6/07/2014 16:39:42 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff880`f9274560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`067645a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070614-22854-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 6/07/2014 16:40:59 ================================================== ================================================== Dump File : 070614-52057-01.dmp Crash Time : 6/07/2014 14:59:06 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`26ed2560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`067825a8 Parameter 4 : 00000000`00000005 Caused By Driver : iaStor.sys Caused By Address : iaStor.sys+21a01 File Description : Intel Rapid Storage Technology driver - x64 Product Name : Intel Rapid Storage Technology driver Company : Intel Corporation File Version : 10.1.2.1004 Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070614-52057-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 6/07/2014 15:00:28 ================================================== ================================================== Dump File : 070214-45692-01.dmp Crash Time : 2/07/2014 9:33:07 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`28f1dd60 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`067855a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070214-45692-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 2/07/2014 9:34:28 ================================================== ================================================== Dump File : 070114-26254-01.dmp Crash Time : 1/07/2014 21:00:04 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff880`a671c560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`0676c5a8 Parameter 4 : 00000000`00000005 Caused By Driver : dxgmms1.sys Caused By Address : dxgmms1.sys+c194 File Description : DirectX Graphics MMS Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18126 (win7sp1_gdr.130409-1534) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070114-26254-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 1/07/2014 21:01:32 ================================================== ================================================== Dump File : 070114-19110-01.dmp Crash Time : 1/07/2014 18:58:02 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`1ead4560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`0675b5a8 Parameter 4 : 00000000`00000005 Caused By Driver : i8042prt.sys Caused By Address : i8042prt.sys+8c1d File Description : i8042-poortstuurprogramma Product Name : Besturingssysteem Microsoft® Windows® Company : Microsoft Corporation File Version : 6.1.7600.16385 (win7_rtm.090713-1255) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070114-19110-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 1/07/2014 18:58:57 ================================================== ================================================== Dump File : 070114-24460-01.dmp Crash Time : 1/07/2014 18:48:31 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff880`9bb36560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`067785a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070114-24460-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 1/07/2014 18:49:54 ================================================== ================================================== Dump File : 070114-19000-01.dmp Crash Time : 1/07/2014 17:26:12 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`0b306560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`067765a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070114-19000-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 1/07/2014 17:27:18 ================================================== ================================================== Dump File : 070114-24913-01.dmp Crash Time : 1/07/2014 17:19:17 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`28bcd560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`0675d5a8 Parameter 4 : 00000000`00000005 Caused By Driver : atikmpag.sys Caused By Address : atikmpag.sys+558d File Description : AMD multi-vendor Miniport Driver Product Name : AMD driver Company : Advanced Micro Devices, Inc. File Version : 8.14.01.6178 Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070114-24913-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 1/07/2014 17:20:39 ================================================== ================================================== Dump File : 062714-28875-01.dmp Crash Time : 27/06/2014 11:48:01 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`3635d560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`0679f5a8 Parameter 4 : 00000000`00000005 Caused By Driver : SynTP.sys Caused By Address : SynTP.sys+17a54 File Description : Synaptics Touchpad Driver Product Name : Synaptics Pointing Device Driver Company : Synaptics Incorporated File Version : 15.2.4.4 15Dec10 Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\062714-28875-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 27/06/2014 11:48:56 ================================================== ================================================== Dump File : 062714-22635-01.dmp Crash Time : 27/06/2014 0:08:27 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`24256560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`059a65a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\062714-22635-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 27/06/2014 0:09:27 ================================================== ================================================== Dump File : 062714-29499-01.dmp Crash Time : 27/06/2014 0:00:21 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`226b6560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`067a65a8 Parameter 4 : 00000000`00000005 Caused By Driver : atikmpag.sys Caused By Address : atikmpag.sys+485c File Description : AMD multi-vendor Miniport Driver Product Name : AMD driver Company : Advanced Micro Devices, Inc. File Version : 8.14.01.6178 Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\062714-29499-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 27/06/2014 0:01:21 ================================================== ================================================== Dump File : 062614-31777-01.dmp Crash Time : 26/06/2014 23:51:00 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`3a76f560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`0675f5a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\062614-31777-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 26/06/2014 23:52:04 ================================================== ================================================== Dump File : 062614-42401-01.dmp Crash Time : 26/06/2014 23:09:03 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`1e9ea560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`0675a5a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\062614-42401-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 26/06/2014 23:10:39 ================================================== ================================================== Dump File : 062614-41714-01.dmp Crash Time : 26/06/2014 22:59:08 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`1ff2fd60 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`067765a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\062614-41714-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 26/06/2014 23:00:42 ================================================== ================================================== Dump File : 062614-37455-01.dmp Crash Time : 26/06/2014 22:51:56 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`33c73560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`059a35a8 Parameter 4 : 00000000`00000005 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+75bc0 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\062614-37455-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 26/06/2014 22:53:34 ================================================== ================================================== Dump File : 013014-38438-01.dmp Crash Time : 30/01/2014 22:59:20 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`387aa560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`0697a5a8 Parameter 4 : 00000000`00000005 Caused By Driver : SynTP.sys Caused By Address : SynTP.sys+17a54 File Description : Synaptics Touchpad Driver Product Name : Synaptics Pointing Device Driver Company : Synaptics Incorporated File Version : 15.2.4.4 15Dec10 Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\013014-38438-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 30/01/2014 23:00:56 ================================================== ================================================== Dump File : 111813-32729-01.dmp Crash Time : 18/11/2013 14:45:58 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x00000050 Parameter 1 : fffff881`16944560 Parameter 2 : 00000000`00000000 Parameter 3 : fffff880`059945a8 Parameter 4 : 00000000`00000005 Caused By Driver : SynTP.sys Caused By Address : SynTP.sys+15526 File Description : Synaptics Touchpad Driver Product Name : Synaptics Pointing Device Driver Company : Synaptics Incorporated File Version : 15.2.4.4 15Dec10 Processor : x64 Crash Address : ntoskrnl.exe+75bc0 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\111813-32729-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 18/11/2013 14:47:01 ================================================== ================================================== Dump File : 070313-25989-01.dmp Crash Time : 3/07/2013 9:53:08 Bug Check String : DRIVER_POWER_STATE_FAILURE Bug Check Code : 0x1000009f Parameter 1 : 00000000`00000004 Parameter 2 : 00000000`00000258 Parameter 3 : fffffa80`042e2660 Parameter 4 : fffff800`00b9c3d0 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+78a7a File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+78a7a Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\070313-25989-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 513.736 Dump File Time : 3/07/2013 9:54:29 ================================================== ================================================== Dump File : 111112-27003-01.dmp Crash Time : 11/11/2012 10:47:26 Bug Check String : KMODE_EXCEPTION_NOT_HANDLED Bug Check Code : 0x0000001e Parameter 1 : 00000000`00000000 Parameter 2 : 00000000`00000000 Parameter 3 : 00000000`00000000 Parameter 4 : 00000000`00000000 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+7ef90 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+7ef90 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\111112-27003-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 11/11/2012 10:48:23 ================================================== ================================================== Dump File : 040310-30669-01.dmp Crash Time : 3/04/2010 22:47:57 Bug Check String : KMODE_EXCEPTION_NOT_HANDLED Bug Check Code : 0x0000001e Parameter 1 : 00000000`00000000 Parameter 2 : 00000000`00000000 Parameter 3 : 00000000`00000000 Parameter 4 : 00000000`00000000 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+7cc10 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+7cc10 Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\040310-30669-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 262.144 Dump File Time : 3/04/2010 22:49:18 ================================================== ================================================== Dump File : 020310-37128-01.dmp Crash Time : 3/02/2010 20:19:53 Bug Check String : DRIVER_POWER_STATE_FAILURE Bug Check Code : 0x1000009f Parameter 1 : 00000000`00000004 Parameter 2 : 00000000`00000258 Parameter 3 : fffffa80`042e3b60 Parameter 4 : fffff800`042a5740 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+7f4da File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144) Processor : x64 Crash Address : ntoskrnl.exe+7f4da Stack Address 1 : Stack Address 2 : Stack Address 3 : Computer Name : Full Path : C:\Windows\Minidump\020310-37128-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 7601 Dump File Size : 571.552 Dump File Time : 3/02/2010 20:21:35 ==================================================
  13. serjo
    # AdwCleaner v3.214 - Rapport aangemaakt 08/07/2014 op 09:16:56 # Laatste Update 29/06/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : Roos - ROOS-HP # Gestart vanuit : C:\herstelmap pc\adwcleaner\adwcleaner_3.214.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Sleutel Verwijderd : HKCU\Software\APN Sleutel Verwijderd : HKCU\Software\Ask.com Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\AskToolbar Sleutel Verwijderd : HKLM\Software\APN Sleutel Verwijderd : HKLM\Software\AskToolbar Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijderd : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17126 -\\ Mozilla Firefox v29.0.1 (en-US) [ Bestand : C:\Users\MATS\AppData\Roaming\Mozilla\Firefox\Profiles\h4gsv3n4.default\prefs.js ] [ Bestand : C:\Users\Raf\AppData\Roaming\Mozilla\Firefox\Profiles\iwwzfuta.default\prefs.js ] [ Bestand : C:\Users\Roos\AppData\Roaming\Mozilla\Firefox\Profiles\uelon7rk.default\prefs.js ] [ Bestand : C:\Users\Teun\AppData\Roaming\Mozilla\Firefox\Profiles\k9a3clk9.default\prefs.js ] -\\ Google Chrome v35.0.1916.153 [ Bestand : C:\Users\MATS\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ Bestand : C:\Users\Raf\AppData\Local\Google\Chrome\User Data\Default\preferences ] Verwijderd [Extension] : bopakagnckmlgajfccecajhnimjiiedh [ Bestand : C:\Users\Roos\AppData\Local\Google\Chrome\User Data\Default\preferences ] Verwijderd [Extension] : bopakagnckmlgajfccecajhnimjiiedh [ Bestand : C:\Users\Teun\AppData\Local\Google\Chrome\User Data\Default\preferences ] Verwijderd [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo Verwijderd [Extension] : hphibigbodkkohoglgfkddblldpfohjl Verwijderd [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej Verwijderd [Extension] : kincjchfokkeneeofpeefomkikfkiedl Verwijderd [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc Verwijderd [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc ************************* AdwCleaner[R0].txt - [5453 octets] - [08/07/2014 09:08:36] AdwCleaner[s0].txt - [5107 octets] - [08/07/2014 09:16:56] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5167 octets] ##########
  14. serjo
    Zoek.exe v5.0.0.0 Updated 05-July-2014 Tool run by Roos on ma 07/07/2014 at 20:04:34,58. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Safe Mode NETWORK Internet Access Detected Launched: C:\herstelmap pc\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\Program Files\Symantec deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\PCSettings deleted successfully C:\Users\Teun\AppData\Roaming\hpqLog deleted successfully C:\Users\MATS\AppData\Local\VirtualStore deleted successfully C:\Users\Raf\AppData\Local\VirtualStore deleted successfully C:\Users\Raf\AppData\Local\{C65EDB98-8DF0-4C5A-9A78-1A5BA2B774E3} deleted successfully C:\Users\Roos\AppData\Local\ib deleted successfully C:\Users\Teun\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1413599566-1329967044-1382984099-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully HKEY_USERS\S-1-5-21-1413599566-1329967044-1382984099-1000\Software\Microsoft\Internet Explorer\SearchScopes\{701A77EF-1EA0-4326-94A6-B6F80844A7D7} deleted successfully HKEY_USERS\S-1-5-21-1413599566-1329967044-1382984099-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7CB514BE-E1EB-426E-9CA5-630F3CCBDC78} deleted successfully HKEY_USERS\S-1-5-21-1413599566-1329967044-1382984099-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully HKEY_USERS\S-1-5-21-1413599566-1329967044-1382984099-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\MATS\AppData\Roaming\Mozilla\Firefox\Profiles\h4gsv3n4.default user.js not found ---- Lines WebSearch removed from prefs.js ---- user_pref("keyword.URL", "Ask.com ---- Lines ask.com removed from prefs.js ---- user_pref("browser.search.defaultengine", "Ask.com"); user_pref("browser.search.order.1", "Ask.com"); ---- Lines asktb removed from prefs.js ---- user_pref("extensions.asktb.ff-original-keyword-url", ""); ---- FireFox user.js and prefs.js backups ---- prefs_20140707_2021_.backup ProfilePath: C:\Users\Raf\AppData\Roaming\Mozilla\Firefox\Profiles\iwwzfuta.default user.js not found ---- Lines WebSearch removed from prefs.js ---- user_pref("keyword.URL", "Ask.com ---- Lines ask.com removed from prefs.js ---- user_pref("browser.search.defaultengine", "Ask.com"); user_pref("browser.search.order.1", "Ask.com"); ---- Lines asktb removed from prefs.js ---- user_pref("extensions.asktb.ff-original-keyword-url", ""); ---- FireFox user.js and prefs.js backups ---- prefs_20140707_2021_.backup ProfilePath: C:\Users\Roos\AppData\Roaming\Mozilla\Firefox\Profiles\uelon7rk.default user.js not found ---- Lines ask.com modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20140707_2021_.backup ProfilePath: C:\Users\Teun\AppData\Roaming\Mozilla\Firefox\Profiles\k9a3clk9.default user.js not found ---- Lines WebSearch removed from prefs.js ---- user_pref("keyword.URL", "Ask.com ---- Lines ask.com removed from prefs.js ---- user_pref("browser.search.defaultengine", "Ask.com"); user_pref("browser.search.order.1", "Ask.com"); ---- Lines asktb removed from prefs.js ---- user_pref("extensions.asktb.ff-original-keyword-url", ""); ---- FireFox user.js and prefs.js backups ---- prefs_20140707_2021_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\Users\Roos\AppData\Roaming\Mozilla\Firefox\Profiles\uelon7rk.default\extensions\toolbar@ask.com deleted C:\Users\Roos\AppData\Roaming\Mozilla\Firefox\Profiles\uelon7rk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} deleted C:\PROGRA~2\Ask.com deleted C:\PROGRA~3\Ask deleted C:\Users\Roos\Searches deleted C:\Users\MATS\AppData\LocalLow\AskToolbar deleted C:\Users\Raf\AppData\LocalLow\AskToolbar deleted C:\Users\Roos\AppData\LocalLow\AskToolbar deleted C:\Users\Teun\AppData\LocalLow\AskToolbar deleted C:\windows\SysNative\TASKS\Scheduled Update for Ask Toolbar deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\MATS\AppData\Roaming\Mozilla\Firefox\Profiles\h4gsv3n4.default\extensions\staged deleted C:\Users\Raf\AppData\Roaming\Mozilla\Firefox\Profiles\iwwzfuta.default\extensions\staged deleted C:\Users\Roos\AppData\Roaming\Mozilla\Firefox\Profiles\uelon7rk.default\searchplugins\askcom.xml deleted C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted "C:\Windows\Installer\4c7ed.msi" deleted "C:\Windows\Installer\79f83.msi" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Roos\AppData\Local\Temp ==== 2014-07-07 18:01:33 CF95932C00190451115C782E139DE582 264488 ----a-w- C:\Users\Roos\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes.dll 2014-07-07 18:01:33 87AA773F15D90973090D4DF76F8E60EF 565808 ----a-w- C:\Users\Roos\AppData\Local\Temp\MSS\3.8.150.1\mcbrwsr2.dll 2014-07-07 18:01:33 2AA753368BF68871962D2E99B8692985 153760 ----a-w- C:\Users\Roos\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes_LD.dll 2014-07-07 18:01:33 14E9947D26B0A418AA02F87741E4B40B 769736 ----a-w- C:\Users\Roos\AppData\Local\Temp\MSS\3.8.150.1\McInstallerStartup.dll 2014-07-07 18:01:32 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\Roos\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe 2014-07-07 17:54:35 5634C601025C31032A0AF1590B4C0CA6 43008 ----a-w- C:\Users\Roos\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpulm72d.dll 2014-07-06 13:01:49 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Roos\AppData\Local\Temp\sysvszmq.dll 2014-06-26 21:50:43 CA52DFF54CDD68EBFB2EFE41276D5E58 277104 ----a-w- C:\Users\Roos\AppData\Local\Temp\MozUpdater\bgupdate-2\updater.exe 2014-06-26 21:50:27 CA52DFF54CDD68EBFB2EFE41276D5E58 277104 ----a-w- C:\Users\Roos\AppData\Local\Temp\MozUpdater\bgupdate-1\updater.exe 2014-06-26 21:50:19 CA52DFF54CDD68EBFB2EFE41276D5E58 277104 ----a-w- C:\Users\Roos\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe 2014-06-26 21:01:45 5634C601025C31032A0AF1590B4C0CA6 43008 ----a-w- C:\Users\Raf\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9i3syy.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-06-11 10:02:54 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-06-11 10:02:54 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-07-07 17:04:16 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Roos\AppData\Roaming ====== 2014-07-07 16:01:21 -------- d-sh--w- C:\Users\Roos\AppData\Locallow\EmieUserList 2014-07-07 16:01:21 -------- d-sh--w- C:\Users\Roos\AppData\Locallow\EmieSiteList 2014-07-07 13:05:46 -------- d-sh--w- C:\Users\Roos\AppData\Local\EmieUserList 2014-07-07 13:05:46 -------- d-sh--w- C:\Users\Roos\AppData\Local\EmieSiteList 2014-07-07 12:56:17 -------- d-----w- C:\Users\Roos\AppData\Local\ElevatedDiagnostics ====== C:\Users\Roos ====== 2014-07-07 16:25:43 262EBC2884133A3AC89109D87829ED5B 29981224 ----a-w- C:\Users\Roos\Downloads\5100_nld_win2k_xp.exe ====== C: exe-files == 2014-07-07 18:01:32 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\Roos\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe 2014-07-07 17:04:16 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Roos.exe 2014-07-07 17:03:58 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\herstelmap pc\RSITx64.exe 2014-07-07 16:25:43 262EBC2884133A3AC89109D87829ED5B 29981224 ----a-w- C:\Users\Roos\Downloads\5100_nld_win2k_xp.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1413599566-1329967044-1382984099-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Olympus ib"="C:\Program Files (x86)\Olympus\ib\olycamdetect.exe /Startup" "MDS_Menu"="C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Olympus\ib UpdateWithCreateOnce Software\OLYMPUS\ib\1.0" "HPConnectionManager"="C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2013-10-05 10:18:11 1046 ----a-w- C:\Users\Raf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2010-02-01 08:13:17 1239 ----a-w- C:\Users\Roos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16/05/2014 17:09] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/02/2013 19:33] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/02/2013 19:33] C:\Windows\tasks\HPCeeScheduleForRoos.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 22:15] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForRoos" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\WSCStub.exe"] "C:\Windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{7D60E71F-9576-456D-9960-72FAC07E2415}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{7E52FD94-CE9D-423A-B8A6-2337A92AB41A}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{85EA4649-007A-4D3F-A857-6E04E692CDC5}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F2B0F6D0-194B-4A06-98BF-E3BA260D236B}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe] "C:\Windows\SysNative\tasks\Norton 360\Norton Error Processor" [C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF" [26/06/2014 22:47] ==== Firefox Extensions ====================== ProfilePath: C:\Users\MATS\AppData\Roaming\Mozilla\Firefox\Profiles\h4gsv3n4.default - Yahoo Toolbar - %ProfilePath%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} ProfilePath: C:\Users\Raf\AppData\Roaming\Mozilla\Firefox\Profiles\iwwzfuta.default - Yahoo Toolbar - %ProfilePath%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} ProfilePath: C:\Users\Teun\AppData\Roaming\Mozilla\Firefox\Profiles\k9a3clk9.default - Yahoo Toolbar - %ProfilePath%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Roos\AppData\Roaming\Mozilla\Firefox\Profiles\uelon7rk.default A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director 855B79451ECF62602F20EB4D5C71F99B - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director ==== Deleted Firefox Extensions ====================== C:\Users\MATS\AppData\Roaming\Mozilla\Firefox\Profiles\h4gsv3n4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} deleted C:\Users\Raf\AppData\Roaming\Mozilla\Firefox\Profiles\iwwzfuta.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} deleted C:\Users\Teun\AppData\Roaming\Mozilla\Firefox\Profiles\k9a3clk9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11/04/2014 19:46] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\Exts\Chrome.crx[28/04/2014 14:52] Docs - MATS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - MATS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - MATS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - MATS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Protection - MATS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Gmail - MATS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Raf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Raf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Raf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Raf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Protection - Raf\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Raf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Raf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Roos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Roos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Norton Identity Safe for Google Chrome™ - Roos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc YouTube - Roos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Roos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Roos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Roos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Docs - Teun\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Teun\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Teun\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Teun\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Protection - Teun\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Gmail - Teun\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" "Default_Page_URL"="Bing" "Search Page"="Google" "Search Bar"="Upgrade to Google Chrome" "Default_Search_URL"="Upgrade to Google Chrome" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="%s - Google Search" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="Upgrade to Google Chrome" "Default_Search_URL"="Upgrade to Google Chrome" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="Bing" "Search Bar"="Bing" "Default_Search_URL"="Bing" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" "Start Page"="Google" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Bing" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {C73DE029-FCE3-4075-9F3C-669C2C8C79E5} Google Url="{searchTerms} - Google Search" {d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="{searchTerms - Search results - Wikipedia, the free encyclopedia}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="{searchTerms | eBay}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\65F8E9A2B13CBBD4FB2EF0E48C913255 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\65F8E9A2B13CBBD4FB2EF0E48C913255 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\MATS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\MATS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\MATS\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Raf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Raf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Raf\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Raf\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Roos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Roos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Roos\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Roos\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Teun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Teun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Teun\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\MATS\AppData\Local\Mozilla\Firefox\Profiles\h4gsv3n4.default\Cache emptied successfully C:\Users\Raf\AppData\Local\Mozilla\Firefox\Profiles\iwwzfuta.default\Cache emptied successfully C:\Users\Roos\AppData\Local\Mozilla\Firefox\Profiles\uelon7rk.default\Cache emptied successfully C:\Users\Teun\AppData\Local\Mozilla\Firefox\Profiles\k9a3clk9.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\MATS\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Raf\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Roos\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Teun\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=552 folders=62 9485011 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\MATS\AppData\Local\Temp emptied successfully C:\Users\Raf\AppData\Local\Temp emptied successfully C:\Users\Roos\AppData\Local\Temp will be emptied at reboot C:\Users\Teun\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Roos\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 07/07/2014 at 20:32:42,98 ======================
  15. serjo
    Logfile of random's system information tool 1.10 (written by random/random) Run by Roos at 2014-07-07 19:04:15 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 566 GB (81%) free of 698 GB Total RAM: 4044 MB (78% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:04:16, on 7/07/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Users\Roos\Downloads\HijackThis.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Roos.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0" O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Roos\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13924 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\Explorer.EXE ctfmon.exe C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1540 CREDAT:275457 /prefetch:2 "C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" "C:\Users\Roos\Downloads\HijackThis.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1540 CREDAT:668718 /prefetch:2 "C:\herstelmap pc\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForRoos.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForRoos (null) =========Mozilla firefox========= ProfilePath - C:\Users\Roos\AppData\Roaming\Mozilla\Firefox\Profiles\uelon7rk.default prefs.js - "browser.startup.homepage" - "Google" prefs.js - "keyword.URL" - "Yahoo Search - Web Search=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 13.0.0.214 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 13.0.0.214 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll C:\Users\Roos\AppData\Roaming\Mozilla\Firefox\Profiles\uelon7rk.default\extensions\ toolbar@ask.com {635abd67-4fe9-1b23-4f01-e679fa7484c1} C:\Users\Roos\AppData\Roaming\Mozilla\Firefox\Profiles\uelon7rk.default\searchplugins\ askcom.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll [2014-04-28 916320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21 6270336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-06 49440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll [2014-04-28 654176] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL [2014-02-21 392344] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll [2014-04-28 916320] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll [2014-04-28 654176] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-01-08 167960] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-01-08 391704] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-01-08 418328] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-17 2480936] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-01-25 525312] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-06-24 21720] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21445248] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-04-07 336384] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2011-01-13 283160] "HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-12-18 40312] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112] "HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "Olympus ib"=C:\Program Files (x86)\Olympus\ib\olycamdetect.exe [2012-02-02 96128] "MDS_Menu"=C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe [2011-08-30 223104] "HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-09-13 103992] ""= [] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Users\Roos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Roos\AppData\Roaming\Dropbox\bin\Dropbox.exe OpenOffice.org 3.3 .lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-01-08 384000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] wlnotify.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-05-06 52920] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SMR410] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-07-07 19:04:16 ----D---- C:\Program Files\trend micro 2014-07-07 19:04:15 ----D---- C:\rsit 2014-07-07 15:27:38 ----D---- C:\herstelmap pc 2014-07-01 20:41:12 ----D---- C:\NPE 2014-07-01 20:40:57 ----A---- C:\Windows\ntbtlog.txt 2014-06-11 12:02:55 ----A---- C:\Windows\SYSWOW64\usp10.dll 2014-06-11 12:02:55 ----A---- C:\Windows\system32\usp10.dll 2014-06-11 12:02:54 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-06-11 12:02:54 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2014-06-11 12:02:53 ----A---- C:\Windows\SYSWOW64\msxml6r.dll 2014-06-11 12:02:53 ----A---- C:\Windows\SYSWOW64\msxml6.dll 2014-06-11 12:02:53 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-06-11 12:02:53 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-06-11 12:02:53 ----A---- C:\Windows\system32\msxml6r.dll 2014-06-11 12:02:53 ----A---- C:\Windows\system32\msxml6.dll 2014-06-11 12:02:53 ----A---- C:\Windows\system32\msxml3r.dll 2014-06-11 12:02:53 ----A---- C:\Windows\system32\msxml3.dll 2014-06-11 12:02:50 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-06-11 12:02:50 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-06-11 12:02:49 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-06-11 12:02:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-06-11 12:02:49 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-06-11 12:02:49 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-06-11 12:02:49 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-06-11 12:02:49 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-06-11 12:02:49 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 12:02:49 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-06-11 12:02:48 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-06-11 12:02:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-06-11 12:02:48 ----A---- C:\Windows\system32\urlmon.dll 2014-06-11 12:02:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-06-11 12:02:47 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-06-11 12:02:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-06-11 12:02:47 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-06-11 12:02:47 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-06-11 12:02:47 ----A---- C:\Windows\system32\msfeeds.dll 2014-06-11 12:02:47 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 12:02:47 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-06-11 12:02:47 ----A---- C:\Windows\system32\dxtmsft.dll 2014-06-11 12:02:46 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-06-11 12:02:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-06-11 12:02:46 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-06-11 12:02:46 ----A---- C:\Windows\system32\iesetup.dll 2014-06-11 12:02:46 ----A---- C:\Windows\system32\iertutil.dll 2014-06-11 12:02:46 ----A---- C:\Windows\system32\ie4uinit.exe 2014-06-11 12:02:45 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-06-11 12:02:45 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-06-11 12:02:45 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-06-11 12:02:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-06-11 12:02:45 ----A---- C:\Windows\system32\jsproxy.dll 2014-06-11 12:02:45 ----A---- C:\Windows\system32\ieui.dll 2014-06-11 12:02:45 ----A---- C:\Windows\system32\iernonce.dll 2014-06-11 12:02:45 ----A---- C:\Windows\system32\dxtrans.dll 2014-06-11 12:02:44 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-06-11 12:02:44 ----A---- C:\Windows\system32\mshtmled.dll 2014-06-11 12:02:44 ----A---- C:\Windows\system32\jscript9diag.dll 2014-06-11 12:02:44 ----A---- C:\Windows\system32\ieUnatt.exe 2014-06-11 12:02:44 ----A---- C:\Windows\system32\ieframe.dll 2014-06-11 12:02:43 ----A---- C:\Windows\system32\wininet.dll 2014-06-11 12:02:43 ----A---- C:\Windows\system32\vbscript.dll 2014-06-11 12:02:43 ----A---- C:\Windows\system32\jscript9.dll 2014-06-11 12:02:43 ----A---- C:\Windows\system32\ieapfltr.dll 2014-06-11 12:02:42 ----A---- C:\Windows\system32\msrating.dll 2014-06-11 12:02:41 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 12:02:41 ----A---- C:\Windows\system32\mshtml.dll 2014-06-11 12:02:23 ----A---- C:\Windows\system32\aepdu.dll 2014-06-11 12:02:22 ----A---- C:\Windows\system32\aeinv.dll ======List of files/folders modified in the last 1 month====== 2014-07-07 19:04:16 ----RD---- C:\Program Files 2014-07-07 18:23:19 ----D---- C:\Windows\Temp 2014-07-07 18:07:59 ----D---- C:\Windows\Minidump 2014-07-07 18:07:29 ----D---- C:\Windows 2014-07-07 18:04:59 ----D---- C:\Windows\System32 2014-07-07 18:04:59 ----D---- C:\Windows\inf 2014-07-07 18:04:59 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-07-07 18:02:38 ----D---- C:\Windows\Tasks 2014-07-07 18:02:38 ----D---- C:\Windows\system32\Tasks 2014-07-07 18:01:39 ----D---- C:\Users\Roos\AppData\Roaming\Skype 2014-07-07 18:01:04 ----A---- C:\Windows\SYSWOW64\log.txt 2014-07-07 17:59:35 ----D---- C:\Windows\Prefetch 2014-07-07 15:35:08 ----SD---- C:\Users\Roos\AppData\Roaming\Microsoft 2014-07-07 11:51:59 ----SHD---- C:\System Volume Information 2014-07-07 11:50:34 ----D---- C:\Windows\system32\config 2014-07-06 17:10:30 ----D---- C:\Users\Roos\AppData\Roaming\Dropbox 2014-07-06 17:10:28 ----D---- C:\Users\Roos\AppData\Roaming\DropboxMaster 2014-07-01 20:51:28 ----D---- C:\Windows\system32\drivers 2014-07-01 20:48:11 ----HD---- C:\ProgramData 2014-07-01 17:25:05 ----D---- C:\Windows\SysWOW64 2014-06-26 22:43:46 ----D---- C:\Windows\system32\drivers\N360x64 2014-06-25 21:43:31 ----D---- C:\ProgramData\Norton 2014-06-25 21:40:50 ----D---- C:\Program Files (x86)\Norton 360 2014-06-25 21:20:06 ----SHD---- C:\Windows\Installer 2014-06-25 21:15:07 ----RD---- C:\Program Files (x86) 2014-06-25 20:45:16 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-06-25 20:36:37 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-06-17 17:23:23 ----D---- C:\Windows\winsxs 2014-06-14 19:02:06 ----D---- C:\Program Files\Internet Explorer 2014-06-14 19:02:05 ----D---- C:\Windows\SYSWOW64\en-US 2014-06-14 19:02:03 ----D---- C:\Windows\system32\en-US 2014-06-14 19:02:00 ----D---- C:\Program Files (x86)\Internet Explorer 2014-06-14 19:01:59 ----D---- C:\Windows\system32\DriverStore 2014-06-11 20:11:45 ----D---- C:\ProgramData\Microsoft Help 2014-06-11 20:10:45 ----D---- C:\Windows\system32\catroot2 2014-06-11 20:10:12 ----SD---- C:\Windows\system32\CompatTel 2014-06-11 12:02:18 ----D---- C:\Windows\system32\catroot ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\1503000.00C\SYMDS64.SYS [2013-10-30 493656] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [2014-03-04 1148120] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2010-11-05 1041760] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-27 425064] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-17 1403440] S1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [2014-06-06 1530160] S1 ccSet_N360;N360 Settings Manager; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [2014-02-21 162392] S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-06-25 486192] S1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\IPSDefs\20140630.001\IDSvia64.sys [2014-06-30 525016] S1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [2013-10-30 36952] S1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [2013-10-30 264280] S1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\N360x64\1503000.00C\SYMNETS.SYS [2014-02-18 593112] S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-07 8281600] S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-07 293376] S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232] S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088] S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-06-25 142128] S3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-01-08 12262688] S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140701.002\ENG64.SYS [2014-06-25 126040] S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140701.002\EX64.SYS [2014-06-25 2099288] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464] S3 SCLx64;SCL010 Contactless Reader; C:\Windows\system32\DRIVERS\SCLx64.sys [2011-01-11 69248] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056] S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\1503000.00C\SRTSP64.SYS [2014-02-13 875736] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-01-25 520192] S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-06-25 177752] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-07 203776] S2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720] S2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-02 116648] S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528] S2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-05 291896] S2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336] S2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-19 2372096] S2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168] S2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe [2014-05-11 265040] S2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008] S2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-25 296448] S2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16 257712] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-02 116648] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120] S3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-09-13 1098296] S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-09-06 1001376] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-17 119408] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-14 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------
  16. serjo
    Beste, Opgestart in veilige modus, hijackthis uitgevoerd als administrator, volgende items kan ik niet verwijderen: R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = mvg serjo
  17. serjo
    Beste, Volgende logfile heb ik bekomen. In veilige modus kan ik de laptop aan de praat houden, en heb ik deze fysieke geheugendump bekomen. Wat doe ik nu ? Alvast bedankt ! mvg serjo Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 15:29:13, on 7/07/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17126) FIREFOX: 29.0.1 (en-US) Boot mode: Safe mode with network support Running processes: C:\Users\Roos\Downloads\HijackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\herstelmap pc\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file) O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - (no file) O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0" O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe -update plugin O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Roos\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14683 bytes
  18. serjo
    Beste, Ook nu weer bedankt ! Maar ... noch de scanpst, noch het oppoetsen van de harde schijf hebben me verder geholpen. Oud adresboek blijft onbeschikbaar. mvg serjo
  19. serjo
    Beste, Bedankt voor jullie reacties. Het definitief verwijderen had ik ondertussen ook ontdekt, toch bedankt ! Blijft het probleem met de pst - bestand: - staat nog op de pc - kan ik echter niet geïmporteerd krijgen - verder is de adresboek leeg (zit ook in het oude pst - bestand) - toch krijg ik bij het maken van een nieuwe mail voorstellen van emailadressen: vb. ik typ J de pc geeft alle oude namen van mijn adresboek beginnende met een J - klik 'Aan' aan, geen enkel emailadres. Overstappen van pop naar imap is blijkbaar toch niet zo evident. Ook heb ik op het internet gezocht naar een bestand om pst-bestanden te openen en te herstellen, gevonden voor 58 $, maar de bestanden zijn deels of niet hersteld en de adresboek is nog steeds onvindbaar. Misschien toch maar stilaan overschakelen naar apple ... mvg SerjoxD
  20. serjo
    Hi, In mijn outlook 2007 overgeschakeld van pop naar imap.(werkt nu beter dan vroeger) Dus een nieuwe account aangemaakt: 1. ik ben een telenetgebruiker, wanneer ik in mijn postvak in een mail delete blijft deze doorstreept staan, raar maar waar. 2. verder ben ik mijn oude mappenstructuur 'verloren': - mijn oude pst-bestand vind ik terug (te herkennen aan zijn ruime omvang), maar krijg ik niet teruggeplaatst. - idem voor mijn adresboek, maar die zit wellicht in dit pst-bestand, toch opmerkelijk als ik nieuwe email aanmaak, dan doet deze wel voorstellen van mailadressen (welke vroeger in mijn adresboek zaten) - het oude pst-bestand heb ik al een keertje open gekregen met een pstscanner van het internet, maar daar deze steeds betalend is, heb ik die niet aangeschaft. Weet er iemand raad ? Alvast bedankt ! mvg serjoxD
  21. serjo
    Dank voor je reactie ! Het probleem heb ik kunnen oplossen als volgt: - site moederbord bezocht en drivers gedownload - om het probleem van het zoeken naar de harde schijf op te lossen, deze driver bij in win xp gestoken, ook sp3 gedownload. - het geheel heb ik opgelost via een slipstream 'nLite': samen gevoegd win xp/sp3/drivers hdd, alle instellingen vooraf in het programma ingesteld en schijf gebrand. - schijf ingebracht en alles liep als een klok. Toch van harte bedankt voor je reactie ! mvg serjo:-)
  22. serjo
    He, Ben nieuw en heb een nieuw probleem. Nadat de pc zijn windows maar gedeeltelijk kon laden: alles geformateerd op de c-partitie. Windows xp wil ik daar terug op zetten: lukt niet daar de harde schijf niet wordt herkend. Ttz de windowsinstallatie start op vanaf de cd; blauw schermpje, vraag: win installeren/geen harddisk te vinden dus F3 ... Na een druk op F2: harde schijf is voor de bios aanwezig. Ik vermoed dat ik voor het moederbord een driver vooraf moet installeren ter herkenning van de harddisk. Mijn moederbord is: ConRoeXFire-eSATA2. Hoe moet het nu verder ? Driver downloaden voor ... ? mvg serjoxD
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.