pierrewien

Lid

Bekijk profiel Bekijk hun activiteit

Items
11
Registratiedatum
19 januari 2014
Laatst bezocht
14 augustus 2014

pierrewien's prestaties

Groentje (2/14)

Recente badges

Reputatie

Laptop loopt vast

pierrewien reageerde op pierrewien's topic in Archief Windows Algemeen

Hartelijk dank Kweezie wabbit voor de fantastische hulp. Mjn PC is helemaal opgeschoond en het probleem met het contact met het internet is volgens mij helemaal opgelost. Ik kijk het nog een paar dagen aan en ga dan het Delfix programma gebruiken. Succes verder bij je werk, het is erg nuttig! Vriendelijke groeten, Pierrewien P.S. Ik zal jullie steunen.
- 2 februari 2014
- 18 antwoorden
Laptop loopt vast

pierrewien reageerde op pierrewien's topic in Archief Windows Algemeen

Beste kweezie wabbit Ik heb het AdwCleaner pogramma gebruikt en zo te zien heeft het programma aardig wat kunnen deleten. Het log staat hieronder. Wat denk je ervan, zijn de storingen nu verdwenen of zou er nog iets kunnen zitten? Met vriendelijke groeten en opnieuw bedankt voor je inspanningen, pierrewien # AdwCleaner v3.018 - Report created 31/01/2014 at 19:07:56 # Updated 28/01/2014 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (32 bits) # Username : Pierre - PC_VAN_PIERRE # Running from : C:\Users\Pierre\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1705E25E-01C8-46E2-930F-513B0C7CE1E6} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1705E25E-01C8-46E2-930F-513B0C7CE1E6} Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKCU\Software\APN Key Deleted : HKCU\Software\Ask.com Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar Key Deleted : HKLM\Software\APN Key Deleted : HKLM\Software\AskToolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16526 -\\ Google Chrome v32.0.1700.102 [ File : C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4709 octets] - [31/01/2014 19:02:42] AdwCleaner[s0].txt - [4614 octets] - [31/01/2014 19:07:56] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4674 octets] ##########
- 31 januari 2014
- 18 antwoorden
Laptop loopt vast

pierrewien reageerde op pierrewien's topic in Archief Windows Algemeen

Bedankt kweezie wabbit voor de verdere instructies. Je pakt het grondig aan! Ik heb zoek.exe opnieuw met het nieuwe script laten werken. Onderstaand is de log die eruit kwam. Vriendelijke groeten, pierrewien Zoek.exe v5.0.0.0 Updated 25-January-2014 Tool run by Pierre on wo 29-01-2014 at 22:10:02,70. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Pierre\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-01-28-074244.log 58493 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\spoolsv.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\Acer\Empowering Technology\eNet\eNet Service.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\mfevtps.exe C:\Acer\Mobility Center\MobilityService.exe C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Acer\Empowering Technology\ePower\ePowerSvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\taskeng.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Pierre\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Windows\PLFSetI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe C:\Program Files\Real\RealPlayer\Update\realsched.exe C:\Program Files\PC Veilig\Common\FSM32.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Skype\Phone\Skype.exe C:\Users\Pierre\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe C:\Users\Pierre\Downloads\zoek.exe C:\Windows\system32\conime.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Run] "conhost"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ApnUpdater"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "conhost"=- ==== Deleting Files \ Folders ====================== C:\Program Files\Ask.com not found "C:\Users\Pierre\AppData\Roaming\Microsoft\conhost.exe" not found "C:\Program Files\Ask.com\Updater\Updater.exe" not found "C:\Windows\Installer\1242e90.msi" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Pierre\AppData\Local\Temp ==== 2014-01-28 07:42:59 5EF87457AB8A58694EBE35E55D093D04 208896 ----a-w- C:\Users\Pierre\AppData\Local\Temp\RtkBtMnt.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-01-26 23:10:02 C2E35F6FCBD5B4DB2B52B32D1153EC04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2014-01-26 23:10:02 2429485305BCCFB1014B19BFB512E8F9 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2014-01-26 23:10:01 ADB9477A9C95C79FDF5DC214225603B0 420864 ----a-w- C:\Windows\System32\vbscript.dll 2014-01-26 23:10:00 E8F37AF4D09972684D9EE1786901F540 176640 ----a-w- C:\Windows\System32\ieui.dll 2014-01-26 23:10:00 822E4743E61687933629AE3A8DECABC2 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2014-01-26 23:09:59 A0C6AFE2C9C74573F5C0776CDE1128B1 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-01-26 23:09:59 36E4D129029784EE37A2C14393B6A4E8 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2014-01-26 23:09:58 C05A60DB2ED385E9BB5CF7AE773A3D9B 717824 ----a-w- C:\Windows\System32\jscript.dll 2014-01-26 23:09:58 4CC9DF09C3D915BA0A101A11DB684F26 1129472 ----a-w- C:\Windows\System32\wininet.dll 2014-01-26 23:09:57 BDA52464C16707EAA513C8A2920ACE1F 231936 ----a-w- C:\Windows\System32\url.dll 2014-01-26 23:09:57 795202EFA9ED73F99C96235C1DC6A1AC 1806848 ----a-w- C:\Windows\System32\jscript9.dll 2014-01-26 23:09:56 B787EE3F327ABAC1EC47313B3A673598 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2014-01-26 23:09:54 5AAFA41F2A09D68F43741EF13937650A 1105408 ----a-w- C:\Windows\System32\urlmon.dll 2014-01-26 23:09:54 06FDA396980A0157469A334E1BFEAF17 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-01-26 23:09:53 C89906FA43A58FD4CFC7EA06D885A597 12344320 ----a-w- C:\Windows\System32\mshtml.dll 2014-01-26 23:09:52 B231416DD7569B5C16F2DD2D2D64BB5A 9739264 ----a-w- C:\Windows\System32\ieframe.dll 2014-01-26 22:34:36 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys 2014-01-26 22:34:33 57390AF2F8939AB038FC4A5D10B50D52 335360 ----a-w- C:\Windows\System32\SysFxUI.dll 2014-01-26 22:34:28 DDEA43CDF00D6987F633F80AE4B7F2CE 172032 ----a-w- C:\Windows\System32\scrrun.dll 2014-01-26 22:34:28 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe 2014-01-26 22:34:28 2497FD012104DFF64BF01DA98ECF6F75 131072 ----a-w- C:\Windows\System32\wshom.ocx 2014-01-26 22:34:28 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe 2014-01-26 22:34:27 F9D5C623E913CDAA198ECF0E6D2AA54A 36864 ----a-w- C:\Windows\System32\wshcon.dll ====== C:\Windows\system32\drivers ===== 2014-01-26 22:34:33 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-01-26 22:34:33 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys 2014-01-21 11:45:21 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys ====== C:\Windows\Tasks ====== 2014-01-19 16:27:42 8437485E10DF4E902FF625F311A254FF 3016 ----a-w- C:\Windows\system32\Tasks\{965D19CC-D1E0-4CA8-A1DE-CF667E59D6CF} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Users\Pierre\AppData\Roaming ====== 2014-01-28 07:42:59 -------- d-----w- C:\Users\Pierre\AppData\Local\KPN 2014-01-27 23:32:58 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-01-27 23:32:58 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-01-27 23:32:58 -------- d-----w- C:\Users\Wieneke\AppData\Local\Temp 2014-01-27 23:32:58 -------- d-----w- C:\Users\Pierre\AppData\Local\Temp 2014-01-27 23:32:58 -------- d-----w- C:\Users\Marcha\AppData\Local\Temp 2014-01-27 23:32:58 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-01-27 23:32:58 -------- d-----w- C:\Users\Default User\AppData\Local\Temp ====== C:\Users\Pierre ====== 2014-01-28 07:43:21 -------- d--h--w- C:\ProgramData\CanonIJEPPEX2 2014-01-28 07:43:21 -------- d--h--w- C:\ProgramData\CanonEPP ====== C: exe-files == 2014-01-28 07:42:59 5EF87457AB8A58694EBE35E55D093D04 208896 ----a-w- C:\Users\Pierre\AppData\Local\Temp\RtkBtMnt.exe 2014-01-27 20:43:41 75B0D4CC6E1BFD6344EEF198270A773D 36532904 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_chrome_installer.exe 2014-01-26 23:09:59 A0C6AFE2C9C74573F5C0776CDE1128B1 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-01-26 23:09:59 3348D1B1D702E333CE99F7E0FD313460 468480 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-01-26 23:09:56 43E6F2A7FB182F2D7CB0CE5B8F1005CF 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-01-26 22:48:48 1ACCA74287FE5D7449FBB2B9F0C83341 309328 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_D053C89A9DB0461F.exe 2014-01-26 22:48:44 228A4633D638F7EEA6400D5ED5274397 1071696 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe 2014-01-26 22:48:14 BD5A28471F81D492D21A381610672411 531424 ----a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4805.320\GoogleToolbarInstaller_updater_signed.exe 2014-01-26 22:34:28 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe 2014-01-26 22:34:28 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe === C: other files == 2014-01-27 23:12:10 096F7CA79898DC4CCE320B8397030596 31740054 ----a-w- C:\Users\Public\Desktop\sample_28-01-2014_0011.zip 2014-01-26 22:34:36 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys 2014-01-26 22:34:33 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\portcls.sys 2014-01-26 22:34:33 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-01-26 22:34:33 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\drmk.sys 2014-01-26 22:34:33 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Amazon Cloud Player"="C:\Users\Pierre\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvSvc"="RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart" "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit" "SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" "eAudio"="C:\Acer\Empowering Technology\eAudio\eAudio.exe" "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "RtHDVCpl"="RtHDVCpl.exe" "Skytel"="Skytel.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" "LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" "PlayMovie"="C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" "WarReg_PopUp"="C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe" "PLFSetI"="C:\Windows\PLFSetI.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot" "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "CanonSolutionMenuEx"="C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "KPN Assistent"="C:\Program Files\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto" "TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe -osboot" "F-Secure Manager"="C:\Program Files\PC Veilig\Common\FSM32.EXE /splash" "F-Secure TNB"="C:\Program Files\PC Veilig\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Amazon Cloud Player"="C:\Users\Pierre\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\F-Secure Gatekeeper Handler Starter] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FSDFWD] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FSMA] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FSORSPClient] ==== Startup Folders ====================== 2010-01-19 20:24:48 1119 ----a-w- C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2011-12-08 19:20:07 1119 ----a-w- C:\Users\Wieneke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2008-04-16 06:33:42 1493 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk 2008-10-04 18:59:31 1884 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk 2008-09-25 07:35:20 20480 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SETAUDIO.EXE 2008-09-25 07:35:19 20480 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SETRES.EXE ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [26-01-2014 23:44] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-04-2013 09:52] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-04-2013 09:52] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-198152872-3049808660-2793780389-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-198152872-3049808660-2793780389-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-198152872-3049808660-2793780389-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-198152872-3049808660-2793780389-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{7FF9B0CA-5095-40C5-B228-ED42E65A77C9}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{91EFFABE-270A-4473-BDE3-E50B133C1966}" [C:\Program Files\Skype\\Phone\Skype.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "litmus-ff@f-secure.com"="C:\Program Files\PC Veilig\NRS\litmus-ff@f-secure.com" [18-01-2014 20:25] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14-08-2013 14:24] SiteAdvisor - Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho RealDownloader - Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="KPN Vandaag" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="KPN Vandaag" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{DECA3892-BA8F-44b8-A993-A466AD694AE4}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {88AA4A6D-FB3D-459C-B284-38A064FD727A} Google Url="{searchTerms} - Google Search=" {DECA3892-BA8F-44b8-A993-A466AD694AE4} Bing Url="{searchTerms} - Bing" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = KPN Vandaag R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120628112459.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Amazon Cloud Player] C:\Users\Pierre\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: SETAUDIO.EXE O4 - Global Startup: SETRES.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marcha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marcha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Wieneke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wieneke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IF79SJHJ will be deleted at reboot C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TZDEE6CF will be deleted at reboot C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=37 folders=16 43670912 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Marcha\AppData\Local\Temp emptied successfully C:\Users\Wieneke\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Pierre\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Pierre\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IF79SJHJ" not found "C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TZDEE6CF" not found ==== EOF on wo 29-01-2014 at 23:52:20,69 ======================
- 29 januari 2014
- 18 antwoorden
Laptop loopt vast

pierrewien reageerde op pierrewien's topic in Archief Windows Algemeen

Beste Kweezie wabbit Het is gelukt met zoek.exe. Ik heb het log hieronder gezet en ben benieuwd naar het resultaat. Voorafgaand aan de zoek-actoe heb ik met malware byte nog een virus gevonden: (Trojan.agent) en Windows security essentials had nog een virus in quarantaine (Backdoor.win32/kelihos.F). Die heb ik allemaal verwijderd. Zoek.exe v5.0.0.0 Updated 25-January-2014 Tool run by Pierre on ma 27-01-2014 at 23:37:14,96. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Pierre\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\Acer\Empowering Technology\eNet\eNet Service.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\mfevtps.exe C:\Acer\Mobility Center\MobilityService.exe C:\Program Files\Nero\Update\NASvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Acer\Empowering Technology\ePower\ePowerSvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\Dwm.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\Explorer.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Windows\PLFSetI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe C:\Program Files\Real\RealPlayer\Update\realsched.exe C:\Program Files\PC Veilig\Common\FSM32.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Skype\Phone\Skype.exe C:\Users\Pierre\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Windows\ehome\ehmsas.exe C:\Users\Pierre\AppData\Local\Temp\RtkBtMnt.exe C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Windows\system32\DllHost.exe C:\Windows\system32\rundll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Pierre\Downloads\zoek.exe C:\Windows\system32\conime.exe ==== System Restore Info ====================== 27-1-2014 23:41:34 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\NOS deleted successfully C:\Program Files\trend micro deleted successfully C:\ProgramData\CanonEPP deleted successfully C:\ProgramData\CanonIJEPPEX2 deleted successfully C:\ProgramData\NOS deleted successfully C:\ProgramData\~0 deleted successfully C:\Users\Pierre\AppData\Roaming\.# deleted successfully C:\Users\Pierre\AppData\Local\kpn deleted successfully C:\Users\Pierre\AppData\Local\PackageAware deleted successfully C:\Users\Pierre\AppData\Local\TomTom deleted successfully ==== Creating Sample_28-01-2014_0011.zip ====================== Process rundll32.exe killed Copied file C:\Users\Pierre\Nero_BurnLite-10.0.10600.exe to sample\Nero_BurnLite-10.0.10600.exe sample\Nero_BurnLite-10.0.10600.exe renamed to 72F9E9A0681D8C2380093E4EDA9B602C C:\Users\Public\Desktop\sample_28-01-2014_0011.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{265EEE8E-3228-44D3-AEA5-F7FDF5860049} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{265EEE8E-3228-44D3-AEA5-F7FDF5860049} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Internet Explorer\SearchScopes\{214C679E-A52E-4F30-BB31-3EDE2CDA2A61} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DCF4BD82-996F-46EC-8A66-3ACB06BF278F} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DEED1538-078F-4FDB-8CA4-F947A48AABA6} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully HKEY_CLASSES_ROOT\CLSID\{265EEE8E-3228-44D3-AEA5-F7FDF5860049} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{265EEE8E-3228-44D3-AEA5-F7FDF5860049} deleted successfully ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Aangifte inkomstenbelasting 2008 voor ondernemers Aangifte inkomstenbelasting voor ondernemers 2009 Aangifte inkomstenbelasting voor ondernemers 2010 Aangifte inkomstenbelasting voor ondernemers 2011 Aangifte inkomstenbelasting voor ondernemers 2012 Acer Arcade Deluxe Acer Crystal Eye Webcam Acer eAudio Management Acer eDataSecurity Management Acer eLock Management Acer Empowering Technology Acer eNet Management Acer ePower Management Acer ePresentation Management Acer eSettings Management Acer GameZone Console 2.0.1.1 Acer GridVista Acer Mobility Center Plug-In Acer ScreenSaver Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player 11 ActiveX Adobe Reader 8.1.4 Agatha Christie Death on the Nile Alice Greenfingers Amazon Cloud Player Apple Application Support Apple Software Update ArcSoft PhotoStudio 5.5 Ask Toolbar Ask Toolbar Updater ATI Catalyst Install Manager Azada Backspin Billiards Big Kahuna Reef Bookworm Deluxe Bricks of Egypt Broadcom Gigabit Integrated Controller Brownie Cake Mania Canon Easy-PhotoPrint EX Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data Canon Easy-PhotoPrint Pro Canon Easy-WebPrint EX Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MG6100 series MP Drivers Canon MP Navigator 3.0 Canon MP Navigator EX 4.0 Canon MP600 Canon My Printer Canon Solution Menu EX Canon Utilities Easy-PhotoPrint Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Vista Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization Czech Catalyst Control Center Localization Danish Catalyst Control Center Localization Dutch Catalyst Control Center Localization Finnish Catalyst Control Center Localization French Catalyst Control Center Localization German Catalyst Control Center Localization Greek Catalyst Control Center Localization Hungarian Catalyst Control Center Localization Italian Catalyst Control Center Localization Japanese Catalyst Control Center Localization Korean Catalyst Control Center Localization Norwegian Catalyst Control Center Localization Polish Catalyst Control Center Localization Portuguese Catalyst Control Center Localization Russian Catalyst Control Center Localization Spanish Catalyst Control Center Localization Swedish Catalyst Control Center Localization Thai Catalyst Control Center Localization Turkish ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CD-LabelPrint Chicken Invaders 3 Chuzzle Diner Dash Flo on the Go Flip Words 2 Gebruikersregistratie voor Canon MG6100 series Gebruikersregistratie voor Canon MP600 Google Chrome Google Toolbar for Internet Explorer Google Update Helper HDAUDIO Soft Data Fax Modem with SmartCP Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Intel© Matrix Storage Manager Java 6 Update 26 Jewel Quest Solitaire Kick N Rush KPN Assistent Launch Manager LightScribe 1.4.142.1 Mahjong Escape Ancient China Mahjongg Artifacts Malwarebytes Anti-Malware versie 1.75.0.1300 McAfee Virtual Technician Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft FrontPage 2002 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Communicator 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery Case Files - Huntsville Mystery Solitaire - Secret Island Nero BurnLite 10 Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero Update NTI Backup NOW 4.7 NTI CD & DVD-Maker OGA Notifier 2.0.0048.0 Orion PC Veilig Picasa 3 PowerProducer QuickTime Rapport RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01 ScanSoft OmniPage SE 4.0 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Skins Skype Click to Call SkypeT 6.10 Spelling Dictionaries Support For Adobe Reader 8 Synaptics Pointing Device Driver Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Trusteer Eindpuntbeveiliging Turbo Pizza Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Visual Studio C++ 10.0 Runtime Winbond CIR Drivers Yahoo Toolbar Zuma Deluxe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\PCVeilig not found C:\ProgramFiles\Ask.com not found C:\ProgramFiles\PC Veilig not found "C:\$RECYCLE.BIN\S-1-5-18\$127ca2af1d9719dbf6854a512a4227c0" not found C:\Program Files\Yahoo!\Companion deleted C:\Program Files\Yahoo! deleted C:\Users\Pierre\AppData\Roaming\Yahoo! deleted C:\ProgramData\Ask deleted C:\ProgramData\Yahoo! Companion deleted C:\Users\Marcha\AppData\LocalLow\AskToolbar deleted C:\Users\Pierre\AppData\LocalLow\AskToolbar deleted C:\Users\Wieneke\AppData\LocalLow\AskToolbar deleted C:\Windows\SYSTEM32\TASKS\Scheduled Update for Ask Toolbar deleted C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted C:\Users\Pierre\Nero_BurnLite-10.0.10600.exe deleted "C:\ProgramData\7C9B2AF967FA71D400007C9AAE667994\7C9B2AF967FA71D400007C9AAE667994" deleted "C:\Program Files\Ask.com\Updater\Updater.exe" deleted "C:\Program Files\Ask.com\Updater\Updater.exe" deleted "C:\$RECYCLE.BIN\S-1-5-21-198152872-3049808660-2793780389-1000\$127ca2af1d9719dbf6854a512a4227c0" deleted "C:\ProgramData\7C9B2AF967FA71D400007C9AAE667994" deleted "C:\$RECYCLE.BIN\S-1-5-21-198152872-3049808660-2793780389-1000\$127ca2af1d9719dbf6854a512a4227c0\L" deleted "C:\$RECYCLE.BIN\S-1-5-21-198152872-3049808660-2793780389-1000\$127ca2af1d9719dbf6854a512a4227c0\U" deleted "C:\Program Files\Ask.com" deleted "C:\Program Files\Ask.com" deleted "C:\Program Files\Ask.com\Updater" deleted "C:\Program Files\Ask.com\Updater" deleted ==== Registry Search Results for "$127ca2af1d9719dbf6854a512a4227c0" ====================== No instances of string "$127ca2af1d9719dbf6854a512a4227c0" found. ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 3070 MB CPU Info: Intel® Core2 Duo CPU T7500 @ 2.20GHz CPU Speed: 2198,5 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output(Optical) | Realtek HDMI Output (Realtek Hi | Apparaat voor digitale uitvoer | Display Adapters: ATI Mobility Radeon HD 3470 | ATI Mobility Radeon HD 3470 | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 768 - 32 bit Network: Network Present Network Adapters: Intel® PRO/Wireless 3945ABG Network Connection CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GSA-T40N Ports: COM3 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 143,8GB | D: 140,3GB Hard Disks - Free: C: 43,4GB | D: 140,2GB Manufacturer *: Acer BIOS Info: AT/AT COMPATIBLE | 06/18/08 | ACRSYS - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer, Inc. Chapala Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Virus: F-Secure Anti-Virus 9.20.15437 On-access scanning disabled (Outdated) Anti-Spyware: F-Secure Anti-Virus 9.20.15437 disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Firewall: PC Veilig 9.12 disabled Default Browser: Google Chrome 31.0.1650.57 Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 31.0.1650.57 Adobe Reader version: 8.1.0.2007051100 Sun Java version: 1.6.0_26 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Pierre\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-01-26 23:10:02 C2E35F6FCBD5B4DB2B52B32D1153EC04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2014-01-26 23:10:02 2429485305BCCFB1014B19BFB512E8F9 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2014-01-26 23:10:01 ADB9477A9C95C79FDF5DC214225603B0 420864 ----a-w- C:\Windows\System32\vbscript.dll 2014-01-26 23:10:00 E8F37AF4D09972684D9EE1786901F540 176640 ----a-w- C:\Windows\System32\ieui.dll 2014-01-26 23:10:00 822E4743E61687933629AE3A8DECABC2 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2014-01-26 23:09:59 A0C6AFE2C9C74573F5C0776CDE1128B1 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-01-26 23:09:59 36E4D129029784EE37A2C14393B6A4E8 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2014-01-26 23:09:58 C05A60DB2ED385E9BB5CF7AE773A3D9B 717824 ----a-w- C:\Windows\System32\jscript.dll 2014-01-26 23:09:58 4CC9DF09C3D915BA0A101A11DB684F26 1129472 ----a-w- C:\Windows\System32\wininet.dll 2014-01-26 23:09:57 BDA52464C16707EAA513C8A2920ACE1F 231936 ----a-w- C:\Windows\System32\url.dll 2014-01-26 23:09:57 795202EFA9ED73F99C96235C1DC6A1AC 1806848 ----a-w- C:\Windows\System32\jscript9.dll 2014-01-26 23:09:56 B787EE3F327ABAC1EC47313B3A673598 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2014-01-26 23:09:54 5AAFA41F2A09D68F43741EF13937650A 1105408 ----a-w- C:\Windows\System32\urlmon.dll 2014-01-26 23:09:54 06FDA396980A0157469A334E1BFEAF17 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-01-26 23:09:53 C89906FA43A58FD4CFC7EA06D885A597 12344320 ----a-w- C:\Windows\System32\mshtml.dll 2014-01-26 23:09:52 B231416DD7569B5C16F2DD2D2D64BB5A 9739264 ----a-w- C:\Windows\System32\ieframe.dll 2014-01-26 22:34:36 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys 2014-01-26 22:34:33 57390AF2F8939AB038FC4A5D10B50D52 335360 ----a-w- C:\Windows\System32\SysFxUI.dll 2014-01-26 22:34:28 DDEA43CDF00D6987F633F80AE4B7F2CE 172032 ----a-w- C:\Windows\System32\scrrun.dll 2014-01-26 22:34:28 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe 2014-01-26 22:34:28 2497FD012104DFF64BF01DA98ECF6F75 131072 ----a-w- C:\Windows\System32\wshom.ocx 2014-01-26 22:34:28 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe 2014-01-26 22:34:27 F9D5C623E913CDAA198ECF0E6D2AA54A 36864 ----a-w- C:\Windows\System32\wshcon.dll ====== C:\Windows\system32\drivers ===== 2014-01-26 22:34:33 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-01-26 22:34:33 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys 2014-01-21 11:45:21 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys ====== C:\Windows\Tasks ====== 2014-01-19 16:27:42 8437485E10DF4E902FF625F311A254FF 3016 ----a-w- C:\Windows\system32\Tasks\{965D19CC-D1E0-4CA8-A1DE-CF667E59D6CF} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Users\Pierre\AppData\Roaming ====== ====== C:\Users\Pierre ====== ====== C: exe-files == 2014-01-27 20:43:43 75B0D4CC6E1BFD6344EEF198270A773D 36532904 ----a-w- C:\Program Files\Google\Update\Install\{CD59E0B8-1433-485B-81F8-D849CED1BF8C}\32.0.1700.102_chrome_installer.exe 2014-01-27 20:43:41 75B0D4CC6E1BFD6344EEF198270A773D 36532904 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_chrome_installer.exe 2014-01-26 23:09:59 A0C6AFE2C9C74573F5C0776CDE1128B1 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-01-26 23:09:59 3348D1B1D702E333CE99F7E0FD313460 468480 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-01-26 23:09:56 43E6F2A7FB182F2D7CB0CE5B8F1005CF 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-01-26 22:48:48 1ACCA74287FE5D7449FBB2B9F0C83341 309328 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_D053C89A9DB0461F.exe 2014-01-26 22:48:44 228A4633D638F7EEA6400D5ED5274397 1071696 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe 2014-01-26 22:48:14 BD5A28471F81D492D21A381610672411 531424 ----a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4805.320\GoogleToolbarInstaller_updater_signed.exe 2014-01-26 22:43:20 017CB85356CBD66E103E88532E0FE676 9063080 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.76\32.0.1700.76_31.0.1650.57_chrome_updater.exe 2014-01-26 22:34:28 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe 2014-01-26 22:34:28 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe 2014-01-26 22:26:13 BFBA3103D1B3539164B50FD8D257BC1D 11154256 ----a-w- C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPARRA7H\mseinstall (1).exe 2014-01-26 22:21:31 BFBA3103D1B3539164B50FD8D257BC1D 11154256 ----a-w- C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPARRA7H\mseinstall.exe 2014-01-21 14:52:51 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Pierre\Dropbox\.dropbox.cache\dropbox-upgrade-2.4.11-2.exe === C: other files == 2014-01-27 23:12:10 096F7CA79898DC4CCE320B8397030596 31740054 ----a-w- C:\Users\Public\Desktop\sample_28-01-2014_0011.zip 2014-01-27 20:44:45 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Program Files\Google\Chrome\Temp\source1196_18643\Chrome-bin\32.0.1700.102\default_apps\youtube.crx 2014-01-27 20:44:45 8AD223868AB9974F7746D0227730A0CC 26392 ----a-w- C:\Program Files\Google\Chrome\Temp\source1196_18643\Chrome-bin\32.0.1700.102\default_apps\search.crx 2014-01-27 20:44:45 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Program Files\Google\Chrome\Temp\source1196_18643\Chrome-bin\32.0.1700.102\default_apps\drive.crx 2014-01-27 20:44:45 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Program Files\Google\Chrome\Temp\source1196_18643\Chrome-bin\32.0.1700.102\default_apps\gmail.crx 2014-01-27 20:44:45 2C71C49F991095A1848624907BACBB08 4578 ----a-w- C:\Program Files\Google\Chrome\Temp\source1196_18643\Chrome-bin\32.0.1700.102\default_apps\docs.crx 2014-01-26 22:34:36 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys 2014-01-26 22:34:33 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\portcls.sys 2014-01-26 22:34:33 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-01-26 22:34:33 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\drmk.sys 2014-01-26 22:34:33 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys 2014-01-21 11:45:21 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-01-21 11:15:38 AB51E1F08C8E789D6C9E8B94D15BE9A9 340432 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys 2014-01-21 11:15:38 000D82CC258E2D341605A6F350C4D1E6 606672 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "conhost"="C:\Users\Pierre\AppData\Roaming\Microsoft\conhost.exe" "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Amazon Cloud Player"="C:\Users\Pierre\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvSvc"="RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart" "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit" "SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" "eAudio"="C:\Acer\Empowering Technology\eAudio\eAudio.exe" "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "RtHDVCpl"="RtHDVCpl.exe" "Skytel"="Skytel.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" "LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" "PlayMovie"="C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" "WarReg_PopUp"="C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe" "PLFSetI"="C:\Windows\PLFSetI.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot" "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "CanonSolutionMenuEx"="C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "ApnUpdater"="C:\Program Files\Ask.com\Updater\Updater.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "KPN Assistent"="C:\Program Files\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto" "TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe -osboot" "F-Secure Manager"="C:\Program Files\PC Veilig\Common\FSM32.EXE /splash" "F-Secure TNB"="C:\Program Files\PC Veilig\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "conhost"="C:\Users\Pierre\AppData\Roaming\Microsoft\conhost.exe" "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Amazon Cloud Player"="C:\Users\Pierre\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\F-Secure Gatekeeper Handler Starter] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FSDFWD] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FSMA] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FSORSPClient] ==== Startup Folders ====================== 2010-01-19 20:24:48 1119 ----a-w- C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2011-12-08 19:20:07 1119 ----a-w- C:\Users\Wieneke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2008-04-16 06:33:42 1493 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk 2008-10-04 18:59:31 1884 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk 2008-09-25 07:35:20 20480 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SETAUDIO.EXE 2008-09-25 07:35:19 20480 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SETRES.EXE ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [26-01-2014 23:44] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-04-2013 09:52] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-04-2013 09:52] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-198152872-3049808660-2793780389-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-198152872-3049808660-2793780389-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-198152872-3049808660-2793780389-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-198152872-3049808660-2793780389-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{7FF9B0CA-5095-40C5-B228-ED42E65A77C9}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{91EFFABE-270A-4473-BDE3-E50B133C1966}" [C:\Program Files\Skype\\Phone\Skype.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "litmus-ff@f-secure.com"="C:\Program Files\PC Veilig\NRS\litmus-ff@f-secure.com" [18-01-2014 20:25] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14-08-2013 14:24] Google Docs - Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho RealDownloader - Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Gmail - Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="KPN Vandaag" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Yahoo UK" "Default_Page_URL"="Yahoo UK" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="KPN Vandaag" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{DECA3892-BA8F-44b8-A993-A466AD694AE4}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {88AA4A6D-FB3D-459C-B284-38A064FD727A} Google Url="{searchTerms} - Google Search=" {DECA3892-BA8F-44b8-A993-A466AD694AE4} Bing Url="{searchTerms} - Bing" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-198152872-3049808660-2793780389-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120628112459.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [conhost] C:\Users\Pierre\AppData\Roaming\Microsoft\conhost.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Amazon Cloud Player] C:\Users\Pierre\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: SETAUDIO.EXE O4 - Global Startup: SETRES.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marcha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marcha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Pierre\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Pierre\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wieneke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wieneke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J58CXRM3 will be deleted at reboot C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRYU7SFB will be deleted at reboot C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=36 folders=16 41387313 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Marcha\AppData\Local\Temp emptied successfully C:\Users\Wieneke\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Pierre\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Pierre\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J58CXRM3" not found "C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRYU7SFB" not found ==== EOF on di 28-01-2014 at 8:42:44,96 ======================
- 28 januari 2014
- 18 antwoorden
Laptop loopt vast

pierrewien reageerde op pierrewien's topic in Archief Windows Algemeen

Bedankt kweezie wabbit voor je reactie. Het ziet er allemaal wel ingewikkeld uit maar ik ga erme aan de slag! Zo gauw ik meer weet, mail ik weer. Hartelijk dank, pierrewien
- 27 januari 2014
- 18 antwoorden
Laptop loopt vast

pierrewien reageerde op pierrewien's topic in Archief Windows Algemeen

Beste Kweezie wabbit, het wonder lijkt zich voltrokken te hebben: de computer loopt niet meer vast als ik cvontact maak met het internet. Vanmiddag bij het maken van een backup ging het mis toen ik dropbox op mijn losse harde schijf wilde zetten. Ik heb dropbox toen gewist. Blijkbaar heeft dat geholpen. Heel hartelijk dank voor alle hulp tot nu toe! Vriendelijke groeten, pierrewien
- 26 januari 2014
- 18 antwoorden
Laptop loopt vast

pierrewien reageerde op pierrewien's topic in Archief Windows Algemeen

Scan met RSIT gedaan en hieronder het logje, wat een heel verhaal is! Logfile of random's system information tool1.09 (written by random/random) Run by Pierre at 2014-01-26 15:45:20 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 44 GB (30%) free of 147 GB Total RAM: 3069 MB (51% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\ProgramFiles\Yahoo!\Companion\Installs\cpn\yt.dll [2007-09-05 816400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealNetworks Download and Record Plugin forInternet Explorer -C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll[2013-08-14 542376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}] Canon Easy-WebPrint EX BHO - C:\ProgramFiles\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\ProgramFiles\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - C:\Program Files\CommonFiles\McAfee\SystemCore\ScriptSn.20120628112459.dll [2012-05-25 79776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}] ShowBarObj Class - C:\Acer\EmpoweringTechnology\eDataSecurity\x86\ActiveToolBand.dll [2008-01-03 312368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\ProgramFiles\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-11 194640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\ProgramFiles\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29 3844768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}] Browsing Protection Class - C:\Program Files\PCVeilig\NRS\iescript\baselitmus.dll [2013-11-17 1898496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] Ask Toolbar - C:\ProgramFiles\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\ProgramFiles\Java\jre6\bin\jp2ssv.dll [2011-08-04 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\InternetExplorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - AcereDataSecurity Management - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll[2008-02-25 136192] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo!Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-09-05816400] {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - CanonEasy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll[2010-11-08 1619352] {D4027C7F-154A-4066-A1AD-4243D8127440} - AskToolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - GoogleToolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll[2013-10-11 194640] {265EEE8E-3228-44D3-AEA5-F7FDF5860049} -Browsing Protection Toolbar - C:\Program Files\PCVeilig\NRS\iescript\baselitmus.dll [2013-11-17 1898496] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\ProgramFiles\Windows Defender\MSASCui.exe [2008-01-21 1008184] "NvSvc"=C:\Windows\system32\nvsvc.dll[2008-03-11 92704] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll[2008-03-11 8534560] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll[2008-03-11 88608] "SynTPStart"=C:\ProgramFiles\Synaptics\SynTP\SynTPStart.exe [2008-01-24 102400] "eDataSecurityLoader"=C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe[2008-02-25 518656] "eAudio"=C:\Acer\EmpoweringTechnology\eAudio\eAudio.exe [2007-10-10 1286144] "IAAnotif"=C:\ProgramFiles\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-11-22 178712] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe[2008-01-24 4702208] "Skytel"=C:\Windows\Skytel.exe [2008-01-241826816] "StartCCC"=C:\Program Files\ATITechnologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440] "SetPanel"=C:\Acer\APanel\APanel.cmd[] "LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE[2008-01-02 707080] "PlayMovie"=C:\Program Files\Acer ArcadeDeluxe\Play Movie\PMVService.exe [2008-01-22 200704] "WarReg_PopUp"=C:\ProgramFiles\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104] "PLFSetI"=C:\Windows\PLFSetI.exe[2007-10-23 200704] "eRecoveryService"= [] "GrooveMonitor"=C:\ProgramFiles\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "Adobe Reader SpeedLauncher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe[2008-10-15 39792] "SSBkgdUpdate"=C:\ProgramFiles\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28185896] "OpwareSE4"=C:\ProgramFiles\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304] "CanonMyPrinter"=C:\ProgramFiles\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2516296] "CanonSolutionMenuEx"=C:\ProgramFiles\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112] ""= [] "ApnUpdater"=C:\ProgramFiles\Ask.com\Updater\Updater.exe [2012-01-03 1391272] "APSDaemon"=C:\Program Files\CommonFiles\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280] "QuickTime Task"=C:\ProgramFiles\QuickTime\QTTask.exe [2013-05-01 421888] "KPN Assistent"=C:\ProgramFiles\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe [2013-06-12 38142582] "TkBellExe"=c:\programfiles\real\realplayer\Update\realsched.exe [2013-09-11 295512] "F-Secure Manager"=C:\ProgramFiles\PC Veilig\Common\FSM32.EXE [2009-11-18 201128] "F-Secure TNB"=C:\Program Files\PCVeilig\FSGUI\TNBUtil.exe [2013-11-17 1655464] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\WindowsSidebar\sidebar.exe [2009-04-11 1233920] "Picasa Media Detector"=C:\ProgramFiles\Picasa2\PicasaMediaDetector.exe [2008-08-21 443968] "ehTray.exe"=C:\Windows\ehome\ehTray.exe[2008-01-21 125952] "conhost"=C:\Users\Pierre\AppData\Roaming\Microsoft\conhost.exe[] "ISUSPM"=C:\Program Files\CommonFiles\InstallShield\UpdateService\ISUSPM.exe [2006-05-16 213936] "Skype"=C:\ProgramFiles\Skype\Phone\Skype.exe [2013-10-21 20549280] "WMPNSCFG"=C:\Program Files\WindowsMedia Player\WMPNSCFG.exe [2008-01-21 202240] "Amazon Cloud Player"=C:\Users\Pierre\AppData\Local\AmazonCloud Player\Amazon Music Helper.exe [2013-10-22 3109376] C:\ProgramData\Microsoft\Windows\StartMenu\Programs\Startup Empowering Technology Launcher.lnk -C:\Acer\Empowering Technology\eAPLauncher.exe Microsoft Office.lnk - C:\ProgramFiles\Microsoft Office\Office10\OSA.EXE SETAUDIO.EXE SETRES.EXE C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\StartMenu\Programs\Startup Dropbox.lnk -C:\Users\Pierre\AppData\Roaming\Dropbox\bin\Dropbox.exe OneNote 2007 Schermopname en Snel starten.lnk -C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\ProgramFiles\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 "NoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "msacm.mkdmp3enc"=C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe"%1" %* ======List of files/folders created in the last1 month====== 2014-01-26 15:45:21 ----D---- C:\ProgramFiles\trend micro 2014-01-26 15:45:20 ----D---- C:\rsit 2014-01-21 12:46:07 ----D----C:\Users\Pierre\AppData\Roaming\Malwarebytes 2014-01-21 12:45:24 ----D----C:\ProgramData\Malwarebytes 2014-01-21 12:45:21 ----D---- C:\ProgramFiles\Malwarebytes' Anti-Malware 2014-01-21 12:45:21 ----A----C:\Windows\system32\drivers\mbam.sys 2014-01-21 12:00:07 ----A----C:\Windows\ntbtlog.txt ======List of files/folders modified in thelast 1 month====== 2014-01-26 15:45:21 ----D---- C:\Program Files 2014-01-26 15:45:04 ----D---- C:\Windows\Temp 2014-01-26 15:44:32 ----D----C:\Windows\System32 2014-01-26 15:44:32 ----A----C:\Windows\system32\PerfStringBackup.INI 2014-01-26 15:44:31 ----D---- C:\Windows\inf 2014-01-26 15:40:50 ----D----C:\Users\Pierre\AppData\Roaming\Dropbox 2014-01-26 15:38:28 ----D----C:\Windows\system32\Tasks 2014-01-24 20:41:50 ----D----C:\Users\Pierre\AppData\Roaming\Skype 2014-01-24 18:23:45 ----D----C:\Windows\system32\drivers 2014-01-21 22:00:10 ----SHD---- C:\SystemVolume Information 2014-01-21 12:48:09 ----SHD----C:\Windows\Installer 2014-01-21 12:47:57 ----D----C:\ProgramData\Microsoft Help 2014-01-21 12:45:24 ----HD---- C:\ProgramData 2014-01-21 12:00:07 ----D---- C:\Windows 2014-01-19 22:36:29 ----A----C:\Windows\win.ini 2014-01-19 18:18:04 ----SD----C:\ProgramData\Microsoft 2014-01-19 15:37:27 ----D----C:\ProgramData\CanonIJPLM 2014-01-19 15:30:04 ----D----C:\Windows\system32\catroot2 2014-01-19 15:30:04 ----D----C:\Windows\system32\catroot 2014-01-19 15:30:02 ----D---- C:\Windows\winsxs 2014-01-19 15:23:37 ----D----C:\Windows\Prefetch 2014-01-18 20:46:47 ----D---- C:\ProgramFiles\PC Veilig 2014-01-18 20:28:39 ----D----C:\Windows\system32\Msdtc 2014-01-18 20:28:32 ----D----C:\Windows\system32\wbem 2014-01-18 20:27:44 ----D----C:\Windows\system32\config 2014-01-18 20:26:17 ----RSD----C:\Windows\Media 2014-01-18 20:26:17 ----D---- C:\Windows\Tasks 2014-01-18 20:26:17 ----D----C:\Windows\system32\spool 2014-01-18 20:26:17 ----D----C:\Windows\system32\RTCOM 2014-01-18 20:26:17 ----D----C:\Windows\system32\CodeIntegrity 2014-01-18 20:25:35 ----HD----C:\ProgramData\CanonIJEGV 2014-01-18 20:25:35 ----D----C:\ProgramData\CanonIJ 2014-01-18 20:25:30 ----RD---- C:\ProgramFiles\Skype 2014-01-18 20:25:22 ----D---- C:\ProgramFiles\McAfee 2014-01-18 20:25:20 ----D---- C:\ProgramFiles\Common Files\Skype 2014-01-18 20:25:02 ----D----C:\Windows\registration 2014-01-15 20:05:11 ----D----C:\Windows\system32\LogFiles 2014-01-14 22:05:54 ----D----C:\ProgramData\f-secure ======List of drivers (R=Running, S=Stopped,0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 fsbts;fsbts;C:\Windows\system32\Drivers\fsbts.sys [2013-11-17 44240] R0 iaStor;Intel AHCI Controller;C:\Windows\system32\DRIVERS\iaStor.sys [2007-11-22 308248] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys [2012-02-22 464304] R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2008-01-03 18480] R0 PxHelp20;PxHelp20;C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872] R0 RapportKELL;RapportKELL;C:\Windows\System32\Drivers\RapportKELL.sys [2013-10-25 108816] R1 F-Secure HIPS;F-Secure HIPS Driver;\??\C:\Program Files\PC Veilig\HIPS\drivers\fshs.sys [2009-11-18 69928] R1 FSES;F-Secure Email Scanning Driver;C:\Windows\System32\drivers\fses.sys [2013-11-17 41552] R1 FSFW;F-Secure Firewall Driver;C:\Windows\System32\drivers\fsdfw.sys [2009-11-18 72904] R1 fsvista;F-Secure Vista Support Driver;\??\C:\Program Files\PC Veilig\Anti-Virus\minifilter\fsvista.sys [2009-11-1814248] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 64912] R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys [2012-02-22 169608] R1 RapportCerberus_59849;RapportCerberus_59849;\??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys[2014-01-21 340432] R1 RapportEI;RapportEI; \??\C:\ProgramFiles\Trusteer\Rapport\bin\RapportEI.sys [2013-10-25 157264] R1 RapportPG;RapportPG; \??\C:\ProgramFiles\Trusteer\Rapport\bin\RapportPG.sys [2013-10-25 230448] R2{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};\??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-04 41456] R2 int15;int15; \??\C:\Acer\EmpoweringTechnology\eRecovery\int15.sys [2007-07-03 15392] R2 mdmxsdk;mdmxsdk;C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-01-24 12672] R2 PSDNServ;PSDNServ;C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-01-03 16432] R2 psdvdisk;PSDVdisk;C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-01-03 59952] R2 rimmptsk;rimmptsk;C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592] R2 rimsptsk;rimsptsk;C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008] R2 rismxdp;Ricoh xD-Picture Card Driver;C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400] R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2008-01-24 8704] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-05-08 3552256] R3 DKbFltr;Dritek Keyboard Filter Driver;C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264] R3 HdAudAddService;Microsoft 1.1 UAAFunctiestuurprogramma voor High Definition Audio-service;C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] R3 HSF_DPV;HSF_DPV;C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-01-24 984064] R3 HSXHWAZL;HSXHWAZL;C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-01-24 208384] R3 IntcAzAudAddService;Service for Realtek HDAudio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-24 1950552] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856] R3 mfeapfk;McAfee Inc. mfeapfk;C:\Windows\system32\drivers\mfeapfk.sys [2012-02-22 121544] R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys[2012-02-22 180848] R3 mfebopk;McAfee Inc. mfebopk;C:\Windows\system32\drivers\mfebopk.sys [2012-02-22 59456] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys [2012-02-22 340920] R3 NETw4v32;Stuurprogramma voor Intel®Wireless WiFi Link Adapter onder Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800] R3 NTIDrvr;Upper Class Filter Driver;C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-04-16 6144] R3 sdbus;sdbus;C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 SynTP;Synaptics TouchPad Driver;C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-24 192816] R3 usbvideo;USB-videoapparaat (WDM);C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272] R3 winachsf;winachsf;C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-01-24 660480] R3 winbondcir;Winbond IR Transceiver;C:\Windows\system32\DRIVERS\winbondcir.sys [2008-01-24 43008] R3WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys[2012-07-26 66560] R3 WUDFRd;WUDFRd;C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S3 AR5523;Gigaset USB Adapter 108;C:\Windows\system32\DRIVERS\ar5523.sys [2005-07-27 360256] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet- NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-24 179712] S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys [2012-02-22 57600] S3 drmkaud;Microsoft KernelDRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\C:\Program Files\PC Veilig\Anti-Virus\minifilter\fsgk.sys [2013-11-17145856] S3 HSFHWAZL;HSFHWAZL;C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys[2012-02-22 87656] S3 MSKSSRV;Microsoft Streaming Service-proxy;C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy;C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft StreamingKwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft StreamingTee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys[2008-01-21 6016] S3 NETw3v32;Stuurprogramma voorIntel® PRO/Wireless 3945ABG-adapter voor de 32 bitsversie van Windows Vista;C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-03-11 8240800] S3 usb_rndisx;USB RNDIS-adapter;C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872] S3 usbscan;Stuurprogramma voor USB-scanner;C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 WpdUsb;WpdUsb;C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S4 ErrDev;Microsoft Hardware Error DeviceDriver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 F-Secure Filter;F-Secure File System Filter;\??\C:\Program Files\PC Veilig\Anti-Virus\Win2K\FSfilter.sys [2009-11-18 41640] S4 F-Secure Recognizer;F-Secure File SystemRecognizer; \??\C:\Program Files\PC Veilig\Anti-Virus\Win2K\FSrec.sys[2009-11-18 27048] S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] ======List of services (R=Running, S=Stopped,0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati External Event Utility;Ati ExternalEvent Utility; C:\Windows\system32\Ati2evxx.exe [2008-05-08 671744] R2 eDataSecurity Service;eDataSecurity Service;C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-02-25491008] R2 eLockService;eLock Service;C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-10-01 24576] R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-12-20 131072] R2 eRecoveryService;eRecovery Service;C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344] R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100;C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 IAANTMON;Intel® Matrix Storage EventMonitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[2007-11-22 358936] R2 IJPLMSVC;Canon Inkjet Printer/Scanner/FaxExtended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05116104] R2 LightScribeService;LightScribeService DirectDisc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2007-01-17 61440] R2 MBAMScheduler;MBAMScheduler; C:\ProgramFiles\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\ProgramFiles\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 McShield;McAfee McShield; C:\ProgramFiles\Common Files\McAfee\SystemCore\\mcshield.exe [2012-03-20 166288] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20161632] R2 mfevtp;McAfee Validation Trust ProtectionService; C:\Windows\system32\mfevtps.exe [2012-03-20 151880] R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2007-11-27 110592] R2 NAUpdate;@C:\ProgramFiles\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe[2010-05-04 503080] R2 RapportMgmtService;Rapport ManagementService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[2013-10-25 1444120] R2 RealNetworks Downloader ResolverService;RealNetworks Downloader Resolver Service; C:\ProgramFiles\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056] R2 RichVideo;Cyberlink RichVideo Service(CRVS);C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-12-04 266343] R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-20 167936] R2 XAudioService;XAudioService;C:\Windows\system32\DRIVERS\xaudio.exe [2008-01-24 386560] S2 clr_optimization_v4.0.30319_32;Microsoft.NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update-service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-12 116648] S2 SkypeUpdate;Skype Updater; C:\ProgramFiles\Skype\Updater\Updater.exe [2013-09-05 171680] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash PlayerUpdate Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe[2013-10-09 257416] S3 gupdatem;Google Update-service (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-12 116648] S3 gusvc;Google Software Updater; C:\ProgramFiles\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-12 194032] S3 Microsoft Office Groove AuditService;Microsoft Office Groove Audit Service; C:\Program Files\MicrosoftOffice\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service;C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20440696] S3 ose;Office Source Engine; C:\ProgramFiles\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100;C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe[2013-07-20 754856] S4 FSDFWD;F-Secure Anti-Virus Firewall Daemon;C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe [2009-11-18 524712] S4 F-Secure Gatekeeper Handler Starter;FSGKHS;C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe [2009-11-18 221608] S4 FSMA;F-Secure Management Agent; C:\ProgramFiles\PC Veilig\Common\FSMA32.EXE [2009-11-18 188840] S4 FSORSPClient;F-Secure ORSP Client;C:\Program Files\PC Veilig\ORSP Client\fsorsp.exe [2013-11-17 60352] -----------------EOF-----------------
- 26 januari 2014
- 18 antwoorden
Laptop loopt vast

pierrewien reageerde op pierrewien's topic in Archief Windows Algemeen

Bedankt voor je reactie. Terug naar Herstelpunt hebben we al geprobeerd, maar heeft niet geholpen. Zodra contact gemaakt wordt gemaakt met het internet loopt alle programma's volledig vast. De malware scan zullen we nog proberen. Heb je nog andere suggesties? Vriendelijke groet.
- 25 januari 2014
- 18 antwoorden
Laptop loopt vast

pierrewien reageerde op pierrewien's topic in Archief Windows Algemeen

Nogmaals bedankt Falstring voor je reactie. Ik heb eerst PC-Veilig verwijderd en toen de vinkjes in het msconfig scherm. Dat had geen effect. Toen heb ik op een andere computer Malwarebytes gedownload en via een USB stick in de probleemcomputer ingevoerd. Na scannen wist dit programma drie stuks malware eruit te halen waaronder een Trojan. Prima dus,maar jammer genoeg is het probleem niet verholpen. Zo gauw de computer verbinding krijgt met het internet loopt alles vast en is geen enkel programma meer in beweging te krijgen. Wat kan dit toch zijn? Moet ik de computer terugzetten naar de fabrieksinstellingen of is er iets heel anders aan de hand? Wie kan me helpen?
- 21 januari 2014
- 18 antwoorden
Laptop loopt vast

pierrewien reageerde op pierrewien's topic in Archief Windows Algemeen

Dank voor de reactie! Fijn dat we in ieder geval iets kunnen proberen. Het lukt niet meer om vanavond te testen. Ik stuur morgen een reactie met onze bevindingen! Vriendelijk dank!
- 20 januari 2014
- 18 antwoorden
Laptop loopt vast

pierrewien plaatste een topic in Archief Windows Algemeen

Hallo, Na het starten van de laptop(met Windows Vista) wordt automatisch contact met internet gezocht. Zodra hetcontact er is, bevriest het scherm en werkt niets meer. Door nogmaals de pc testarten en direct de internetverbinding te verbreken zijn alle programma’s diegeen internet nodig hebben te gebruiken. De problemen zijn ontstaan na hetinstalleren van PC Veilig, lijkt het. Kunt u helpen? Alvast bedankt!
- 19 januari 2014
- 18 antwoorden

Inloggen

pierrewien

Items

Registratiedatum

Laatst bezocht

pierrewien's prestaties

Groentje (2/14)

Recente badges

Reputatie

Laptop loopt vast

Laptop loopt vast

Laptop loopt vast

Laptop loopt vast

Laptop loopt vast

Laptop loopt vast

Laptop loopt vast

Laptop loopt vast

Laptop loopt vast

Laptop loopt vast

Laptop loopt vast

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie