Marloes
-
Items
7 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Marloes
-
-
En hoe is de toestand nu ?
Hoi, nou de computer lijkt iig een stuk sneller..... ik moet nu helaas weg, maar zal proberen om vanavond mijn bestand door te sturen.
Ik laat het je weten! En tot zover alvast heel erg bedankt....
-
Dubbelklik op Zoek.exe om de tool te starten.
- Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
- Kopieer nu onderstaande code en plak die in het grote invulvenster:
- Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
[HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Windows];r "AppInit_DLLs"=-;r [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\mobilegeni daemon];r
- De optie "Scan All Users" staat standaard aangevinkt.
- Klik nu op de knop "Run script".
- Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
- Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
- Post het geopende logje in het volgende bericht.
Zoek.exe v5.0.0.0 Updated 07-February-2014
Tool run by Maarten on zo 09-02-2014 at 9:56:45,77.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Maarten\Downloads\zoek.exe [scan all users] [script inserted]
==== Older Logs ======================
C:\zoek-results2014-02-08-203921.log 19005 bytes
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Windows]
"AppInit_DLLs"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\mobilegeni daemon]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=194 folders=97 52308657 bytes)
==== EOF on zo 09-02-2014 at 9:58:14,17 ======================
- Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
-
Zoek.exev5.0.0.0 Updated 07-February-2014
Tool run byMaarten on za 08-02-2014 at 20:58:57,70.
Microsoft®Windows Vista™ Home Premium 6.0.6002Service Pack 2 x86
Running in:Normal Mode Internet Access Detected
Launched: C:\Users\Maarten\Downloads\zoek.exe[scan all users] [script inserted] [Checkboxes used]
==== SystemRestore Info ======================
8-2-201421:01:20 Zoek.exe System Restore Point Created Succesfully.
==== EmptyFolders Check ======================
C:\ProgramFiles\MSXML 4.0 deleted successfully
C:\ProgramFiles\VideoLAN deleted successfully
C:\Users\Maarten\AppData\Roaming\PeerNetworkingdeleted successfully
C:\Users\Maarten\AppData\Roaming\SoftwareInspection Library deleted successfully
C:\Users\Maarten\AppData\Local\Conduitdeleted successfully
C:\Users\Maarten\AppData\Local\PackageAwaredeleted successfully
C:\Users\Maarten\AppData\Local\Yahoo!deleted successfully
====Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deletedsuccessfully
HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406} deletedsuccessfully
HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{A3520868-6D15-4F6C-A740-F2C732249DD5} deletedsuccessfully
HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{A5EB8529-C0BC-4986-A25A-3E0440BE73B1} deletedsuccessfully
HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deletedsuccessfully
====Deleting CLSID Registry Values ======================
====Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvcdeleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\CltMngSvcdeleted successfully
====Registry Fix Code ======================
WindowsRegistry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""=-
====Deleting Files \ Folders ======================
C:\Windows\system32\SearchProtectdeleted
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1deleted
C:\ProgramFiles\SearchProtect deleted
C:\Users\Maarten\AppData\Roaming\newnext.medeleted
C:\ProgramFiles\Mobogenie deleted
C:\Users\Maarten\AppData\Local\genienextdeleted
C:\Users\Maarten\daemonprocess.txt deleted
C:\Users\Maarten\.androiddeleted
C:\ProgramFiles\Conduit deleted
C:\ProgramFiles\Ask.com deleted
C:\Users\Maarten\AppData\Roaming\OpenCandydeleted
C:\Users\Maarten\AppData\Local\IlividPlayer deleted
C:\Users\Maarten\AppData\Local\SearchProtectdeleted
C:\Users\Maarten\AppData\Local\IACdeleted
C:\Users\Maarten\AppData\Local\Mobogeniedeleted
C:\Users\Maarten\AppData\Local\cachedeleted
C:\Users\Maarten\AppData\LocalLow\IACdeleted
C:\Users\Maarten\AppData\LocalLow\searchqubanddeleted
C:\Users\Maarten\AppData\LocalLow\Softonicdeleted
C:\Users\Maarten\AppData\LocalLow\PriceGongdeleted
C:\Users\Maarten\AppData\LocalLow\Conduitdeleted
C:\Windows\System32\SET757D.tmpdeleted
C:\Users\Maarten\Documents\Mobogenie deleted
==== FilesRecently Created / Modified ======================
======C:\Windows ====
======C:\Users\Maarten\AppData\Local\Temp ====
2014-02-0311:36:28 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Maarten\AppData\Local\Temp\SPSetup.exe
2014-01-2921:44:20 81DF17EAE33CB2A422A9183672564FC2 6774448 ----a-w- C:\Users\Maarten\AppData\Local\Temp\DC00E992-B11D-4AEE-88BD-6DEAEDF3E3D5.exe
====== JavaCache =====
======C:\Windows\system32 =====
2014-02-0819:00:53 821E45601C7FD525A8E5B5568BDE894E 512 ----a-w- C:\Windows\System32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
======C:\Windows\system32\drivers =====
======C:\Windows\Tasks ======
======C:\Windows\Temp ======
=======C:\Program Files =====
2014-01-3020:10:57 -------- d-----w- C:\ProgramFiles\trend micro
======= C:=====
======C:\Users\Maarten\AppData\Roaming ======
2014-01-0921:01:21 -------- d-----w- C:\Users\Maarten\AppData\Local\ElevatedDiagnostics
====== C:\Users\Maarten======
2014-01-3020:10:18 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Maarten\Desktop\RSIT32.exe
====== C:exe-files ==
2014-02-0517:20:33 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\ProgramFiles\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe
2014-02-0311:36:28 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Maarten\AppData\Local\Temp\SPSetup.exe
2014-02-0310:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Windows\Temp\nsv3CB6.exe
2014-02-0310:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Windows\Temp\nsf2FE9.exe
=== C:other files ==
====Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exeoobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe/detectMem"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exeoobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe/detectMem"
[HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\ProgramFiles\Windows Sidebar\sidebar.exe /autoRun"
"WMPNSCFG"="C:\ProgramFiles\Windows Media Player\WMPNSCFG.exe"
"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE/EPT EPLTarget\P0000000000000000 /M XP-215 217 Series"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BullGuard"="C:\ProgramFiles\BullGuard Ltd\BullGuard\BullGuard.exe -boot"
"BullGuardUpdate2"="c:\programfiles\bullguard ltd\bullguard\BullGuardUpdate2.exe"
"openvpn-gui"="C:\ProgramFiles\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\ProgramFiles\Windows Sidebar\sidebar.exe /autoRun"
"WMPNSCFG"="C:\ProgramFiles\Windows Media Player\WMPNSCFG.exe"
"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE/EPT EPLTarget\P0000000000000000 /M XP-215 217 Series"
[HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dllc:\\PROGRA~1\\BULLGU~1\\BULLGU~1\\BgAgent.dll BgGamingMonitor.dll"
====Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\(default)]
"command"=""
"hkey"="HKLM"
"item"="(default)"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\Adobe ARM]
"command"="\"C:\\ProgramFiles\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"hkey"="HKLM"
"item"="AdobeARM"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\ProgramFiles\\HomeCinema\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\EEventManager]
"command"="\"C:\\ProgramFiles\\Epson Software\\Event Manager\\EEventManager.exe\""
"hkey"="HKLM"
"item"="EEventManager"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IAAnotif]
"command"="\"C:\\ProgramFiles\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\""
"hkey"="HKLM"
"item"="IAAnotif"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\mobilegeni daemon]
"command"="C:\\ProgramFiles\\Mobogenie\\DaemonProcess.exe"
"hkey"="HKLM"
"item"="mobilegenidaemon"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\NvCplDaemon]
"command"="RUNDLL32.EXEC:\\Windows\\system32\\NvCpl.dll,NvStartup"
"hkey"="HKLM"
"item"="NvCplDaemon"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\NvMediaCenter]
"command"="RUNDLL32.EXEC:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"
"hkey"="HKLM"
"item"="NvMediaCenter"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PAC7302_Monitor]
"command"="C:\\Windows\\PixArt\\PAC7302\\Monitor.exe"
"hkey"="HKLM"
"item"="PAC7302_Monitor"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\RtHDVCpl]
"command"="C:\\ProgramFiles\\Realtek\\Audio\\HDA\\RtHDVCpl.exe"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\Windows Defender]
"command"="C:\\ProgramFiles\\Windows Defender\\MSASCui.exe -hide"
"hkey"="HKLM"
"item"="WindowsDefender"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
====Startup Folders ======================
2010-11-0811:20:34 1938 ----a-w- C:\ProgramData\Microsoft\Windows\StartMenu\Programs\Startup\Ziggo Wireless Utility.lnk
==== TaskScheduler Jobs ======================
C:\Windows\tasks\AdobeFlash Player Updater.job --a------C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [05-02-201418:41]
C:\Windows\tasks\EPSONXP-215 217 Series Invitation {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}.job--a------ C:;8C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.exe []
C:\Windows\tasks\EPSONXP-215 217 Series Update {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}.job --a------C:;8C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.exe []
C:\Windows\tasks\GoogleSoftware Updater.job --a------ C:\Program Files\Google\Common\GoogleUpdater\GoogleUpdaterService.exe [26-08-2012 21:12]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job--a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-12-2009 14:41]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job--a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-12-2009 14:41]
==== OtherScheduled Tasks ======================
"C:\Windows\system32\tasks\AdobeFlash Player Updater"[C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask"[C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\EPSONXP-215 217 Series Invitation {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}"[C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.EXE]
"C:\Windows\system32\tasks\EPSONXP-215 217 Series Update {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}"[C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.EXE]
"C:\Windows\system32\tasks\GoogleSoftware Updater" [C:\Program Files\Google\Common\GoogleUpdater\GoogleUpdaterService.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore"[C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA"[C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{A4AD3220-B5A9-4771-9566-E84D7CB4EA56}"[C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\{823232DB-30F2-47B9-8F97-05F8F0C81FEE}"[C:\Program Files\Skype\Phone\Skype.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate"[C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
==== FirefoxExtensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"antiphishing@bullguard"="c:\programfiles\bullguard ltd\bullguard\Antiphishing\FF\antiphishing@bullguard"[17-10-2013 08:09]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\ProgramFiles\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [04-08-201116:45]
==== ChromeLook ======================
Google Docs- Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
GoogleDrive - Maarten\AppData\Local\Google\Chrome\UserData\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube -Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
GoogleSearch - Maarten\AppData\Local\Google\Chrome\UserData\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
MapsGalaxy- Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmpoonbkphmkpjmcbgpeoondejnaaic
GoogleWallet - Maarten\AppData\Local\Google\Chrome\UserData\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail -Maarten\AppData\Local\Google\Chrome\UserData\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Docs - Marloes\AppData\Local\Google\Chrome\UserData\Default\Extensions\aohghmighlieiainnegkcijnfilokake
GoogleDrive - Marloes\AppData\Local\Google\Chrome\UserData\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube -Marloes\AppData\Local\Google\Chrome\UserData\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
GoogleSearch - Marloes\AppData\Local\Google\Chrome\UserData\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail -Marloes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IEto Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\Main]
"StartPage"="http://google.nl/"
"Default_Page_URL"="http://www.aldi.nl/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\InternetExplorer\SearchScopes]
"DefaultScope"="{A3520868-6D15-4F6C-A740-F2C732249DD5}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\InternetExplorer\SearchScopes\{A3520868-6D15-4F6C-A740-F2C732249DD5}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"StartPage"="http://google.nl/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\InternetExplorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== AllHKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\InternetExplorer\SearchScopes
{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}Unknown Url="Not_Found"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A}Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64}Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDC_nl"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== DeletingCLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-638316707-796478540-1511587918-1000\Software\Microsoft\InternetExplorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deletedsuccessfully
====Deleting CLSID Registry Values ======================
====Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtectdeleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\mobilegeni daemon deleted successfully
==== EmptyIE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully
C:\Users\Maarten\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Low\Content.IE5 emptied successfully
C:\Users\Maarten\AppData\Local\Temp\TemporaryInternet Files\Content.IE5 emptied successfully
C:\Users\Marloes\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully
C:\Users\Marloes\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\TemporaryInternet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5 emptied successfully
C:\Users\Maarten\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5\index.dat will be deleted at reboot
==== EmptyFireFox Cache ======================
No FireFoxProfiles found
==== EmptyChrome Cache ======================
C:\Users\Maarten\AppData\Local\Google\Chrome\UserData\Default\Cache emptied successfully
C:\Users\Marloes\AppData\Local\Google\Chrome\UserData\Default\Cache emptied successfully
==== EmptyAll Flash Cache ======================
Flash CacheEmptied Successfully
==== EmptyAll Java Cache ======================
Java Cachecleared successfully
====C:\zoek_backup content ======================
C:\zoek_backup(files=194 folders=97 52308657 bytes)
==== EmptyTemp Folders ======================
C:\Users\Default\AppData\Local\Tempemptied successfully
C:\Users\DefaultUser\AppData\Local\Temp emptied successfully
C:\Users\Marloes\AppData\Local\Tempemptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Tempemptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Tempemptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Tempemptied successfully
C:\Users\Maarten\AppData\Local\Temp will be emptied at reboot
C:\Windows\Tempwill be emptied at reboot
==== AfterReboot ======================
==== EmptyTemp Folders ======================
C:\Windows\Tempsuccessfully emptied
C:\Users\Maarten\AppData\Local\Tempsuccessfully emptied
==== EmptyRecycle Bin ======================
C:\$RECYCLE.BINsuccessfully emptied
====Deleting Files / Folders ======================
"C:\Users\Maarten\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5\index.dat" not deleted
==== EOF on za 08-02-2014 at 21:39:21,59======================
-
Logfile of random's system information tool 1.09 (written by random/random)
Run by Maarten at 2014-01-30 21:13:51
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 205 GB (35%) free of 590 GB
Total RAM: 3325 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:14:03, on 30-1-2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal
Running processes:
C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe
C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wermgr.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATILGE.EXE
C:\Program Files\NETGEAR\WN111v2\WN111v2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Maarten\Desktop\RSIT 32.exe
C:\Program Files\trend micro\Maarten.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI Nederland - Startpagina
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKLM\..\Run: [bullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe
O4 - HKLM\..\Run: [openvpn-gui] C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-215 217 Series"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Ziggo Wireless Utility.lnk = C:\Program Files\NETGEAR\WN111v2\WN111v2.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
O23 - Service: OpenVPN Interactive Service (OpenVPNServiceInteractive) - Unknown owner - C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
O23 - Service: Pervasive Workgroup Engine - Unknown owner - C:\PVSW\bin\psql_svc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 10291 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\EPSON XP-215 217 Series Invitation {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}.job
C:\Windows\tasks\EPSON XP-215 217 Series Update {A58D57ED-1912-4B0C-BC2C-8661CC7263FD}.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-03-13 330160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-03-13 59824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"BullGuard"=C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [2013-10-21 857936]
"BullGuardUpdate2"=c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2013-10-16 1878352]
"openvpn-gui"=C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [2012-10-15 406112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE [2013-01-24 260160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\(default)]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [2008-07-18 104936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2013-03-28 1058880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-08 178712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]
C:\Program Files\Mobogenie\DaemonProcess.exe [2013-12-10 761024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2009-03-27 13687328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\Windows\system32\NvMcTray.dll [2009-03-27 92704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor]
C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-03 6724128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Ziggo Wireless Utility.lnk - C:\Program Files\NETGEAR\WN111v2\WN111v2.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsMain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsUpdate]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-01-30 21:10:57 ----D---- C:\rsit
2014-01-30 21:10:57 ----D---- C:\Program Files\trend micro
2014-01-27 21:12:51 ----D---- C:\Nieuwe map (2)
2014-01-16 16:00:39 ----D---- C:\Windows\system32\SearchProtect
2014-01-09 19:08:54 ----D---- C:\Windows\Migration
2014-01-05 10:07:41 ----D---- C:\Program Files\iPod
2014-01-05 10:07:39 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-05 10:07:39 ----D---- C:\Program Files\iTunes
2014-01-02 21:01:23 ----D---- C:\Program Files\SearchProtect
2014-01-02 21:00:10 ----D---- C:\Users\Maarten\AppData\Roaming\uTorrent
2014-01-02 20:49:48 ----D---- C:\Users\Maarten\AppData\Roaming\newnext.me
2014-01-02 20:48:22 ----D---- C:\Program Files\Mobogenie
2014-01-02 20:47:53 ----D---- C:\Program Files\VideoLAN
======List of files/folders modified in the last 1 month======
2014-01-30 21:14:03 ----D---- C:\Windows\Temp
2014-01-30 21:13:30 ----D---- C:\ProgramData\BullGuard
2014-01-30 21:10:57 ----RD---- C:\Program Files
2014-01-30 20:09:22 ----D---- C:\Windows\System32
2014-01-29 22:37:46 ----D---- C:\Users\Maarten\AppData\Roaming\CorelHomeOffice
2014-01-29 20:58:35 ----D---- C:\Windows\prefetch
2014-01-27 10:14:30 ----SHD---- C:\Windows\Installer
2014-01-27 10:14:30 ----HD---- C:\Config.Msi
2014-01-27 10:14:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-27 10:14:20 ----D---- C:\Windows\inf
2014-01-27 10:12:29 ----SHD---- C:\System Volume Information
2014-01-26 19:45:45 ----RSD---- C:\Windows\Fonts
2014-01-26 19:45:28 ----D---- C:\ProgramData\HP
2014-01-26 19:45:03 ----HD---- C:\ProgramData
2014-01-26 19:44:46 ----D---- C:\Program Files\HP
2014-01-26 19:44:35 ----D---- C:\Windows\winsxs
2014-01-26 19:44:26 ----D---- C:\Windows
2014-01-26 19:44:25 ----D---- C:\Windows\system32\catroot
2014-01-26 19:44:00 ----D---- C:\Windows\twain_32
2014-01-16 15:56:32 ----D---- C:\Users\Maarten\AppData\Roaming\BullGuard
2014-01-15 22:27:02 ----D---- C:\ProgramData\Microsoft Help
2014-01-15 22:26:16 ----D---- C:\Windows\system32\MRT
2014-01-15 22:23:04 ----A---- C:\Windows\system32\mrt.exe
2014-01-09 22:02:01 ----D---- C:\Windows\AppPatch
2014-01-09 19:54:13 ----D---- C:\Windows\Microsoft.NET
2014-01-09 19:16:07 ----RSD---- C:\Windows\assembly
2014-01-09 19:09:12 ----D---- C:\Windows\system32\en-US
2014-01-09 19:08:54 ----SD---- C:\ProgramData\Microsoft
2014-01-05 10:07:40 ----D---- C:\Program Files\Common Files\Apple
2014-01-02 21:25:30 ----D---- C:\Windows\system32\catroot2
2014-01-02 20:50:20 ----HD---- C:\Windows\system32\GroupPolicy
2014-01-02 20:41:16 ----SD---- C:\Users\Maarten\AppData\Roaming\Microsoft
2014-01-02 15:01:07 ----D---- C:\Intramed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-10-08 306200]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R1 AFW;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2012-12-13 33888]
R1 BdSpy;BdSpy; C:\Windows\system32\drivers\BdSpy.sys [2013-03-27 64624]
R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2008-10-01 20384]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver; C:\Windows\system32\DRIVERS\NSKernel.sys [2012-06-26 216136]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver; C:\Windows\system32\DRIVERS\NSNetmon.sys [2012-06-26 20040]
R3 afwcore;afwcore; C:\Windows\system32\DRIVERS\afwcore.sys [2012-12-13 337504]
R3 DNISp50;DNISp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\DNISp50.sys [2006-11-16 20480]
R3 e1express;Stuurprogramma voor Intel® PRO/1000 PCI Express-netwerkverbinding; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-03 2320480]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-27 7738816]
R3 tap0901;Sophos SSL VPN Adapter; C:\Windows\system32\DRIVERS\tap0901.sys [2012-10-15 34576]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2013-02-05 343456]
R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service; C:\Windows\system32\DRIVERS\WN111v2v.sys [2009-01-13 453120]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 61883;61883-eenheidsapparaat; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]
S3 Avc;AVC-apparaat; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]
S3 DNIMp50;DNIMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\DNIMp50.sys [2006-11-16 21504]
S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-21 52608]
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28u.sys [2007-09-21 554496]
S3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
S3 UMPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-21 7680]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BsBackup;BullGuard backup service; C:\Windows\System32\SvcHost.exe [2008-01-21 21504]
R2 BsBhvScan;BullGuard behavioural detection service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2013-10-16 376144]
R2 BsFileScan;BullGuard on-access service; C:\Windows\System32\SvcHost.exe [2008-01-21 21504]
R2 BsFire;BullGuard firewall service; C:\Windows\System32\SvcHost.exe [2008-01-21 21504]
R2 BsMailProxy;BullGuard e-mail monitoring service; C:\Windows\System32\SvcHost.exe [2008-01-21 21504]
R2 BsMain;BullGuard main service; C:\Windows\System32\SvcHost.exe [2008-01-21 21504]
R2 BsScanner;BullGuard scanning service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2013-10-16 211792]
R2 BsUpdate;BullGuard update service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2013-10-21 291152]
R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [2014-01-29 2301216]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc.exe [2012-05-17 126128]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-08 358936]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-27 207392]
R2 OpenVPNServiceInteractive;OpenVPN Interactive Service; C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [2012-10-15 57952]
R2 Pervasive Workgroup Engine;Pervasive Workgroup Engine; C:\PVSW\bin\psql_svc.exe [2007-01-12 73728]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-29 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-26 194032]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-29 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe [2008-02-29 942080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [2012-10-15 57952]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:39:55, on 27-1-2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe
C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATILGE.EXE
C:\Program Files\NETGEAR\WN111v2\WN111v2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Maarten\Maarten\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI Nederland - Startpagina
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKLM\..\Run: [bullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe
O4 - HKLM\..\Run: [openvpn-gui] C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-215 217 Series"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Ziggo Wireless Utility.lnk = C:\Program Files\NETGEAR\WN111v2\WN111v2.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing)
O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll BgGamingMonitor.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
O23 - Service: OpenVPN Interactive Service (OpenVPNServiceInteractive) - Unknown owner - C:\Program Files\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
O23 - Service: Pervasive Workgroup Engine - Unknown owner - C:\PVSW\bin\psql_svc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 11073 bytes
-
Hallo,
Ik heb nu meerdere keren geprobeerd om een bestand door te sturen. Het gaat hier om een fotoalbum.
Zodra het bestand ingepakt is en doorgstuurd moet worden, krijg ik de volgende melding.
Windows-hostproces (rundll32) werkt niet meer en is gesloten.
Hoe kan ik dit oplossen?
alvast bedankt.
Gr. Marloes
logje
in Archief Bestrijding malware & virussen
Geplaatst:
Jaaa, top! Ik heb geen problemen meer met het doorsturen van grote bestanden. Daar ben ik echt super blij mee.
ontzettend bedankt kape!!! Zal mijn probleem als opgelost aanvinken en een donatie maken ;-))