grijze haren

Lid

Bekijk profiel Bekijk hun activiteit

Items
7
Registratiedatum
16 maart 2014
Laatst bezocht
25 december 2015

grijze haren's prestaties

Groentje (2/14)

Recente badges

Reputatie

niet meer goed werkende photosmart hp-printer 5620; drukt niet meer af

grijze haren plaatste een topic in Archief Hardware algemeen

oorzaak; de "wagen" (=het mobile transport van de 4 kleurenunit) wordt geblokeerd door iets wat omhoog komt onder de wagen bij het beeindigen van het programma (=elektrisch schakelaar ingedrukt = opdracht van de software) Hoe kan dat verholpen worden, want hij print niet meer als je hem opdracht daarvoor geeft. Volgens hp worden er 8 systematieken aangegeven om het blokken van de wagen te verhelpen. Die werken dus niet.
- 24 december 2015
- 2 antwoorden
verwijderen van het delta holmes spyware

grijze haren reageerde op grijze haren's topic in Archief Bestrijding malware & virussen

nogmaals bedankt, het gaat toch dieper dan ik ooit vermoed zou hebben.
- 30 maart 2014
- 11 antwoorden
verwijderen van het delta holmes spyware

grijze haren reageerde op grijze haren's topic in Archief Bestrijding malware & virussen

[ATTACH]30921[/ATTACH] AdwCleaner[S0].txt
- 25 maart 2014
- 11 antwoorden
verwijderen van het delta holmes spyware

grijze haren reageerde op grijze haren's topic in Archief Bestrijding malware & virussen

sorry, ik had niet in de gaten dat het nog niet is afgerond; hierbij het gevraagte:: Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Gebruiker on zo 23-03-2014 at 14:52:42,73. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 23-3-2014 14:54:32 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\WinZip deleted successfully C:\PROGRA~2\BoostSoftware deleted successfully C:\PROGRA~2\CorelDRAW Graphics Suite X5 deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\ZoomBrowser deleted successfully C:\PROGRA~2\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} deleted successfully C:\PROGRA~2\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted successfully C:\PROGRA~2\{429CAD59-35B1-4DBC-BB6D-1DB246563521} deleted successfully C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\Users\Gebruiker\AppData\Roaming\HpUpdate deleted successfully C:\Users\Gebruiker\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Gebruiker\AppData\Roaming\WinZipper deleted successfully C:\Users\Gebruiker\AppData\Local\Downloaded Installations deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2788594329-228751132-1850303638-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2788594329-228751132-1850303638-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{4c60e5ab-5c68-4c59-abaa-885010b24b32} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\winzipersvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winzipersvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\winzipersvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\winzipersvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.0.5 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.0.5 deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default ---- Lines Search removed from prefs.js ---- user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SE ---- Lines mindspark removed from prefs.js ---- user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com"); ---- Lines ask.com removed from prefs.js ---- user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.swee ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "14407ee7df564f6904a49ca23aab656f"); ---- Lines Sweet removed from prefs.js ---- user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); user_pref("sweetim.toolbar.dialogs.0.enable", "true"); user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js"); user_pref("sweetim.toolbar.dialogs.0.height", "335"); user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff_1_6.html"); user_pref("sweetim.toolbar.dialogs.0.width", "761"); user_pref("sweetim.toolbar.dialogs.1.enable", "true"); user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js"); user_pref("sweetim.toolbar.dialogs.1.height", "300"); user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog"); user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog"); user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"); user_pref("sweetim.toolbar.dialogs.1.width", "500"); user_pref("sweetim.toolbar.dialogs.2.enable", "true"); user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js"); user_pref("sweetim.toolbar.dialogs.2.height", "150"); user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove"); user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog"); user_pref("sweetim.toolbar.dialogs.2.url", "http://www.sweetim.com/simffbar/simcdadialog.asp"); user_pref("sweetim.toolbar.dialogs.2.width", "530"); user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|. user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); user_pref("sweetim.toolbar.mode.debug", "false"); user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "http://(www.|apps.)?facebook\\.com.*"); user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); user_pref("sweetim.toolbar.scripts.0.enable", "true"); user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); user_pref("sweetim.toolbar.scripts.0.url", "http://sc.sweetim.com/apps/in/fb/infb.js"); user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true"); user_pref("sweetim.toolbar.scripts.1.callback", "simVerification"); user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "https://(www.|apps.)?facebook\\.com.*"); user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb"); user_pref("sweetim.toolbar.scripts.1.enable", "false"); user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_httpS"); user_pref("sweetim.toolbar.scripts.1.url", "https://sc.sweetim.com/apps/in/fb/infb.js"); user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false"); user_pref("sweetim.toolbar.scripts.2.callback", ""); user_pref("sweetim.toolbar.scripts.2.domain-whitelist", ""); user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script"); user_pref("sweetim.toolbar.scripts.2.enable", "false"); user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad"); user_pref("sweetim.toolbar.scripts.2.url", "http://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1"); user_pref("sweetim.toolbar.search.history", "nuon%20cv%20ketel%20serviceabbonementen,daalderop"); user_pref("sweetim.toolbar.search.history.capacity", "10"); user_pref("sweetim.toolbar.searchguard.enable", "false"); user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true"); user_pref("sweetim.toolbar.simapp_id", "{95D9147C-92B8-4ABC-9F0E-5D24D45AEA5F}"); user_pref("sweetim.toolbar.version", "1.6.0.3"); user_pref("sweetim.toolbar.Visibility.enable", "true"); user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- user_23-03-2014_1507_.backup prefs_23-03-2014_1507_.backup ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Thunderbird\Profiles\4qevzeob.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_23-03-2014_1507_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} not found C:\PROGRA~2\{32364CEA-7855-4A3C-B674-53D8E9B97936} not found C:\PROGRA~2\{429CAD59-35B1-4DBC-BB6D-1DB246563521} not found C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found C:\Program Files\MediaViewV1 deleted C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\extensions\maps@ovi.com deleted C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\extensions\quick_start@gmail.com deleted C:\Program Files\FromDocToPDF_65 deleted C:\PROGRA~2\eSellerate deleted C:\Users\Gebruiker\daemonprocess.txt deleted C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml deleted C:\Program Files\jZip deleted C:\Program Files\Common Files\337 deleted C:\Program Files\MyFree Codec deleted C:\Program Files\FromDocToPDF_65EI deleted C:\Program Files\Microsoft Research deleted C:\Users\Gebruiker\AppData\Roaming\ZoomBrowser EX deleted C:\Users\Gebruiker\AppData\Roaming\Smiley.ico deleted C:\Users\Gebruiker\AppData\Roaming\ParetoLogic deleted C:\Users\Gebruiker\AppData\Roaming\DriverCure deleted C:\Users\Gebruiker\AppData\Roaming\systweak deleted C:\PROGRA~2\AVG Security Toolbar deleted C:\PROGRA~2\boost_interprocess deleted C:\PROGRA~2\ParetoLogic deleted C:\PROGRA~2\Uniblue\DriverScanner deleted C:\PROGRA~2\Uniblue deleted C:\PROGRA~2\AVG Secure Search deleted C:\Users\Gebruiker\AppData\Local\AVG Secure Search deleted C:\Users\Gebruiker\AppData\Local\jZip deleted C:\Users\Gebruiker\AppData\Local\AVG Security Toolbar deleted C:\Users\Gebruiker\AppData\Local\SwvUpdater deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper deleted C:\Users\Gebruiker\AppData\LocalLow\AVG Secure Search deleted C:\Users\Gebruiker\AppData\LocalLow\FromDocToPDF_65EI deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\system32\tasks\Desk 365 RunAsStdUser deleted C:\Windows\system32\roboot.exe deleted C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\SweetPacksToolbarData deleted C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted "C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\searchplugins\sweetim.xml" deleted "C:\ProgramData\lrilldgvqakdbly" deleted "C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\searchplugins\sweetim.xml" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla22.exe" deleted "C:\Program Files\WinZipper\eshellctx.dll" deleted "C:\Program Files\WinZipper\eshellctx.dll" deleted "C:\Program Files\AVG Secure Search\vprot.exe" deleted "C:\Program Files\AVG Secure Search\vprot.exe" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\SiteSafety.dll" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\log4cplusU.dll" deleted "C:\Windows\455F074C814E4520B69B5584BD90400C.TMP" deleted "C:\Program Files\WinZipper" not deleted "C:\Program Files\WinZipper" not deleted "C:\Program Files\AVG Secure Search" deleted "C:\Program Files\AVG Secure Search" deleted "C:\Program Files\Common Files\AVG Secure Search" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-03-18 12:22:56 B09DE593A932B0E4BDC5B10857D15104 416740445 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== 2014-03-18 12:55:18 45922155C9628E11441AA869C6287BB7 10372136 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\BackupSetup.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-03-18 13:04:19 DE064E74D537A93F2D5C9A28BDA3F9CB 18700 ----a-w- C:\Windows\System32\.crusader 2014-03-16 17:14:24 84F221BC06D95DDBC5335BC22C9B5C15 4196 ----a-w- C:\Windows\System32\registerbestand-user-outlook-oud-16-3-2014.reg 2014-03-16 15:45:37 7CC38741B8F68F1E0D5D79DA6123666A 185344 ----a-w- C:\Windows\System32\wwansvc.dll 2014-03-16 15:45:32 B0BE998802DEDEE1FD8F5E5F9F207A30 509440 ----a-w- C:\Windows\System32\qedit.dll 2014-03-16 15:45:27 8B521873651E62EF5868DC7B339959DB 32768 ----a-w- C:\Windows\System32\iernonce.dll 2014-03-16 15:45:27 7EDA015D4E74177A1B187326EDB14670 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-03-16 15:45:26 AAFEAB4FC9D70253F8C7E353E879E8A2 1820160 ----a-w- C:\Windows\System32\wininet.dll 2014-03-16 15:45:26 69C9F0607AF94C7162BBD25E222D4E0E 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-03-16 15:45:26 6744457C09B9B8176CC3ECC2D0EE6580 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-03-16 15:45:26 4605E0295C8E742B28FD63D255322795 703488 ----a-w- C:\Windows\System32\ieapfltr.dll 2014-03-16 15:45:26 3B3EBF6E3C12DFDC6B29CBAC2F5519CC 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-03-16 15:45:26 2CF6CF90BF7FE0E616C363343FFA686B 553472 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-03-16 15:45:26 1CEE521E90703BB8A01211C77747E727 43008 ----a-w- C:\Windows\System32\jsproxy.dll 2014-03-16 15:45:22 E84073A2F2D3A9448CA02F48B0360490 440832 ----a-w- C:\Windows\System32\ieui.dll 2014-03-16 15:45:22 C8DBE0B5297FD85D7311E4791103517B 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-03-16 15:45:22 BD5E6C894130E7BB7ECE9A0925383068 2168320 ----a-w- C:\Windows\System32\iertutil.dll 2014-03-16 15:45:21 FC46FE32B043CA7251B1D707B91BA6A7 4244480 ----a-w- C:\Windows\System32\jscript9.dll 2014-03-16 15:45:21 70462E0A4E293FC80620AB945D8A59BB 17074688 ----a-w- C:\Windows\System32\mshtml.dll 2014-03-16 15:45:20 A045DAE4D242A9A50FF6902774C55BE0 524288 ----a-w- C:\Windows\System32\msfeeds.dll 2014-03-16 15:45:20 5C207FABA707CE496E1E0A304925D1E5 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-03-16 15:45:20 0FF358906F2333B26267BC0064DC02C4 1156096 ----a-w- C:\Windows\System32\urlmon.dll 2014-03-16 15:45:19 E23497E11866154A97BA9877656113FE 1964032 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-03-16 15:45:19 B61F47EB8CACBE09C8117E4FF7D9656D 164864 ----a-w- C:\Windows\System32\msrating.dll 2014-03-16 15:45:19 B0CBC5A7D9278DCD5B230E1E50CCA5F6 61952 ----a-w- C:\Windows\System32\iesetup.dll 2014-03-16 15:45:19 4831AA1A6A112ACCEE240C9D5FA2108B 11266048 ----a-w- C:\Windows\System32\ieframe.dll 2014-03-16 15:45:19 35523AF349702302EBC08D0D83661A78 208896 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-03-16 15:45:12 204689EC38738BE7C07F79B745733747 2349056 ----a-w- C:\Windows\System32\win32k.sys 2014-03-16 15:45:07 A054EA8FBE16D4D34F06D81A4F0088E2 1230336 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2014-03-16 15:44:35 4F8CCD3E7D9F17A7C60FA0AE2466CACF 381440 ----a-w- C:\Windows\System32\wer.dll ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== 2014-03-18 11:54:36 57C031BB1AF60444692FB158E8FED151 3356 ----a-w- C:\Windows\system32\Tasks\SpyHunter4Startup 2014-02-25 11:32:34 5FAF13AFB7B0C40522FD80B667BD9A8B 3878 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater 2014-02-25 11:32:34 06823A36430EF18DA738B9DB74DE30FF 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-03-18 18:12:42 -------- d-----w- C:\Program Files\trend micro 2014-03-18 12:57:13 -------- d-----w- C:\Program Files\HitmanPro 2014-02-27 18:28:35 -------- d-----w- C:\Program Files\Enigma Software Group 2014-02-27 18:27:44 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2014-03-18 11:54:33 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2014-03-18 11:25:34 17F336C0A13DEFDF33CC99DDB94D7437 45056 --sha-w- C:\Users\Gebruiker\AppData\Roaming\Thumbs.db ====== C:\Users\Gebruiker ====== 2014-03-21 15:02:00 6463A4FA57AEE1597C26EC75DFD911D2 2836400 ----a-w- C:\Users\Gebruiker\Desktop\ib2013_win_setup(1).exe 2014-03-18 18:12:00 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Gebruiker\Desktop\RSIT.exe 2014-03-18 12:55:36 -------- d-----w- C:\ProgramData\HitmanPro 2014-03-18 12:51:06 609B83259466F78EC2014119B22100F8 930952 ----a-w- C:\Users\Gebruiker\Desktop\cbsidlm-cbsi183-HitmanPro_3_32bit-ORG-10895604.exe 2014-03-18 11:53:19 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Gebruiker\Desktop\SpyHunter-Installer(1).exe 2014-03-16 15:38:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-03-16 15:29:50 B78BCAFE70A9730B7E112053DAB3DC2C 468 --sha-r- C:\ProgramData\ntuser.pol 2014-03-04 10:44:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-03-04 10:41:40 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 ====== C: exe-files == 2014-03-21 21:17:23 17DCAF65BC7D86CBF56BA2E461BD886B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2788594329-228751132-1850303638-1000\$IV9RN4E.exe 2014-03-21 20:47:08 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\$Recycle.Bin\S-1-5-21-2788594329-228751132-1850303638-1000\$RV9RN4E.exe 2014-03-21 15:02:00 6463A4FA57AEE1597C26EC75DFD911D2 2836400 ----a-w- C:\Users\Gebruiker\Desktop\ib2013_win_setup(1).exe 2014-03-21 11:30:23 1B2261DC4D131B2C699386D2100A599C 5071896 ----a-w- C:\Windows\Temp\{EEF2CA7A-60BA-466E-B5D8-8349CDD2A555}.exe 2014-03-18 18:12:42 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2014-03-18 18:12:00 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Gebruiker\Desktop\RSIT.exe 2014-03-18 13:29:34 19F3566DDD9CA00AB14B8F6B7E2D51DA 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2788594329-228751132-1850303638-1000\$IVEPOFP.exe 2014-03-18 12:57:14 FB3FDE59AEF5573A53B8BF301AD00DC6 106248 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe 2014-03-18 12:55:18 45922155C9628E11441AA869C6287BB7 10372136 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\BackupSetup.exe 2014-03-18 12:52:39 609B83259466F78EC2014119B22100F8 930952 ----a-w- C:\$Recycle.Bin\S-1-5-21-2788594329-228751132-1850303638-1000\$RVEPOFP.exe 2014-03-18 12:51:06 609B83259466F78EC2014119B22100F8 930952 ----a-w- C:\Users\Gebruiker\Desktop\cbsidlm-cbsi183-HitmanPro_3_32bit-ORG-10895604.exe 2014-03-18 11:54:33 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Installer\{455F074C-814E-4520-B69B-5584BD90400C}\IconF7A21AF7.exe 2014-03-18 11:54:33 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Installer\{455F074C-814E-4520-B69B-5584BD90400C}\IconD7F16134.exe 2014-03-18 11:54:33 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Installer\{455F074C-814E-4520-B69B-5584BD90400C}\IconCF33A0CE.exe 2014-03-18 11:53:19 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Gebruiker\Desktop\SpyHunter-Installer(1).exe 2014-03-16 15:45:26 6744457C09B9B8176CC3ECC2D0EE6580 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-03-16 15:45:26 3B3EBF6E3C12DFDC6B29CBAC2F5519CC 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-03-16 15:45:22 C8DBE0B5297FD85D7311E4791103517B 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-03-16 15:45:19 3A3BEA53F039CE2E997A918E26E30B1D 808152 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-03-16 15:45:19 35523AF349702302EBC08D0D83661A78 208896 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-03-16 15:45:17 2A0FAE869BC99A460FEFD832F261DCC9 469504 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe === C: other files == 2014-03-18 11:54:43 FE2223105C443BE7FD931EE34C0B2264 6434176 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SH4.com 2014-03-16 15:45:12 204689EC38738BE7C07F79B745733747 2349056 ----a-w- C:\Windows\System32\win32k.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2788594329-228751132-1850303638-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun " "NBAgent"="C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart" "MacrokeyManager"="WTMKM.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "BePCSC"="C:\Program Files\EmvSmartCardReader\BePCSC.exe" "AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe " "hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" "vProt"="C:\Program Files\AVG Secure Search\vprot.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk] "backup"="C:\\Windows\\pss\\Adobe Gamma Loader.exe.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE " "item"="Adobe Gamma Loader.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] "backup"="C:\\Windows\\pss\\Adobe Gamma Loader.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE " "item"="Adobe Gamma Loader" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^EZ VHS Converter Monitor.lnk] "backup"="C:\\Windows\\pss\\EZ VHS Converter Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\ION\\EZVIDE~1\\MEDIAT~1.EXE " "item"="EZ VHS Converter Monitor" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LUMIX Simple Viewer.lnk] "backup"="C:\\Windows\\pss\\LUMIX Simple Viewer.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\PANASO~1\\LUMIXS~1\\PHLEAU~1.EXE " "item"="LUMIX Simple Viewer" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.5 BD Edition.lnk] "backup"="C:\\Windows\\pss\\PHOTOfunSTUDIO 6.5 BD Edition.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\COMMON~1\\PANASO~1\\PHOTOF~1\\AUTOST~1.EXE -e \"C:\\Program Files\\Panasonic\\PHOTOfunSTUDIO 6.5 BD\\PHOTOfunSTUDIO.exe\"" "item"="PHOTOfunSTUDIO 6.5 BD Edition" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] "backup"="C:\\Windows\\pss\\OneNote 2007 Schermopname en Snel starten.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\MICROS~3\\Office12\\ONENOTEM.EXE /tsr" "item"="OneNote 2007 Schermopname en Snel starten" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Spotify Web Helper"="\"C:\\Users\\Gebruiker\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" "Uploader"="C:\\Program Files\\Seagate\\Seagate Dashboard 2.0\\Seagate.Dashboard.Uploader.exe" "KiesPreload"="C:\\Program Files\\Samsung\\Kies\\Kies.exe /preload" "iCloudServices"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\iCloudServices.exe" "NokiaSuite.exe"="C:\\Program Files\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "ATICustomerCare"="\"C:\\Program Files\\ATI\\ATICustomerCare\\ATICustomerCare.exe\"" "ArcSoft Connection Service"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "Info Center"="C:\\Program Files\\PCPitstop\\Info Center\\InfoCenter.exe" "DBAgent"="\"C:\\Program Files\\Seagate\\Seagate Dashboard 2.0\\DBAgent.exe\" /WinStart" "SmartMon"="C:\\Program Files\\EmvSmartCardReader\\SmartMON.exe" "KiesTrayAgent"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe" "vProt"="\"C:\\Program Files\\AVG Secure Search\\vprot.exe\"" "HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" ==== Startup Folders ====================== 2014-02-04 19:18:49 2076 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [16-03-2014 18:01] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-08-2012 10:59] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29-08-2012 10:59] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [20-09-2011 10:11] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\ArcSoft Connect Daemon" [C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe] "C:\Windows\system32\tasks\Gebruiker" [C:\Program Files\Seagate\Seagate Dashboard 2.0\NBCore.exe] "C:\Windows\system32\tasks\Gebruiker DBAgent 2 0" ["C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe"] "C:\Windows\system32\tasks\Gebruiker Local Autobackup 5 4" [C:\Program Files\Nero\Nero 10\Nero BackItUp\NBCore.exe] "C:\Windows\system32\tasks\Gebruiker NBAgent 5 4" ["C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe"] "C:\Windows\system32\tasks\Gebruiker1" [C:\Program Files\Seagate\Seagate Dashboard 2.0\NBCore.exe] "C:\Windows\system32\tasks\Gebruiker1 Merge" ["C:\Program Files\Seagate\Seagate Dashboard 2.0\NBCore.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\system32\tasks\HP-Online updateprogramma" [C:\Program Files\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"] "C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\TuneUp Utilities 2013\OneClick.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "ext@MediaViewV1alpha310.net"="C:\Program Files\MediaViewV1\MediaViewV1alpha310\ff" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [02-01-2013 19:42] ==== Firefox Extensions ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default - Undetermined - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\extensions\maps@ovi.com - Widevine Media Optimizer - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} - EPUBReader - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} - DownloadHelper - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - Undetermined - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\extensions\quick_start@gmail.com - Undetermined - C:\Program Files\MediaViewV1\MediaViewV1alpha310\ff - Widevine Media Optimizer - %ProfilePath%\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} - EPUBReader - %ProfilePath%\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} AppDir: C:\Program Files\Mozilla Firefox - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default 95812430959AE88CDD0301AB3A71913B - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash 5596E40701BE8A4AEC399F57DBCE289E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.5 87FCE1D38F135B923EEC502825B5C7F6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.5 5A2AF08FEF626D3825AA7923B0A9DFF5 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.5 B033D1486EAD65BE7857114DFAFD8429 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.5 DA632EC5CCC16F0B0FAC9BB21C10B2C3 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.5 49CFBB2130C682FFDF2CEBEE9A2D556E - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector A9C86900D2A61728C8326FE7147617C5 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update 01D93217A9EE48DD37072B671378CC9C - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In 3220B1254AEF7A191187EC03F51B3D61 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat B2576571746839180833E048AC2CCA5C - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat 6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U45 F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin A847F61BACFA2C4E3E0B0F9431BB5245 - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll - Nokia Suite Enabler Plugin F4D52B252DA08B647F2BD5379191A741 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox 28986F0A2342A033345EF9E70D395E4F - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ibccgkdkihdcijjkajflfipopfclkbcp - C:\Program Files\MediaViewV1\MediaViewV1alpha310\ch\MediaViewV1alpha310.crx[] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\14.2.0.1\avg.crx[] YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AVG Safe Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla AVG Do Not Track - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\avg@toolbar deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\quick_start@gmail.com deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@MediaViewV1alpha310.net deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ibccgkdkihdcijjkajflfipopfclkbcp deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SupTab deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZipper deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\f9ead0iq.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=957 folders=403 277708746 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\WinZipper" not found "C:\Program Files\WinZipper" not found ==== EOF on zo 23-03-2014 at 15:27:43,52 ======================
- 24 maart 2014
- 11 antwoorden
verwijderen van het delta holmes spyware

grijze haren reageerde op grijze haren's topic in Archief Bestrijding malware & virussen

het ziet ernaar uit dat jullie oplossing werkt, hartstikke bedankt!!!!!! Ik begrijp niet hoe jullie het doen door middel van cijfertjes en letters, het is akra kradabra voor mij! nogmaals bedankt kan ik weer een beetje kleur in mijn haar krijgen.
- 23 maart 2014
- 11 antwoorden
verwijderen van het delta holmes spyware

grijze haren reageerde op grijze haren's topic in Archief Bestrijding malware & virussen

Logfile of random's system information tool 1.09 (written by random/random) Run by Gebruiker at 2014-03-21 21:47:27 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 25 GB (25%) free of 100 GB Total RAM: 3326 MB (38% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:47:32, on 21-3-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16521) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Windows\System32\WTMKM.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\EmvSmartCardReader\BePCSC.exe C:\Program Files\AVG\AVG2014\avgui.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\system32\wlrmdr.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\AVG\AVG2014\avgcsrvx.exe C:\PROGRA~1\MICROS~3\Office12\WINWORD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\SearchFilterHost.exe C:\Users\Gebruiker\Desktop\RSIT(1).exe C:\Windows\system32\DllHost.exe C:\Program Files\trend micro\Gebruiker.exe C:\Windows\system32\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {4c60e5ab-5c68-4c59-abaa-885010b24b32} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: (no name) - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - (no file) O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [MacrokeyManager] WTMKM.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [bePCSC] C:\Program Files\EmvSmartCardReader\BePCSC.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - (no file) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe O23 - Service: D-Link SharePort Plus Helper - Unknown owner - C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe O23 - Service: vToolbarUpdater18.0.5 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files\WinZipper\winzipersvc.exe -- End of file - 10538 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HP Photo Creations Communicator.job =========Mozilla firefox========= ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default prefs.js - "browser.startup.homepage" - "about:home" "avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\18.0.5.292 "smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 "quick_start@gmail.com"=C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\extensions\quick_start@gmail.com "ext@MediaViewV1alpha310.net"=C:\Program Files\MediaViewV1\MediaViewV1alpha310\ff [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.77 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@FromDocToPDF_65.com/Plugin] "Description"=FromDocToPDF Plugin "Path"=C:\Program Files\FromDocToPDF_65\bar\1.bin\NP65Stub.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5] "Description"=Office Live Update v1.5 "Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Nero.com/KM] "Description"= "Path"=C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin] "Description"=Nokia Suite Enabler Plugin "Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5] "Description"=A component of your photo software powered by RocketLife "Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt C:\Program Files\Mozilla Firefox\plugins\ NPOFF12.DLL nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll QuickTimePlugin.class C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\extensions\ maps@ovi.com quick_start@gmail.com {2d3fbcf7-be69-4433-8858-c621a8d0e58d} {5384767E-00D9-40E9-B72F-9CC39D655D6F} {b9db16a4-6edc-47ec-a1f4-b86292ed211d} C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\f9ead0iq.default\searchplugins\ sweetim.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-11-19 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-11-19 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} {95B7759C-8C7F-4BF1-B163-73684A933233} {EEE6C35B-6118-11DC-9C72-001320C79847} - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304] "NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-04-28 1406248] "MacrokeyManager"=C:\Windows\system32\WTMKM.exe [2010-06-14 6259432] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "BePCSC"=C:\Program Files\EmvSmartCardReader\BePCSC.exe [2007-05-03 27136] "AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-01-22 4962320] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-06 43848] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-10-06 59240] "hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2014-03-21 2544664] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"=C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-01-02 1199576] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk] C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^EZ VHS Converter Monitor.lnk] C:\PROGRA~1\ION\EZVIDE~1\MEDIAT~1.EXE [2009-05-12 737280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LUMIX Simple Viewer.lnk] C:\PROGRA~1\PANASO~1\LUMIXS~1\PHLEAU~1.EXE [2006-09-29 57344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.5 BD Edition.lnk] C:\PROGRA~1\COMMON~1\PANASO~1\PHOTOF~1\AUTOST~1.EXE [2011-08-09 183992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE [2009-02-26 97680] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 233888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=0 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoResolveTrack"=1 "NoResolveSearch"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "msacm.siren"=sirenacm.dll "msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - %SystemRoot%\System32\CScript.exe "%1" %* .vbs - open - %SystemRoot%\System32\CScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-03-21 13:24:17 ----A---- C:\Windows\system32\drivers\hitmanpro37.sys 2014-03-21 12:32:13 ----D---- C:\ProgramData\AVG Secure Search 2014-03-18 19:12:42 ----D---- C:\rsit 2014-03-18 19:12:42 ----D---- C:\Program Files\trend micro 2014-03-18 13:57:13 ----D---- C:\Program Files\HitmanPro 2014-03-18 13:55:36 ----D---- C:\ProgramData\HitmanPro 2014-03-18 12:54:32 ----D---- C:\sh4ldr 2014-03-16 16:45:37 ----A---- C:\Windows\system32\wwansvc.dll 2014-03-16 16:45:32 ----A---- C:\Windows\system32\qedit.dll 2014-03-16 16:45:27 ----A---- C:\Windows\system32\iernonce.dll 2014-03-16 16:45:27 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-03-16 16:45:26 ----A---- C:\Windows\system32\wininet.dll 2014-03-16 16:45:26 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-16 16:45:26 ----A---- C:\Windows\system32\jsproxy.dll 2014-03-16 16:45:26 ----A---- C:\Windows\system32\jscript9diag.dll 2014-03-16 16:45:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-03-16 16:45:26 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-03-16 16:45:26 ----A---- C:\Windows\system32\ieapfltr.dll 2014-03-16 16:45:22 ----A---- C:\Windows\system32\ieUnatt.exe 2014-03-16 16:45:22 ----A---- C:\Windows\system32\ieui.dll 2014-03-16 16:45:22 ----A---- C:\Windows\system32\iertutil.dll 2014-03-16 16:45:21 ----A---- C:\Windows\system32\mshtml.dll 2014-03-16 16:45:21 ----A---- C:\Windows\system32\jscript9.dll 2014-03-16 16:45:20 ----A---- C:\Windows\system32\urlmon.dll 2014-03-16 16:45:20 ----A---- C:\Windows\system32\msfeeds.dll 2014-03-16 16:45:19 ----A---- C:\Windows\system32\msrating.dll 2014-03-16 16:45:19 ----A---- C:\Windows\system32\iesetup.dll 2014-03-16 16:45:19 ----A---- C:\Windows\system32\ieframe.dll 2014-03-16 16:45:19 ----A---- C:\Windows\system32\ie4uinit.exe 2014-03-16 16:45:12 ----A---- C:\Windows\system32\win32k.sys 2014-03-16 16:45:07 ----A---- C:\Windows\system32\WindowsCodecs.dll 2014-03-16 16:44:35 ----A---- C:\Windows\system32\wer.dll 2014-03-16 16:29:43 ----D---- C:\Program Files\MediaViewV1 2014-03-04 11:41:40 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-02-27 19:28:35 ----D---- C:\Program Files\Enigma Software Group 2014-02-27 19:27:45 ----D---- C:\Windows\455F074C814E4520B69B5584BD90400C.TMP 2014-02-27 19:27:44 ----D---- C:\Program Files\Common Files\Wise Installation Wizard ======List of files/folders modified in the last 1 month====== 2014-03-21 21:47:25 ----D---- C:\Windows\Prefetch 2014-03-21 21:44:19 ----D---- C:\Windows\Temp 2014-03-21 19:26:23 ----D---- C:\Program Files\WinZipper 2014-03-21 17:08:55 ----D---- C:\ProgramData\MFAData 2014-03-21 16:18:02 ----D---- C:\Users\Gebruiker\AppData\Roaming\Belastingdienst 2014-03-21 13:24:25 ----D---- C:\Windows\System32 2014-03-21 13:24:17 ----D---- C:\Windows\system32\drivers 2014-03-21 13:21:54 ----D---- C:\Windows\system32\config 2014-03-21 13:19:49 ----RD---- C:\Program Files 2014-03-21 13:19:49 ----HD---- C:\ProgramData 2014-03-21 12:31:55 ----D---- C:\Program Files\AVG Secure Search 2014-03-18 14:35:54 ----D---- C:\Windows\Tasks 2014-03-18 14:35:54 ----D---- C:\Windows\system32\Tasks 2014-03-18 13:23:57 ----D---- C:\Windows\Minidump 2014-03-18 13:22:56 ----D---- C:\Windows 2014-03-18 12:54:43 ----SHD---- C:\Windows\Installer 2014-03-18 12:54:34 ----HD---- C:\Config.Msi 2014-03-18 12:54:16 ----SHD---- C:\System Volume Information 2014-03-18 11:12:21 ----D---- C:\Users\Gebruiker\AppData\Roaming\HpUpdate 2014-03-16 18:01:32 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-03-16 18:00:13 ----D---- C:\Windows\winsxs 2014-03-16 17:58:55 ----D---- C:\Program Files\Microsoft Silverlight 2014-03-16 17:56:37 ----D---- C:\Program Files\Internet Explorer 2014-03-16 17:55:24 ----D---- C:\ProgramData\Microsoft Help 2014-03-16 17:47:06 ----D---- C:\Windows\system32\MRT 2014-03-16 17:47:01 ----A---- C:\Windows\system32\MRT.exe 2014-03-16 16:44:57 ----D---- C:\Windows\system32\catroot 2014-03-16 16:44:25 ----D---- C:\Windows\system32\catroot2 2014-03-04 11:42:57 ----D---- C:\Program Files\iTunes 2014-03-04 11:41:41 ----D---- C:\Program Files\iPod 2014-03-04 11:36:56 ----D---- C:\Program Files\QuickTime 2014-02-27 21:49:56 ----D---- C:\Program Files\Windows Doctor 2014-02-27 20:48:20 ----D---- C:\Windows\system32\wdi 2014-02-27 19:27:44 ----D---- C:\Program Files\Common Files 2014-02-26 20:52:26 ----D---- C:\Windows\system32\wbem 2014-02-26 20:51:03 ----D---- C:\Windows\AppCompat 2014-02-26 20:51:03 ----D---- C:\ProgramData\Tablet 2014-02-26 20:51:03 ----D---- C:\ProgramData\HP 2014-02-26 20:51:03 ----D---- C:\Program Files\Common Files\AVG Secure Search 2014-02-26 20:51:03 ----D---- C:\Program Files\Bonjour 2014-02-26 20:51:02 ----D---- C:\Windows\system32\DriverStore 2014-02-26 20:51:02 ----D---- C:\Windows\system32\CodeIntegrity 2014-02-26 20:51:02 ----D---- C:\Windows\registration ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-11-25 149272] R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-10-31 222520] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-10-01 102712] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-10 27448] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-03-19 45648] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-27 691696] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-11-25 120600] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-11-25 210712] R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-01-19 22808] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-10-31 176952] R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-03-21 42272] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-09-29 6472192] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-09-29 228352] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-08-16 101904] R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-01-07 15384] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2014-03-21 30976] R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944] R3 moufiltr;Tablet Mouse Filter Driver; C:\Windows\system32\DRIVERS\moufiltr.sys [2009-03-08 6144] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240] R3 sxuptp;SXUPTP Driver; C:\Windows\system32\DRIVERS\sxuptp.sys [2011-03-24 256072] R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2010-02-25 25216] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-09-19 10088] R3 vhidmini;Generic Virtual HID Driver; C:\Windows\system32\DRIVERS\walvhid.sys [2009-08-20 6144] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 APL531;35mm Film Scanner; C:\Windows\System32\Drivers\FILMSCAN.sys [2006-08-01 580992] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-21 84248] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864] S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 19984] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272] S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2011-05-10 18432] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072] S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2010-08-16 16472] S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2010-08-16 11104] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2010-03-12 81920] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-21 181912] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352] S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192] S3 VCR2PC;VCR2PC Analog Capture; C:\Windows\system32\DRIVERS\p140_ion.sys [2011-02-21 278016] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-09-29 176128] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-01-22 3788816] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 D-Link SharePort Plus Helper;D-Link SharePort Plus Helper; C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe [2011-03-25 40960] R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2014-03-18 106248] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2012-07-13 769432] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2010-08-19 247152] R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2014-01-09 770432] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2014-01-28 1731896] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 vToolbarUpdater18.0.5;vToolbarUpdater18.0.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [2014-03-21 1771032] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-16 257928] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-03-18 947528] S3 c2wts;@%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-02-03 13080] S3 CGVPNCliSrvc;CyberGhost VPN Client; C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2011-02-02 2413704] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 108032] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 553288] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-14 118896] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-27 1343400] S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] S4 ADExchange;ArcSoft Exchange Service; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-07-08 44064] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 EyeTV Netstream;EyeTV Netstream; C:\Program Files\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [2010-09-13 399944] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 Seagate Dashboard Services;Seagate Dashboard Services; C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2012-07-02 14528] S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152] -----------------EOF-----------------
- 21 maart 2014
- 11 antwoorden
verwijderen van het delta holmes spyware

grijze haren plaatste een topic in Archief Bestrijding malware & virussen

Hoe kan ik het delta holmes virus afdoende van mijn computer verwijderen? Althans ik vermoed dat dat de virus is. Ik heb diverse pogingen al gedaan maar niets lukt afdoende. Ik heb hitman (30 dagen versie)geprobeert, die haalt een heleboel onduidelijke dingen weg maar niet afdoende. Ik gebruik firefox. Er blijven ongevraagde (spam) reclame boodschappen verschijnen. AVG als virusscanner (gratis versie) doet er niets aan. Van mijn mailprogramma kon ik niets meer ontvangen en verzenden, daar heb ik van mijn serviceprovider een nieuw wachtwoord gekregen waarna het mailprogramma weer werkte. Ik hoop dat jullie mij verder kunnen helpen.
- 18 maart 2014
- 11 antwoorden

Inloggen

grijze haren

Items

Registratiedatum

Laatst bezocht

grijze haren's prestaties

Groentje (2/14)

Recente badges

Reputatie

niet meer goed werkende photosmart hp-printer 5620; drukt niet meer af

verwijderen van het delta holmes spyware

verwijderen van het delta holmes spyware

verwijderen van het delta holmes spyware

verwijderen van het delta holmes spyware

verwijderen van het delta holmes spyware

verwijderen van het delta holmes spyware

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie