bernard
-
Items
2.256 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door bernard
-
Zoek.exe v5.0.0.0 Updated 30-06-2014 Tool run by Bernardus on di 01-07-2014 at 7:18:27,20. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Bernardus\Contacts\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-06-30-143604.log 13406 bytes C:\zoek-results2014-06-30-170516.log 9627 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} deleted successfully HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- "NWEReboot"=- ==== Deleting Files \ Folders ====================== "C:\Windows\zoek-delete.exe" not found C:\zoek_backup deleted ==== C:\zoek_backup content ====================== C:\zoek_backup (files= ==== EOF on di 01-07-2014 at 7:25:11,22 ======================
-
Logfile of random's system information tool 1.10 (written by random/random) Run by Bernardus at 2014-06-30 21:09:38 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 344 GB (74%) free of 463 GB Total RAM: 4063 MB (55% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:09:41, on 30-6-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Bernardus.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MP3 Rocket Downloader - {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} - mscoree.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.176.121.75:8080/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13480 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" winlogon.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe C:\Windows\system32\Hpservice.exe atieclxx C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 3574560 \??\C:\Windows\system32\conhost.exe "-7468968181548817051942829134-868321158-14851944061579061724-224140034381826547 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "taskhost.exe" "C:\Windows\system32\Dwm.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Windows\Explorer.EXE C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" "C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe" "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2708 "c:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" "C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\system32\SearchIndexer.exe /Embedding taskeng.exe {BFDAA281-A9F2-4C6F-81CE-6FA1D49B0670} "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 -BootProc "C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe" "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding "C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>30993</ID><Title>HP Wireless Assistant</Title><Text>WLAN: Aan</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>" "C:\Program Files\Windows Media Player\wmpnetwk.exe" -BootProc C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5180 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_14_0_0_125_ActiveX.exe -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5180 CREDAT:2430273 /prefetch:2 taskeng.exe {8C4411A6-A44F-44A9-909B-CB1C3ECC47E5} "C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5180 CREDAT:3741032 /prefetch:2 taskeng.exe {EBAA0AC5-47B5-4C6B-8A58-125F83FFC462} "C:\Users\Bernardus\Contacts\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000Core.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000UA.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForBernardus.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForBernardus (null) ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Help bij koppelingen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}] PlusIEEventHelper Class - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34}] MP3 Rocket Downloader - C:\Windows\system32\mscoree.dll [2010-11-05 444752] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 2096424] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392] "Google Update"=C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-13 116648] "ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496] "TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-08-27 248208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-15 1668664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-01-20 152392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-07-21 610872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-08-27 248208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~2\Hp\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] "HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "NWEReboot"= [] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848] "IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368] "PaperPort PTD"=C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2010-03-09 29984] "PPort12reminder"=C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [2010-02-09 328992] "PDFHook"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192] "PDF5 Registry Controller"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752] "ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2011-04-20 139264] "BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2010-06-10 2621440] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] ""= [] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-01-20 152392] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "WallpaperStyle"=2 "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-06-30 19:05:19 ----SHD---- C:\$RECYCLE.BIN 2014-06-30 19:03:34 ----A---- C:\Windows\zoek-delete.exe 2014-06-30 19:03:33 ----D---- C:\Windows\Temp 2014-06-27 14:01:22 ----D---- C:\Program Files\CCleaner 2014-06-27 11:22:49 ----D---- C:\Users\Bernardus\AppData\Roaming\Malwarebytes 2014-06-27 11:22:49 ----D---- C:\ProgramData\Malwarebytes 2014-06-26 20:34:08 ----A---- C:\Windows\SYSWOW64\sqlite3.dll 2014-06-11 07:56:43 ----A---- C:\Windows\SYSWOW64\msxml6.dll 2014-06-11 07:56:43 ----A---- C:\Windows\system32\msxml6.dll 2014-06-11 07:56:43 ----A---- C:\Windows\system32\msxml3.dll 2014-06-11 07:56:42 ----A---- C:\Windows\SYSWOW64\msxml6r.dll 2014-06-11 07:56:42 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-06-11 07:56:42 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-06-11 07:56:42 ----A---- C:\Windows\system32\msxml6r.dll 2014-06-11 07:56:42 ----A---- C:\Windows\system32\msxml3r.dll 2014-06-11 07:56:41 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-06-11 07:56:41 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2014-06-11 07:56:40 ----A---- C:\Windows\SYSWOW64\usp10.dll 2014-06-11 07:56:40 ----A---- C:\Windows\system32\usp10.dll 2014-06-11 07:56:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-06-11 07:56:36 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-06-11 07:56:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-06-11 07:56:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-06-11 07:56:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-06-11 07:56:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-06-11 07:56:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 07:56:31 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-06-11 07:56:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-06-11 07:56:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-06-11 07:56:28 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-06-11 07:56:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-06-11 07:56:27 ----A---- C:\Windows\system32\urlmon.dll 2014-06-11 07:56:27 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 07:56:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-06-11 07:56:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-06-11 07:56:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-06-11 07:56:26 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-06-11 07:56:25 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-06-11 07:56:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-06-11 07:56:25 ----A---- C:\Windows\system32\msfeeds.dll 2014-06-11 07:56:25 ----A---- C:\Windows\system32\dxtmsft.dll 2014-06-11 07:56:24 ----A---- C:\Windows\system32\iesetup.dll 2014-06-11 07:56:24 ----A---- C:\Windows\system32\ie4uinit.exe 2014-06-11 07:56:23 ----A---- C:\Windows\system32\iertutil.dll 2014-06-11 07:56:22 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-06-11 07:56:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-06-11 07:56:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-06-11 07:56:21 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-06-11 07:56:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-06-11 07:56:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-06-11 07:56:21 ----A---- C:\Windows\system32\jsproxy.dll 2014-06-11 07:56:21 ----A---- C:\Windows\system32\iernonce.dll 2014-06-11 07:56:20 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-06-11 07:56:19 ----A---- C:\Windows\system32\ieui.dll 2014-06-11 07:56:19 ----A---- C:\Windows\system32\dxtrans.dll 2014-06-11 07:56:18 ----A---- C:\Windows\system32\ieframe.dll 2014-06-11 07:56:17 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-06-11 07:56:17 ----A---- C:\Windows\system32\mshtmled.dll 2014-06-11 07:56:17 ----A---- C:\Windows\system32\jscript9diag.dll 2014-06-11 07:56:17 ----A---- C:\Windows\system32\jscript9.dll 2014-06-11 07:56:17 ----A---- C:\Windows\system32\ieUnatt.exe 2014-06-11 07:56:16 ----A---- C:\Windows\system32\vbscript.dll 2014-06-11 07:56:16 ----A---- C:\Windows\system32\ieapfltr.dll 2014-06-11 07:56:15 ----A---- C:\Windows\system32\wininet.dll 2014-06-11 07:56:15 ----A---- C:\Windows\system32\msrating.dll 2014-06-11 07:56:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 07:56:14 ----A---- C:\Windows\system32\mshtml.dll 2014-06-11 07:55:47 ----A---- C:\Windows\system32\aepdu.dll 2014-06-11 07:55:46 ----A---- C:\Windows\system32\aeinv.dll ======List of files/folders modified in the last 1 month====== 2014-06-30 21:09:40 ----D---- C:\Program Files\trend micro 2014-06-30 21:06:37 ----D---- C:\Users\Bernardus\AppData\Roaming\Media Player Classic 2014-06-30 19:19:58 ----D---- C:\Windows\system32\config 2014-06-30 19:05:40 ----HD---- C:\ProgramData 2014-06-30 19:05:40 ----A---- C:\ProgramData\HPWALog.txt 2014-06-30 19:04:32 ----D---- C:\Windows 2014-06-30 18:59:11 ----D---- C:\zoek_backup 2014-06-30 18:44:56 ----D---- C:\Windows\SysWOW64 2014-06-30 18:31:58 ----D---- C:\Windows\System32 2014-06-30 18:31:57 ----D---- C:\Windows\inf 2014-06-30 18:31:57 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-06-30 17:09:45 ----SHD---- C:\System Volume Information 2014-06-27 14:01:26 ----D---- C:\Windows\system32\Tasks 2014-06-27 14:01:22 ----RD---- C:\Program Files 2014-06-27 11:08:49 ----RD---- C:\Program Files (x86) 2014-06-26 20:36:16 ----D---- C:\AdwCleaner 2014-06-25 20:00:32 ----D---- C:\Windows\system32\catroot2 2014-06-25 19:38:51 ----D---- C:\Program Files (x86)\Common Files 2014-06-23 08:34:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-06-21 17:09:09 ----SHD---- C:\Windows\Installer 2014-06-21 09:09:02 ----HD---- C:\Config.Msi 2014-06-20 21:53:57 ----D---- C:\Windows\Minidump 2014-06-20 21:53:57 ----D---- C:\Windows\debug 2014-06-20 21:33:16 ----D---- C:\Windows\Tasks 2014-06-20 21:33:16 ----D---- C:\Windows\SYSWOW64\en-US 2014-06-20 21:33:16 ----D---- C:\Windows\system32\wfp 2014-06-20 21:33:16 ----D---- C:\Windows\system32\en-US 2014-06-20 21:33:16 ----D---- C:\Program Files\Internet Explorer 2014-06-20 21:33:08 ----D---- C:\Windows\system32\wbem 2014-06-20 21:31:59 ----SD---- C:\Windows\system32\CompatTel 2014-06-20 21:31:59 ----D---- C:\Windows\winsxs 2014-06-20 21:31:59 ----D---- C:\Windows\system32\DriverStore 2014-06-20 21:31:59 ----D---- C:\Windows\system32\drivers 2014-06-20 21:31:59 ----D---- C:\Windows\rescache 2014-06-20 21:31:59 ----D---- C:\Windows\PolicyDefinitions 2014-06-20 21:31:59 ----D---- C:\Program Files (x86)\Internet Explorer 2014-06-20 21:31:49 ----D---- C:\Windows\SYSWOW64\Macromed 2014-06-20 21:31:49 ----D---- C:\Windows\system32\NDF 2014-06-20 21:31:49 ----D---- C:\Windows\system32\CodeIntegrity 2014-06-20 21:31:48 ----D---- C:\Windows\AppCompat 2014-06-20 21:31:25 ----D---- C:\ProgramData\Microsoft Help 2014-06-20 21:31:25 ----D---- C:\Program Files\Common Files\Microsoft Shared 2014-06-20 21:31:25 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-06-20 21:30:48 ----D---- C:\Windows\registration 2014-06-20 21:29:55 ----D---- C:\Windows\system32\wdi 2014-06-20 21:29:45 ----D---- C:\Windows\system32\Macromed 2014-06-20 21:29:40 ----D---- C:\Windows\system32\catroot 2014-06-20 21:28:41 ----SD---- C:\Users\Bernardus\AppData\Roaming\Microsoft 2014-06-20 21:26:27 ----D---- C:\ProgramData\Google 2014-06-20 21:26:20 ----D---- C:\Program Files (x86)\Google 2014-06-20 09:11:57 ----D---- C:\Windows\system32\MRT 2014-06-11 08:15:44 ----A---- C:\Windows\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928] R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-29 116752] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480] R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-08-25 2769400] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-14 233472] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 320560] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 30520] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808] R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808] R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2011-03-28 799800] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 641352] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01 135664] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-23 262320] S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760] S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-05-22 250616] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01 135664] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-14 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF----------------- Ik heb voor deze log geprobeerd om malware weer opnieuw te installeren , Wil niet Geprobeerd om in configuratiescherm > prod en onderdelen malwarebytes te verwijderen , Wil ook niet
-
Zoek.exe v5.0.0.0 Updated 28-06-2014 Tool run by Bernardus on ma 30-06-2014 at 18:45:04,57. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Bernardus\Contacts\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-06-30-143604.log 13406 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\BERNAR~1\AppData\Roaming\Mozilla\Firefox\Profiles\rdot3j7h.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_30-06-2014_1859_.backup ProfilePath: C:\Users\BERNAR~1\AppData\Roaming\TomTom\HOME\Profiles\f7e2f2p1.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_30-06-2014_1859_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 o [-HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware] o [-HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware\UUID] o [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1] o [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1] o [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mbam.exe] o [-HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\FLEXnet\Connect\db\Malwarebytes' Anti-Malware_is1.ini] o [-HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\Malwarebytes' Anti-Malware] o [-HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\malwarebytes-anti-malware.nl] o [-HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\malwarebytes-anti-malware.nl.softonic.com] o [-HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.malwarebytes-anti-malware.nl] o [-HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] o [-HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] ==== Deleting Files \ Folders ====================== o C:\Program Files (x86)\Malwarebytes' Anti-Malware not found o C:\ProgramData\Malwarebytes not found o C:\Users\All Users\Malwarebytes not found o C:\Users\Bernardus\AppData\Roaming\Malwarebytes not found C:\Users\Bernardus\Searches deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20-04-2013 21:04] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20-04-2013 21:04] ==== Firefox Extensions ====================== ProfilePath: C:\Users\BERNAR~1\AppData\Roaming\TomTom\HOME\Profiles\f7e2f2p1.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com ==== Firefox Plugins ====================== ==== Chrome Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" "Start Page Restore"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" "Start Page Restore"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {29CE1D19-D0AD-4222-BB5F-C959DC218F03} AOL Zoeken Url="{searchTerms} - AOL Search resultaten" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {B9974B77-9BF3-4F23-94E3-3B06DD690376} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=66 folders=23 4741386 bytes) ==== Empty Temp Folders ====================== C:\Users\Bernardus\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\BERNAR~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 30-06-2014 at 19:05:16,34 ====================== - - - Updated - - - Ik wil er even bij vertellen , dat ik misschien een blunder heb gemaakt. Ik heb nl. na # 37 per ongeluk de backup weer terug gezet . Ik wilde ze verwijderen , en heb per ongeluk 2 x geklikt . Verder ben ik bij de laatse vergeten om mijn microsoft Essentials uit te zetten . SORRY
-
[ATTACH]33445[/ATTACH] Is dit de bedoeling ? En nu wachten ? op instructies ? zoek-results1.txt
-
Volgens mij heb ik deze al gedaan in #13 , met Kape . Of is dit een andere ? - - - Updated - - - Moet ik net zolang doorgaan tot er in de rechter kolom geen malwarebytes meer te zien is ? Is malwarebytes dan in configuratiescherm > program en onderdelen verwijderd , of moet ik dat zelf doen Moet ik iedere keer proberen of ik malware bytes opnieuw kan installeren ? Moet ik iedere keer opnieuw opstarten ? En aan het einde , moet ik dan de back up weer terug plaatsen ? Nu zag ik in : computer >Program Files ( x86 ) staan als ik die aanklik staat daar malware bytes . Ik vraag naar ik verstand heb hoor , maar kan ik daar niet op klikken en verwijderen ?
-
Moet ik net zo lang blijven zoeken in regedit , tot er in de rechter kolom geen malwarebytes meer staat ? ( hoe vaak kan dat zijn ? ) Ik heb er nu al een aantal verwijdert , maar ik kan nog steeds niet malwarebytes in configuratie scherm > onderdelen verwijderen . Ook heb ik al opnieuw opgestart , maar helpt oo niet .
-
Ik stuur nog maar een bijlage , want elke keer als ik ga zoeken in regedit , komt er weer iets anders . Deze bijlage is de laatste keer zoekactie
-
Nadat ik de 3 items had verwijdert , was ook mijn Microsoft Essentials beveiliging verdwenen . Dus dacht ik , ik heb toch een back up gemaakt , dus heb ik dat teruggezet . maar geen Microsoft beveiliging weer terug , En weer een nieuw scherm .( bijlage ) Het lijkt mij beter , dat ik maar even wacht , voor dat er nog meer mis gaat
-
Ik ben zo driest geweest , en heb nu inmiddels 3 dingen verwijdert , maar ik durf eigenlijk niet meer verder te gaan N.l. : Win 64 HELPDIR Win 32 Als ik weer ga zoeken , dan kan ik er weer 1 verwijderen Tussendoor probeer ik iedere keer in configuratie scherm > progr. en onderdelen om het te verwijderen . Maar dan komt dat ,, vervelende,, scherm weer .
-
Ok . dus wide ik het gaan verwijderen , maar nu krijg ik iets anders te zien . Welke moet ik nu verwijderen ?
-
Klopt het , dat het : win 32 is ?? Voor de zekerheid nog maar een bijlage bij
-
Volgens mij heb ik het
-
Of is dit de bedoeling ?, en dan alles doorzoeken ?
-
Hoe kom ik in het register van mijn Pc ? Of is dat klikken op het icoontje van regedit ?
-
Als ik ga downloaden , wordt er gevraagd : uitvoeren of opslaan . Ik heb uitvoeren gekozen , is dat goed ? Maar als ik verder ga loopt het vast ( bijlage )
-
Ik heb nu de nieuwste Ccleaner , en heb nu precies gedaan wat in # 15 gevraagd werd . Daarna heb ik op mijn bureauscherm malwarebytes aangeklikt , maar kreeg weer het bekende scherm ( bijlage ) Daarna ben ik naar configuratiescherm gegaan > programma en onderdelen , en daat staat malware bytes nog steeds . Vervolgens weer geprobeerd te verwijderen , maar ook hier kreeg ik het bekende schermpje ( bijlage) Is het misschien bij # 13 verkeerd gegaan ?
-
Bij # 15 staat downloaden van Ccleaner . Deze had ik al . Maar uit de handleiding blijkt dat het bij mij anders gaat . Heb ik misschien een verouderde uitgave ? Verder had ik eerder al een bijlage van ziggo speedtest willen doen , maar was dit vergeten . Dus alsnog .
-
Hij staat nog steeds in programma en onderdelen ( bijlage ) En een bijlage van Ccleaner
-
Zoek.exe v5.0.0.0 Updated 22-06-2014 Tool run by Bernardus on vr 27-06-2014 at 10:55:43,69. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Bernardus\Contacts\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-06-25-175956.log 26272 bytes C:\zoek-results2014-06-25-200832.log 21346 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Malwarebytes Anti-Malware deleted C:\ProgramData\Malwarebytes deleted C:\Users\Bernardus\AppData\Roaming\Malwarebytes deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20-04-2013 21:04] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20-04-2013 21:04] ==== Firefox Extensions ====================== ProfilePath: C:\Users\BERNAR~1\AppData\Roaming\TomTom\HOME\Profiles\f7e2f2p1.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com ==== Firefox Plugins ====================== ==== Chrome Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" "Start Page Restore"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" "Start Page Restore"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {29CE1D19-D0AD-4222-BB5F-C959DC218F03} AOL Zoeken Url="{searchTerms} - AOL Search resultaten" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {B9974B77-9BF3-4F23-94E3-3B06DD690376} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=64 folders=23 4719826 bytes) ==== Empty Temp Folders ====================== C:\Users\Bernardus\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\BERNAR~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 27-06-2014 at 11:16:48,58 ======================
-
Ik vraag me af , hoe het komt dat ik nog steeds een veel te lage snelheid heb. Het maakt weinig of niets uit , of ik het s,morgens , s,middags of s,avonds test . Verder heb ik nog wel het probleem # 1 , dus ik heb mijn malware bytes nog niet terug
-
# AdwCleaner v3.213 - Rapport aangemaakt 26/06/2014 op 20:36:12 # Laatste Update 23/06/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : Bernardus - BERNARDUS-PC # Gestart vanuit : C:\Users\Bernardus\Contacts\Downloads\adwcleaner_3.213.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\ProgramData\ParetoLogic ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKLM\SOFTWARE\Classes\iLivid.torrent Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\startnow_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\startnow_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17126 -\\ Mozilla Firefox v [ Bestand : C:\Users\Bernardus\AppData\Roaming\Mozilla\Firefox\Profiles\rdot3j7h.default\prefs.js ] -\\ Google Chrome v [ Bestand : C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\preferences ] Verwijderd [search Provider] : hxxp://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935 Verwijderd [search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=1172&query={searchTerms}&invocationType=tb50hpcnnbie7-nl-nl Verwijderd [search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN19887184673802182&ctid=CT3288691&UM=2 Verwijderd [search Provider] : hxxp://search.softonic.com/MON00086/tb_v1?q={searchTerms}&SearchSource=49&cc= Verwijderd [search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={4DA5354C-C8E4-11E1-B16C-00269E5FE3DA} Verwijderd [search Provider] : hxxp://www.searchya.com/?q={searchTerms}&s=1&a=foxtab&chnl=ft-181&cd=2XzuyEtN2Y1L1QzutD0C0E0E0EyCzy0E0AyB0BtB0DtCyD0EtN0D0Tzu0CtBtCzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1043034742 Verwijderd [search Provider] : hxxp://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=NL&install_date=20130107&user_guid=6BCE9ABC5DBF4362828F215F5BBB8348&machine_id=b4960194204c68da74607d7b20c52f6a&browser=CR&os=win&os_version=6.1-x64-SP1 Verwijderd [search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103aw&cd=2XzuyEtN2Y1L1QzutD0C0E0E0EyCzy0E0AyB0BtB0DtCyD0EtN0D0Tzu0SyCzzzztN1L2XzutBtFtBtFtCtAtFtCtAtAzztN1L1CzutCtD1B1P1R&cr=323612336&ir= Verwijderd [Extension] : pkmpcdbgnfjfeelcpebpkflcmbkclfho ************************* AdwCleaner[R0].txt - [3515 octets] - [24/01/2014 20:37:58] AdwCleaner[R1].txt - [1022 octets] - [01/02/2014 16:58:36] AdwCleaner[R2].txt - [3277 octets] - [26/06/2014 20:33:39] AdwCleaner[s0].txt - [3553 octets] - [24/01/2014 20:38:44] AdwCleaner[s1].txt - [1084 octets] - [01/02/2014 17:00:07] AdwCleaner[s2].txt - [3233 octets] - [26/06/2014 20:36:12] ########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [3293 octets] ########## - - - Updated - - - Misschien is het voor jullie belangrijk om te weten , Ik heb 21 mei 2014 bericht gehad van Ziggo, dat de snelheid verhoogd zou worden van 60 naar 90 Mbps . Nu heb ik zojuist een Ziggo speedtest gedaan , en het resultaat was : Download snelheid ; 21.58 Mbps Up load snelheid : 8.65 Mbps Dit is dus na Adw cleaner .
-
[ATTACH]33324[/ATTACH] En Dit was de 2 e poging , . Ik had nu wel ;;;Als admistrator ....... Maar ook nu werd het onderbroken Zoek1.docx
-
Ik dacht dat bhij klaar was , maar ik wordt er uitgegooid . Ik heb wel een logje , wel of niet af ?? Dus deze doe ik er bij en verder het scherm wat mij duidelijk maakte dat er iets niet goed ging !!! Zoek.docx
-
Logfile of random's system information tool 1.10 (written by random/random) Run by Bernardus at 2014-06-21 16:14:26 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 344 GB (74%) free of 463 GB Total RAM: 4063 MB (56% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:14:29, on 21-6-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Bernardus.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MP3 Rocket Downloader - {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} - mscoree.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.176.121.75:8080/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13333 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService atieclxx C:\Windows\system32\WLANExt.exe 3253232 \??\C:\Windows\system32\conhost.exe "-189210628594877577712888194261142875339-367331618-1673949351934537677470942661 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" "C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe" "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe" "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler WLIDSvcM.exe 1720 "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" taskeng.exe {0E336665-CCBA-4307-9415-FEF94B5587BF} "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe" "c:\Program Files\Microsoft Security Client\NisSrv.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -BootProc "C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe" "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" -BootProc "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding "C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>23121</ID><Title>HP Wireless Assistant</Title><Text>WLAN: Aan</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} C:\Windows\system32\svchost.exe -k SDRSVC taskeng.exe {CE48BB06-5890-478C-992C-4A2C859653F0} "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6316 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe -Embedding "C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6316 CREDAT:3216681 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6316 CREDAT:4003179 /prefetch:2 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe40_ Global\UsGthrCtrlFltPipeMssGthrPipe40 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 "C:\Users\Bernardus\Contacts\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000Core.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000UA.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForBernardus.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForBernardus (null) ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Help bij koppelingen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}] PlusIEEventHelper Class - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34}] MP3 Rocket Downloader - C:\Windows\system32\mscoree.dll [2010-11-05 444752] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 2096424] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392] "Google Update"=C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-13 116648] "ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496] "TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-08-27 248208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-15 1668664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-01-20 152392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-07-21 610872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-08-27 248208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~2\Hp\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] "HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "NWEReboot"= [] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848] "IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368] "PaperPort PTD"=C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2010-03-09 29984] "PPort12reminder"=C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [2010-02-09 328992] "PDFHook"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192] "PDF5 Registry Controller"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752] "ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2011-04-20 139264] "BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2010-06-10 2621440] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] ""= [] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-01-20 152392] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime [] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "WallpaperStyle"=2 "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-06-20 21:12:27 ----D---- C:\Users\Bernardus\AppData\Roaming\ParetoLogic 2014-06-20 21:12:27 ----D---- C:\Users\Bernardus\AppData\Roaming\DriverCure 2014-06-20 21:12:16 ----D---- C:\ProgramData\ParetoLogic 2014-06-16 21:08:53 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-06-11 07:56:43 ----A---- C:\Windows\SYSWOW64\msxml6.dll 2014-06-11 07:56:43 ----A---- C:\Windows\system32\msxml6.dll 2014-06-11 07:56:43 ----A---- C:\Windows\system32\msxml3.dll 2014-06-11 07:56:42 ----A---- C:\Windows\SYSWOW64\msxml6r.dll 2014-06-11 07:56:42 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-06-11 07:56:42 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-06-11 07:56:42 ----A---- C:\Windows\system32\msxml6r.dll 2014-06-11 07:56:42 ----A---- C:\Windows\system32\msxml3r.dll 2014-06-11 07:56:41 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-06-11 07:56:41 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2014-06-11 07:56:40 ----A---- C:\Windows\SYSWOW64\usp10.dll 2014-06-11 07:56:40 ----A---- C:\Windows\system32\usp10.dll 2014-06-11 07:56:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-06-11 07:56:36 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-06-11 07:56:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-06-11 07:56:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-06-11 07:56:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-06-11 07:56:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-06-11 07:56:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 07:56:31 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-06-11 07:56:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-06-11 07:56:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-06-11 07:56:28 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-06-11 07:56:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-06-11 07:56:27 ----A---- C:\Windows\system32\urlmon.dll 2014-06-11 07:56:27 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 07:56:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-06-11 07:56:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-06-11 07:56:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-06-11 07:56:26 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-06-11 07:56:25 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-06-11 07:56:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-06-11 07:56:25 ----A---- C:\Windows\system32\msfeeds.dll 2014-06-11 07:56:25 ----A---- C:\Windows\system32\dxtmsft.dll 2014-06-11 07:56:24 ----A---- C:\Windows\system32\iesetup.dll 2014-06-11 07:56:24 ----A---- C:\Windows\system32\ie4uinit.exe 2014-06-11 07:56:23 ----A---- C:\Windows\system32\iertutil.dll 2014-06-11 07:56:22 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-06-11 07:56:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-06-11 07:56:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-06-11 07:56:21 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-06-11 07:56:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-06-11 07:56:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-06-11 07:56:21 ----A---- C:\Windows\system32\jsproxy.dll 2014-06-11 07:56:21 ----A---- C:\Windows\system32\iernonce.dll 2014-06-11 07:56:20 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-06-11 07:56:19 ----A---- C:\Windows\system32\ieui.dll 2014-06-11 07:56:19 ----A---- C:\Windows\system32\dxtrans.dll 2014-06-11 07:56:18 ----A---- C:\Windows\system32\ieframe.dll 2014-06-11 07:56:17 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-06-11 07:56:17 ----A---- C:\Windows\system32\mshtmled.dll 2014-06-11 07:56:17 ----A---- C:\Windows\system32\jscript9diag.dll 2014-06-11 07:56:17 ----A---- C:\Windows\system32\jscript9.dll 2014-06-11 07:56:17 ----A---- C:\Windows\system32\ieUnatt.exe 2014-06-11 07:56:16 ----A---- C:\Windows\system32\vbscript.dll 2014-06-11 07:56:16 ----A---- C:\Windows\system32\ieapfltr.dll 2014-06-11 07:56:15 ----A---- C:\Windows\system32\wininet.dll 2014-06-11 07:56:15 ----A---- C:\Windows\system32\msrating.dll 2014-06-11 07:56:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 07:56:14 ----A---- C:\Windows\system32\mshtml.dll 2014-06-11 07:55:47 ----A---- C:\Windows\system32\aepdu.dll 2014-06-11 07:55:46 ----A---- C:\Windows\system32\aeinv.dll ======List of files/folders modified in the last 1 month====== 2014-06-21 16:14:28 ----D---- C:\Program Files\trend micro 2014-06-21 16:14:14 ----D---- C:\Windows\Temp 2014-06-21 14:27:14 ----D---- C:\Users\Bernardus\AppData\Roaming\Media Player Classic 2014-06-21 09:09:02 ----SHD---- C:\Windows\Installer 2014-06-21 09:09:02 ----HD---- C:\Config.Msi 2014-06-21 09:03:14 ----D---- C:\Windows\system32\config 2014-06-21 08:50:48 ----A---- C:\ProgramData\HPWALog.txt 2014-06-21 08:49:22 ----HD---- C:\ProgramData 2014-06-21 08:48:51 ----D---- C:\Windows\inf 2014-06-20 23:04:15 ----RD---- C:\Program Files (x86) 2014-06-20 21:54:39 ----D---- C:\Windows 2014-06-20 21:53:57 ----D---- C:\Windows\Minidump 2014-06-20 21:53:57 ----D---- C:\Windows\debug 2014-06-20 21:47:35 ----SHD---- C:\System Volume Information 2014-06-20 21:33:16 ----D---- C:\Windows\Tasks 2014-06-20 21:33:16 ----D---- C:\Windows\SYSWOW64\en-US 2014-06-20 21:33:16 ----D---- C:\Windows\SysWOW64 2014-06-20 21:33:16 ----D---- C:\Windows\system32\wfp 2014-06-20 21:33:16 ----D---- C:\Windows\system32\en-US 2014-06-20 21:33:16 ----D---- C:\Windows\System32 2014-06-20 21:33:16 ----D---- C:\Program Files\Internet Explorer 2014-06-20 21:33:08 ----D---- C:\Windows\system32\wbem 2014-06-20 21:31:59 ----SD---- C:\Windows\system32\CompatTel 2014-06-20 21:31:59 ----D---- C:\Windows\winsxs 2014-06-20 21:31:59 ----D---- C:\Windows\system32\DriverStore 2014-06-20 21:31:59 ----D---- C:\Windows\system32\drivers 2014-06-20 21:31:59 ----D---- C:\Windows\system32\catroot2 2014-06-20 21:31:59 ----D---- C:\Windows\rescache 2014-06-20 21:31:59 ----D---- C:\Windows\PolicyDefinitions 2014-06-20 21:31:59 ----D---- C:\Program Files (x86)\Internet Explorer 2014-06-20 21:31:49 ----D---- C:\Windows\SYSWOW64\Macromed 2014-06-20 21:31:49 ----D---- C:\Windows\system32\Tasks 2014-06-20 21:31:49 ----D---- C:\Windows\system32\NDF 2014-06-20 21:31:49 ----D---- C:\Windows\system32\CodeIntegrity 2014-06-20 21:31:48 ----D---- C:\Windows\AppCompat 2014-06-20 21:31:25 ----D---- C:\ProgramData\Microsoft Help 2014-06-20 21:31:25 ----D---- C:\Program Files\Common Files\Microsoft Shared 2014-06-20 21:31:25 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-06-20 21:30:48 ----D---- C:\Windows\registration 2014-06-20 21:29:55 ----D---- C:\Windows\system32\wdi 2014-06-20 21:29:45 ----D---- C:\Windows\system32\Macromed 2014-06-20 21:29:40 ----D---- C:\Windows\system32\catroot 2014-06-20 21:28:41 ----SD---- C:\Users\Bernardus\AppData\Roaming\Microsoft 2014-06-20 21:26:27 ----D---- C:\ProgramData\Malwarebytes 2014-06-20 21:26:27 ----D---- C:\ProgramData\Google 2014-06-20 21:26:20 ----D---- C:\Program Files (x86)\Google 2014-06-20 21:26:20 ----D---- C:\Program Files (x86)\Common Files 2014-06-20 12:51:55 ----D---- C:\Users\Bernardus\AppData\Roaming\Malwarebytes 2014-06-20 09:11:57 ----D---- C:\Windows\system32\MRT 2014-06-18 08:42:17 ----D---- C:\Program Files\Google 2014-06-14 21:36:36 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-06-11 08:15:44 ----A---- C:\Windows\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928] R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-29 116752] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480] R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-08-25 2769400] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-14 233472] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 320560] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 30520] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808] R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808] R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2011-03-28 799800] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 641352] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01 135664] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15 257712] S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760] S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-05-22 250616] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01 135664] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-14 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
-
Ik heb problemen met mijn Malware bytes . Als ik wil scannen , dan komt er een error scherm , ( zie bijlage ) Ik heb geprobeerd om Malware bytes te verwijderen , ( configuratie scherm > onderdelen ), maar dat wil niet . Want ik dacht , ik verwijder het en installeer gewoon weer opnieuw . Maar zoals gezegd het gaat niet . Ook heb ik een systeem herstel gedaan , en ook dat werkt niet .
