Ga naar inhoud

ameya

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    119

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door ameya

  1. ameya
    Dat is héél vriendelijk, dank jullie! Jullie hebben me in het verleden ook al keigoed geholpen.
  2. ameya
    log.txt
  3. ameya
    Hallo, Ik heb al een tijdje last van plots opduikende blue screens. Vandaag kon ik geen You-tube filmpjes bekijken of het beeld werd helemaal streperig en vervolgens kreeg ik een blue screen. Dit verschillende malen na elkaar ook bij bekijken van andere filmpjes. Ik heb al een diepe systeemscan gedaan met Norton Internet Security maar die vindt niets. Is hier toch malware actief? Hierbij mijn logje: info.txt logfile of random's system information tool 1.10 2014-12-10 16:15:14 ======MBR====== 0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9ACC67EF9700008020210027FEFFFF0008000000780C0000FD0C3207FEFFFF00800C000048111D00FEFFFF07FEFFFF00C81D1D00981A1D0000000000000000000000000000000055AA ======Uninstall list====== -->"C:\Program Files (x86)\TOSHIBA Games\Game Explorer Categories - genres\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Crush the Castle 2\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Dark Orbit\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Farmerama\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Free Realms\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Seafight\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Shaiya\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - World of Warcraft\Uninstall.exe" -->C:\Program Files\TOSHIBA\TVAP\setup.exe Adobe Flash Player 15 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_ActiveX.exe -maintain activex Adobe Flash Player 15 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe -maintain plugin Adobe Reader XI (11.0.09) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001} Adobe Shockwave Player 12.0-->"C:\Windows\SysWOW64\Adobe\Shockwave 12\uninstaller.exe" Amanda Rose - The Game of Time-->"C:\Program Files (x86)\Denda Games\Amanda Rose - The Game of Time\Uninstall.exe" Apple Application Support-->MsiExec.exe /I{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031} Apple Mobile Device Support-->MsiExec.exe /I{BDD99690-3541-4619-9D2A-3CDDB3E15F9E} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -removeonly ATI Catalyst Install Manager-->msiexec /q/x{CB2A7731-D4B8-4685-852C-70508E0BB1D0} REBOOT=ReallySuppress Audio Creator LE 1.5-->"C:\Program Files (x86)\Cakewalk\Audio Creator LE\unins000.exe" Awakening: Het Droomloze Kasteel-->"C:\Program Files (x86)\Awakening - Het Droomloze Kasteel\Uninstall.exe" Awakening: Het Rijk der Kobolds-->"C:\Program Files (x86)\Awakening - Het Rijk der Kobolds\Uninstall.exe" Awakening: Maanwoud-->"C:\Program Files (x86)\Awakening - Maanwoud\Uninstall.exe" Belgium e-ID middleware 4.0.7 (build 7453)-->MsiExec.exe /I{824563DE-75AD-4166-9DC0-B6482F207453} Big Fish: Game Manager-->C:\Program Files (x86)\bfgclient\Uninstall.exe Bluebeards Castle: Het Kasteel van Blauwbaard-->"C:\Program Files (x86)\Bluebeards Castle - Het Kasteel van Blauwbaard\Uninstall.exe" Bluetooth Monitor 4-->C:\Program Files (x86)\InstallShield Installation Information\{61539202-097E-487E-9237-B291AB56D54C}\setup.exe -runfromtemp -l0x0013 -removeonly Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} Brink of Consciousness - Dorian Gray Syndrome-->"C:\Program Files (x86)\Denda Games\Brink of Consciousness - Dorian Gray Syndrome\Uninstall.exe" Canon Utilities Digital Photo Professional-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\Digital Photo Professional\uninstall.xml" Canon Utilities EOS Sample Music-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Sample Music\uninstall.xml" Canon Utilities EOS Utility-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Utility\uninstall.xml" Canon Utilities ImageBrowser EX-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\ImageBrowser EX\uninstall.xml" Canon Utilities PhotoStitch-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\PhotoStitch\uninstall.xml" Canon Utilities Picture Style Editor-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\Picture Style Editor\uninstall.xml" Catalyst Control Center - Branding-->MsiExec.exe /I{8064A378-46F4-4A4E-8AF5-153D0D4018DD} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Christmas Stories: De Notenkraker Luxe Editie-->"C:\Program Files (x86)\Christmas Stories - De Notenkraker Luxe Editie\Uninstall.exe" Chuzzle Deluxe-->C:\Program Files (x86)\PopCap Games\Chuzzle Deluxe\PopUninstall.exe "C:\Program Files (x86)\PopCap Games\Chuzzle Deluxe\Install.log" Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9} Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE} Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640} Compatibiliteitspakket voor het 2007 Microsoft Office system-->MsiExec.exe /X{90120000-0020-0413-0000-0000000FF1CE} Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -G -ITE7Pebwa.inf Dark Strokes - Sins of the Fathers CE-->"C:\Program Files (x86)\Denda Games\Dark Strokes - Sins of the Fathers CE\Uninstall.exe" Drawn ®: Een Donkere Vlucht ™-->"C:\Program Files (x86)\Drawn - Een Donkere Vlucht\Uninstall.exe" Drawn®: De Getekende Toren ™-->"C:\Program Files (x86)\Drawn - De Getekende Toren\Uninstall.exe" Dreamscapes - The Sandman Collector's Edition-->"C:\Program Files (x86)\Denda Games\Dreamscapes - The Sandman Collector's Editio\Uninstall.exe" DVD Flick 1.3.0.7-->"C:\Program Files (x86)\DVD Flick\unins000.exe" Easy Exif Delete-->"C:\Program Files (x86)\ConsumerSoft\Easy Exif Delete\Uninstall.exe" "C:\Program Files (x86)\ConsumerSoft\Easy Exif Delete\install.log" -u Echoes of the Past: Het Kasteel der Schaduwen-->"C:\Program Files (x86)\Echoes of the Past - Het Kasteel der Schaduwen\Uninstall.exe" Epic Adventures - Cursed Onboard-->"C:\Program Files (x86)\Denda Games\Epic Adventures - Cursed Onboard\Uninstall.exe" Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Earth-->MsiExec.exe /X{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Grim Tales: Wolven aan de Poort-->"C:\Program Files (x86)\Grim Tales - Wolven aan de Poort\Uninstall.exe" Haunted Manor: Heer der Spiegels-->"C:\Program Files (x86)\Haunted Manor - Heer der Spiegels\Uninstall.exe" High-Definition Video Playback-->MsiExec.exe /X{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21} HP LaserJet Professional M1130-M1210 MFP Series-->C:\Program Files\HP\HP LaserJet M1210 MFP Series\Uninstall.exe HP Smart Print 1.1.5.0-->MsiExec.exe /I{8B157EE4-0BAB-4CCE-B92C-5844AB6E20F1} ImgBurn-->"C:\Program Files (x86)\ImgBurn\uninstall.exe" iTunes-->MsiExec.exe /I{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576} Java 7 Update 71-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F03217071FF} Liong Mahjong-->"C:\Program Files (x86)\Denda Games\Liong Mahjong\Uninstall.exe" Love Chronicles: Het Zwaard en de Roos-->"C:\Program Files (x86)\Love Chronicles - Het Zwaard en de Roos\Uninstall.exe" Maestro: Muziek des Doods-->"C:\Program Files (x86)\Maestro - Muziek des Doods\Uninstall.exe" Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64 Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE} Microsoft Office Klik-en-Klaar 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall Microsoft Office Klik-en-Klaar 2010-->MsiExec.exe /I{90140000-006D-0413-1000-0000000FF1CE} Microsoft Office Starter 2010 - Nederlands-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0413-0000-0000000FF1CE} Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850413-6000-11D3-8CFE-0150048383C9} Microsoft PowerPoint Viewer-->MsiExec.exe /X{95140000-00AF-0413-0000-0000000FF1CE} Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{2C303EE0-A595-3543-A71A-931C7AC40EDE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727-->"C:\ProgramData\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe" /uninstall Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727-->"C:\ProgramData\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe" /uninstall Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727-->MsiExec.exe /X{AC53FC8B-EE18-3F9C-9B59-60937D0B182C} Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{A2CB1ACB-94A2-32BA-A15E-7D80319F7589} Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727-->MsiExec.exe /X{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607} Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36} Mozilla Firefox 34.0.5 (x86 nl)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" Mozilla Thunderbird 24.6.0 (x86 nl)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36} MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E} MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94} Mystery Case Files: Ontsnapping uit Ravenhearst-->"C:\Program Files (x86)\Mystery Case Files - Ontsnapping uit Ravenhearst\Uninstall.exe" Mystery Legends: Beauty and the Beast-->"C:\Program Files (x86)\Mystery Legends - Beauty and the Beast\Uninstall.exe" Mystery Legends: The Phantom of the Opera-->"C:\Program Files (x86)\Mystery Legends - The Phantom of the Opera\Uninstall.exe" Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7} Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE} Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6} Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00} Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517} Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38} Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A} Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F} Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8} Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521} Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC} Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C} Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98} Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7} Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E} Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953} Nero Kwik Media-->MsiExec.exe /X{1F7D9F37-C39C-486C-BDF8-8F440FFB3352} Nero Multimedia Suite 10 Essentials-->MsiExec.exe /I{89590A73-9AC3-48ED-B83E-6489900DED5A} Nero Multimedia Suite 10 Essentials-->MsiExec.exe /X{2063D199-D79F-471A-9019-9E647296394D} Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7} Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023} Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702} Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65} Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A} NeroKwikMedia Help (CHM)-->MsiExec.exe /X{02FCAA8F-59D3-4198-822E-135C61EE4F0B} Nick Chase and the Deadly Diamond-->"C:\Program Files (x86)\Nick Chase and the Deadly Diamond\Uninstall.exe" Norton Internet Security-->"C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\2454B0AB\21.6.0.32\InstStub.exe" /X /ARP Oddly Enough - De Rattenvanger van Hamelen-->"C:\Program Files (x86)\Denda Games\Oddly Enough - De Rattenvanger van Hamelen\Uninstall.exe" Online Games Manager v1.30-->C:\Program Files (x86)\Online Games Manager\uninst.exe Phantasmat - Collectors Edition-->"C:\Program Files (x86)\Denda Games\Phantasmat - Collectors Edition\Uninstall.exe" PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04} PuppetShow: Het Joyville-mysterie-->"C:\Program Files (x86)\PuppetShow - Het Joyville-mysterie\Uninstall.exe" PuppetShow: Zielen der Onschuldigen-->"C:\Program Files (x86)\PuppetShow - Zielen der Onschuldigen\Uninstall.exe" QuickTime 7-->MsiExec.exe /I{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} Realtek USB 2.0 Reader Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe" -runfromtemp -removeonly Realtek WLAN Driver-->C:\Program Files (x86)\InstallShield Installation Information\{9D3D8C60-A55F-4fed-B2B9-173001290E16}\Install.exe -uninst -l0x9 Redemption Cemetery: Vloek van de Raaf-->"C:\Program Files (x86)\Redemption Cemetery - Vloek van de Raaf\Uninstall.exe" Reincarnations: Verlichting-->"C:\Program Files (x86)\Reincarnations - Verlichting\Uninstall.exe" Scan To-->MsiExec.exe /I{E8A34AC8-0137-4515-A94B-0A0946DDC251} Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {F7CBA1C7-E5B5-39E9-9631-459E1FE08C45} Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D} Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A} Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {599EC629-2679-30CE-B28B-7432EF5FC126} Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533} Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C} Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8B856ECB-ED10-3F9E-880D-03A278EF3FB6} Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {48006B2D-366F-3386-92C7-785D3A523042} Sisters Secrecy - Arcanum Bloodlines CE-->"C:\Program Files (x86)\Denda Games\Sisters Secrecy - Arcanum Bloodlines CE\Uninstall.exe" Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701} Skype™ 6.21-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} Snark Busters 2 - All Revved Up-->"C:\Program Files (x86)\Denda Games\Snark Busters 2 - All Revved Up\Uninstall.exe" Spirits of Mystery: Het Lied van de Feniks-->"C:\Program Files (x86)\Spirits of Mystery - Het Lied van de Feniks\Uninstall.exe" Strange Cases: Het Vuurtorenmysterie-->"C:\Program Files (x86)\Strange Cases - Het Vuurtorenmysterie\Uninstall.exe" Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4)-->rundll32.exe C:\PROGRA~1\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\beidmdrv.inf_amd64_neutral_4103a54b2227b67a\beidmdrv.inf Surface: Game of Gods Collector's Edition-->"C:\Program Files (x86)\Surface - Game of Gods Collectors Edition\Uninstall.exe" swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall The Mystery of the Crystal Portal - Beyond the Horizon-->"C:\Program Files (x86)\Denda Games\Mystery of the Crystal Portal 2\Uninstall.exe" Time Mysteries: De Nalatenschap-->"C:\Program Files (x86)\Time Mysteries - De Nalatenschap\Uninstall.exe" TOSHIBA Assist-->C:\Program Files (x86)\InstallShield Installation Information\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}\setup.exe -runfromtemp -removeonly TOSHIBA Bulletin Board-->"C:\Program Files (x86)\InstallShield Installation Information\{43DBC64B-3DD1-47E2-8788-D3C3B110C574}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Bulletin Board-->MsiExec.exe /X{43DBC64B-3DD1-47E2-8788-D3C3B110C574} TOSHIBA ConfigFree-->MsiExec.exe /X{38C52F7D-A6CB-4CE7-A189-8AABE8774D8A} TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0} TOSHIBA eco Utility-->MsiExec.exe /X{6FF9A012-0254-41E9-81E2-F538C4B53611} TOSHIBA Face Recognition-->"C:\Program Files (x86)\InstallShield Installation Information\{F67FA545-D8E5-4209-86B1-AEE045D1003F}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Face Recognition-->MsiExec.exe /X{F67FA545-D8E5-4209-86B1-AEE045D1003F} TOSHIBA Hardware Setup-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C4FFA951-9678-4D51-84B4-AFD15D3C45AD} /l1033 TOSHIBA HDD/SSD Alert-->MsiExec.exe /X{D4322448-B6AF-4316-B859-D8A0E84DCB38} Toshiba Manuals-->"C:\Program Files (x86)\InstallShield Installation Information\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}\setup.exe" -runfromtemp -l0x0009 -removeonly TOSHIBA Media Controller-->C:\Program Files (x86)\InstallShield Installation Information\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}\setup.exe -runfromtemp -removeonly TOSHIBA Online Product Information-->"C:\Program Files (x86)\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe" -runfromtemp -l0x0009 -removeonly TOSHIBA PC Health Monitor-->MsiExec.exe /X{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4} TOSHIBA Places Icon Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{461F6F0D-7173-4902-9604-AB1A29108AF2}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Recovery Media Creator Reminder-->C:\Program Files (x86)\InstallShield Installation Information\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}\setup.exe -runfromtemp -l0x0409 TOSHIBA Recovery Media Creator-->C:\Program Files (x86)\InstallShield Installation Information\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}\Setup.exe -runfromtemp -removeonly TOSHIBA ReelTime-->"C:\Program Files (x86)\InstallShield Installation Information\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA ReelTime-->MsiExec.exe /X{24811C12-F4A9-4D0F-8494-A7B8FE46123C} TOSHIBA Service Station-->C:\Program Files (x86)\InstallShield Installation Information\{AC6569FA-6919-442A-8552-073BE69E247A}\setup.exe -runfromtemp -l0x0009 -removeonly TOSHIBA Sleep Utility-->C:\Program Files (x86)\InstallShield Installation Information\{654F7484-88C5-46DC-AB32-C66BCB0E2102}\Setup.exe -runfromtemp -removeonly TOSHIBA Supervisor Password-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{CBD6B23D-41D5-4A46-8019-6208516C9712} /l1033 TOSHIBA TEMPRO-->MsiExec.exe /X{F082CB11-4794-4259-99A1-D91BA762AD15} TOSHIBA Value Added Package-->C:\Program Files\TOSHIBA\TVAP\Setup.exe TOSHIBA Web Camera Application-->"C:\Program Files (x86)\InstallShield Installation Information\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}\setup.exe" -runfromtemp -l0x0413 -removeonly TOSHIBA Web Camera Application-->MsiExec.exe /I{6F3C8901-EBD3-470D-87F8-AC210F6E5E02} TOSHIBA Wireless LAN Indicator-->MsiExec.exe /X{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9} TRORMCLauncher-->C:\Program Files (x86)\InstallShield Installation Information\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\setup.exe -runfromtemp -l0x0409 TSST OEM Content-->MsiExec.exe /X{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F} VASCO Card Reader Plug-In (64-Bit)-->MsiExec.exe /X{47659F12-27AE-6400-9B8A-2BD803020302} Vermist: Een Mysterieuze Verdwijning-->"C:\Program Files (x86)\Vermist - Een Mysterieuze Verdwijning\Uninstall.exe" Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49} Visual Studio 2010 x64 Redistributables-->MsiExec.exe /I{21B133D6-5979-47F0-BE1C-F6A6B304693F} VLC media player 2.1.2-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe VSO Image Resizer 3.0.1.82-->"C:\Program Files (x86)\VSO\Image Resizer\unins000.exe" Winmail Reader 1.2.15-->"C:\Program Files (x86)\Winmail Reader\unins000.exe" Witches' Legacy: De Vloek van Charleston-->"C:\Program Files (x86)\Witches' Legacy - De Vloek van Charleston\Uninstall.exe" WMV9/VC-1 Video Playback-->MsiExec.exe /X{57FF2ED8-4D2D-4F60-2EF9-751F61099C05} ======System event log====== Computer Name: toshiba-TOSH Event Code: 1060 Message: \??\C:\Windows\SysWow64\Drivers\DgiVecp.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma. Record Number: 1189181 Source Name: Application Popup Time Written: 20141009145311.200853-000 Event Type: Fout User: Computer Name: toshiba-TOSH Event Code: 7036 Message: De Skype Click to Call Updater-service heeft nu de status wordt uitgevoerd. Record Number: 1189180 Source Name: Service Control Manager Time Written: 20141009145310.920053-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 7036 Message: De Apple Mobile Device-service heeft nu de status wordt uitgevoerd. Record Number: 1189179 Source Name: Service Control Manager Time Written: 20141009145310.623652-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 7036 Message: De Bonjour-service-service heeft nu de status wordt uitgevoerd. Record Number: 1189178 Source Name: Service Control Manager Time Written: 20141009145310.483252-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 7036 Message: De Adobe Acrobat Update Service-service heeft nu de status wordt uitgevoerd. Record Number: 1189177 Source Name: Service Control Manager Time Written: 20141009145309.360050-000 Event Type: Informatie User: =====Application event log===== Computer Name: toshiba-TOSH Event Code: 5617 Message: Subsystemen van Windows Management Instrumentation-service zijn geïnitialiseerd Record Number: 69640 Source Name: Microsoft-Windows-WMI Time Written: 20130831093024.000000-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 3191 Message: {tid=FC8} -------------------------------------------------------- Clientlogbestand (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt) geïnitialiseerd Record Number: 69639 Source Name: Application Virtualization Client Time Written: 20130831093024.000000-000 Event Type: Waarschuwing User: Computer Name: toshiba-TOSH Event Code: 5615 Message: De Windows Management Instrumentation-service is gestart Record Number: 69638 Source Name: Microsoft-Windows-WMI Time Written: 20130831093024.000000-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 100 Message: Record Number: 69637 Source Name: SkypeUpdate Time Written: 20130831092954.000000-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 0 Message: Record Number: 69636 Source Name: sftvsa Time Written: 20130831092953.000000-000 Event Type: Informatie User: =====Security event log===== Computer Name: toshiba-TOSH Event Code: 4647 Message: De gebruiker heeft een afmelding gestart: Onderwerp: Beveiligings-id: S-1-5-21-188962704-3410596730-1811170223-1000 Accountnaam: toshiba Accountdomein: toshiba-TOSH Aanmeldings-id: 0x1d0eb Deze gebeurtenis wordt gegenereerd wanneer een afmelding wordt gestart. De gebruiker kan verder geen activiteiten starten. Deze gebeurtenis kan worden geïnterpreteerd als een afmeldingsgebeurtenis. Record Number: 70138 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140103154631.504002-000 Event Type: Controle geslaagd User: Computer Name: toshiba-TOSH Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 70137 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140103083247.205496-000 Event Type: Controle geslaagd User: Computer Name: toshiba-TOSH Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: TOSHIBA-TOSH$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x24c Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 70136 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140103083247.205496-000 Event Type: Controle geslaagd User: Computer Name: toshiba-TOSH Event Code: 6406 Message: Norton Internet Security is geregistreerd bij Windows Firewall om het filter te beheren voor BootTimeRuleCategory, StealthRuleCategory, FirewallRuleCategory. Record Number: 70135 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140103083220.935050-000 Event Type: Controle geslaagd User: Computer Name: toshiba-TOSH Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 70134 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140103083045.516279-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=18 "PROCESSOR_IDENTIFIER"=AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD "PROCESSOR_REVISION"=0100 "windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log "windows_tracing_flags"=3 "asl.log"=Destination=file -----------------EOF-----------------
  4. ameya
    Hallo, Ik heb al een tijdje last van plots opduikende blue screens. Vandaag kon ik geen You-tube filmpjes bekijken of het beeld werd helemaal streperig en vervolgens kreeg ik een blue screen. Dit verschillende malen na elkaar ook bij bekijken van andere filmpjes. Ik heb al een diepe systeemscan gedaan met Norton Internet Security maar die vindt niets. Is hier toch malware actief? Hierbij mijn logje: info.txt logfile of random's system information tool 1.10 2014-12-10 16:15:14 ======MBR====== 0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9ACC67EF9700008020210027FEFFFF0008000000780C0000FD0C3207FEFFFF00800C000048111D00FEFFFF07FEFFFF00C81D1D00981A1D0000000000000000000000000000000055AA ======Uninstall list====== -->"C:\Program Files (x86)\TOSHIBA Games\Game Explorer Categories - genres\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Crush the Castle 2\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Dark Orbit\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Farmerama\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Free Realms\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Seafight\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - Shaiya\Uninstall.exe" -->"C:\Program Files (x86)\TOSHIBA Games\Web Link - World of Warcraft\Uninstall.exe" -->C:\Program Files\TOSHIBA\TVAP\setup.exe Adobe Flash Player 15 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_ActiveX.exe -maintain activex Adobe Flash Player 15 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe -maintain plugin Adobe Reader XI (11.0.09) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001} Adobe Shockwave Player 12.0-->"C:\Windows\SysWOW64\Adobe\Shockwave 12\uninstaller.exe" Amanda Rose - The Game of Time-->"C:\Program Files (x86)\Denda Games\Amanda Rose - The Game of Time\Uninstall.exe" Apple Application Support-->MsiExec.exe /I{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031} Apple Mobile Device Support-->MsiExec.exe /I{BDD99690-3541-4619-9D2A-3CDDB3E15F9E} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -removeonly ATI Catalyst Install Manager-->msiexec /q/x{CB2A7731-D4B8-4685-852C-70508E0BB1D0} REBOOT=ReallySuppress Audio Creator LE 1.5-->"C:\Program Files (x86)\Cakewalk\Audio Creator LE\unins000.exe" Awakening: Het Droomloze Kasteel-->"C:\Program Files (x86)\Awakening - Het Droomloze Kasteel\Uninstall.exe" Awakening: Het Rijk der Kobolds-->"C:\Program Files (x86)\Awakening - Het Rijk der Kobolds\Uninstall.exe" Awakening: Maanwoud-->"C:\Program Files (x86)\Awakening - Maanwoud\Uninstall.exe" Belgium e-ID middleware 4.0.7 (build 7453)-->MsiExec.exe /I{824563DE-75AD-4166-9DC0-B6482F207453} Big Fish: Game Manager-->C:\Program Files (x86)\bfgclient\Uninstall.exe Bluebeards Castle: Het Kasteel van Blauwbaard-->"C:\Program Files (x86)\Bluebeards Castle - Het Kasteel van Blauwbaard\Uninstall.exe" Bluetooth Monitor 4-->C:\Program Files (x86)\InstallShield Installation Information\{61539202-097E-487E-9237-B291AB56D54C}\setup.exe -runfromtemp -l0x0013 -removeonly Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} Brink of Consciousness - Dorian Gray Syndrome-->"C:\Program Files (x86)\Denda Games\Brink of Consciousness - Dorian Gray Syndrome\Uninstall.exe" Canon Utilities Digital Photo Professional-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\Digital Photo Professional\uninstall.xml" Canon Utilities EOS Sample Music-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Sample Music\uninstall.xml" Canon Utilities EOS Utility-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Utility\uninstall.xml" Canon Utilities ImageBrowser EX-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\ImageBrowser EX\uninstall.xml" Canon Utilities PhotoStitch-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\PhotoStitch\uninstall.xml" Canon Utilities Picture Style Editor-->"C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe" "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\Picture Style Editor\uninstall.xml" Catalyst Control Center - Branding-->MsiExec.exe /I{8064A378-46F4-4A4E-8AF5-153D0D4018DD} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Christmas Stories: De Notenkraker Luxe Editie-->"C:\Program Files (x86)\Christmas Stories - De Notenkraker Luxe Editie\Uninstall.exe" Chuzzle Deluxe-->C:\Program Files (x86)\PopCap Games\Chuzzle Deluxe\PopUninstall.exe "C:\Program Files (x86)\PopCap Games\Chuzzle Deluxe\Install.log" Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9} Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE} Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640} Compatibiliteitspakket voor het 2007 Microsoft Office system-->MsiExec.exe /X{90120000-0020-0413-0000-0000000FF1CE} Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -G -ITE7Pebwa.inf Dark Strokes - Sins of the Fathers CE-->"C:\Program Files (x86)\Denda Games\Dark Strokes - Sins of the Fathers CE\Uninstall.exe" Drawn ®: Een Donkere Vlucht ™-->"C:\Program Files (x86)\Drawn - Een Donkere Vlucht\Uninstall.exe" Drawn®: De Getekende Toren ™-->"C:\Program Files (x86)\Drawn - De Getekende Toren\Uninstall.exe" Dreamscapes - The Sandman Collector's Edition-->"C:\Program Files (x86)\Denda Games\Dreamscapes - The Sandman Collector's Editio\Uninstall.exe" DVD Flick 1.3.0.7-->"C:\Program Files (x86)\DVD Flick\unins000.exe" Easy Exif Delete-->"C:\Program Files (x86)\ConsumerSoft\Easy Exif Delete\Uninstall.exe" "C:\Program Files (x86)\ConsumerSoft\Easy Exif Delete\install.log" -u Echoes of the Past: Het Kasteel der Schaduwen-->"C:\Program Files (x86)\Echoes of the Past - Het Kasteel der Schaduwen\Uninstall.exe" Epic Adventures - Cursed Onboard-->"C:\Program Files (x86)\Denda Games\Epic Adventures - Cursed Onboard\Uninstall.exe" Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Earth-->MsiExec.exe /X{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Grim Tales: Wolven aan de Poort-->"C:\Program Files (x86)\Grim Tales - Wolven aan de Poort\Uninstall.exe" Haunted Manor: Heer der Spiegels-->"C:\Program Files (x86)\Haunted Manor - Heer der Spiegels\Uninstall.exe" High-Definition Video Playback-->MsiExec.exe /X{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21} HP LaserJet Professional M1130-M1210 MFP Series-->C:\Program Files\HP\HP LaserJet M1210 MFP Series\Uninstall.exe HP Smart Print 1.1.5.0-->MsiExec.exe /I{8B157EE4-0BAB-4CCE-B92C-5844AB6E20F1} ImgBurn-->"C:\Program Files (x86)\ImgBurn\uninstall.exe" iTunes-->MsiExec.exe /I{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576} Java 7 Update 71-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F03217071FF} Liong Mahjong-->"C:\Program Files (x86)\Denda Games\Liong Mahjong\Uninstall.exe" Love Chronicles: Het Zwaard en de Roos-->"C:\Program Files (x86)\Love Chronicles - Het Zwaard en de Roos\Uninstall.exe" Maestro: Muziek des Doods-->"C:\Program Files (x86)\Maestro - Muziek des Doods\Uninstall.exe" Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64 Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE} Microsoft Office Klik-en-Klaar 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall Microsoft Office Klik-en-Klaar 2010-->MsiExec.exe /I{90140000-006D-0413-1000-0000000FF1CE} Microsoft Office Starter 2010 - Nederlands-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0413-0000-0000000FF1CE} Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850413-6000-11D3-8CFE-0150048383C9} Microsoft PowerPoint Viewer-->MsiExec.exe /X{95140000-00AF-0413-0000-0000000FF1CE} Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{2C303EE0-A595-3543-A71A-931C7AC40EDE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727-->"C:\ProgramData\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe" /uninstall Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727-->"C:\ProgramData\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe" /uninstall Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727-->MsiExec.exe /X{AC53FC8B-EE18-3F9C-9B59-60937D0B182C} Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{A2CB1ACB-94A2-32BA-A15E-7D80319F7589} Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727-->MsiExec.exe /X{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607} Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36} Mozilla Firefox 34.0.5 (x86 nl)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" Mozilla Thunderbird 24.6.0 (x86 nl)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36} MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E} MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94} Mystery Case Files: Ontsnapping uit Ravenhearst-->"C:\Program Files (x86)\Mystery Case Files - Ontsnapping uit Ravenhearst\Uninstall.exe" Mystery Legends: Beauty and the Beast-->"C:\Program Files (x86)\Mystery Legends - Beauty and the Beast\Uninstall.exe" Mystery Legends: The Phantom of the Opera-->"C:\Program Files (x86)\Mystery Legends - The Phantom of the Opera\Uninstall.exe" Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7} Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE} Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6} Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00} Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517} Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38} Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A} Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F} Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8} Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521} Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC} Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C} Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98} Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7} Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E} Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953} Nero Kwik Media-->MsiExec.exe /X{1F7D9F37-C39C-486C-BDF8-8F440FFB3352} Nero Multimedia Suite 10 Essentials-->MsiExec.exe /I{89590A73-9AC3-48ED-B83E-6489900DED5A} Nero Multimedia Suite 10 Essentials-->MsiExec.exe /X{2063D199-D79F-471A-9019-9E647296394D} Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7} Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023} Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702} Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65} Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A} NeroKwikMedia Help (CHM)-->MsiExec.exe /X{02FCAA8F-59D3-4198-822E-135C61EE4F0B} Nick Chase and the Deadly Diamond-->"C:\Program Files (x86)\Nick Chase and the Deadly Diamond\Uninstall.exe" Norton Internet Security-->"C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\2454B0AB\21.6.0.32\InstStub.exe" /X /ARP Oddly Enough - De Rattenvanger van Hamelen-->"C:\Program Files (x86)\Denda Games\Oddly Enough - De Rattenvanger van Hamelen\Uninstall.exe" Online Games Manager v1.30-->C:\Program Files (x86)\Online Games Manager\uninst.exe Phantasmat - Collectors Edition-->"C:\Program Files (x86)\Denda Games\Phantasmat - Collectors Edition\Uninstall.exe" PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04} PuppetShow: Het Joyville-mysterie-->"C:\Program Files (x86)\PuppetShow - Het Joyville-mysterie\Uninstall.exe" PuppetShow: Zielen der Onschuldigen-->"C:\Program Files (x86)\PuppetShow - Zielen der Onschuldigen\Uninstall.exe" QuickTime 7-->MsiExec.exe /I{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} Realtek USB 2.0 Reader Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe" -runfromtemp -removeonly Realtek WLAN Driver-->C:\Program Files (x86)\InstallShield Installation Information\{9D3D8C60-A55F-4fed-B2B9-173001290E16}\Install.exe -uninst -l0x9 Redemption Cemetery: Vloek van de Raaf-->"C:\Program Files (x86)\Redemption Cemetery - Vloek van de Raaf\Uninstall.exe" Reincarnations: Verlichting-->"C:\Program Files (x86)\Reincarnations - Verlichting\Uninstall.exe" Scan To-->MsiExec.exe /I{E8A34AC8-0137-4515-A94B-0A0946DDC251} Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {F7CBA1C7-E5B5-39E9-9631-459E1FE08C45} Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D} Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A} Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {599EC629-2679-30CE-B28B-7432EF5FC126} Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533} Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C} Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8B856ECB-ED10-3F9E-880D-03A278EF3FB6} Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {48006B2D-366F-3386-92C7-785D3A523042} Sisters Secrecy - Arcanum Bloodlines CE-->"C:\Program Files (x86)\Denda Games\Sisters Secrecy - Arcanum Bloodlines CE\Uninstall.exe" Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701} Skype™ 6.21-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} Snark Busters 2 - All Revved Up-->"C:\Program Files (x86)\Denda Games\Snark Busters 2 - All Revved Up\Uninstall.exe" Spirits of Mystery: Het Lied van de Feniks-->"C:\Program Files (x86)\Spirits of Mystery - Het Lied van de Feniks\Uninstall.exe" Strange Cases: Het Vuurtorenmysterie-->"C:\Program Files (x86)\Strange Cases - Het Vuurtorenmysterie\Uninstall.exe" Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4)-->rundll32.exe C:\PROGRA~1\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\beidmdrv.inf_amd64_neutral_4103a54b2227b67a\beidmdrv.inf Surface: Game of Gods Collector's Edition-->"C:\Program Files (x86)\Surface - Game of Gods Collectors Edition\Uninstall.exe" swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall The Mystery of the Crystal Portal - Beyond the Horizon-->"C:\Program Files (x86)\Denda Games\Mystery of the Crystal Portal 2\Uninstall.exe" Time Mysteries: De Nalatenschap-->"C:\Program Files (x86)\Time Mysteries - De Nalatenschap\Uninstall.exe" TOSHIBA Assist-->C:\Program Files (x86)\InstallShield Installation Information\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}\setup.exe -runfromtemp -removeonly TOSHIBA Bulletin Board-->"C:\Program Files (x86)\InstallShield Installation Information\{43DBC64B-3DD1-47E2-8788-D3C3B110C574}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Bulletin Board-->MsiExec.exe /X{43DBC64B-3DD1-47E2-8788-D3C3B110C574} TOSHIBA ConfigFree-->MsiExec.exe /X{38C52F7D-A6CB-4CE7-A189-8AABE8774D8A} TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0} TOSHIBA eco Utility-->MsiExec.exe /X{6FF9A012-0254-41E9-81E2-F538C4B53611} TOSHIBA Face Recognition-->"C:\Program Files (x86)\InstallShield Installation Information\{F67FA545-D8E5-4209-86B1-AEE045D1003F}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Face Recognition-->MsiExec.exe /X{F67FA545-D8E5-4209-86B1-AEE045D1003F} TOSHIBA Hardware Setup-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C4FFA951-9678-4D51-84B4-AFD15D3C45AD} /l1033 TOSHIBA HDD/SSD Alert-->MsiExec.exe /X{D4322448-B6AF-4316-B859-D8A0E84DCB38} Toshiba Manuals-->"C:\Program Files (x86)\InstallShield Installation Information\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}\setup.exe" -runfromtemp -l0x0009 -removeonly TOSHIBA Media Controller-->C:\Program Files (x86)\InstallShield Installation Information\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}\setup.exe -runfromtemp -removeonly TOSHIBA Online Product Information-->"C:\Program Files (x86)\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe" -runfromtemp -l0x0009 -removeonly TOSHIBA PC Health Monitor-->MsiExec.exe /X{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4} TOSHIBA Places Icon Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{461F6F0D-7173-4902-9604-AB1A29108AF2}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Recovery Media Creator Reminder-->C:\Program Files (x86)\InstallShield Installation Information\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}\setup.exe -runfromtemp -l0x0409 TOSHIBA Recovery Media Creator-->C:\Program Files (x86)\InstallShield Installation Information\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}\Setup.exe -runfromtemp -removeonly TOSHIBA ReelTime-->"C:\Program Files (x86)\InstallShield Installation Information\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA ReelTime-->MsiExec.exe /X{24811C12-F4A9-4D0F-8494-A7B8FE46123C} TOSHIBA Service Station-->C:\Program Files (x86)\InstallShield Installation Information\{AC6569FA-6919-442A-8552-073BE69E247A}\setup.exe -runfromtemp -l0x0009 -removeonly TOSHIBA Sleep Utility-->C:\Program Files (x86)\InstallShield Installation Information\{654F7484-88C5-46DC-AB32-C66BCB0E2102}\Setup.exe -runfromtemp -removeonly TOSHIBA Supervisor Password-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{CBD6B23D-41D5-4A46-8019-6208516C9712} /l1033 TOSHIBA TEMPRO-->MsiExec.exe /X{F082CB11-4794-4259-99A1-D91BA762AD15} TOSHIBA Value Added Package-->C:\Program Files\TOSHIBA\TVAP\Setup.exe TOSHIBA Web Camera Application-->"C:\Program Files (x86)\InstallShield Installation Information\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}\setup.exe" -runfromtemp -l0x0413 -removeonly TOSHIBA Web Camera Application-->MsiExec.exe /I{6F3C8901-EBD3-470D-87F8-AC210F6E5E02} TOSHIBA Wireless LAN Indicator-->MsiExec.exe /X{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9} TRORMCLauncher-->C:\Program Files (x86)\InstallShield Installation Information\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\setup.exe -runfromtemp -l0x0409 TSST OEM Content-->MsiExec.exe /X{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F} VASCO Card Reader Plug-In (64-Bit)-->MsiExec.exe /X{47659F12-27AE-6400-9B8A-2BD803020302} Vermist: Een Mysterieuze Verdwijning-->"C:\Program Files (x86)\Vermist - Een Mysterieuze Verdwijning\Uninstall.exe" Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49} Visual Studio 2010 x64 Redistributables-->MsiExec.exe /I{21B133D6-5979-47F0-BE1C-F6A6B304693F} VLC media player 2.1.2-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe VSO Image Resizer 3.0.1.82-->"C:\Program Files (x86)\VSO\Image Resizer\unins000.exe" Winmail Reader 1.2.15-->"C:\Program Files (x86)\Winmail Reader\unins000.exe" Witches' Legacy: De Vloek van Charleston-->"C:\Program Files (x86)\Witches' Legacy - De Vloek van Charleston\Uninstall.exe" WMV9/VC-1 Video Playback-->MsiExec.exe /X{57FF2ED8-4D2D-4F60-2EF9-751F61099C05} ======System event log====== Computer Name: toshiba-TOSH Event Code: 1060 Message: \??\C:\Windows\SysWow64\Drivers\DgiVecp.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma. Record Number: 1189181 Source Name: Application Popup Time Written: 20141009145311.200853-000 Event Type: Fout User: Computer Name: toshiba-TOSH Event Code: 7036 Message: De Skype Click to Call Updater-service heeft nu de status wordt uitgevoerd. Record Number: 1189180 Source Name: Service Control Manager Time Written: 20141009145310.920053-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 7036 Message: De Apple Mobile Device-service heeft nu de status wordt uitgevoerd. Record Number: 1189179 Source Name: Service Control Manager Time Written: 20141009145310.623652-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 7036 Message: De Bonjour-service-service heeft nu de status wordt uitgevoerd. Record Number: 1189178 Source Name: Service Control Manager Time Written: 20141009145310.483252-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 7036 Message: De Adobe Acrobat Update Service-service heeft nu de status wordt uitgevoerd. Record Number: 1189177 Source Name: Service Control Manager Time Written: 20141009145309.360050-000 Event Type: Informatie User: =====Application event log===== Computer Name: toshiba-TOSH Event Code: 5617 Message: Subsystemen van Windows Management Instrumentation-service zijn geïnitialiseerd Record Number: 69640 Source Name: Microsoft-Windows-WMI Time Written: 20130831093024.000000-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 3191 Message: {tid=FC8} -------------------------------------------------------- Clientlogbestand (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt) geïnitialiseerd Record Number: 69639 Source Name: Application Virtualization Client Time Written: 20130831093024.000000-000 Event Type: Waarschuwing User: Computer Name: toshiba-TOSH Event Code: 5615 Message: De Windows Management Instrumentation-service is gestart Record Number: 69638 Source Name: Microsoft-Windows-WMI Time Written: 20130831093024.000000-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 100 Message: Record Number: 69637 Source Name: SkypeUpdate Time Written: 20130831092954.000000-000 Event Type: Informatie User: Computer Name: toshiba-TOSH Event Code: 0 Message: Record Number: 69636 Source Name: sftvsa Time Written: 20130831092953.000000-000 Event Type: Informatie User: =====Security event log===== Computer Name: toshiba-TOSH Event Code: 4647 Message: De gebruiker heeft een afmelding gestart: Onderwerp: Beveiligings-id: S-1-5-21-188962704-3410596730-1811170223-1000 Accountnaam: toshiba Accountdomein: toshiba-TOSH Aanmeldings-id: 0x1d0eb Deze gebeurtenis wordt gegenereerd wanneer een afmelding wordt gestart. De gebruiker kan verder geen activiteiten starten. Deze gebeurtenis kan worden geïnterpreteerd als een afmeldingsgebeurtenis. Record Number: 70138 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140103154631.504002-000 Event Type: Controle geslaagd User: Computer Name: toshiba-TOSH Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 70137 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140103083247.205496-000 Event Type: Controle geslaagd User: Computer Name: toshiba-TOSH Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: TOSHIBA-TOSH$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x24c Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 70136 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140103083247.205496-000 Event Type: Controle geslaagd User: Computer Name: toshiba-TOSH Event Code: 6406 Message: Norton Internet Security is geregistreerd bij Windows Firewall om het filter te beheren voor BootTimeRuleCategory, StealthRuleCategory, FirewallRuleCategory. Record Number: 70135 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140103083220.935050-000 Event Type: Controle geslaagd User: Computer Name: toshiba-TOSH Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 70134 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140103083045.516279-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=18 "PROCESSOR_IDENTIFIER"=AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD "PROCESSOR_REVISION"=0100 "windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log "windows_tracing_flags"=3 "asl.log"=Destination=file -----------------EOF-----------------
  5. ameya
    De kredietkaartmaatschappij is zogezegd een onderzoek aan het doen? De bank zegt dat we misschien het geld terugkrijgen en zo ja wordt er 150 euro vanaf gehouden? Kunnen ze zomaar zoveel geld afhouden terwijl een mastercard toch verzekerd is voor online aankopen? (de onze toch)
  6. ameya
    Ja, dat zou ik wel kunnen doen. Maandag zal ik eens bellen. Bedankt voor je hulp!
  7. ameya
    Is het veilig om met Google adwords zelf contact op te nemen? Ik vertrouw ze niet omdat ze blijkbaar een klantnummer aangemaakt hebben voor mijn man terwijl die helemaal niks heeft aangevraagd? Ik lees op het net ook van een vrouw, die was wel lid, maar kreeg ook foutieve facturen van google adwords uit Ierland. Gaan zij hun fout zomaar toegeven en welke gegevens kan ik hun telefonisch doorgeven? Toch niet dat fake klantennummer? Sorry voor al mijn vragen maar ik maak me heel erg bezorgd dat ze nog gaan proberen geld te stelen. Het is wel al in onderzoek bij de kredietkaartmaatschappij en de betrokken mastercard werd geblokkeerd.
  8. ameya
    Kan mij iemand helpen? We hebben gemerkt dat Google adwords op ons afschrift van mijn partners Mastercard staat. We hebben geen account aangemaakt of met Google adwords contact gehad. Toch is er 500 euro van onze rekening gehaald door hen! Verwijderen we nu best onze google account? Maar hoe doe je dit veilig? Je moet o.a aankruisen dat je begrijpt dat de kosten van nog openstaande financiële transacties nog zullen geïnd worden. Dit wil ik echt niet aankruisen want ze halen dus al geld van onze rekening!
  9. ameya
    kweezie wabbit en kape heel erg bedankt voor jullie snelle hulp en duidelijke uitleg! Mijn laptop draait weer goed!
  10. ameya
    Ik betrouw Norton eigenlijk niet zo. Na die foutmelding deed ik een diepe systeemscan en Norton vond enkel 5 trackingcookies met laag risico. Als ik dan nu zie wat er allemaal van mijn laptop is gehaald sta ik versteld. Ik heb nu nog eens een snelle scan gedaan en enkel 3 trackingcookies gevonden. Maar is die comres.dll geen virus? (regel 023 in HJT) COMRes.dll Windows process - What is it?
  11. ameya
    Op de 4 commando's die ik moest intikken in de Opdrachtprompt kreeg ik volgende meldingen: 1) [sC] ControlService MISLUKT 1062: De service is niet gestart 2) [sC] DeleteService VOLTOOID 3) [sC] OpenService MISLUKT 1060: De opgegeven service is geen geïnstalleerde service 4) [sC] DeleteService VOLTOOID Resultaat AdwCleaner: # AdwCleaner v2.301 - Verslag gemaakt op 02/06/2013 om 14:51:05 # Geactualiseerd op 16/05/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : toshiba - TOSHIBA-TOSH # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\toshiba\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml File Verwijdert : C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\searchplugins\Askcom.xml File Verwijdert : C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\searchplugins\safesearch.xml File Verwijdert : C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\searchplugins\search-here.xml Map Verwijdert : C:\Program Files (x86)\DefaultTab Map Verwijdert : C:\ProgramData\AVG Security Toolbar Map Verwijdert : C:\ProgramData\Trymedia Map Verwijdert : C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc Map Verwijdert : C:\Users\toshiba\AppData\Roaming\DefaultTab ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\DefaultTab Sleutel Verwijdert : HKCU\Software\Default Tab Sleutel Verwijdert : HKCU\Software\InstallCore Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\UpdateStar Sleutel Verwijdert : HKCU\Software\YourFileDownloader Sleutel Verwijdert : HKCU\Software\8ededfb46aec45 Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser Sleutel Verwijdert : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX Sleutel Verwijdert : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Sleutel Verwijdert : HKLM\Software\Default Tab Sleutel Verwijdert : HKLM\Software\DefaultTab Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7211701377ee4034e65b491fba79931a Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\8ededfb46aec45 Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Sleutel Verwijdert : HKLM\Software\YourFileDownloader Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Software Sleutel Verwijdert : HKLM\SOFTWARE\Tarma Installer ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16576 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v21.0 (nl) File : C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\prefs.js C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\user.js ... Verwijdert ! [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v27.0.1453.94 File : C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [6197 octets] - [02/06/2013 14:51:05] ########## EOF - C:\AdwCleaner[s1].txt - [6257 octets] ########## - - - Updated - - - Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:06:57, on 2/06/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16576) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: QpBHO Class - {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe" -u auto-update O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.EXE /STARTUP O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\RunOnce: [uninstall C:\Users\toshiba\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\toshiba\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Global Startup: Bluetooth Monitor.lnk = ? O4 - Global Startup: Toshiba Places Icon Utility.lnk = C:\Program Files\Toshiba\TOSHIBA Places Icon Utility\TosDIMonitor.exe O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000 O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.dexia.be O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11886 bytes - - - Updated - - - Op regel 023 staat comress.dll. Dit staat op het net ook als virus vermeld?
  12. ameya
    Ik kreeg vandaag een foutmelding van Norton Internet Security. Heb het nummer van de fout helaas niet genoteerd. Het leek te maken te hebben met een virus dat Norton niet kon opruimen. Voor alle zekerheid deze HJT-log. Kan je eens nakijken of die schoon is? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:58:27, on 2/06/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16576) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: QpBHO Class - {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\toshiba\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe" -u auto-update O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.EXE /STARTUP O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\RunOnce: [uninstall C:\Users\toshiba\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\toshiba\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Global Startup: Bluetooth Monitor.lnk = ? O4 - Global Startup: Toshiba Places Icon Utility.lnk = C:\Program Files\Toshiba\TOSHIBA Places Icon Utility\TosDIMonitor.exe O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000 O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.dexia.be O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\toshiba\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12455 bytes
  13. ameya
    Bedankt Jahewi voor de info!
  14. ameya
    Sinds vanmorgen zijn er 3 mails binnengekomen en is de foutmelding weg. Ik weet niet waar het aan lag. Niet aan een overvolle mailbox want die had ik net geleegd. Hoe spoor je trouwens een blokkerend bestand op via je webmail-client? Zou dit graag weten in geval de boel weer vastloopt.
  15. ameya
    Hallo, Ik werk met Mozilla Thunderbird als e-mailprog en Windows 7. Sinds vandaag kan ik geen mails meer binnenhalen en verschijnt volgende foutmelding: Het RETR-commando had geen succes. Fout bij ontvangen van bericht. Mailserver in.telenet.be antwoordde: system failure: unable to get content for message 69660. Ook heb ik Mozilla Firefox zelf eens geupdate omdat ik dacht dat het daaraan lag en hier kan ik Google niet instellen als standaard zoekmachine.
  16. ameya
    Windows Live Essentials heeft nog updates uitgevoerd en nu kan ik de e-mailbescherming van Norton terug aanzetten. Hier mag slotje op.
  17. ameya
    Ik heb windows 7. Ik heb intussen andere dingen gedaan: - Ik heb Windows Live Mail versie 2012 gedownload en daarmee staat mijn mailprogr. weer online. Toen kreeg ik Windows Live Mail fout: 0X800CCC0E. Op het net vond ik dat dat iets met het antivirusprogramma te maken heeft; en inderdaad als ik e-mail beveiliging afzet in Norton dan werkt mijn e-mailprogramma weer goed. Hoe zou ik die e-mailbescherming weer toch kunnen aanzetten zonder die problemen?
  18. ameya
    Ik heb in "Programmatoegang en standaard programma's instellen" gekeken, daar staat de configuratie op "Aangepast". Maar als ik IE aanduidt en op Ok klik dan staat het bij sluiten van het venster en terug openen terug op " Huidige" en dat is Firefox als standaard gebruiken. Hoe komt dit? Er wordt me ook niet naar een wachtwoord van administrator gevraagd. (Is dat windows Live ID dat wachtwoord?). Als e-mail staat wel huidig e-mail programma aangeduid en dat is Windows Live mail.
  19. ameya
    Telenet geeft volgende foutmelding: Er is een probleem opgetreden bij het verbinden met de Windows Live Calendar-service. Als het probleem zich blijft voordoen, controleer dan of er een upgrade beschikbaar is voor Windows live mail of neem contact op met klantenondersteuning. Ik heb deze morgend juist 2 windowsupdates gedaan waaronder een upgrade naar IE 10. De problemen lijken na die updates begonnen.
  20. ameya
    Hallo, Ik kan plots geen e-mails meer ontvangen of verzenden. In Windows Live Mail verschijnt er een venster: U werkt offline. Wilt u online werken? Maar als ik hier ja klik gebeurt er niets. Hoe krijg ik Windows Live mail terug online? Ik kan wel normaal op het net om te surfen.
  21. ameya
    Het is gelukt! Bedankt Jean-Pierre voor je snelle hulp!;-)
  22. ameya
    PSI van Secunia geeft aan dat ik Adobe Flashplayer Activex handmatig moet updaten. Waar kan ik een zuivere link vinden om dit te downloaden? Bij mijn eerdere poging raakte mijn pc besmet met spyware.
  23. ameya
    Zoek.exe Version 4.0.0.1 Updated 16-02-2013 Tool run by toshiba on za 16/02/2013 at 20:14:56,84. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-188962704-3410596730-1811170223-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-188962704-3410596730-1811170223-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} deleted successfully HKEY_USERS\S-1-5-21-188962704-3410596730-1811170223-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CE81890A-8DE2-4A31-A14C-C74B1EFB83EB} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\OXXOGames\NLGplayer\GameCenterNotifier.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Users\toshiba\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Secunia\PSI\sua.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe c:\Program Files (x86)\Nero\Update\NASvc.exe C:\Users\toshiba\Desktop\zoek\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== FireFox Fix ====================== Deleted from C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\prefs.js: user_pref("browser.startup.homepage", "http://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=EEDEEA2A966750888335E1511FA71747"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.selectedEngine", "SecureSearch"); user_pref("keyword.URL", "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="); user_pref("browser.search.suggest.enabled", false); user_pref("browser.search.useDBForOrder", "false"); Added to C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar_i.newTab", true); user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.delta-search.com/?affID=119370&babsrc=NT_ss&mntrId=c8060f04000000000000047d7b057833"); ---- Lines BabylonToolbar modified from prefs.js ---- ---- Lines BabylonToolbar removed from user.js ---- ---- Lines delta removed from prefs.js ---- user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.bbDpng", "15"); user_pref("extensions.delta.cntry", "BE"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.hdrMd5", "C8A33769AB1D0C8C4FCECA239E372508"); user_pref("extensions.delta.id", "c8060f04000000000000047d7b057833"); user_pref("extensions.delta.instlDay", "15751"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.lastVrsnTs", "1.8.10.017:07:38"); user_pref("extensions.delta.newTab", false); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.sg", "azb"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.10.0"); user_pref("extensions.delta.vrsni", "1.8.10.0"); user_pref("extensions.delta.vrsnTs", "1.8.10.017:07:38"); ---- Lines delta modified from prefs.js ---- ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "c8060f04000000000000047d7b057833"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15751"); user_pref("extensions.delta.vrsn", "1.8.10.0"); user_pref("extensions.delta.vrsni", "1.8.10.0"); user_pref("extensions.delta.vrsnTs", "1.8.10.017:07:38"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.admin", false); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines Toggle removed from prefs.js ---- user_pref("symantec.browser.sessionstore.resume_from_crash.toggle", false); ---- Lines Toggle modified from prefs.js ---- ---- Lines Toggle removed from user.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines search.com removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20131602_2019_.backup prefs_20131602_2019_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Deleting Files \ Folders ====================== "C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\searchplugins\delta.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\searchplugins\safesearch.xml" deleted "C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\bProtector_extensions.sqlite" deleted "C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\bProtector_prefs.js" deleted "C:\Program Files (x86)\AddLyrics" deleted "C:\Users\toshiba\AppData\Roaming\Babylon" deleted "C:\Users\toshiba\AppData\Roaming\YourFileDownloader" deleted "C:\ProgramData\BrowserProtect" deleted "C:\ProgramData\Ask" deleted "C:\ProgramData\Search Protection" deleted "C:\ProgramData\Partner" deleted "C:\ProgramData\Tarma Installer" deleted "C:\ProgramData\Babylon" deleted "C:\ProgramData\Trymedia" deleted "C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\jetpack" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Internet Explorer: 9.0.8112.16421 Memory (RAM): 7655 MB CPU Info: AMD A6-3400M APU with Radeon HD Graphics CPU Speed: 1428,4 MHz Sound Card: Luidsprekers (Conexant SmartAud | Display Adapters: AMD Radeon HD 6520G | AMD Radeon HD 6520G | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW TS-L633F Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 232,5GB | D: 232,8GB | Q: 0,0MB Hard Disks - Free: C: 178,6GB | D: 219,3GB | Q: 0,0MB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | 06/28/12 | TOSQCI - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: AMD Torpedo Sun Java version: 1.6.0_39 Country: Belgi‰ Language: NLB ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\toshiba\AppData\Local\Temp ==== 2013-02-16 15:33:48 702BF5138F248D8529F5A6EFCE998AE3 3134432 ----a-w- C:\Users\toshiba\AppData\Local\Temp\aee321df-d57f-4851-b90e-e459b9b483f8.exe 2013-02-16 15:33:42 64367850B00793973A859B7BE6EC7BB7 20026368 ----a-w- C:\Users\toshiba\AppData\Local\Temp\9b7f038c-7f0d-48ff-be95-e867d0fb4c69.msi ====== C:\Windows\SysWOW64 ===== 2013-02-13 12:40:17 EED68558AAA106535E7290C9A8E0D5A3 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-02-13 12:40:16 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-02-13 12:40:16 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2013-02-13 12:40:16 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-02-13 12:40:15 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\SysWOW64\url.dll 2013-02-13 12:40:15 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-02-13 12:40:14 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-02-13 12:40:14 470D8189D7FE9928FFFECBF55AAA3233 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2013-02-13 12:40:13 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-02-13 12:40:13 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-02-13 12:40:12 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-02-13 12:40:12 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-02-13 12:40:11 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-02-13 12:40:11 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-02-13 12:40:10 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-02-13 12:40:06 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-02-13 08:34:51 660100CB90F344040EF57F52FC0681C3 3967848 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-02-13 08:34:50 82FF919E9236B0137B5C7455B0E1418A 3913064 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-02-13 08:34:43 E7A4DE9232E097829F62755BC0ABE0F2 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-02-13 08:34:43 79FCCC6662CA3DB6E6D2F1FCF3060FB5 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-02-13 08:34:43 61386FEAEFAD1AF971578602130A22B6 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-02-13 08:34:43 4F0C624E8E2BE4A8DB0820337B15395D 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-02-13 08:34:42 990702DB35E3698AFB298D8743DACF53 2048 ----a-w- C:\Windows\SysWOW64\user.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-02-13 12:40:17 C126E94D887482CC3EB84180D4DFE84B 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-02-13 12:40:16 9907747D39B37958180B4BCD756D3C47 248320 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-02-13 12:40:16 318551170D0A525969769B224FD07EA7 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-02-13 12:40:15 FC94371FCE85F391F976F2BB560367CF 237056 ----a-w- C:\Windows\Sysnative\url.dll 2013-02-13 12:40:15 D43FF47399D0972B3D514378EC914272 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2013-02-13 12:40:14 F3500B8809AC8642AF9C51B80B1C946C 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-02-13 12:40:14 91C25CA815433AA0672F7D722C3BF796 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-02-13 12:40:14 87BEA2616EFDEC6A1CB3BFCFB09D816A 1346048 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-02-13 12:40:14 5A4BC13F8C53017C9147B448870562CD 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2013-02-13 12:40:13 435E9C764E1EF70058580996452BE6A2 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-02-13 12:40:12 C2E1CA7848D834ADD708BB79FA05B6D2 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-02-13 12:40:12 BD69A0116B11A91761AB30A25DCB4C9D 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll 2013-02-13 12:40:12 47C1C7D580E39CB1401FD9209CD413BC 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-02-13 12:40:11 F431C3C86FCCC1C53814F043A6CAD825 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-02-13 12:40:07 14DEB733ACB08A71CC0783ED02FF1F8D 17812992 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-02-13 12:40:06 35126DDDE8241C4C4A5F15F6CDDF4434 10925568 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-02-13 08:34:52 6B0D9CF92C08D42533C12FC1A0B5403F 5553512 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-02-13 08:34:44 59E21156113E438D1D91AF4FC0C3B19F 3153408 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-02-13 08:34:43 0C27239FEA4DB8A2AAC9E502186B7264 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll ====== C:\Windows\Sysnative\drivers ===== 2013-02-16 15:32:55 14908F4F9005C29DE8F5587E271390EE 14456 ----a-w- C:\Windows\Sysnative\drivers\gfibto.sys 2013-02-15 17:56:22 F5D6D3B7468C46EA2DDC1D19D2A6DA0F 177312 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2013-02-15 17:56:22 88CC2755C8285E62CCA1185C3CA2D93F 855 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2013-02-15 17:56:22 1EC512AC4B6D0807878816697072112A 7466 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT 2013-02-13 08:34:41 B62A953F2BF3922C8764A29C34A22899 1913192 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-02-13 08:34:41 41C67E4205C606A103DEC8651D0B6FE6 288088 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS ====== C:\Windows\Tasks ====== 2013-02-15 16:07:20 3720DB21E08F5A2D5EFD5F6901A3F08D 378 ----a-w- C:\Windows\Tasks\AddLyrics update.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-02-15 17:02:24 -------- d-----w- C:\Program Files\Enigma Software Group ======= C:\Program Files (x86) ===== 2013-02-15 16:45:09 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2013-01-26 11:56:52 -------- d-----w- C:\Program Files (x86)\Common Files\Skype 2013-01-20 12:37:00 -------- d-----w- C:\Program Files (x86)\Echoes of the Past - Het Kasteel der Schaduwen ======= C: ===== 2013-02-15 17:02:53 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\toshiba\AppData\Roaming ====== 2013-02-16 15:37:12 -------- d-----w- C:\users\toshiba\AppData\Roaming\LavasoftStatistics 2013-02-16 12:16:22 -------- d-----w- C:\users\toshiba\AppData\Local\Programs 2013-02-15 17:54:14 -------- d-----w- C:\users\toshiba\AppData\Local\Avg2013 2013-02-14 12:42:13 -------- d-----w- C:\users\toshiba\AppData\Roaming\Deep Shadows 2013-02-12 14:14:51 -------- d-----w- C:\users\toshiba\AppData\Roaming\ShaoLin 2013-02-12 13:40:54 -------- d-----w- C:\users\toshiba\AppData\Roaming\BigFishv1000 2013-02-10 12:07:46 -------- d-----w- C:\users\toshiba\AppData\Roaming\GrandMA Studios 2013-02-05 13:48:49 -------- d-----w- C:\users\toshiba\AppData\Roaming\2monkeys 2013-02-03 13:23:18 -------- d-----w- C:\users\toshiba\AppData\Roaming\Odian Games 2013-02-03 12:54:23 -------- d-----w- C:\users\toshiba\AppData\Roaming\Namco 2013-02-03 12:54:20 -------- d-----w- C:\users\toshiba\AppData\Local\Namco 2013-01-31 13:07:34 -------- d-----w- C:\users\toshiba\AppData\Roaming\Phantasmat_bf_se1 2013-01-30 11:06:11 -------- d-----w- C:\users\toshiba\AppData\Roaming\ERS G-Studio 2013-01-29 12:41:53 -------- d-----w- C:\users\toshiba\AppData\Roaming\Mystery of Mortlake Mansion 2013-01-28 13:40:56 -------- d-----w- C:\users\toshiba\AppData\Roaming\FOP 2013-01-28 13:24:09 -------- d-----w- C:\users\toshiba\AppData\Roaming\Alawar 2013-01-27 13:52:33 -------- d-----w- C:\users\toshiba\AppData\Roaming\My Games 2013-01-27 12:40:21 -------- d-----w- C:\users\toshiba\AppData\Roaming\Boolat Games 2013-01-20 14:03:26 -------- d-----w- C:\users\toshiba\AppData\Roaming\Natural Threat.Ominous Shores ====== C:\Users\toshiba ====== 2013-02-16 15:33:49 -------- d-----w- C:\ProgramData\Downloaded Installations 2013-02-06 12:43:35 -------- d-----w- C:\ProgramData\Fugazo 2013-02-03 13:23:18 -------- d-----w- C:\ProgramData\Odian Games 2013-01-23 12:57:43 -------- d-----w- C:\ProgramData\The Mirror Mysteries 2013-01-20 16:50:09 -------- d-----w- C:\ProgramData\AVG January 2013 Campaign ====== C: exe-files == 2013-02-16 18:55:30 E371C41F310393A186B3CA28AFEF652B 15941632 ----a-w- C:\Program Files (x86)\Secunia\PSI\SUA\0a2bb793b17eb17cb6f38b9316bb53504cb86de2\AdobeFlashPlayer_11.6.602.168_ActiveX_SPS.exe 2013-02-16 15:33:48 702BF5138F248D8529F5A6EFCE998AE3 3134432 ----a-w- C:\Users\toshiba\AppData\Local\Temp\aee321df-d57f-4851-b90e-e459b9b483f8.exe 2013-02-16 15:32:55 AD2961325270F3A34F36BB5622C62292 47496 ----a-w- C:\Users\toshiba\AppData\Local\Temp\f3d5c89f-8f4b-4e71-987e-90d592d75626\amd64\sbbd.exe 2013-02-16 15:32:55 7D7A100919F0416FAC602F5345005058 44424 ----a-w- C:\Users\toshiba\AppData\Local\Temp\f3d5c89f-8f4b-4e71-987e-90d592d75626\i386\sbbd.exe 2013-02-16 15:32:55 1A9D1452ABBC7C6DA6F6EC874669B7E9 200560 ----a-w- C:\Users\toshiba\AppData\Local\Temp\f3d5c89f-8f4b-4e71-987e-90d592d75626\sbrc.exe 2013-02-16 15:32:55 18B82D26821485E3950F405F4B5D58A3 326024 ----a-w- C:\Users\toshiba\AppData\Local\Temp\f3d5c89f-8f4b-4e71-987e-90d592d75626\CartSdk64.exe 2013-02-16 15:32:41 DA754808606AF94775DFD2573D39F85F 5554312 ----a-w- C:\Users\toshiba\Downloads\Adaware_Installer.exe 2013-02-15 19:08:04 17EFB4C5F996F783E90BE1EB0077BA40 477560 ----a-w- C:\Users\toshiba\AppData\Local\Temp\MSS\3.0.318.3\McUICnt.exe 2013-02-15 18:50:39 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla31.exe 2013-02-15 17:54:23 91E20D6034AE8A3C383F86CC0A3EB32A 916120 ----a-w- C:\Users\toshiba\Downloads\NISDownloader(1).exe 2013-02-15 17:50:18 88785251A6129CCF1AF3BC16348CE769 916120 ----a-w- C:\Users\toshiba\Downloads\NISDownloader.exe 2013-02-15 17:01:40 8BE4ED63F6E098F75F8996541791C231 190411 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla36.exe 2013-02-15 16:44:45 979E536F75C1512CA0A13E07835A40FD 2617648 ----a-w- C:\Users\toshiba\Downloads\revosetup.exe 2013-02-15 16:31:11 A9C19B2328712B232EA6E27B59D4838A 4444744 ----a-w- C:\Users\toshiba\Downloads\avg_free_stb_all_2013_2899_cnet.exe 2013-02-15 16:07:18 E4C379E3A56DE94888EEE3727314283E 15845744 ----a-w- C:\Users\toshiba\Downloads\install_flash_player_11_active_x.exe 2013-02-15 16:06:22 31A25B80390205E68C7B58EC9421EB72 1214648 ----a-w- C:\Users\toshiba\Downloads\installer.exe 2013-02-13 16:17:29 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe 2013-02-13 16:17:29 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateBroker.exe 2013-02-13 16:17:28 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateSetup.exe 2013-02-13 16:17:21 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe 2013-02-13 16:17:20 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe 2013-02-13 16:17:20 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdate.exe 2013-02-13 16:17:18 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe 2013-02-13 12:40:15 D43FF47399D0972B3D514378EC914272 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-13 12:40:15 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-02-13 12:40:15 698EB1E5F8C66344D97C00B5699E871D 757280 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-02-13 12:40:14 0100BCF23941C83462E4A70F94C3392E 763424 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-02-13 08:34:52 6B0D9CF92C08D42533C12FC1A0B5403F 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-02-13 08:34:51 660100CB90F344040EF57F52FC0681C3 3967848 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-02-13 08:34:50 82FF919E9236B0137B5C7455B0E1418A 3913064 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-02-13 08:34:43 E7A4DE9232E097829F62755BC0ABE0F2 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-02-13 08:34:43 4F0C624E8E2BE4A8DB0820337B15395D 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-02-13 08:34:42 990702DB35E3698AFB298D8743DACF53 2048 ----a-w- C:\Windows\SysWOW64\user.exe === C: other files == 2013-02-16 15:33:03 99551A64340029A87C5306D6A6606B53 617984 ----a-w- C:\Users\toshiba\AppData\Local\Temp\4de9d799-178c-4b96-95bf-80f4fd54184c\Statistics.dll 2013-02-16 15:32:55 BACAFDC32EFFAB03A25CE4BCB60ECC22 464776 ----a-w- C:\Users\toshiba\AppData\Local\Temp\f3d5c89f-8f4b-4e71-987e-90d592d75626\CartSdk.dll 2013-02-16 15:32:55 483924F92E55A5F9423201EC635E2CED 13560 ----a-w- C:\Users\toshiba\AppData\Local\Temp\f3d5c89f-8f4b-4e71-987e-90d592d75626\i386\gfibto.sys 2013-02-16 15:32:55 14908F4F9005C29DE8F5587E271390EE 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys 2013-02-16 15:32:55 14908F4F9005C29DE8F5587E271390EE 14456 ----a-w- C:\Users\toshiba\AppData\Local\Temp\f3d5c89f-8f4b-4e71-987e-90d592d75626\amd64\gfibto.sys 2013-02-15 19:08:05 F2F524424952C06C8947248834FD5EEE 153280 ----a-w- C:\Users\toshiba\AppData\Local\Temp\MSS\3.0.318.3\McInstallerRes_LD.dll 2013-02-15 19:08:05 85AD707F3C3AF8079B2F22C1DC7238C0 412448 ----a-w- C:\Users\toshiba\AppData\Local\Temp\MSS\3.0.318.3\mcbrwsr2.dll 2013-02-15 19:08:05 4B3E08A63DAF5A66F634FDC41DC9E7E6 264008 ----a-w- C:\Users\toshiba\AppData\Local\Temp\MSS\3.0.318.3\McInstallerRes.dll 2013-02-15 19:08:05 2DA9F6A7A2858D9F9AFC433D18EEBE26 571472 ----a-w- C:\Users\toshiba\AppData\Local\Temp\MSS\3.0.318.3\McInstallerStartup.dll 2013-02-15 18:50:39 B02EEACA3A0950659793DD40E1CA44EC 66956 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCall.dll 2013-02-15 18:50:39 8BE4ED63F6E098F75F8996541791C231 190411 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla36.dll 2013-02-15 18:50:39 8761181CBB2E028D6CAD018011BAD55F 175992 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla34.dll 2013-02-15 18:50:39 6B110E925294547A7D288F26DA19D199 179687 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla.dll 2013-02-15 18:50:39 6256CD1A5ADE17263EB0AA0758E576A4 176545 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla32.dll 2013-02-15 18:50:39 1DC2021A8D1506391926C58D918DFF83 176035 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla33.dll 2013-02-15 18:50:39 1DC2021A8D1506391926C58D918DFF83 176035 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla2.dll 2013-02-15 18:50:39 0183A189CB159AD584E4F924A54C241A 190092 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla21.dll 2013-02-15 17:56:22 F5D6D3B7468C46EA2DDC1D19D2A6DA0F 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2013-02-15 17:55:48 64D1AF3D04E70A681154FFF1893848F6 1133216 ----a-r- C:\Windows\System32\drivers\NISx64\1402010.016\SymEFA64.sys 2013-02-15 17:55:48 42947647F71E9EF2167B42B372F1DDB7 23448 ----a-r- C:\Windows\System32\drivers\NISx64\1402010.016\SymELAM.sys 2013-02-15 17:55:48 1605EBD8CB86AFC4430116065995279A 432800 ----a-r- C:\Windows\System32\drivers\NISx64\1402010.016\symnets.sys 2013-02-15 17:55:47 ADF37F1A715D6C56C8E065FD8569A9A4 224416 ----a-r- C:\Windows\System32\drivers\NISx64\1402010.016\Ironx64.sys 2013-02-15 17:55:47 777217682DA76337E8E6EC8AC4412B9B 493216 ----a-r- C:\Windows\System32\drivers\NISx64\1402010.016\SymDS64.sys 2013-02-15 17:55:47 3510E7021D2637A67FBCB5105EAE945D 776864 ----a-r- C:\Windows\System32\drivers\NISx64\1402010.016\srtsp64.sys 2013-02-15 17:55:47 248C952C82DF1E23775432774CBB20F1 168096 ----a-r- C:\Windows\System32\drivers\NISx64\1402010.016\ccSetx64.sys 2013-02-15 17:55:47 1B884D876E87EABF5A3356BBD7321412 37496 ----a-r- C:\Windows\System32\drivers\NISx64\1402010.016\srtspx64.sys 2013-02-15 17:02:53 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat 2013-02-15 17:00:51 4023B7771DC2BE6A1C4559981153E061 726464 ----a-w- C:\Users\toshiba\Downloads\SpyHunter-Installer(1).com 2013-02-15 17:00:09 4023B7771DC2BE6A1C4559981153E061 726464 ----a-w- C:\Users\toshiba\Downloads\SpyHunter-Installer.com 2013-02-13 16:17:29 E0FF893763BA82BAABB869A351F0C455 572808 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll 2013-02-13 16:17:28 C56DE8185672B9F17F127EA282DD5E07 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psmachine.dll 2013-02-13 16:17:27 EA1848EFE8F3B60C687D003977945289 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_th.dll 2013-02-13 16:17:27 DF1FAEC09D59CF8CDBC30D3455648F8C 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_uk.dll 2013-02-13 16:17:27 A613AEA586B0ADF6902A59F39C547DA6 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_tr.dll 2013-02-13 16:17:27 59CBFB54ECC5FE93C74ECB2E4A1FF9A2 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-TW.dll 2013-02-13 16:17:27 51B96D72840AB9232225521102AB4962 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-CN.dll 2013-02-13 16:17:27 1C074E661B522E7F40D3534089FC225E 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psuser.dll 2013-02-13 16:17:27 17EBF25727C05C7273AD72BADF1F7058 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ur.dll 2013-02-13 16:17:27 0A6FD6C1F1E21A54CDC342616E8E4F82 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_vi.dll 2013-02-13 16:17:26 E534BB37BF5C43826E748E1D89910253 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sk.dll 2013-02-13 16:17:26 787B22D1B3551214EA18A438EB497BC2 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sr.dll 2013-02-13 16:17:26 6A2929FC5F24464DBDC0577DB6766DC1 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ru.dll 2013-02-13 16:17:26 3ABFB1E60F232142271FAB79253786F4 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sl.dll 2013-02-13 16:17:26 326DC32156A3587395B6858C10D34B0E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sw.dll 2013-02-13 16:17:26 2A0309B546700308E7DF9ED9302E8E94 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_te.dll 2013-02-13 16:17:26 1359046E906BFC1147702E78442ADB1E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ta.dll 2013-02-13 16:17:26 0B09837C01231654CEA36BAD94F88994 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sv.dll 2013-02-13 16:17:25 E849D447E038462CBE0B79655865CBB8 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_mr.dll 2013-02-13 16:17:25 956C7CFAE0FCA13AE6592A72E681325A 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-BR.dll 2013-02-13 16:17:25 6D9CDB9FE405DB672187CA1F85B148FA 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-PT.dll 2013-02-13 16:17:25 6D8879BF56B5875E70508A6A20812BB1 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ms.dll 2013-02-13 16:17:25 6B3640EFF0DD461E27C36AD7EB469D44 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ro.dll 2013-02-13 16:17:25 52E4EDF65BA65BEC4BA56D0B6E326F9E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_no.dll 2013-02-13 16:17:25 172724B5A3F3988A7FA0F038A92FF11E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_nl.dll 2013-02-13 16:17:25 00F8FEEFD4AE00EC5065B937BE00C595 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pl.dll 2013-02-13 16:17:24 F1B3D5D1D7A332FD6E24C4EB4844C7D5 23944 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ko.dll 2013-02-13 16:17:24 93545A29801793646159E248D69D337E 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_kn.dll 2013-02-13 16:17:24 8AAFF4EE2151DC1DBE13B1B42189A9A4 32136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ml.dll 2013-02-13 16:17:24 6E67575379F7CE795FF77CEC74F6D769 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lv.dll 2013-02-13 16:17:24 648544BA93B4DD273DF243F9E72948EF 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_it.dll 2013-02-13 16:17:24 4CB3C4616DA0DDF3D03829D8B18C640E 24968 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ja.dll 2013-02-13 16:17:24 3CC2D1834C1292A11C963FD9523CC4EF 26504 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_iw.dll 2013-02-13 16:17:24 0A119E73AB9ABCB87107B816B0FA74F9 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lt.dll 2013-02-13 16:17:23 F7281230459DA9BF21EC099CA833CA03 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_id.dll 2013-02-13 16:17:23 DE939A1A8F7EA3C0E41E46F87A4F6EF5 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fil.dll 2013-02-13 16:17:23 D87B79DF28588640F027686FD1209DD4 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fi.dll 2013-02-13 16:17:23 AD7C821EDB54639DD23D745173938ED4 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_is.dll 2013-02-13 16:17:23 73CF46B4F2B54AF8D0BF940B12DF10A5 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hr.dll 2013-02-13 16:17:23 2E1685D3B946B8D4D199494AF700CD2E 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_gu.dll 2013-02-13 16:17:23 2D39FA2E03FCCBB4D76A33FA03C76FE9 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hu.dll 2013-02-13 16:17:23 2C42FE9ACCA5654AEA2D0C7734531DDA 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fr.dll 2013-02-13 16:17:23 050448DEA40A5CED634C914DBE6336DE 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hi.dll 2013-02-13 16:17:22 FC5D9F5CBC46B3662DE958C682611296 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en-GB.dll 2013-02-13 16:17:22 F7C88FA49453C948D52D5350F16720D5 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es.dll 2013-02-13 16:17:22 C164FE32626724656C77362A88156684 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fa.dll 2013-02-13 16:17:22 A8D817072D08DB41F0BB193F234F43BB 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_de.dll 2013-02-13 16:17:22 8F1E180AF2F5B9AF234196DAFAB07E11 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_el.dll 2013-02-13 16:17:22 8D70A5894C60E412B4DF74B4EC049F13 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_et.dll 2013-02-13 16:17:22 35DB83C4DE9FA3889E937125D115EAA0 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll 2013-02-13 16:17:22 0ABF233C089FB7E8191D29DA2C6AC0AF 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es-419.dll 2013-02-13 16:17:21 EC724DAA39BEB13862324594100C1052 27016 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ar.dll 2013-02-13 16:17:21 DB9BE127989AF7386234BE8D746CE65D 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_da.dll 2013-02-13 16:17:21 98A4DF0939A0ECB3A1A7C7F9C3AA318F 25480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_am.dll 2013-02-13 16:17:21 8B572945FF7BED636A05A219DD78EC95 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bg.dll 2013-02-13 16:17:21 8ABBEF4327C86834E25E979CEEB19605 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_cs.dll 2013-02-13 16:17:21 43BC38087C79995F7BEDEF8648D5B790 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bn.dll 2013-02-13 16:17:21 3781763F294C34D9F8A993B384A88FA2 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ca.dll 2013-02-13 16:17:20 2E5672EEA419A4DC9DACD714632E1DC3 835464 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll 2013-02-13 12:41:56 E763D28DB5DC62EB38527B6F68926A68 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 12:41:56 E74C018279BB3FB2596AA4CEEA97EC0C 768000 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll 2013-02-13 12:40:16 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-02-13 12:40:16 F7BC1D90C3A976A5259BD1A5D7D43038 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll 2013-02-13 12:40:16 ED17AE04E19B5C779703EA35B2F607C0 182816 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll 2013-02-13 12:40:16 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2013-02-13 12:40:16 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-02-13 12:40:16 9907747D39B37958180B4BCD756D3C47 248320 ----a-w- C:\Windows\System32\ieui.dll 2013-02-13 12:40:16 76497D5AF6F682371DD1D5E18F37352F 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll 2013-02-13 12:40:16 318551170D0A525969769B224FD07EA7 96768 ----a-w- C:\Windows\System32\mshtmled.dll 2013-02-13 12:40:16 0F4871B3BF0E48664A24D2717F2117A0 149528 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll 2013-02-13 12:40:15 FC94371FCE85F391F976F2BB560367CF 237056 ----a-w- C:\Windows\System32\url.dll 2013-02-13 12:40:15 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\SysWOW64\url.dll 2013-02-13 12:40:14 F3500B8809AC8642AF9C51B80B1C946C 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-13 12:40:14 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-02-13 12:40:14 91C25CA815433AA0672F7D722C3BF796 729088 ----a-w- C:\Windows\System32\msfeeds.dll 2013-02-13 12:40:14 87BEA2616EFDEC6A1CB3BFCFB09D816A 1346048 ----a-w- C:\Windows\System32\urlmon.dll 2013-02-13 12:40:13 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-02-13 12:40:13 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-02-13 12:40:13 7F73235D527DCF16C38578CD1CD9F7A8 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll 2013-02-13 12:40:13 66E4246FEF8C364611F9782AA0809F42 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll 2013-02-13 12:40:13 435E9C764E1EF70058580996452BE6A2 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-02-13 12:40:12 C2E1CA7848D834ADD708BB79FA05B6D2 816640 ----a-w- C:\Windows\System32\jscript.dll 2013-02-13 12:40:12 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-02-13 12:40:12 BD69A0116B11A91761AB30A25DCB4C9D 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-13 12:40:12 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-02-13 12:40:12 47C1C7D580E39CB1401FD9209CD413BC 85504 ----a-w- C:\Windows\System32\jsproxy.dll 2013-02-13 12:40:11 F431C3C86FCCC1C53814F043A6CAD825 2147840 ----a-w- C:\Windows\System32\iertutil.dll 2013-02-13 12:40:11 D2C4AFF19FFF1E218DC8ACA177244449 86528 ----a-w- C:\Windows\System32\migration\WininetPlugin.dll 2013-02-13 12:40:11 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-02-13 12:40:11 C2AD78FF88FEC9663B0227A72E65F0C3 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll 2013-02-13 12:40:11 9B70C6CF83DBF5C56E82B7C30F1E300F 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll 2013-02-13 12:40:11 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-02-13 12:40:11 2E22305A88AD0F37434C896F5A4746F8 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll 2013-02-13 12:40:11 23AA73F4024DE78ED5A2F5F0BEB5388F 66048 ----a-w- C:\Windows\SysWOW64\migration\WininetPlugin.dll 2013-02-13 12:40:10 EE53ACBBE021BD598230E0FDA8313CB7 887808 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll 2013-02-13 12:40:10 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-02-13 12:40:07 14DEB733ACB08A71CC0783ED02FF1F8D 17812992 ----a-w- C:\Windows\System32\mshtml.dll 2013-02-13 12:40:06 35126DDDE8241C4C4A5F15F6CDDF4434 10925568 ----a-w- C:\Windows\System32\ieframe.dll 2013-02-13 12:40:06 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-02-13 08:34:44 59E21156113E438D1D91AF4FC0C3B19F 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-02-13 08:34:43 BFC68382466436FAE8B7A27966FB98CB 44032 ----a-w- C:\Windows\AppPatch\acwow64.dll 2013-02-13 08:34:43 79FCCC6662CA3DB6E6D2F1FCF3060FB5 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-02-13 08:34:43 61386FEAEFAD1AF971578602130A22B6 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-02-13 08:34:43 0C27239FEA4DB8A2AAC9E502186B7264 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-02-13 08:34:41 B62A953F2BF3922C8764A29C34A22899 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-02-13 08:34:41 41C67E4205C606A103DEC8651D0B6FE6 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-188962704-3410596730-1811170223-1000\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.EXE /STARTUP" "Gamesvooriedereen Nieuwsflits"="C:\Program Files (x86)\OXXOGames\NLGPlayer\GameCenterNotifier.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NBAgent"="c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "ToshibaServiceStation"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "TSleepSrv"="%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.EXE /STARTUP" "Gamesvooriedereen Nieuwsflits"="C:\Program Files (x86)\OXXOGames\NLGPlayer\GameCenterNotifier.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Toshiba TEMPRO"="C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe" "TosVolRegulator"="C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" "Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaReminder.exe" "SmartAudio"="C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t" "TosReelTimeMonitor"="%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe " "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" "HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe " "TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe " "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "Teco"=""%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r" "TosSENotify"="C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" "TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe " "TosNC"="%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe " ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" ==== Startup Folders ====================== 2011-10-25 13:00:19 1258 ----a-w- C:\users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2011-10-25 13:00:19 1258 ----a-w- C:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2012-09-29 09:25:01 1063 ----a-w- C:\users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2012-03-28 10:15:02 974 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Monitor.lnk 2012-04-01 13:28:32 1113 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk 2011-08-10 03:25:26 1006 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\AddLyrics update.job --a------ C:\Program Files (x86)\AddLyrics\alcsur.exe [] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15/02/2013 17:00] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/10/2012 11:12] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/10/2012 11:12] ==== Firefox Extensions ====================== ProfilePath: C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default - Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - Undetermined - C:\Program Files (x86)\AddLyrics\FF - Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\IPSFFPlgn - Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\coFFPlgn - Lavasoft Search Plugin - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} ==== Firefox Plugins ====================== Profilepath: C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default 7D2C149C21BA955CFFE39C08466BA31B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll - Shockwave Flash DE8275CAB4D3F80E4E266E14955B16EC - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 6.0.390.4 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Deleting Files \ Folders ====================== "C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\1q7yiik6.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\toshiba\AppData\Roaming\Delta\delta.crx[] kdlfddggdloaadnphbhejknhaggjaeld - C:\Program Files (x86)\AddLyrics\Chrome.crx[] lfffjahnfbocnaooecgijfnbpcfekoik - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02/10/2012 12:14] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\Exts\Chrome.crx[09/01/2013 20:04] niapdbllcanepiiimjjndipklodoedlc - C:\Users\toshiba\AppData\Local\Temp\YontooLayers.crx[] YouTube - toshiba - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - toshiba - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - toshiba - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Skype Click to Call - toshiba - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Trackers on this page - toshiba - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Gmail - toshiba - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=EEDEEA2A966750888335E1511FA71747" "Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=EEDEEA2A966750888335E1511FA71747" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kdlfddggdloaadnphbhejknhaggjaeld deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: QpBHO Class - {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coIEPlg.dll O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.dexia.be O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\toshiba\AppData\Local\Mozilla\Firefox\Profiles\1q7yiik6.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\toshiba\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted Hoe kan ik nu Google terug als mijn zoekmachine instellen? - - - Updated - - - Het is gelukt ik heb terug Google als browser! Ik had ook nog gescand met Ad-aware en die vond nog Yontoo op mijn pc. Daarmee was die Delta Search Toolbar verwijderd maar nu zat ik met de Toolbar van Lavasoft zelf opgescheept. Dankzij Zoek.exe zijn alle toolbars weg en werkt mijn browser terug als vroeger. dank je Kape voor de snelle hulp!
  24. ameya
    Malwarebytes Anti-Malware 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.02.16.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 toshiba :: TOSHIBA-TOSH [administrator] 16/02/2013 13:21:38 mbam-log-2013-02-16 (13-21-38).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 217254 Verstreken tijd: 4 minuut/minuten, 18 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) - - - Updated - - - Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:30:17, on 16/02/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\OXXOGames\NLGplayer\GameCenterNotifier.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Users\toshiba\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: QpBHO Class - {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coIEPlg.dll O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.EXE /STARTUP O4 - HKCU\..\Run: [Gamesvooriedereen Nieuwsflits] C:\Program Files (x86)\OXXOGames\NLGPlayer\GameCenterNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: Dropbox.lnk = toshiba\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Bluetooth Monitor.lnk = ? O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O4 - Global Startup: Toshiba Places Icon Utility.lnk = C:\Program Files\Toshiba\TOSHIBA Places Icon Utility\TosDIMonitor.exe O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.dexia.be O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13118 bytes - - - Updated - - - Delta Search toolbar is nog steeds aanwezig. Bij het invoeren van de opdrachtprompten kreeg ik overal de melding: De opgegeven service is geen geïnstalleerde service. Bij de HJT scan vond ik de regel" 04-Global Startup: $McRebootA5E6DEAA56$.Ink = ?" niet, dus die is niet gefixt. Dat MBAM ook niks vindt, kan dit komen doordat ik eerder Revo Uninstaller heb geprobeerd en er vetgedrukte regels in heb verwijderd? Misschien verwijderde ik maar stukken. Stom van me.
  25. ameya
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:14:24, on 15/02/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\Program Files (x86)\OXXOGames\NLGplayer\GameCenterNotifier.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Users\toshiba\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe C:\Users\toshiba\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: QpBHO Class - {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AddLyrics - {4145006D-47F8-42F2-8186-2225AAFECDD3} - C:\Program Files (x86)\AddLyrics\AddLyrics.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coIEPlg.dll O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.EXE /STARTUP O4 - HKCU\..\Run: [Gamesvooriedereen Nieuwsflits] C:\Program Files (x86)\OXXOGames\NLGPlayer\GameCenterNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: Dropbox.lnk = toshiba\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: $McRebootA5E6DEAA56$.lnk = ? O4 - Global Startup: Bluetooth Monitor.lnk = ? O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O4 - Global Startup: Toshiba Places Icon Utility.lnk = C:\Program Files\Toshiba\TOSHIBA Places Icon Utility\TosDIMonitor.exe O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.dexia.be O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: McAfee Application Installer Cleanup (0164321360955335) (0164321360955335mcinstcleanup) - McAfee, Inc. - C:\Users\toshiba\AppData\Local\Temp\016432~1.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13205 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.