Ga naar inhoud

harekas

Lid
  • Items

    56
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door harekas

  1. klopt zag het later en de website is UP! lag idd aan de site!. Dank je wel voor de hulp
  2. DIT UITGEPROBEERD WELKE IK IN 1 FORUM TEGEN KWAM MAAR WERKT NIET Breng IE eens terug naar zijn standaardinstellingen: - Open Internet explorer. - Druk op de Alt toets op je toetsenbord. Er verschijnt een menu. - Ga naar het menu Extra en kies Internetopties. - Op de tab Geavanceerd klik je onderaan op de knop Opnieuw instellen... - Klik nogmaals op Opnieuw instellen. - Klik op Sluiten en herstart internet explorer. Opmerking: Bovenstaande procedure kan ook volautomatisch gebeuren, door dit programma te downloaden en uit te voeren: reset IE naar standaardinstellingen (klik erop). Meer info over het opnieuw instellen van IE, vindt u hier.
  3. Zag vorige toppics en heb deze nagestreven maar nog niet gelukt. Merkte op de iphone toen ik 3g gebruikte het wel lukte op de site te komen. Ik heb het hijack logbestandje toegevoegd Logfile of random's system information tool 1.10 (written by random/random) Run by Computer at 2014-07-08 20:01:29 Microsoft Windows 8.1 System drive C: has 1781 GB (93%) free of 1907 GB Total RAM: 8054 MB (45% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:01:33, on 8-7-2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe C:\Users\Computer\AppData\Local\CloudStation\bin\cloud.exe C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\OLYMPUS\ib\olycamdetect.exe C:\Users\Computer\AppData\Local\CloudStation\bin\client-win.exe C:\MSI\MSI SUITE\MSI SUITE.exe C:\Program Files (x86)\DYMO\DYMO Label Software\DLS.exe C:\Program Files\Intel\Intel® Small Business Advantage\ToastNotifications\ToastNotifications.exe C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoUpdateCheck.exe C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE C:\Program Files (x86)\Davilex Business\Davilex Business\Business.exe C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE C:\Program Files\WinZip\zipsendservice.exe C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\PROGRA~2\Nitro\PRO8~1\NitroPDF.exe C:\PROGRA~2\Nitro\PRO8~1\Nitro_PIPAssistant.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Computer.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe O4 - HKLM\..\Run: [MSI Suite] C:\MSI\MSI SUITE\StartMSISuite.exe O4 - HKLM\..\Run: [CommandCenter] C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0" O4 - HKCU\..\Run: [HP Officejet 6500 E710n-z (NET)] "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AG344D905JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1 O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [DymoQuickPrint] "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe O4 - Startup: CloudStation.lnk = Computer\AppData\Local\CloudStation\bin\cloud.exe O4 - Global Startup: iSCTsysTray.lnk = C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: iMUIS Online inloggen O15 - Trusted Zone: MUIS Software: Verwijzing naar andere pagina O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel® Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe O23 - Service: Intel® Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe O23 - Service: MSIClock_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe O23 - Service: MSIFileSyncMonitor - Micro-Star Int'l Co., Ltd. - C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe O23 - Service: MSISaveLoad_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe O23 - Service: MSIWMI_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe O23 - Service: MSI_SuiteCharger - MSI - C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe O23 - Service: MSI_SuiteComCen - MSI - C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe O23 - Service: MSI_SuiteFastBoot - MSI - C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe O23 - Service: OnlineStorageService - Trend Micro Inc. - C:\Program Files\Trend Micro SafeSync\hrfscore.exe O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\PC Speed Up\PCSUService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SuperRAIDSvc - Unknown owner - C:\MSI\Super RAID\SuperRAIDSvc.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® Extreme Tuning Utility Service (XTU3SERVICE) - Intel® Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe -- End of file - 15276 bytes ======Listing Processes====== wininit.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files (x86)\PC Speed Up\PCSUService.exe" C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" dashost.exe {8c378f8e-b2e2-49dd-943f61dfbe8945d2} "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe" "C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe" "C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe" "C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe" "C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe" "C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe" "C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe" "C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe" "C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe" "c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER "C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe" "c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\MSI\Super RAID\SuperRAIDSvc.exe" C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0a8e5a2a-3d5e-4204-9b72-4f169b69c0f3 -SystemEventPortName:HostProcess-96816ad4-e387-4dd3-94c1-23c7afd2389c -IoCancelEventPortName:HostProcess-54651b7a-b3da-4233-979b-00f47601f6d8 -NonStateChangingEventPortName:HostProcess-e9612d04-689f-4d5e-ade0-de33b028a4ef -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:dcf8d857-cccf-4566-b61e-35dcc38072e6 -DeviceGroupId:WpdFsGroup C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe" "C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe" C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service "C:\Program Files\Trend Micro SafeSync\hrfscore.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WinLogon.exe -SpecialSession -hiberboot taskeng.exe {7F79147D-3314-4F3E-A618-3575E2166940} taskhostex.exe "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2828 "C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe" /hw C:\Windows\Explorer.EXE ClassicStartMenu.exe -startup C:\Windows\System32\skydrive.exe -Embedding "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" -Embedding "C:\Windows\System32\igfxtray.exe" "C:\Windows\system32\igfxsrvc.exe" -Embedding "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AG344D905JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1 "C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized "C:\Users\Computer\AppData\Local\CloudStation\bin\cloud.exe" "C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe" "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe" "C:\Program Files (x86)\OLYMPUS\ib\olycamdetect.exe" /Startup C:\Users\Computer\AppData\Local\CloudStation\bin\..\bin\client-win.exe C:/Users/Computer/AppData/Local/CloudStation/bin/../config/client.conf 1024 \??\C:\Windows\system32\conhost.exe 0x4 "C:\MSI\MSI SUITE\MSI SUITE.exe" "C:\Program Files (x86)\DYMO\DYMO Label Software\DLS.exe" C:\Windows\splwow64.exe 8192 C:\Windows\system32\DllHost.exe /Processid:{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0} "C:\Program Files\Intel\Intel® Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe" -minimized "C:\Program Files\Intel\Intel® Small Business Advantage\ToastNotifications\ToastNotifications.exe" \??\C:\Windows\system32\conhost.exe 0x4 "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoUpdateCheck.exe" /notify C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding "C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE" /n "\\NAS\Shared\Connect Slim B.V\Personeel CS\sollicitanten CS\sollicitanten 2014\Amar Moella CV.docx" /o "" "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding "C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE" C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding "C:\Program Files (x86)\Davilex Business\Davilex Business\Business.exe" "C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE" "C:\Program Files\WinZip\zipsendservice.exe" -Embedding C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding "C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE" "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" "C:\PROGRA~2\Nitro\PRO8~1\NitroPDF.exe" "\\NAS\Shared\Connect Slim B.V\Facturen CS\OFFERTE OVERZICHT KLANTEN CS\2014\14-0097 GREENEM Kreeft Boomgaardpad 61 Ooltgensplaat 9 pvs\14-0097 Offerte C. Kreeft Boomgaardpad 61 12 plat.pdf" NP8DC14K0XS61BD5AF5 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="11324.0.1677582206\1698150082" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0412 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3316 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_33/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="11324.1.1750059183\1871237179" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_33/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="11324.7.1488110555\1200309216" /prefetch:673131151 "C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_33/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="11324.15.1923965756\609211412" /prefetch:673131151 taskeng.exe {1A551C04-1979-48DA-869F-048C4549C89A} "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8260 CREDAT:267521 /prefetch:2 "C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8260 CREDAT:1774853 /prefetch:2 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="11324.20.759973505\132407707" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe255_ Global\UsGthrCtrlFltPipeMssGthrPipe255 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584 "C:\Users\Computer\Documents\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\PC Speed Up\PCSUSD.exe /dev0 /idle C:\Windows\tasks\RtlNetworkGenieVistaStart.job - C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe /hw ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-07-05 218784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}] ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20 774144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-21 1372864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-05 2335960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}] ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2013-10-20 460288] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}] ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-21 1138536] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}] ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-20 386048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-21 1372864] {553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20 774144] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-21 1138536] {553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IntelSBA"=C:\Program Files\Intel\Intel® Small Business Advantage\Service\SBALaunchDelay.exe [2014-01-06 56000] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-10-04 391128] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-10-04 771032] "Persistence"=C:\Windows\system32\igfxpers.exe [2013-10-04 769496] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Officejet 6500 E710n-z (NET)"=C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416] "GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-06-27 24477056] "DymoQuickPrint"=C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [2011-01-28 1825360] "VoipBuster"=C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe [2014-01-16 19638080] "PCSpeedUp"=C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe [2012-08-22 188680] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IMSS"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [2013-05-17 134616] "Fast Boot"=C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [2012-09-19 764472] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-21 3764024] "Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2013-08-13 490480] "MSI Suite"=C:\MSI\MSI SUITE\StartMSISuite.exe [2012-07-05 576056] "CommandCenter"=C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [2013-11-13 809968] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208] ""= [] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "Olympus ib"=C:\Program Files (x86)\Olympus\ib\olycamdetect.exe [2011-11-29 96128] "MDS_Menu"=C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe [2011-08-30 223104] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup iSCTsysTray.lnk - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup CloudStation.lnk - C:\Users\Computer\AppData\Local\CloudStation\bin\cloud.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2013-10-04 623616] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=lvcod64.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo"=vfwwdm32.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-07-08 20:01:29 ----D---- C:\rsit 2014-07-08 20:01:29 ----D---- C:\Program Files\trend micro 2014-07-08 14:59:09 ----SHD---- C:\Config.Msi 2014-07-05 12:54:01 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp 2014-07-05 10:45:38 ----D---- C:\Program Files\Microsoft Office 15 2014-06-20 10:15:30 ----D---- C:\Users\Computer\AppData\Roaming\Nitro PDF 2014-06-18 14:22:04 ----D---- C:\Users\Computer\AppData\Roaming\Nitro 2014-06-18 14:21:47 ----A---- C:\Windows\system32\nitrolocalui2.dll 2014-06-18 14:21:47 ----A---- C:\Windows\system32\nitrolocalmon2.dll 2014-06-18 14:21:43 ----D---- C:\ProgramData\Nitro 2014-06-18 14:21:43 ----D---- C:\Program Files\Common Files\Nitro 2014-06-18 14:21:43 ----D---- C:\Program Files (x86)\Nitro 2014-06-18 14:21:28 ----D---- C:\Users\Computer\AppData\Roaming\Downloaded Installations 2014-06-18 14:10:19 ----D---- C:\Nitro PDF Professional Enterprise 8 (32-bit+64-bit) v8.1.1.3 + Key - {Cyclonoid} 2014-06-18 14:04:33 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe 2014-06-18 14:04:33 ----A---- C:\Windows\SYSWOW64\SettingSyncCore.dll 2014-06-18 14:04:33 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2014-06-18 14:04:33 ----A---- C:\Windows\system32\SettingSyncHost.exe 2014-06-18 14:04:33 ----A---- C:\Windows\system32\SettingSyncCore.dll 2014-06-18 14:04:31 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll 2014-06-18 14:04:31 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll 2014-06-18 14:04:30 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll 2014-06-18 14:04:30 ----A---- C:\Windows\SYSWOW64\WSClient.dll 2014-06-18 14:04:30 ----A---- C:\Windows\SYSWOW64\twinui.dll 2014-06-18 14:04:30 ----A---- C:\Windows\SYSWOW64\OEMLicense.dll 2014-06-18 14:04:30 ----A---- C:\Windows\system32\WSClient.dll 2014-06-18 14:04:30 ----A---- C:\Windows\system32\twinui.dll 2014-06-18 14:04:30 ----A---- C:\Windows\system32\OEMLicense.dll 2014-06-18 14:04:29 ----AC---- C:\Windows\system32\drivers\USBXHCI.SYS 2014-06-18 14:04:29 ----AC---- C:\Windows\system32\drivers\USBAUDIO.sys 2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\sti.dll 2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll 2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\ReAgent.dll 2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\MsSpellCheckingFacility.dll 2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\mfsvr.dll 2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll 2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\easwrt.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\sti.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\SearchFolder.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\schedsvc.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\reseteng.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\ReAgent.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\pnrpsvc.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\ntdll.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\MsSpellCheckingFacility.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\mfsvr.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\MFMediaEngine.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\hal.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\easwrt.dll 2014-06-18 14:04:29 ----A---- C:\Windows\system32\easinvoker.exe 2014-06-18 14:04:29 ----A---- C:\Windows\system32\drivers\rdbss.sys 2014-06-18 14:04:29 ----A---- C:\Windows\system32\drivers\dxgmms1.sys 2014-06-18 14:04:29 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2014-06-18 14:04:20 ----A---- C:\Windows\system32\mshtml.dll 2014-06-18 14:04:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-06-18 14:04:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-06-18 14:04:19 ----A---- C:\Windows\system32\mshtmled.dll 2014-06-18 14:04:16 ----A---- C:\Windows\system32\shell32.dll 2014-06-18 14:04:15 ----A---- C:\Windows\SYSWOW64\shell32.dll 2014-06-18 14:04:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-06-18 14:04:10 ----A---- C:\Windows\system32\ieframe.dll 2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-06-18 14:04:09 ----A---- C:\Windows\system32\wininet.dll 2014-06-18 14:04:09 ----A---- C:\Windows\system32\urlmon.dll 2014-06-18 14:04:09 ----A---- C:\Windows\system32\msfeeds.dll 2014-06-18 14:04:09 ----A---- C:\Windows\system32\jscript9.dll 2014-06-18 14:04:09 ----A---- C:\Windows\system32\iertutil.dll 2014-06-18 14:04:09 ----A---- C:\Windows\system32\ieapfltr.dll 2014-06-18 14:04:09 ----A---- C:\Windows\system32\ie4uinit.exe 2014-06-18 14:04:02 ----A---- C:\Windows\system32\sppsvc.exe 2014-06-18 14:04:02 ----A---- C:\Windows\system32\mstscax.dll 2014-06-18 14:04:01 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2014-06-18 14:04:01 ----A---- C:\Windows\SYSWOW64\mfcore.dll 2014-06-18 14:04:01 ----A---- C:\Windows\SYSWOW64\combase.dll 2014-06-18 14:04:01 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll 2014-06-18 14:04:01 ----A---- C:\Windows\system32\mfcore.dll 2014-06-18 14:04:01 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-06-18 14:04:01 ----A---- C:\Windows\system32\combase.dll 2014-06-18 14:04:00 ----AC---- C:\Windows\system32\drivers\volsnap.sys 2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\WerFault.exe 2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\tsgqec.dll 2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll 2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\rdpencom.dll 2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll 2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\Faultrep.dll 2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\DWWIN.EXE 2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\dbghelp.dll 2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\dbgeng.dll 2014-06-18 14:04:00 ----A---- C:\Windows\system32\WerFault.exe 2014-06-18 14:04:00 ----A---- C:\Windows\system32\tsgqec.dll 2014-06-18 14:04:00 ----A---- C:\Windows\system32\swprv.dll 2014-06-18 14:04:00 ----A---- C:\Windows\system32\sppcomapi.dll 2014-06-18 14:04:00 ----A---- C:\Windows\system32\rdvidcrl.dll 2014-06-18 14:04:00 ----A---- C:\Windows\system32\rdpencom.dll 2014-06-18 14:04:00 ----A---- C:\Windows\system32\mfps.dll 2014-06-18 14:04:00 ----A---- C:\Windows\system32\Faultrep.dll 2014-06-18 14:04:00 ----A---- C:\Windows\system32\DWWIN.EXE 2014-06-18 14:04:00 ----A---- C:\Windows\system32\dbghelp.dll 2014-06-18 14:04:00 ----A---- C:\Windows\system32\dbgeng.dll 2014-06-18 14:03:59 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys 2014-06-18 14:03:59 ----A---- C:\Windows\system32\drivers\WdFilter.sys 2014-06-18 14:03:59 ----A---- C:\Windows\system32\drivers\WdBoot.sys 2014-06-18 14:03:58 ----A---- C:\Windows\system32\winload.exe 2014-06-18 14:03:58 ----A---- C:\Windows\system32\win32k.sys 2014-06-18 14:03:56 ----A---- C:\Windows\SYSWOW64\poqexec.exe 2014-06-18 14:03:56 ----A---- C:\Windows\system32\poqexec.exe 2014-06-18 14:03:56 ----A---- C:\Windows\system32\KernelBase.dll 2014-06-18 14:03:55 ----A---- C:\Windows\SYSWOW64\KernelBase.dll 2014-06-18 14:03:55 ----A---- C:\Windows\SYSWOW64\kernel32.dll 2014-06-18 14:03:55 ----A---- C:\Windows\system32\kernel32.dll 2014-06-18 14:03:45 ----A---- C:\Windows\system32\drivers\ntfs.sys 2014-06-18 14:03:45 ----A---- C:\Windows\system32\drivers\clfs.sys 2014-06-18 14:03:40 ----A---- C:\Windows\SYSWOW64\qedit.dll 2014-06-18 14:03:40 ----A---- C:\Windows\system32\qedit.dll 2014-06-18 13:41:17 ----D---- C:\Program Files (x86)\Windows Vista - 7 - 8 - 8.1 KMS Activator Ultimate 2014 v1.7 2014-06-11 11:22:46 ----D---- C:\Program Files (x86)\Mozilla Thunderbird ======List of files/folders modified in the last 1 month====== 2014-07-08 20:01:30 ----D---- C:\Windows\Prefetch 2014-07-08 20:01:29 ----RD---- C:\Program Files 2014-07-08 20:00:00 ----D---- C:\Windows\system32\sru 2014-07-08 19:59:39 ----D---- C:\Users\Computer\AppData\Roaming\ClassicShell 2014-07-08 19:07:50 ----D---- C:\Windows\system32\NDF 2014-07-08 18:36:38 ----D---- C:\Windows\Temp 2014-07-08 18:14:32 ----D---- C:\Windows\Microsoft.NET 2014-07-08 14:59:15 ----SHD---- C:\Windows\Installer 2014-07-08 09:55:16 ----HD---- C:\Program Files\WindowsApps 2014-07-08 09:55:14 ----D---- C:\Windows\AppReadiness 2014-07-07 11:39:13 ----RD---- C:\Windows\System32 2014-07-07 11:39:13 ----D---- C:\Windows\Inf 2014-07-07 11:39:13 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-07-07 11:00:55 ----D---- C:\ProgramData\AVG 2014-07-07 10:05:03 ----D---- C:\Users\Computer\AppData\Roaming\HpUpdate 2014-07-06 16:18:22 ----D---- C:\Windows\system32\Tasks 2014-07-06 15:10:43 ----D---- C:\Windows\rescache 2014-07-06 15:06:43 ----RSD---- C:\Windows\assembly 2014-07-06 15:05:08 ----D---- C:\ProgramData\regid.1991-06.com.microsoft 2014-07-05 16:07:42 ----D---- C:\Windows\system32\config 2014-07-05 15:38:11 ----D---- C:\Windows\system32\DriverStore 2014-07-05 15:38:08 ----D---- C:\Windows\WinSxS 2014-07-05 14:48:33 ----D---- C:\Windows\SysWOW64 2014-07-05 14:44:33 ----D---- C:\Program Files\Common Files\microsoft shared 2014-07-05 14:40:28 ----D---- C:\ProgramData\Intel Application Pairing 2014-07-05 14:25:02 ----SHD---- C:\System Volume Information 2014-07-05 12:53:28 ----D---- C:\Program Files (x86)\PC Speed Up 2014-07-05 10:47:35 ----SD---- C:\ProgramData\Microsoft 2014-07-05 10:44:13 ----D---- C:\Program Files (x86)\Microsoft Office 2014-07-05 10:33:58 ----D---- C:\Windows\system32\drivers 2014-07-05 10:26:06 ----D---- C:\Windows\system32\Boot 2014-07-05 10:26:06 ----D---- C:\Program Files\Internet Explorer 2014-07-05 10:26:06 ----D---- C:\Program Files (x86)\Internet Explorer 2014-07-05 10:26:05 ----RD---- C:\Windows\ToastData 2014-07-05 10:26:05 ----D---- C:\Program Files\Windows Defender 2014-07-05 10:26:05 ----D---- C:\Program Files (x86)\Windows Defender 2014-07-05 10:26:04 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-07-05 10:26:04 ----D---- C:\Windows\system32\nl-NL 2014-07-05 10:26:03 ----D---- C:\Windows\system32\drivers\UMDF 2014-07-01 10:57:45 ----D---- C:\ProgramData\Davilex Business 2014-06-27 13:36:42 ----RD---- C:\Links 2014-06-18 14:21:43 ----RD---- C:\Program Files (x86) 2014-06-18 14:21:43 ----HD---- C:\ProgramData 2014-06-18 14:21:43 ----D---- C:\Program Files\Common Files 2014-06-18 14:21:43 ----D---- C:\Program Files (x86)\Common Files 2014-06-18 14:07:06 ----D---- C:\Windows\CbsTemp 2014-06-18 14:06:08 ----D---- C:\Windows\system32\SecureBootUpdates 2014-06-18 14:06:07 ----D---- C:\Windows\system32\MRT 2014-06-18 14:03:37 ----D---- C:\Windows\system32\catroot2 2014-06-18 14:02:45 ----D---- C:\Windows 2014-06-11 13:23:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-21 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-21 207904] R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-21 92544] R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-21 1034464] R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-21 422216] R1 ndisrd;@oem11.inf,%ndisrd_Desc%;WinpkFilter LightWeight Filter; C:\Windows\system32\DRIVERS\ndisrd.sys [2011-09-14 32360] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-21 78648] R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2013-01-07 25448] R3 AcpiCtlDrv;AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880] R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2013-12-21 79672] R3 ICCWDT;@oem12.inf,%ICCWDT.SVCDESC%;Intel® Watchdog Timer Driver (Intel® WDT); C:\Windows\System32\drivers\ICCWDT.sys [2013-01-23 27608] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-04 4185600] R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-02-13 21048] R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-02-13 21048] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-03 3760344] R3 ISCT;@oem10.inf,%ISCT.DeviceDesc%;Intel® Smart Connect Technology Device Driver; C:\Windows\System32\drivers\ISCTD64.sys [2013-02-13 46568] R3 iwdbus;@oem20.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-09-26 27032] R3 lvpopf64;@oem17.inf,%lvpopflt.SrvDesc%;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopf64.sys [2007-05-11 1361952] R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2007-05-11 50208] R3 LVUVC64;@oem19.inf,%PID_08C2_DD%(UVC);QuickCam Orbit/Sphere MP(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2007-05-11 3612704] R3 MEIx64;@oem9.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2013-05-17 64624] R3 NTIOLib_1_0_1;NTIOLib_1_0_1; \??\C:\MSI\Super RAID\NTIOLib_X64.sys [2012-06-11 14136] R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368] R3 NTIOLib_1_1_S;NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368] R3 NTIOLib_FastBoot;NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2012-10-26 13368] R3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [2012-11-20 13368] R3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [2012-11-20 13368] R3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [2012-11-19 13368] R3 NTIOLib_SuiteComCen;NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [2013-04-15 13808] R3 NTIOLib_SuiteFB;NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [2012-10-26 13368] R3 RTL8168;@oem7.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-12-27 760032] R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2013-08-22 11776] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-12-16 14112] R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-12-13 121088] R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544] S3 intaud_WaveExtensible;@oem18.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-09-26 39320] S3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-05-22 452088] S3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [2013-02-01 19952] S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys [] S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136] S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [2012-03-30 11888] S3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [2012-11-20 13368] S3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [2012-11-19 13368] S3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [2012-11-26 13368] S3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys [2012-11-20 13368] S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [2012-11-19 13368] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-21 50344] R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-05-21 2279608] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648] R2 ISCTAgent;Intel® Smart Connect Technology Agent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2013-02-13 180200] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2013-05-17 169432] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-05-17 366552] R2 MSI_FastBoot;MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2012-10-26 103992] R2 MSI_SuiteCharger;MSI_SuiteCharger; C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe [2013-02-19 140272] R2 MSI_SuiteComCen;MSI_SuiteComCen; C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe [2013-05-03 333296] R2 MSI_SuiteFastBoot;MSI_SuiteFastBoot; C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe [2012-10-26 105016] R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2013-08-19 161776] R2 MSI_Trigger_Service;MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2013-05-28 29728] R2 MSICTL_CC;MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [2013-10-09 1985536] R2 MSIFileSyncMonitor;MSIFileSyncMonitor; C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [2013-09-04 13824] R2 MSSQLSERVER;SQL Server (MSSQLSERVER); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2012-06-29 43129288] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192] R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-12-13 230408] R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [2012-08-22 289544] R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272] R2 SuperRAIDSvc;SuperRAIDSvc; C:\MSI\Super RAID\SuperRAIDSvc.exe [2013-09-23 16384] R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888] R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-12-18 2102072] R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632] R3 intelsba;Intel® Small Business Advantage; C:\Program Files\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2014-01-06 54976] R3 OnlineStorageService;OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [2012-07-12 7908664] S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-09-20 38440] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-21 136176] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-21 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-12-23 194032] S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-11 119408] S3 MSIBIOSData_CC;MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2013-09-11 2100736] S3 MSIClock_CC;MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [2013-11-04 309248] S3 MSICOMM_CC;MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2013-09-12 2114560] S3 MSICPU_CC;MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [2013-11-28 4116992] S3 MSIDDR_CC;MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2013-09-11 2224640] S3 MSISaveLoad_CC;MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [2013-07-18 3957248] S3 MSISMB_CC;MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [2013-09-11 177152] S3 MSISuperIO_CC;MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [2013-09-12 503808] S3 MSIWMI_CC;MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [2013-11-26 182784] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-11-23 150600] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896] S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2012-06-29 277448] S4 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2012-06-29 379848] -----------------EOF----------------- - - - Updated - - - Nu als bijlage, ik weet niet of je dit makkelijker vindt? Het gekke is dat het op het 3G netwerk van de telefoonprovider wel werkt! log.txt
  4. Hi Heb elke keer dezelfde bijgevoegde foutmelding bij www.vousvintage.com. Ik heb het bij 2 computers/laptops en iphone's geprobeerd maar het zelfde liedje. De meiden van de webshop melden me dat ze geen problemen ondervinden en de bestellingen gewoon binnen krijgen. Weet iemand mij te vertellen waar het hem in zit? Het lijkt me sterk dat ik met alle geprobeerde hardware de enige ben? Ik ben heel benieuwd naar je antwoord. 403 Forbidden.pdf
  5. Hi Clarkie, Ik ben even bezig geweest met jouw advies en heb alles uitgevoerd echter bleef het zelfde probleem houden met outlook. Ik ben er achter dat door IMAP ik het niet kan archiveren met een mailviewer later nog kan inkijken. Dat opslaan doe ik ook al met de outlookberichtenindeling maar het werkt makkelijker vanuit je outlook op de mail te zoeken en dan dit door te sturen, vandaar. Het virusprogramma is niet het probleem maar waarschijnlijk mijn internetverbinding. Ik heb tussen de 2 en 8 mb en ik mag al blij zijn met 3 mb. De kast staat 2,3 km van ons huis en iedereen hier op het industrieterreintje gebruikt hoofdzakelijk isdn op een paar uitzonderingen na die met glasvezel werken. Ik ben nu bezig of ik hier kabel kan krijgen en hoop dat het dit het oplost, Dank je wel voor de goede adviezen, mooie avond, Groetjes Shirley
  6. Hi, het is vaak tussen de 1 en 5 mb. Ik verstuur via outlook. Als ik via internet inlog in mijn gmailaccount dan doet het probleem zich nimmer voor. Ik werk alleen heel graag met een outlook of soortgelijks omdat dit prettig werkt. Ja daar zitten veel mail bij maar omdat het zakelijke mails zijn vindt ik het belangrijk deze te bewaren en wilde om die reden over gaan met achiveren en dan mailviewer te gebruiken als ik mail weer wil inlezen. Ik verwijder altijd alle mail die er niet toe doet. Alleen op dit moment werkt de synchronisatie van het verwijderen ook niet. De mail die ik verwijder staat er daarna nog steeds in.
  7. Hi, Ik heb idd Windows 8.1 als besturingsysteem/Ik heb office voor thuisgebruik en zelfstandige 269 euro eind december gekocht. Door uiteindelijk de ellende dat outlook elke keer vast loopt outlook 2007 er op gezet en thunderbird maar het loopt nog steeds vast. Ik heb outlook 2013 gedeinstalleerd en hoopte dat 2007 het wel zou doen. Ik vermoed dat het door de hoeveelheid mail komt en hoorde iets ovre mailviewer en archiveren maar ik weet niet hoe dit werkt. Ik krijg btw geen foutmelding maar het loopt vast en beindig het dan met taakbeheer en start het dan weer op. De mail is al verzonden maar blijft hem toch versturen door dat hij bij de postvak uit blijft. met ongelimiteerd bedoelde ik dat als ik de mailbox niet even offline zet en in postvak uit de desbetreffende mail niet verwijdermaar blijft sturen naar de ontvanger.... Daar kreeg ik weer een telefoontje van of ik het ajb wilde stopzetten. Ik hoop dat ik wat beter heb verwoord. Dank je wel alvast en mooie dag, Shirley
  8. ik heb windows 8.1/windows 2007 Ik heb 2 mailprogramma s er op gezet -outlook -thunderbird Allebei lopen ze vast en outlook blijft de mail hangen en verstuurd het dan ongelimiteerd tot dat ik door de ontvanger er op wordt geattendeerd. Niet zo leuk en heb een tip gekregen om de mail te archiveren en met mailviewer dan te openen als ik het nodig heb. Welke mailviewer kan ik t beste downloaden zonder nare virussen er ook bij te krijgen? En hoe archiveer ik dit? Dank je wel alvast voor de genomen moeite, Mooi dag, Shirley
  9. hi , zie hier het rapport alleen ik ben bang dat je nu niks ziet door dat ik daar voor recent malware er over had laten gaan? Emsisoft Emergency Kit - Versie 4.0 Laatste Update: 25-9-2013 22:03:08 Gebruikersaccount: EIGENAAR-8B348D\Shirley Scaninstellingen: Scanmodus: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\, D:\ Detecteer PUPs: Aan Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 6-10-2013 20:17:24 Gescand: 485460 Gevonden: 0 Scan geëindigd: 6-10-2013 22:15:27 Scantijd: 1:58:03
  10. Goede morgen, Ik heb malware er weer over heen laten gaan. Sinds de laatste truk is het wel een stuk rustiger op de pc maar ik heb het gevoel er nog niet van af te zijn... De pc gaf ook nog 1x de eerder gemelde fout melding bij het opslaan van mail? Wat denk jij er van? Mooie zondag. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.10.05.06 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Shirley :: EIGENAAR-8B348D [administrator] 5-10-2013 21:06:28 mbam-log-2013-10-05 (21-06-28).txt Scan type: Volledige scan (C:\|D:\|I:\|Z:\|) Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 533201 Verstreken tijd: 5 uur/uren, 56 minuut/minuten, 18 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 4 HKCU\SOFTWARE\WNLT (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\ConduitSearchScopes (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\SEARCHPROTECT (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 2 HKCU\SOFTWARE\WNLT|URL (PUP.Optional.InstallBrain.A) -> Data: MYSTART -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\SearchProtect|IELastInstalledTBHomepage (PUP.Optional.SearchProtect.A) -> Data: Zoeken -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 2 C:\Documents and Settings\All Users\Application Data\Conduit\IE (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\WNLT\Installation (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 8 C:\Documents and Settings\Shirley\Local Settings\Temp\nsl4F.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Local Settings\Temp\nsl54.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Local Settings\Temp\SweetIMInstallValidator.exe (PUP.Optional.Conduit) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\ARFC\wrtc.exe (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\jmdp\stij.exe (PUP.Optional.Perion) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\WNLT\Installation\SKSetup.exe (PUP.Optional.Perion) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\WNLT\Installation\Config.bin (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\WNLT\Installation\uninstaller.exe (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  11. Ik kreeg deze er ook nog over heen! Update uitgevoerd en Elvira vond ook weer wat (zie report). Het blijft maar aan de gang... Weeet jij waar ik wijs aan doe? Avira Free Antivirus Report file date: maandag 30 september 2013 12:33 The program is running as an unrestricted full version. Online services are available. Licensee : Avira Free Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Microsoft Windows XP Windows version : (Service Pack 3) [5.1.2600] Boot mode : Normally booted Username : SYSTEM Computer name : EIGENAAR-8B348D Version information: BUILD.DAT : 13.0.0.4052 55009 Bytes 29-8-2013 18:03:00 AVSCAN.EXE : 13.6.20.2100 639032 Bytes 2-9-2013 12:30:13 AVSCANRC.DLL : 13.6.20.2174 52280 Bytes 2-9-2013 12:30:13 LUKE.DLL : 13.6.20.2174 65080 Bytes 2-9-2013 12:30:35 AVSCPLR.DLL : 13.6.20.2174 92216 Bytes 2-9-2013 12:30:14 AVREG.DLL : 13.6.20.2174 250424 Bytes 2-9-2013 12:30:12 avlode.dll : 13.6.20.2174 497720 Bytes 2-9-2013 12:30:11 avlode.rdf : 13.0.1.42 26846 Bytes 28-8-2013 11:23:36 VBASE000.VDF : 7.11.70.0 66736640 Bytes 4-4-2013 13:28:18 VBASE001.VDF : 7.11.74.226 2201600 Bytes 30-4-2013 07:23:01 VBASE002.VDF : 7.11.80.60 2751488 Bytes 28-5-2013 12:45:06 VBASE003.VDF : 7.11.85.214 2162688 Bytes 21-6-2013 11:39:56 VBASE004.VDF : 7.11.91.176 3903488 Bytes 23-7-2013 10:01:21 VBASE005.VDF : 7.11.98.186 6822912 Bytes 29-8-2013 11:35:26 VBASE006.VDF : 7.11.103.230 2293248 Bytes 24-9-2013 11:24:39 VBASE007.VDF : 7.11.103.231 2048 Bytes 24-9-2013 11:24:39 VBASE008.VDF : 7.11.103.232 2048 Bytes 24-9-2013 11:24:39 VBASE009.VDF : 7.11.103.233 2048 Bytes 24-9-2013 11:24:39 VBASE010.VDF : 7.11.103.234 2048 Bytes 24-9-2013 11:24:40 VBASE011.VDF : 7.11.103.235 2048 Bytes 24-9-2013 11:24:40 VBASE012.VDF : 7.11.103.236 2048 Bytes 24-9-2013 11:24:40 VBASE013.VDF : 7.11.103.237 2048 Bytes 24-9-2013 11:24:40 VBASE014.VDF : 7.11.104.123 282112 Bytes 26-9-2013 11:24:49 VBASE015.VDF : 7.11.104.237 359424 Bytes 28-9-2013 04:11:02 VBASE016.VDF : 7.11.104.238 2048 Bytes 28-9-2013 04:11:02 VBASE017.VDF : 7.11.104.239 2048 Bytes 28-9-2013 04:11:02 VBASE018.VDF : 7.11.104.240 2048 Bytes 28-9-2013 04:11:02 VBASE019.VDF : 7.11.104.241 2048 Bytes 28-9-2013 04:11:02 VBASE020.VDF : 7.11.104.242 2048 Bytes 28-9-2013 04:11:02 VBASE021.VDF : 7.11.104.243 2048 Bytes 28-9-2013 04:11:02 VBASE022.VDF : 7.11.104.244 2048 Bytes 28-9-2013 04:11:03 VBASE023.VDF : 7.11.104.245 2048 Bytes 28-9-2013 04:11:03 VBASE024.VDF : 7.11.104.246 2048 Bytes 28-9-2013 04:11:03 VBASE025.VDF : 7.11.104.247 2048 Bytes 28-9-2013 04:11:03 VBASE026.VDF : 7.11.104.248 2048 Bytes 28-9-2013 04:11:03 VBASE027.VDF : 7.11.104.249 2048 Bytes 28-9-2013 04:11:03 VBASE028.VDF : 7.11.104.250 2048 Bytes 28-9-2013 04:11:03 VBASE029.VDF : 7.11.104.251 2048 Bytes 28-9-2013 04:11:03 VBASE030.VDF : 7.11.104.252 2048 Bytes 28-9-2013 04:11:03 VBASE031.VDF : 7.11.105.54 114176 Bytes 30-9-2013 10:10:39 Engine version : 8.2.12.124 AEVDF.DLL : 8.1.3.4 102774 Bytes 13-6-2013 18:37:45 AESCRIPT.DLL : 8.1.4.152 516478 Bytes 26-9-2013 17:24:53 AESCN.DLL : 8.1.10.4 131446 Bytes 26-3-2013 13:53:41 AESBX.DLL : 8.2.16.26 1245560 Bytes 23-8-2013 12:28:20 AERDL.DLL : 8.2.0.128 688504 Bytes 13-6-2013 18:37:44 AEPACK.DLL : 8.3.2.28 749945 Bytes 13-9-2013 10:53:23 AEOFFICE.DLL : 8.1.2.76 205181 Bytes 8-8-2013 14:57:37 AEHEUR.DLL : 8.1.4.664 6156666 Bytes 26-9-2013 17:24:52 AEHELP.DLL : 8.1.27.6 266617 Bytes 27-8-2013 16:14:24 AEGEN.DLL : 8.1.7.14 446839 Bytes 6-9-2013 11:44:12 AEEXP.DLL : 8.4.1.62 328055 Bytes 13-9-2013 10:53:23 AEEMU.DLL : 8.1.3.2 393587 Bytes 19-9-2012 13:42:55 AECORE.DLL : 8.1.32.0 201081 Bytes 23-8-2013 12:28:15 AEBB.DLL : 8.1.1.4 53619 Bytes 6-11-2012 07:20:34 AVWINLL.DLL : 13.6.20.2174 23608 Bytes 2-9-2013 12:30:06 AVPREF.DLL : 13.6.20.2174 48184 Bytes 2-9-2013 12:30:11 AVREP.DLL : 13.6.20.2174 175672 Bytes 2-9-2013 12:30:12 AVARKT.DLL : 13.6.20.2174 258104 Bytes 2-9-2013 12:30:07 AVEVTLOG.DLL : 13.6.20.2174 165432 Bytes 2-9-2013 12:30:09 SQLITE3.DLL : 3.7.0.1 397088 Bytes 19-9-2012 17:17:40 AVSMTP.DLL : 13.6.20.2174 60472 Bytes 2-9-2013 12:30:14 NETNT.DLL : 13.6.20.2174 13368 Bytes 2-9-2013 12:30:36 RCIMAGE.DLL : 13.6.20.2174 4788792 Bytes 2-9-2013 12:30:06 RCTEXT.DLL : 13.6.20.2175 66616 Bytes 2-9-2013 12:30:06 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp Reporting...........................: default Primary action......................: Interactive Secondary action....................: Ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, D:, Process scan........................: on Extended process scan...............: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Limit recursion depth...............: 20 Smart extensions....................: on Macrovirus heuristic................: on File heuristic......................: extended Start of the scan: maandag 30 september 2013 12:33 Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting search for hidden objects. The scan of running processes will be started: Scan process 'PresentationFontCache.exe' - '29' Module(s) have been scanned Scan process 'DLS.exe' - '106' Module(s) have been scanned Scan process 'OSPPSVC.EXE' - '26' Module(s) have been scanned Scan process 'vssvc.exe' - '36' Module(s) have been scanned Scan process 'OUTLOOK.EXE' - '196' Module(s) have been scanned Scan process 'avscan.exe' - '92' Module(s) have been scanned Scan process 'avcenter.exe' - '72' Module(s) have been scanned Scan process 'HPNetworkCommunicatorCom.exe' - '68' Module(s) have been scanned Scan process 'RunDll32.exe' - '55' Module(s) have been scanned Scan process 'WindowsSearch.exe' - '66' Module(s) have been scanned Scan process 'Rundll32.exe' - '49' Module(s) have been scanned Scan process 'Skype.exe' - '97' Module(s) have been scanned Scan process 'WISPTIS.EXE' - '32' Module(s) have been scanned Scan process 'msmsgs.exe' - '43' Module(s) have been scanned Scan process 'MPAPI3s.exe' - '24' Module(s) have been scanned Scan process 'DymoQuickPrint.exe' - '61' Module(s) have been scanned Scan process 'ScanToPCActivationApp.exe' - '51' Module(s) have been scanned Scan process 'PcSync2.exe' - '51' Module(s) have been scanned Scan process 'KPNBackupOnline.exe' - '67' Module(s) have been scanned Scan process 'iPodService.exe' - '29' Module(s) have been scanned Scan process 'SERVIC~1.EXE' - '48' Module(s) have been scanned Scan process 'ctfmon.exe' - '25' Module(s) have been scanned Scan process 'jusched.exe' - '21' Module(s) have been scanned Scan process 'olycamdetect.exe' - '26' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '64' Module(s) have been scanned Scan process 'HPWuSchd2.exe' - '19' Module(s) have been scanned Scan process 'LAUNCH~1.EXE' - '60' Module(s) have been scanned Scan process 'lwbwheel.exe' - '21' Module(s) have been scanned Scan process 'avgnt.exe' - '68' Module(s) have been scanned Scan process 'MobileBroadband.exe' - '225' Module(s) have been scanned Scan process 'RunDLL32.exe' - '52' Module(s) have been scanned Scan process 'SOUNDMAN.EXE' - '25' Module(s) have been scanned Scan process 'RTHDCPL.EXE' - '37' Module(s) have been scanned Scan process 'tv_w32.exe' - '40' Module(s) have been scanned Scan process 'alg.exe' - '33' Module(s) have been scanned Scan process 'AVWEBGRD.EXE' - '47' Module(s) have been scanned Scan process 'TeamViewer.exe' - '108' Module(s) have been scanned Scan process 'Explorer.EXE' - '103' Module(s) have been scanned Scan process 'wmiprvse.exe' - '48' Module(s) have been scanned Scan process 'mbamgui.exe' - '29' Module(s) have been scanned Scan process 'avshadow.exe' - '26' Module(s) have been scanned Scan process 'VmbService.exe' - '81' Module(s) have been scanned Scan process 'SearchIndexer.exe' - '56' Module(s) have been scanned Scan process 'UsbClientService.exe' - '25' Module(s) have been scanned Scan process 'BackupFP.exe' - '37' Module(s) have been scanned Scan process 'TeamViewer_Service.exe' - '78' Module(s) have been scanned Scan process 'svchost.exe' - '55' Module(s) have been scanned Scan process 'sqlwriter.exe' - '28' Module(s) have been scanned Scan process 'sqlbrowser.exe' - '17' Module(s) have been scanned Scan process 'ReiGuard.exe' - '36' Module(s) have been scanned Scan process 'daemonu.exe' - '31' Module(s) have been scanned Scan process 'nvsvc32.exe' - '37' Module(s) have been scanned Scan process 'NitroPDFDriverService8.exe' - '19' Module(s) have been scanned Scan process 'sqlservr.exe' - '46' Module(s) have been scanned Scan process 'GoogleCrashHandler.exe' - '21' Module(s) have been scanned Scan process 'sqlservr.exe' - '57' Module(s) have been scanned Scan process 'mbamservice.exe' - '38' Module(s) have been scanned Scan process 'mbamscheduler.exe' - '27' Module(s) have been scanned Scan process 'BackupSC.exe' - '23' Module(s) have been scanned Scan process 'jqs.exe' - '32' Module(s) have been scanned Scan process 'DymoPnpService.exe' - '43' Module(s) have been scanned Scan process 'LoggerServer.exe' - '23' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '28' Module(s) have been scanned Scan process 'BecHelperService.exe' - '52' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '65' Module(s) have been scanned Scan process 'avguard.exe' - '80' Module(s) have been scanned Scan process 'sched.exe' - '39' Module(s) have been scanned Scan process 'spoolsv.exe' - '67' Module(s) have been scanned Scan process 'svchost.exe' - '37' Module(s) have been scanned Scan process 'svchost.exe' - '32' Module(s) have been scanned Scan process 'svchost.exe' - '159' Module(s) have been scanned Scan process 'svchost.exe' - '40' Module(s) have been scanned Scan process 'svchost.exe' - '54' Module(s) have been scanned Scan process 'lsass.exe' - '59' Module(s) have been scanned Scan process 'services.exe' - '27' Module(s) have been scanned Scan process 'winlogon.exe' - '80' Module(s) have been scanned Scan process 'csrss.exe' - '14' Module(s) have been scanned Scan process 'smss.exe' - '2' Module(s) have been scanned Starting to scan executable files (registry): The registry was scanned ( '2313' files ). Starting the file scan: Begin scan in 'C:\' <WINDOWS> C:\Avenger\msvcp100.dll-ren-966 [DETECTION] Is the TR/Trash.Gen Trojan C:\Avenger\msvcr100.dll-ren-986 [DETECTION] Is the TR/Drop.Softomat.AN Trojan C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054427.dll [DETECTION] Is the TR/Trash.Gen Trojan C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054428.exe [DETECTION] Is the TR/Trash.Gen Trojan C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054429.exe [DETECTION] Is the TR/Trash.Gen Trojan C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054430.exe [DETECTION] Is the TR/Trash.Gen Trojan C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054431.exe [DETECTION] Is the TR/Trash.Gen Trojan C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054432.dll [DETECTION] Is the TR/Trash.Gen Trojan C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054433.dll [DETECTION] Is the TR/Trash.Gen Trojan C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054434.dll [DETECTION] Is the TR/Trash.Gen Trojan C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054435.dll [DETECTION] Is the TR/Trash.Gen Trojan C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054436.dll [DETECTION] Is the TR/Drop.Softomat.AN Trojan Begin scan in 'D:\' <NIET GEBRUIKEN!!> Beginning disinfection: C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054436.dll [DETECTION] Is the TR/Drop.Softomat.AN Trojan [NOTE] The file was moved to the quarantine directory under the name '5612d006.qua'! C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054435.dll [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '4e85ffa1.qua'! C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054434.dll [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '1cdaa549.qua'! C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054433.dll [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '7aedea8b.qua'! C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054432.dll [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '3f69c7b5.qua'! C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054431.exe [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '4072f5d4.qua'! C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054430.exe [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '0ccad99e.qua'! C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054429.exe [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '70d299ce.qua'! C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054428.exe [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '5d88b683.qua'! C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054427.dll [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '44e08d1a.qua'! C:\Avenger\msvcr100.dll-ren-986 [DETECTION] Is the TR/Drop.Softomat.AN Trojan [NOTE] The file was moved to the quarantine directory under the name '287aa1ed.qua'! C:\Avenger\msvcp100.dll-ren-966 [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '59c39878.qua'! End of the scan: maandag 30 september 2013 14:53 Used time: 2:19:23 Hour(s) The scan has been done completely. 14552 Scanned directories 1163966 Files were scanned 12 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 Files were deleted 0 Viruses and unwanted programs were repaired 12 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 1163954 Files not concerned 16098 Archives were scanned 0 Warnings 12 Notes 552050 Objects were scanned with rootkit scan 0 Hidden objects were found
  12. Hi, mmm we zijn er denk ik nog niet (zie report). Het blijft rommelen op de PC? Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.09.27.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Shirley :: EIGENAAR-8B348D [administrator] 29-9-2013 20:43:21 mbam-log-2013-09-29 (20-43-21).txt Scan type: Volledige scan (C:\|D:\|I:\|K:\|Z:\|) Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 548863 Verstreken tijd: 7 uur/uren, 24 minuut/minuten, 16 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 1 HKCU\Software\PriceGong (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 2 C:\Documents and Settings\Shirley\Application Data\PriceGong (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 31 C:\Program Files\SweetPacks\SweetPacksToolbarHelper.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\1.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\2229.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\2258.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\a.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\b.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\c.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\d.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\e.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\f.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\g.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\h.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\i.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\j.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\k.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\l.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\m.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\n.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\o.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\p.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\q.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\r.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\s.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\t.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\u.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\v.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\w.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\wlu.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\x.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\y.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\z.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  13. Goede morgen, ik heb gedaan wat je zei! en nu maar hopen dat het nu een keer afgelopen is:adore: Starting Repairs... Start (27-9-2013 6:42:44) 04 - Repair WMI Start (27-9-2013 6:42:44) Running Repair Under Current User Account Running Repair Under System Account Done (27-9-2013 6:47:50) 05 - Repair Windows Firewall Start (27-9-2013 6:47:50) Running Repair Under Current User Account Running Repair Under System Account Done (27-9-2013 6:48:03) 12 - Repair Winsock & DNS Cache Start (27-9-2013 6:48:03) Running Repair Under Current User Account Running Repair Under System Account Done (27-9-2013 6:48:16) 14 - Repair Proxy Settings Start (27-9-2013 6:48:16) Running Repair Under Current User Account Running Repair Under System Account Done (27-9-2013 6:48:20) 16 - Repair Windows Updates Start (27-9-2013 6:48:20) Running Repair Under Current User Account Running Repair Under System Account Done (27-9-2013 6:49:41) 20 - Repair MSI (Windows Installer) Start (27-9-2013 6:49:41) Running Repair Under Current User Account Running Repair Under System Account Done (27-9-2013 6:49:54) 25 - Restore Important Windows Services Start (27-9-2013 6:49:54) Running Repair Under Current User Account Running Repair Under System Account Done (27-9-2013 6:49:58) 26 - Set Windows Services To Default Startup Start (27-9-2013 6:49:58) Running Repair Under Current User Account Running Repair Under System Account Done (27-9-2013 6:50:15) Cleaning up empty logs... All Selected Repairs Done. Done (27-9-2013 6:50:15) Total Repair Time: 00:07:31 ...YOU MUST RESTART YOUR SYSTEM... Running Repair Under Current User Account
  14. Hi, De link werkte niet en dacht via google een werkende link te vinden maar vond daarbij de volgende waarschuwing:argh: Ik heb malware report van gisteravond ook nog toegevoegd. [TABLE] [TR] [TD]Dial-a-fix does not work with any Windows OS higher than Windows XP. This includes Windows Vista, Windows 7. Dial-a-fix also has a critical unpatched bug that will delete your C:\Documents folder. It is highly recommended to read the Warnings page before downloading and using this software. [/TD] [/TR] [/TABLE] Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.09.24.08 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Shirley :: EIGENAAR-8B348D [administrator] 24-9-2013 19:15:26 mbam-log-2013-09-24 (19-15-26).txt Scan type: Volledige scan (C:\|D:\|I:\|K:\|Z:\|) Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 545821 Verstreken tijd: 6 uur/uren, 52 minuut/minuten, 36 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Program Files\rcpsetup_onlyad3.exe (PUP.Optional.RegCleanerPro) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\roboot.exe (PUP.Optional.PCPerformer.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  15. Goede morgen, Het lukt me met geen mogelijkheid dit te downloaden. Ook al actief gezocht met google maar geen van de links wil werkn:hmmmm:
  16. mmm oke! Helaas ben ik nog niet van de rottigheid af. Als ik mail wil opslaan blijft dit gebeuren. Soms als ik de outlook afsluit en weer opstart lukt het even weer wel maar na een korte tijd gebeurd het weer. Ik hoop dat je het kan oplossen voor me. Dank je wel, Shirley Ik krijg nog steeds bij het opslaan van mijn mail de volgende foutmeldingen
  17. Hi, Er zat heel veel in de box van Avira. Dat wist ik niet dat deze bij tijd en wijle moest geleegd worden en ik dacht als het in quarantaine zit niets meer kon aanrichten? Ik ga de pc testen en hope for the best.... Ik laat het morgen weten of het opgelost is. Dank je wel en Mooi weekend, Shirley
  18. Hi, Ik heb het report, nu wel gelukt:top:. Ik heb ipv in quarantaine voor verwijderd gekozen. Ik hoop dat dit geen consequenties heeft! Het was nog vroeg..... Tks want denk dat we er zijn... Er zat een Trojan horse te etteren... Emsisoft Emergency Kit - Versie 4.0 Laatste Update: 20-9-2013 5:32:59 Gebruikersaccount: EIGENAAR-8B348D\Shirley Scaninstellingen: Scanmodus: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\, D:\ Detecteer PUPs: Aan Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 20-9-2013 5:35:25 C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\4d1a870e.qua -> (Quarantine-8) -> (IFRAME 2) Ontdekt: Trojan.Iframe.CEG ( C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\558dae39.qua -> (Quarantine-8) -> (IFRAME 2) Ontdekt: Trojan.Iframe.CEG ( Gescand: 496223 Gevonden: 2 Scan geëindigd: 20-9-2013 7:34:40 Scantijd: 1:59:15 C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\4d1a870e.qua Verwijderd Trojan.Iframe.CEG ( C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\558dae39.qua Verwijderd Trojan.Iframe.CEG ( Verwijderd 2
  19. Hi, Ik heb gisteravond en vandaag alles afgezocht. Ik heb combofix al meerdere keren verwijderd en geinstalleerd. Ook dat mag niet helpen. Ik heb met de optie zoeken (Search companion) ook nog gezocht. Ik heb echt geen report van combofix. Het gekke is als ik bij configuratiescherm in de software kijk staat deze combofix ook niet tussen? Wat nu?
  20. Goede morgen, Mooie dag! Ik heb combofix geïnstalleerd maar ik krijg geen report? Wat to do? Tks, Shirley
  21. sorry voor zo vaak dezelfde reports...Ik kreeg elke keer als ik op snel reageren drukte bij het verzenden deze foutmelding en dan werd deze website afgesloten en heb ik het talloze keren zoals je boven kan zien geprobeerd:rofl: en nu zie worden ze pas getoond... Ik hoop dat het niet al te ernstig is wat er op de PC huist... Dank je wel voor alle moeite alvast Groetjes, Shirley
  22. Hi, hierbij het logreport! Ik hoop dat je het weet op te lossen. Ik kan heel de tijd me mail niet opslaan dan krijg ik een melding "de bewerking is mislukt". Dank je wel alvast, Logfile of random's system information tool 1.09 (written by random/random) Run by Shirley at 2013-09-17 16:41:55 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 694 GB (87%) free of 800 GB Total RAM: 3326 MB (55% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:42:06, on 17-9-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\KPN\Mobiel Internet Software\LoggerServer.exe C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe C:\Program Files\KPN Back-up Online\BackupSC.exe C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files\KPN Back-up Online\BackupFP.exe C:\Program Files\Synology\Assistant\UsbClientService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\TeamViewer\Version8\TeamViewer.exe C:\Program Files\TeamViewer\Version8\tv_w32.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Trust\250S Series\lwbwheel.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Olympus\ib\olycamdetect.exe C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\File Type Assistant\tsassist.exe C:\WINDOWS\explorer.exe C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe C:\PROGRA~1\MICROS~3\Office14\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office14\EXCEL.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\RSIT.exe C:\Program Files\trend micro\Shirley.exe C:\WINDOWS\system32\SearchProtocolHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: EspressoBHO - {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\Espresso.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DLSService] "C:\Program Files\DYMO\DYMO Label Software\DLSService.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized O4 - HKCU\..\Run: [uninstallHelper] "C:\Program Files\W3i\UninstallHelper\UninstallHelper.exe" /silent /autorun O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [HP Officejet 6500 E710n-z (NET)] "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AG344D905JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1 O4 - HKCU\..\Run: [DymoQuickPrint] "C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-1644491937-1757981266-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'Default user') O4 - Startup: Inktwaarschuwingen controleren - HP Officejet 6500 E710n-z (netwerk).lnk = ? O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe O9 - Extra 'Tools' menuitem: HP Smart Print 2.1 - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1346769824031 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346836882578 O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BecHelperService - Unknown owner - C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: KPN Back-up Online SC - KPN - C:\Program Files\KPN Back-up Online\BackupSC.exe O23 - Service: Mamut Synchronization Service (MamutSyncService) - Mamut ASA - C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: UsbClientService - Unknown owner - C:\Program Files\Synology\Assistant\UsbClientService.exe O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- End of file - 15773 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\ProgramUpdateCheck.job C:\WINDOWS\tasks\SDMsgUpdate (TE).job C:\WINDOWS\tasks\User_Feed_Synchronization-{DEC59399-4375-4259-88F2-4A61A75B72EF}.job =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\27zl3w7v.default prefs.js - "browser.startup.homepage" - "MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" prefs.js - "keyword.URL" - "Bing=" "{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@dymo.com/DymoLabelFramework] "Description"=DYMO Label Framework Plugin "Path"=C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.40.2] "Description"=Java™ Deployment Toolkit "Path"=C:\WINDOWS\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1] "Description"=Microsoft Download Manager "Path"=C:\WINDOWS\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nitropdf.com/NitroPDF] "Description"=NitroPDF Web Browser Plugin "Path"=C:\Program Files\Nitro\Pro 8\npnitromozilla.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\27zl3w7v.default\searchplugins\ bingp.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-12 462248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-18 192592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2012-12-18 1000984] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-12 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6C6509-FE36-44B0-A917-6C2A0DDBDF88}] HP Smart Print Helper - C:\Program Files\Hewlett-Packard\Smart Print 2.1\Espresso.dll [2012-12-14 2491856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-18 192592] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-27 16875008] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824] "AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192] "NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login [] "nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-05-15 1634112] "MobileBroadband"=C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2011-06-14 279552] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720] "Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-09-02 347192] "LWBMOUSE"=C:\Program Files\Trust\250S Series\lwbwheel.exe [2001-04-20 429568] "PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2005-12-13 217088] "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208] ""= [] "DLSService"=C:\Program Files\DYMO\DYMO Label Software\DLSService.exe [] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392] "Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2011-11-29 96128] "MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2011-08-30 223104] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-09-06 39408] "VoipBuster"=C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe [2013-06-24 19378496] "KPNBackupOnline"=C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe [2012-06-27 9451384] "UninstallHelper"=C:\Program Files\W3i\UninstallHelper\UninstallHelper.exe [2012-10-12 898200] "PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-11-30 1306624] "HP Officejet 6500 E710n-z (NET)"=C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2012-10-17 1837672] "DymoQuickPrint"=C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe [2011-01-28 1825360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-07-25 20681584] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Shirley\Menu Start\Programma's\Opstarten Inktwaarschuwingen controleren - HP Officejet 6500 E710n-z (netwerk).lnk - C:\WINDOWS\system32\RunDll32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-15 239616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe" "C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote" "C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service" "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:*:Enabled:VoipBuster" "C:\Program Files\Synology\Assistant\DSAssistant.exe"="C:\Program Files\Synology\Assistant\DSAssistant.exe:*:Enabled:DSAssistant" "C:\Program Files\KPN Back-up Online\BackupUP.exe"="C:\Program Files\KPN Back-up Online\BackupUP.exe:*:Enabled:Updater" "C:\Program Files\KPN Back-up Online\BackupFP.exe"="C:\Program Files\KPN Back-up Online\BackupFP.exe:*:Enabled:BackupFP" "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe:*:Enabled:BackupManager" "C:\Program Files\File Type Assistant\tsassist.exe"="C:\Program Files\File Type Assistant\tsassist.exe:*:Enabled:ProgramUpdateCheck" "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\FaxApplications.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\FaxApplications.exe:LocalSubNet:Enabled:HP Officejet 6500 E710n-z FaxApplications" "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DigitalWizards.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DigitalWizards.exe:LocalSubNet:Enabled:HP Officejet 6500 E710n-z DigitalWizards" "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\SendAFax.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\SendAFax.exe:LocalSubNet:Enabled:HP Officejet 6500 E710n-z SendFaxAppExe" "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP apparaatinstellingen (HP Officejet 6500 E710n-z)" "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Netwerkcommunicator (HP Officejet 6500 E710n-z)" "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe:LocalSubNet:Enabled:HP Netwerkcommunicator-COM (HP Officejet 6500 E710n-z)" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe"="C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe:*:Enabled:sqlservr.exe" "C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe"="C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe:*:Enabled:sqlbrowser.exe" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application" "C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\KPN Back-up Online\BackupUP.exe"="C:\Program Files\KPN Back-up Online\BackupUP.exe:*:Enabled:Updater" "C:\Program Files\KPN Back-up Online\BackupFP.exe"="C:\Program Files\KPN Back-up Online\BackupFP.exe:*:Enabled:BackupFP" "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe:*:Enabled:BackupManager" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "VIDC.I420"=lvcodec2.dll "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "VIDC.YVYU"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "MSVideo"=vfwwdm32.dll "MSVideo8"=VfWWDM32.dll "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux5"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2013-09-17 16:41:55 ----D---- C:\rsit 2013-09-17 16:41:55 ----D---- C:\Program Files\trend micro 2013-09-17 16:41:49 ----A---- C:\Program Files\RSIT.exe 2013-09-16 21:55:15 ----D---- C:\Documents and Settings\All Users\Application Data\boost_interprocess 2013-09-16 21:42:15 ----D---- C:\WINDOWS\Temp 2013-09-16 21:42:15 ----A---- C:\WINDOWS\zoek-delete.exe 2013-09-14 20:26:49 ----SHD---- C:\Config.Msi 2013-09-13 22:06:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$ 2013-09-13 22:06:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$ 2013-09-13 22:05:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$ 2013-09-13 10:17:34 ----D---- C:\Documents and Settings\Shirley\Application Data\Skype 2013-09-13 10:17:27 ----D---- C:\Program Files\Common Files\Skype 2013-09-13 10:17:25 ----RD---- C:\Program Files\Skype 2013-09-13 10:17:18 ----D---- C:\Documents and Settings\All Users\Application Data\Skype 2013-09-13 10:12:07 ----A---- C:\Program Files\SkypeSetupFull.exe 2013-09-12 15:37:07 ----D---- C:\Program Files\Common Files\Java 2013-09-12 15:36:54 ----A---- C:\WINDOWS\system32\javaws.exe 2013-09-12 15:36:42 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll 2013-09-12 15:36:42 ----A---- C:\WINDOWS\system32\javaw.exe 2013-09-12 15:36:42 ----A---- C:\WINDOWS\system32\java.exe 2013-09-12 15:36:22 ----D---- C:\Program Files\Java 2013-09-10 12:28:23 ----A---- C:\WINDOWS\ODBC.INI 2013-09-10 12:27:48 ----A---- C:\WINDOWS\system32\cdintf400.dll 2013-09-10 12:27:14 ----D---- C:\Program Files\Mamut 2013-09-10 12:20:24 ----A---- C:\WINDOWS\system32\perf-MSSQL10_50.MAMUT-sqlagtctr.dll 2013-09-10 12:20:11 ----A---- C:\WINDOWS\system32\perf-MSSQL$MAMUT-sqlctr10.50.1600.1.dll 2013-09-10 12:19:28 ----D---- C:\WINDOWS\system32\RsFx 2013-09-10 12:18:56 ----D---- C:\Program Files\Microsoft Visual Studio 9.0 2013-09-10 12:07:26 ----D---- C:\Program Files\Microsoft Sync Framework 2013-09-05 15:21:38 ----D---- C:\Documents and Settings\Shirley\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant 2013-09-05 15:21:25 ----D---- C:\Program Files\Common Files\Adobe AIR 2013-09-03 21:30:02 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla 2013-09-03 21:30:01 ----D---- C:\Program Files\Mozilla Maintenance Service 2013-09-03 21:29:40 ----D---- C:\Program Files\Mozilla Firefox 2013-09-03 21:28:47 ----A---- C:\Program Files\Firefox Setup Stub 23.0.1.exe 2013-08-29 19:22:56 ----HD---- C:\WINDOWS\PIF 2013-08-28 16:25:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$ ======List of files/folders modified in the last 1 month====== 2013-09-17 16:41:55 ----RD---- C:\Program Files 2013-09-17 12:40:41 ----D---- C:\WINDOWS\system32 2013-09-16 22:51:20 ----A---- C:\WINDOWS\SchedLgU.Txt 2013-09-16 21:57:25 ----D---- C:\WINDOWS\Prefetch 2013-09-16 21:55:00 ----SHD---- C:\System Volume Information 2013-09-16 21:54:47 ----D---- C:\WINDOWS 2013-09-16 21:31:03 ----SD---- C:\WINDOWS\Tasks 2013-09-16 21:30:51 ----D---- C:\Program Files\Common Files 2013-09-16 20:41:26 ----D---- C:\WINDOWS\Registration 2013-09-16 14:20:47 ----D---- C:\Documents and Settings\Shirley\Application Data\Nitro PDF 2013-09-15 16:33:06 ----D---- C:\Documents and Settings\Shirley\Application Data\Nitro 2013-09-15 14:08:16 ----D---- C:\WINDOWS\Debug 2013-09-14 21:05:39 ----D---- C:\WINDOWS\system32\NtmsData 2013-09-14 20:30:16 ----SHD---- C:\WINDOWS\Installer 2013-09-14 19:29:45 ----D---- C:\WINDOWS\system32\drivers 2013-09-13 22:11:04 ----RSHDC---- C:\WINDOWS\system32\dllcache 2013-09-13 22:11:04 ----HD---- C:\WINDOWS\inf 2013-09-13 22:11:01 ----D---- C:\Program Files\Internet Explorer 2013-09-13 22:10:42 ----D---- C:\WINDOWS\ie8updates 2013-09-13 22:10:34 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2013-09-13 22:00:47 ----D---- C:\WINDOWS\system32\MRT 2013-09-13 21:55:24 ----A---- C:\WINDOWS\system32\MRT.exe 2013-09-13 12:18:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe 2013-09-13 06:55:51 ----D---- C:\WINDOWS\system32\CatRoot2 2013-09-12 15:36:24 ----A---- C:\WINDOWS\system32\npDeployJava1.dll 2013-09-12 15:36:24 ----A---- C:\WINDOWS\system32\deployJava1.dll 2013-09-11 09:18:35 ----D---- C:\Program Files\File Type Assistant 2013-09-10 12:45:14 ----SD---- C:\Documents and Settings\Shirley\Application Data\Microsoft 2013-09-10 12:28:23 ----A---- C:\WINDOWS\ODBCINST.INI 2013-09-10 12:27:34 ----D---- C:\Program Files\Common Files\Microsoft Shared 2013-09-10 12:27:19 ----RSD---- C:\WINDOWS\Fonts 2013-09-10 12:24:07 ----RSD---- C:\WINDOWS\assembly 2013-09-10 12:24:07 ----D---- C:\WINDOWS\Microsoft.NET 2013-09-10 12:20:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2013-09-10 12:19:32 ----D---- C:\Program Files\Microsoft SQL Server 2013-09-10 12:18:29 ----D---- C:\WINDOWS\WinSxS 2013-09-10 12:17:52 ----D---- C:\WINDOWS\system32\1033 2013-09-05 15:21:31 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2013-09-05 15:21:26 ----D---- C:\Program Files\Adobe 2013-09-05 15:21:15 ----D---- C:\Documents and Settings\Shirley\Application Data\Adobe 2013-09-03 21:31:39 ----D---- C:\Documents and Settings\Shirley\Application Data\mozilla 2013-09-03 21:24:50 ----D---- C:\WINDOWS\Network Diagnostic 2013-09-02 16:41:12 ----D---- C:\Documents and Settings\All Users\Application Data\Davilex Business 2013-08-31 12:26:12 ----D---- C:\Documents and Settings\Shirley\Application Data\vlc 2013-08-21 08:59:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$ 2013-08-20 16:39:49 ----D---- C:\Program Files\backups ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2013-09-02 136672] R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-03-28 37352] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40448] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2013-09-02 88840] R2 mdvrmng;Mobile IP Route Manager; \??\C:\WINDOWS\system32\drivers\mdvrmng.sys [] R3 busenum;Synology Virtual USB Hub; C:\WINDOWS\system32\DRIVERS\busenum.sys [2012-08-27 45792] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-15 144384] R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-15 10368] R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2011-06-10 73344] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-27 4742656] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-05-11 41888] R3 LVUVC;Logitech QuickCam Fusion(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-05-11 3580832] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-15 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-06-16 109184] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-09-06 6912] R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032] R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-15 32128] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] R3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104] R3 usbstor;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-15 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136] S1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-15 14720] S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\DOCUME~1\Shirley\LOCALS~1\Temp\RarSFX0\kerneld.x32 [] S3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2010-07-28 1756384] S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2011-06-10 102784] S3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [2011-06-10 11136] S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [] S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys [2011-06-10 89856] S3 huawei_cdcecm;huawei_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_jucdcecm.sys [2011-06-10 64512] S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\WINDOWS\system32\DRIVERS\ew_juextctrl.sys [2011-06-10 26624] S3 massfilter;MBB Mass Storage Filter Driver; C:\WINDOWS\system32\DRIVERS\massfilter.sys [2011-12-08 9216] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 Netaapl;Apple Mobile Device Ethernet Service; C:\WINDOWS\system32\DRIVERS\netaapl.sys [2012-03-26 18432] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 SONYPVU1;Sony USB-filterstuurrapparaat (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2011-12-08 107776] S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys [2011-12-08 116736] S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2011-12-08 107776] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2011-12-08 107776] S4 RsFx0150;RsFx0150 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-09-02 84024] R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-09-02 108088] R2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-09-02 815160] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 BecHelperService;BecHelperService; C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe [2012-09-06 1915904] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 DymoPnpService;DYMO PnP Service; C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe [2011-01-28 32336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-09-12 182696] R2 KPN Back-up Online SC;KPN Back-up Online SC; C:\Program Files\KPN Back-up Online\BackupSC.exe [2012-06-27 415608] R2 MamutSyncService;Mamut Synchronization Service; C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe [2012-12-14 11776] R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 MSSQL$MAMUT;SQL Server (MAMUT); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe [2010-04-03 42884448] R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408] R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [2012-12-13 196616] R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400] R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 97632] R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-09-12 5071712] R2 UsbClientService;UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [2012-09-18 248704] R2 VmbService;Vodafone Mobile Broadband-service; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-06-14 9216] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-06 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13 257416] S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-06 136176] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-10 194032] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-14 117656] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856] S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 SQLAgent$MAMUT;SQL Server Agent (MAMUT); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 367456] -----------------EOF-----------------
  23. Done as told! en zie hier het rapport... Ik ben benieuwd naar je feedback? Dank je wel alvast en mooie avond,
  24. Hi, hier niet alles oke denk ik. Ik kreeg deze foutmelding! meerdere malen. Ik heb het hijack report toegevoegd. Weten jullie wat er hier aan de hand is? Dank je wel alvast en mooie avond! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:51:56, on 16-9-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\KPN\Mobiel Internet Software\LoggerServer.exe C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe C:\Program Files\KPN Back-up Online\BackupSC.exe C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\KPN Back-up Online\BackupFP.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files\Synology\Assistant\UsbClientService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\TeamViewer\Version8\TeamViewer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Trust\250S Series\lwbwheel.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Olympus\ib\olycamdetect.exe C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe C:\Program Files\TeamViewer\Version8\tv_w32.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Microsoft Office\Office14\WINWORD.EXE C:\PROGRA~1\MICROS~3\Office14\OUTLOOK.EXE C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\DYMO\DYMO Label Software\DLS.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Davilex Business\Davilex Business\Business.exe C:\Program Files\Microsoft Office\Office14\EXCEL.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\Office14\EXCEL.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\File Type Assistant\tsassist.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: EspressoBHO - {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\Espresso.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DLSService] "C:\Program Files\DYMO\DYMO Label Software\DLSService.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized O4 - HKCU\..\Run: [uninstallHelper] "C:\Program Files\W3i\UninstallHelper\UninstallHelper.exe" /silent /autorun O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [HP Officejet 6500 E710n-z (NET)] "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AG344D905JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1 O4 - HKCU\..\Run: [DymoQuickPrint] "C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-1644491937-1757981266-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'Default user') O4 - Startup: Inktwaarschuwingen controleren - HP Officejet 6500 E710n-z (netwerk).lnk = ? O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe O9 - Extra 'Tools' menuitem: HP Smart Print 2.1 - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1346769824031 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346836882578 O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BecHelperService - Unknown owner - C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: KPN Back-up Online SC - KPN - C:\Program Files\KPN Back-up Online\BackupSC.exe O23 - Service: Mamut Synchronization Service (MamutSyncService) - Mamut ASA - C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: UsbClientService - Unknown owner - C:\Program Files\Synology\Assistant\UsbClientService.exe O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- End of file - 16383 bytes foutmelding.txt
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.