harekas
-
Items
56 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door harekas
-
-
DIT UITGEPROBEERD WELKE IK IN 1 FORUM TEGEN KWAM MAAR WERKT NIET
Breng IE eens terug naar zijn standaardinstellingen:
- Open Internet explorer.
- Druk op de Alt toets op je toetsenbord. Er verschijnt een menu.
- Ga naar het menu Extra en kies Internetopties.
- Op de tab Geavanceerd klik je onderaan op de knop Opnieuw instellen...
- Klik nogmaals op Opnieuw instellen.
- Klik op Sluiten en herstart internet explorer.
Opmerking:
Bovenstaande procedure kan ook volautomatisch gebeuren, door dit programma te downloaden en uit te voeren: reset IE naar standaardinstellingen (klik erop).
Meer info over het opnieuw instellen van IE, vindt u hier.
-
Zag vorige toppics en heb deze nagestreven maar nog niet gelukt. Merkte op de iphone toen ik 3g gebruikte het wel lukte op de site te komen.
Ik heb het hijack logbestandje toegevoegd
Logfile of random's system information tool 1.10 (written by random/random)
Run by Computer at 2014-07-08 20:01:29
Microsoft Windows 8.1
System drive C: has 1781 GB (93%) free of 1907 GB
Total RAM: 8054 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:01:33, on 8-7-2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\Users\Computer\AppData\Local\CloudStation\bin\cloud.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\OLYMPUS\ib\olycamdetect.exe
C:\Users\Computer\AppData\Local\CloudStation\bin\client-win.exe
C:\MSI\MSI SUITE\MSI SUITE.exe
C:\Program Files (x86)\DYMO\DYMO Label Software\DLS.exe
C:\Program Files\Intel\Intel® Small Business Advantage\ToastNotifications\ToastNotifications.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoUpdateCheck.exe
C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
C:\Program Files (x86)\Davilex Business\Davilex Business\Business.exe
C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\Program Files\WinZip\zipsendservice.exe
C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\PROGRA~2\Nitro\PRO8~1\NitroPDF.exe
C:\PROGRA~2\Nitro\PRO8~1\Nitro_PIPAssistant.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Computer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [MSI Suite] C:\MSI\MSI SUITE\StartMSISuite.exe
O4 - HKLM\..\Run: [CommandCenter] C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKCU\..\Run: [HP Officejet 6500 E710n-z (NET)] "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AG344D905JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DymoQuickPrint] "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
O4 - Startup: CloudStation.lnk = Computer\AppData\Local\CloudStation\bin\cloud.exe
O4 - Global Startup: iSCTsysTray.lnk = C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: iMUIS Online inloggen
O15 - Trusted Zone: MUIS Software: Verwijzing naar andere pagina
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel® Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe
O23 - Service: MSIFileSyncMonitor - Micro-Star Int'l Co., Ltd. - C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
O23 - Service: MSISaveLoad_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
O23 - Service: MSIWMI_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI_SuiteCharger - MSI - C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe
O23 - Service: MSI_SuiteComCen - MSI - C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe
O23 - Service: MSI_SuiteFastBoot - MSI - C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
O23 - Service: OnlineStorageService - Trend Micro Inc. - C:\Program Files\Trend Micro SafeSync\hrfscore.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\PC Speed Up\PCSUService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SuperRAIDSvc - Unknown owner - C:\MSI\Super RAID\SuperRAIDSvc.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® Extreme Tuning Utility Service (XTU3SERVICE) - Intel® Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
--
End of file - 15276 bytes
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\PC Speed Up\PCSUService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
dashost.exe {8c378f8e-b2e2-49dd-943f61dfbe8945d2}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe"
"C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe"
"C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe"
"C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe"
"C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER
"C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\MSI\Super RAID\SuperRAIDSvc.exe"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0a8e5a2a-3d5e-4204-9b72-4f169b69c0f3 -SystemEventPortName:HostProcess-96816ad4-e387-4dd3-94c1-23c7afd2389c -IoCancelEventPortName:HostProcess-54651b7a-b3da-4233-979b-00f47601f6d8 -NonStateChangingEventPortName:HostProcess-e9612d04-689f-4d5e-ade0-de33b028a4ef -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:dcf8d857-cccf-4566-b61e-35dcc38072e6 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
"C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\Trend Micro SafeSync\hrfscore.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
taskeng.exe {7F79147D-3314-4F3E-A618-3575E2166940}
taskhostex.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2828
"C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe" /hw
C:\Windows\Explorer.EXE
ClassicStartMenu.exe -startup
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AG344D905JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1
"C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
"C:\Users\Computer\AppData\Local\CloudStation\bin\cloud.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe"
"C:\Program Files (x86)\OLYMPUS\ib\olycamdetect.exe" /Startup
C:\Users\Computer\AppData\Local\CloudStation\bin\..\bin\client-win.exe C:/Users/Computer/AppData/Local/CloudStation/bin/../config/client.conf 1024
\??\C:\Windows\system32\conhost.exe 0x4
"C:\MSI\MSI SUITE\MSI SUITE.exe"
"C:\Program Files (x86)\DYMO\DYMO Label Software\DLS.exe"
C:\Windows\splwow64.exe 8192
C:\Windows\system32\DllHost.exe /Processid:{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}
"C:\Program Files\Intel\Intel® Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe" -minimized
"C:\Program Files\Intel\Intel® Small Business Advantage\ToastNotifications\ToastNotifications.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoUpdateCheck.exe" /notify
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE" /n "\\NAS\Shared\Connect Slim B.V\Personeel CS\sollicitanten CS\sollicitanten 2014\Amar Moella CV.docx" /o ""
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Program Files (x86)\Davilex Business\Davilex Business\Business.exe"
"C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE"
"C:\Program Files\WinZip\zipsendservice.exe" -Embedding
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe"
"C:\PROGRA~2\Nitro\PRO8~1\NitroPDF.exe" "\\NAS\Shared\Connect Slim B.V\Facturen CS\OFFERTE OVERZICHT KLANTEN CS\2014\14-0097 GREENEM Kreeft Boomgaardpad 61 Ooltgensplaat 9 pvs\14-0097 Offerte C. Kreeft Boomgaardpad 61 12 plat.pdf"
NP8DC14K0XS61BD5AF5
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="11324.0.1677582206\1698150082" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0412 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3316 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_33/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="11324.1.1750059183\1871237179" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_33/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="11324.7.1488110555\1200309216" /prefetch:673131151
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_33/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="11324.15.1923965756\609211412" /prefetch:673131151
taskeng.exe {1A551C04-1979-48DA-869F-048C4549C89A}
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8260 CREDAT:267521 /prefetch:2
"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8260 CREDAT:1774853 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="11324.20.759973505\132407707" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe255_ Global\UsGthrCtrlFltPipeMssGthrPipe255 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Computer\Documents\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\PC Speed Up\PCSUSD.exe /dev0 /idle
C:\Windows\tasks\RtlNetworkGenieVistaStart.job - C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe /hw
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-07-05 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20 774144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-21 1372864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-05 2335960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2013-10-20 460288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-21 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-20 386048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-21 1372864]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20 774144]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-21 1138536]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelSBA"=C:\Program Files\Intel\Intel® Small Business Advantage\Service\SBALaunchDelay.exe [2014-01-06 56000]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-10-04 391128]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-10-04 771032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-10-04 769496]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet 6500 E710n-z (NET)"=C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-06-27 24477056]
"DymoQuickPrint"=C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [2011-01-28 1825360]
"VoipBuster"=C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe [2014-01-16 19638080]
"PCSpeedUp"=C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe [2012-08-22 188680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [2013-05-17 134616]
"Fast Boot"=C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [2012-09-19 764472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-21 3764024]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2013-08-13 490480]
"MSI Suite"=C:\MSI\MSI SUITE\StartMSISuite.exe [2012-07-05 576056]
"CommandCenter"=C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [2013-11-13 809968]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Olympus ib"=C:\Program Files (x86)\Olympus\ib\olycamdetect.exe [2011-11-29 96128]
"MDS_Menu"=C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe [2011-08-30 223104]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
iSCTsysTray.lnk - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CloudStation.lnk - C:\Users\Computer\AppData\Local\CloudStation\bin\cloud.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-10-04 623616]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=lvcod64.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-07-08 20:01:29 ----D---- C:\rsit
2014-07-08 20:01:29 ----D---- C:\Program Files\trend micro
2014-07-08 14:59:09 ----SHD---- C:\Config.Msi
2014-07-05 12:54:01 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp
2014-07-05 10:45:38 ----D---- C:\Program Files\Microsoft Office 15
2014-06-20 10:15:30 ----D---- C:\Users\Computer\AppData\Roaming\Nitro PDF
2014-06-18 14:22:04 ----D---- C:\Users\Computer\AppData\Roaming\Nitro
2014-06-18 14:21:47 ----A---- C:\Windows\system32\nitrolocalui2.dll
2014-06-18 14:21:47 ----A---- C:\Windows\system32\nitrolocalmon2.dll
2014-06-18 14:21:43 ----D---- C:\ProgramData\Nitro
2014-06-18 14:21:43 ----D---- C:\Program Files\Common Files\Nitro
2014-06-18 14:21:43 ----D---- C:\Program Files (x86)\Nitro
2014-06-18 14:21:28 ----D---- C:\Users\Computer\AppData\Roaming\Downloaded Installations
2014-06-18 14:10:19 ----D---- C:\Nitro PDF Professional Enterprise 8 (32-bit+64-bit) v8.1.1.3 + Key - {Cyclonoid}
2014-06-18 14:04:33 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2014-06-18 14:04:33 ----A---- C:\Windows\SYSWOW64\SettingSyncCore.dll
2014-06-18 14:04:33 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-06-18 14:04:33 ----A---- C:\Windows\system32\SettingSyncHost.exe
2014-06-18 14:04:33 ----A---- C:\Windows\system32\SettingSyncCore.dll
2014-06-18 14:04:31 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2014-06-18 14:04:31 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2014-06-18 14:04:30 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2014-06-18 14:04:30 ----A---- C:\Windows\SYSWOW64\WSClient.dll
2014-06-18 14:04:30 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-06-18 14:04:30 ----A---- C:\Windows\SYSWOW64\OEMLicense.dll
2014-06-18 14:04:30 ----A---- C:\Windows\system32\WSClient.dll
2014-06-18 14:04:30 ----A---- C:\Windows\system32\twinui.dll
2014-06-18 14:04:30 ----A---- C:\Windows\system32\OEMLicense.dll
2014-06-18 14:04:29 ----AC---- C:\Windows\system32\drivers\USBXHCI.SYS
2014-06-18 14:04:29 ----AC---- C:\Windows\system32\drivers\USBAUDIO.sys
2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\sti.dll
2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\MsSpellCheckingFacility.dll
2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2014-06-18 14:04:29 ----A---- C:\Windows\SYSWOW64\easwrt.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\sti.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\SearchFolder.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\schedsvc.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\reseteng.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\ReAgent.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\pnrpsvc.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\ntdll.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\MsSpellCheckingFacility.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\mfsvr.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\MFMediaEngine.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\hal.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\easwrt.dll
2014-06-18 14:04:29 ----A---- C:\Windows\system32\easinvoker.exe
2014-06-18 14:04:29 ----A---- C:\Windows\system32\drivers\rdbss.sys
2014-06-18 14:04:29 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-06-18 14:04:29 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-06-18 14:04:20 ----A---- C:\Windows\system32\mshtml.dll
2014-06-18 14:04:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-18 14:04:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-06-18 14:04:19 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-18 14:04:16 ----A---- C:\Windows\system32\shell32.dll
2014-06-18 14:04:15 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-06-18 14:04:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-06-18 14:04:10 ----A---- C:\Windows\system32\ieframe.dll
2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-06-18 14:04:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-18 14:04:09 ----A---- C:\Windows\system32\wininet.dll
2014-06-18 14:04:09 ----A---- C:\Windows\system32\urlmon.dll
2014-06-18 14:04:09 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-18 14:04:09 ----A---- C:\Windows\system32\jscript9.dll
2014-06-18 14:04:09 ----A---- C:\Windows\system32\iertutil.dll
2014-06-18 14:04:09 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-18 14:04:09 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-18 14:04:02 ----A---- C:\Windows\system32\sppsvc.exe
2014-06-18 14:04:02 ----A---- C:\Windows\system32\mstscax.dll
2014-06-18 14:04:01 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-06-18 14:04:01 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2014-06-18 14:04:01 ----A---- C:\Windows\SYSWOW64\combase.dll
2014-06-18 14:04:01 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2014-06-18 14:04:01 ----A---- C:\Windows\system32\mfcore.dll
2014-06-18 14:04:01 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-18 14:04:01 ----A---- C:\Windows\system32\combase.dll
2014-06-18 14:04:00 ----AC---- C:\Windows\system32\drivers\volsnap.sys
2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll
2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\DWWIN.EXE
2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2014-06-18 14:04:00 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2014-06-18 14:04:00 ----A---- C:\Windows\system32\WerFault.exe
2014-06-18 14:04:00 ----A---- C:\Windows\system32\tsgqec.dll
2014-06-18 14:04:00 ----A---- C:\Windows\system32\swprv.dll
2014-06-18 14:04:00 ----A---- C:\Windows\system32\sppcomapi.dll
2014-06-18 14:04:00 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-06-18 14:04:00 ----A---- C:\Windows\system32\rdpencom.dll
2014-06-18 14:04:00 ----A---- C:\Windows\system32\mfps.dll
2014-06-18 14:04:00 ----A---- C:\Windows\system32\Faultrep.dll
2014-06-18 14:04:00 ----A---- C:\Windows\system32\DWWIN.EXE
2014-06-18 14:04:00 ----A---- C:\Windows\system32\dbghelp.dll
2014-06-18 14:04:00 ----A---- C:\Windows\system32\dbgeng.dll
2014-06-18 14:03:59 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2014-06-18 14:03:59 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-06-18 14:03:59 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-06-18 14:03:58 ----A---- C:\Windows\system32\winload.exe
2014-06-18 14:03:58 ----A---- C:\Windows\system32\win32k.sys
2014-06-18 14:03:56 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-06-18 14:03:56 ----A---- C:\Windows\system32\poqexec.exe
2014-06-18 14:03:56 ----A---- C:\Windows\system32\KernelBase.dll
2014-06-18 14:03:55 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-06-18 14:03:55 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-06-18 14:03:55 ----A---- C:\Windows\system32\kernel32.dll
2014-06-18 14:03:45 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-06-18 14:03:45 ----A---- C:\Windows\system32\drivers\clfs.sys
2014-06-18 14:03:40 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-06-18 14:03:40 ----A---- C:\Windows\system32\qedit.dll
2014-06-18 13:41:17 ----D---- C:\Program Files (x86)\Windows Vista - 7 - 8 - 8.1 KMS Activator Ultimate 2014 v1.7
2014-06-11 11:22:46 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
======List of files/folders modified in the last 1 month======
2014-07-08 20:01:30 ----D---- C:\Windows\Prefetch
2014-07-08 20:01:29 ----RD---- C:\Program Files
2014-07-08 20:00:00 ----D---- C:\Windows\system32\sru
2014-07-08 19:59:39 ----D---- C:\Users\Computer\AppData\Roaming\ClassicShell
2014-07-08 19:07:50 ----D---- C:\Windows\system32\NDF
2014-07-08 18:36:38 ----D---- C:\Windows\Temp
2014-07-08 18:14:32 ----D---- C:\Windows\Microsoft.NET
2014-07-08 14:59:15 ----SHD---- C:\Windows\Installer
2014-07-08 09:55:16 ----HD---- C:\Program Files\WindowsApps
2014-07-08 09:55:14 ----D---- C:\Windows\AppReadiness
2014-07-07 11:39:13 ----RD---- C:\Windows\System32
2014-07-07 11:39:13 ----D---- C:\Windows\Inf
2014-07-07 11:39:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-07 11:00:55 ----D---- C:\ProgramData\AVG
2014-07-07 10:05:03 ----D---- C:\Users\Computer\AppData\Roaming\HpUpdate
2014-07-06 16:18:22 ----D---- C:\Windows\system32\Tasks
2014-07-06 15:10:43 ----D---- C:\Windows\rescache
2014-07-06 15:06:43 ----RSD---- C:\Windows\assembly
2014-07-06 15:05:08 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-07-05 16:07:42 ----D---- C:\Windows\system32\config
2014-07-05 15:38:11 ----D---- C:\Windows\system32\DriverStore
2014-07-05 15:38:08 ----D---- C:\Windows\WinSxS
2014-07-05 14:48:33 ----D---- C:\Windows\SysWOW64
2014-07-05 14:44:33 ----D---- C:\Program Files\Common Files\microsoft shared
2014-07-05 14:40:28 ----D---- C:\ProgramData\Intel Application Pairing
2014-07-05 14:25:02 ----SHD---- C:\System Volume Information
2014-07-05 12:53:28 ----D---- C:\Program Files (x86)\PC Speed Up
2014-07-05 10:47:35 ----SD---- C:\ProgramData\Microsoft
2014-07-05 10:44:13 ----D---- C:\Program Files (x86)\Microsoft Office
2014-07-05 10:33:58 ----D---- C:\Windows\system32\drivers
2014-07-05 10:26:06 ----D---- C:\Windows\system32\Boot
2014-07-05 10:26:06 ----D---- C:\Program Files\Internet Explorer
2014-07-05 10:26:06 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-05 10:26:05 ----RD---- C:\Windows\ToastData
2014-07-05 10:26:05 ----D---- C:\Program Files\Windows Defender
2014-07-05 10:26:05 ----D---- C:\Program Files (x86)\Windows Defender
2014-07-05 10:26:04 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-07-05 10:26:04 ----D---- C:\Windows\system32\nl-NL
2014-07-05 10:26:03 ----D---- C:\Windows\system32\drivers\UMDF
2014-07-01 10:57:45 ----D---- C:\ProgramData\Davilex Business
2014-06-27 13:36:42 ----RD---- C:\Links
2014-06-18 14:21:43 ----RD---- C:\Program Files (x86)
2014-06-18 14:21:43 ----HD---- C:\ProgramData
2014-06-18 14:21:43 ----D---- C:\Program Files\Common Files
2014-06-18 14:21:43 ----D---- C:\Program Files (x86)\Common Files
2014-06-18 14:07:06 ----D---- C:\Windows\CbsTemp
2014-06-18 14:06:08 ----D---- C:\Windows\system32\SecureBootUpdates
2014-06-18 14:06:07 ----D---- C:\Windows\system32\MRT
2014-06-18 14:03:37 ----D---- C:\Windows\system32\catroot2
2014-06-18 14:02:45 ----D---- C:\Windows
2014-06-11 13:23:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-21 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-21 207904]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-21 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-21 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-21 422216]
R1 ndisrd;@oem11.inf,%ndisrd_Desc%;WinpkFilter LightWeight Filter; C:\Windows\system32\DRIVERS\ndisrd.sys [2011-09-14 32360]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-21 78648]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2013-01-07 25448]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2013-12-21 79672]
R3 ICCWDT;@oem12.inf,%ICCWDT.SVCDESC%;Intel® Watchdog Timer Driver (Intel® WDT); C:\Windows\System32\drivers\ICCWDT.sys [2013-01-23 27608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-04 4185600]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-02-13 21048]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-02-13 21048]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-03 3760344]
R3 ISCT;@oem10.inf,%ISCT.DeviceDesc%;Intel® Smart Connect Technology Device Driver; C:\Windows\System32\drivers\ISCTD64.sys [2013-02-13 46568]
R3 iwdbus;@oem20.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-09-26 27032]
R3 lvpopf64;@oem17.inf,%lvpopflt.SrvDesc%;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopf64.sys [2007-05-11 1361952]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2007-05-11 50208]
R3 LVUVC64;@oem19.inf,%PID_08C2_DD%(UVC);QuickCam Orbit/Sphere MP(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2007-05-11 3612704]
R3 MEIx64;@oem9.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2013-05-17 64624]
R3 NTIOLib_1_0_1;NTIOLib_1_0_1; \??\C:\MSI\Super RAID\NTIOLib_X64.sys [2012-06-11 14136]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 NTIOLib_1_1_S;NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 NTIOLib_FastBoot;NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2012-10-26 13368]
R3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [2012-11-20 13368]
R3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [2012-11-20 13368]
R3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [2012-11-19 13368]
R3 NTIOLib_SuiteComCen;NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [2013-04-15 13808]
R3 NTIOLib_SuiteFB;NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [2012-10-26 13368]
R3 RTL8168;@oem7.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-12-27 760032]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2013-08-22 11776]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-12-16 14112]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 intaud_WaveExtensible;@oem18.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-09-26 39320]
S3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-05-22 452088]
S3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [2013-02-01 19952]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [2012-03-30 11888]
S3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [2012-11-20 13368]
S3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [2012-11-19 13368]
S3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [2012-11-26 13368]
S3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys [2012-11-20 13368]
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [2012-11-19 13368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-21 50344]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-05-21 2279608]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 ISCTAgent;Intel® Smart Connect Technology Agent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2013-02-13 180200]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2013-05-17 169432]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-05-17 366552]
R2 MSI_FastBoot;MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2012-10-26 103992]
R2 MSI_SuiteCharger;MSI_SuiteCharger; C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe [2013-02-19 140272]
R2 MSI_SuiteComCen;MSI_SuiteComCen; C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe [2013-05-03 333296]
R2 MSI_SuiteFastBoot;MSI_SuiteFastBoot; C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe [2012-10-26 105016]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2013-08-19 161776]
R2 MSI_Trigger_Service;MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2013-05-28 29728]
R2 MSICTL_CC;MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [2013-10-09 1985536]
R2 MSIFileSyncMonitor;MSIFileSyncMonitor; C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [2013-09-04 13824]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2012-06-29 43129288]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-12-13 230408]
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [2012-08-22 289544]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]
R2 SuperRAIDSvc;SuperRAIDSvc; C:\MSI\Super RAID\SuperRAIDSvc.exe [2013-09-23 16384]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-12-18 2102072]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632]
R3 intelsba;Intel® Small Business Advantage; C:\Program Files\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2014-01-06 54976]
R3 OnlineStorageService;OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [2012-07-12 7908664]
S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-09-20 38440]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-21 136176]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-21 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-12-23 194032]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-11 119408]
S3 MSIBIOSData_CC;MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2013-09-11 2100736]
S3 MSIClock_CC;MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [2013-11-04 309248]
S3 MSICOMM_CC;MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2013-09-12 2114560]
S3 MSICPU_CC;MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [2013-11-28 4116992]
S3 MSIDDR_CC;MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2013-09-11 2224640]
S3 MSISaveLoad_CC;MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [2013-07-18 3957248]
S3 MSISMB_CC;MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [2013-09-11 177152]
S3 MSISuperIO_CC;MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [2013-09-12 503808]
S3 MSIWMI_CC;MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [2013-11-26 182784]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-11-23 150600]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2012-06-29 277448]
S4 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2012-06-29 379848]
-----------------EOF-----------------
- - - Updated - - -
Nu als bijlage, ik weet niet of je dit makkelijker vindt?
Het gekke is dat het op het 3G netwerk van de telefoonprovider wel werkt!
-
Hi
Heb elke keer dezelfde bijgevoegde foutmelding bij www.vousvintage.com. Ik heb het bij 2 computers/laptops en iphone's geprobeerd maar het zelfde liedje.
De meiden van de webshop melden me dat ze geen problemen ondervinden en de bestellingen gewoon binnen krijgen.
Weet iemand mij te vertellen waar het hem in zit? Het lijkt me sterk dat ik met alle geprobeerde hardware de enige ben?
Ik ben heel benieuwd naar je antwoord.
-
Hi Clarkie,
Ik ben even bezig geweest met jouw advies en heb alles uitgevoerd echter bleef het zelfde probleem houden met outlook. Ik ben er achter dat door IMAP ik het niet kan archiveren met een mailviewer later nog kan inkijken. Dat opslaan doe ik ook al met de outlookberichtenindeling maar het werkt makkelijker vanuit je outlook op de mail te zoeken en dan dit door te sturen, vandaar. Het virusprogramma is niet het probleem maar waarschijnlijk mijn internetverbinding. Ik heb tussen de 2 en 8 mb en ik mag al blij zijn met 3 mb. De kast staat 2,3 km van ons huis en iedereen hier op het industrieterreintje gebruikt hoofdzakelijk isdn op een paar uitzonderingen na die met glasvezel werken. Ik ben nu bezig of ik hier kabel kan krijgen en hoop dat het dit het oplost,
Dank je wel voor de goede adviezen, mooie avond, Groetjes Shirley
-
Hi, het is vaak tussen de 1 en 5 mb. Ik verstuur via outlook. Als ik via internet inlog in mijn gmailaccount dan doet het probleem zich nimmer voor. Ik werk alleen heel graag met een outlook of soortgelijks omdat dit prettig werkt.
Ja daar zitten veel mail bij maar omdat het zakelijke mails zijn vindt ik het belangrijk deze te bewaren en wilde om die reden over gaan met achiveren en dan mailviewer te gebruiken als ik mail weer wil inlezen.
Ik verwijder altijd alle mail die er niet toe doet. Alleen op dit moment werkt de synchronisatie van het verwijderen ook niet. De mail die ik verwijder staat er daarna nog steeds in.
-
Hi, Ik heb idd Windows 8.1 als besturingsysteem/Ik heb office voor thuisgebruik en zelfstandige 269 euro eind december gekocht. Door uiteindelijk de ellende dat outlook elke keer vast loopt outlook 2007 er op gezet en thunderbird maar het loopt nog steeds vast. Ik heb outlook 2013 gedeinstalleerd en hoopte dat 2007 het wel zou doen.
Ik vermoed dat het door de hoeveelheid mail komt en hoorde iets ovre mailviewer en archiveren maar ik weet niet hoe dit werkt.
Ik krijg btw geen foutmelding maar het loopt vast en beindig het dan met taakbeheer en start het dan weer op.
De mail is al verzonden maar blijft hem toch versturen door dat hij bij de postvak uit blijft.
met ongelimiteerd bedoelde ik dat als ik de mailbox niet even offline zet en in postvak uit de desbetreffende mail niet verwijdermaar blijft sturen naar de ontvanger....
Daar kreeg ik weer een telefoontje van of ik het ajb wilde stopzetten.
Ik hoop dat ik wat beter heb verwoord.
Dank je wel alvast en mooie dag,
Shirley
-
ik heb windows 8.1/windows 2007
Ik heb 2 mailprogramma s er op gezet
-outlook
-thunderbird
Allebei lopen ze vast en outlook blijft de mail hangen en verstuurd het dan ongelimiteerd tot dat ik door de ontvanger er op wordt geattendeerd.
Niet zo leuk en heb een tip gekregen om de mail te archiveren en met mailviewer dan te openen als ik het nodig heb.
Welke mailviewer kan ik t beste downloaden zonder nare virussen er ook bij te krijgen?
En hoe archiveer ik dit?
Dank je wel alvast voor de genomen moeite,
Mooi dag,
Shirley
-
hi , zie hier het rapport alleen ik ben bang dat je nu niks ziet door dat ik daar voor recent malware er over had laten gaan?
Emsisoft Emergency Kit - Versie 4.0
Laatste Update: 25-9-2013 22:03:08
Gebruikersaccount: EIGENAAR-8B348D\Shirley
Scaninstellingen:
Scanmodus: Diepe scan
Objecten: Rootkits, Geheugen, Sporen, C:\, D:\
Detecteer PUPs: Aan
Scan archieven: Aan
ADS Scan: Aan
Bestandsextensiefilter: Uit
Geavanceerde cache: Aan
Directe schijftoegang: Uit
Scan gestart: 6-10-2013 20:17:24
Gescand: 485460
Gevonden: 0
Scan geëindigd: 6-10-2013 22:15:27
Scantijd: 1:58:03
-
Goede morgen, Ik heb malware er weer over heen laten gaan. Sinds de laatste truk is het wel een stuk rustiger op de pc maar ik heb het gevoel er nog niet van af te zijn... De pc gaf ook nog 1x de eerder gemelde fout melding bij het opslaan van mail?
Wat denk jij er van?
Mooie zondag.
Malwarebytes Anti-Malware 1.75.0.1300
Databaseversie: v2013.10.05.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Shirley :: EIGENAAR-8B348D [administrator]
5-10-2013 21:06:28
mbam-log-2013-10-05 (21-06-28).txt
Scan type: Volledige scan (C:\|D:\|I:\|Z:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 533201
Verstreken tijd: 5 uur/uren, 56 minuut/minuten, 18 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 4
HKCU\SOFTWARE\WNLT (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\Software\ConduitSearchScopes (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\SEARCHPROTECT (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 2
HKCU\SOFTWARE\WNLT|URL (PUP.Optional.InstallBrain.A) -> Data: MYSTART -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\Software\SearchProtect|IELastInstalledTBHomepage (PUP.Optional.SearchProtect.A) -> Data: Zoeken -> Succesvol in quarantaine geplaatst en verwijderd.
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 2
C:\Documents and Settings\All Users\Application Data\Conduit\IE (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\WINDOWS\system32\WNLT\Installation (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.
Bestanden gedetecteerd: 8
C:\Documents and Settings\Shirley\Local Settings\Temp\nsl4F.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Local Settings\Temp\nsl54.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Local Settings\Temp\SweetIMInstallValidator.exe (PUP.Optional.Conduit) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\WINDOWS\system32\ARFC\wrtc.exe (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\WINDOWS\system32\jmdp\stij.exe (PUP.Optional.Perion) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\WINDOWS\system32\WNLT\Installation\SKSetup.exe (PUP.Optional.Perion) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\WINDOWS\system32\WNLT\Installation\Config.bin (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\WINDOWS\system32\WNLT\Installation\uninstaller.exe (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
-
Ik kreeg deze er ook nog over heen! Update uitgevoerd en Elvira vond ook weer wat (zie report). Het blijft maar aan de gang... Weeet jij waar ik wijs aan doe?
Avira Free Antivirus
Report file date: maandag 30 september 2013 12:33
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Microsoft Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : EIGENAAR-8B348D
Version information:
BUILD.DAT : 13.0.0.4052 55009 Bytes 29-8-2013 18:03:00
AVSCAN.EXE : 13.6.20.2100 639032 Bytes 2-9-2013 12:30:13
AVSCANRC.DLL : 13.6.20.2174 52280 Bytes 2-9-2013 12:30:13
LUKE.DLL : 13.6.20.2174 65080 Bytes 2-9-2013 12:30:35
AVSCPLR.DLL : 13.6.20.2174 92216 Bytes 2-9-2013 12:30:14
AVREG.DLL : 13.6.20.2174 250424 Bytes 2-9-2013 12:30:12
avlode.dll : 13.6.20.2174 497720 Bytes 2-9-2013 12:30:11
avlode.rdf : 13.0.1.42 26846 Bytes 28-8-2013 11:23:36
VBASE000.VDF : 7.11.70.0 66736640 Bytes 4-4-2013 13:28:18
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30-4-2013 07:23:01
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28-5-2013 12:45:06
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21-6-2013 11:39:56
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23-7-2013 10:01:21
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29-8-2013 11:35:26
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24-9-2013 11:24:39
VBASE007.VDF : 7.11.103.231 2048 Bytes 24-9-2013 11:24:39
VBASE008.VDF : 7.11.103.232 2048 Bytes 24-9-2013 11:24:39
VBASE009.VDF : 7.11.103.233 2048 Bytes 24-9-2013 11:24:39
VBASE010.VDF : 7.11.103.234 2048 Bytes 24-9-2013 11:24:40
VBASE011.VDF : 7.11.103.235 2048 Bytes 24-9-2013 11:24:40
VBASE012.VDF : 7.11.103.236 2048 Bytes 24-9-2013 11:24:40
VBASE013.VDF : 7.11.103.237 2048 Bytes 24-9-2013 11:24:40
VBASE014.VDF : 7.11.104.123 282112 Bytes 26-9-2013 11:24:49
VBASE015.VDF : 7.11.104.237 359424 Bytes 28-9-2013 04:11:02
VBASE016.VDF : 7.11.104.238 2048 Bytes 28-9-2013 04:11:02
VBASE017.VDF : 7.11.104.239 2048 Bytes 28-9-2013 04:11:02
VBASE018.VDF : 7.11.104.240 2048 Bytes 28-9-2013 04:11:02
VBASE019.VDF : 7.11.104.241 2048 Bytes 28-9-2013 04:11:02
VBASE020.VDF : 7.11.104.242 2048 Bytes 28-9-2013 04:11:02
VBASE021.VDF : 7.11.104.243 2048 Bytes 28-9-2013 04:11:02
VBASE022.VDF : 7.11.104.244 2048 Bytes 28-9-2013 04:11:03
VBASE023.VDF : 7.11.104.245 2048 Bytes 28-9-2013 04:11:03
VBASE024.VDF : 7.11.104.246 2048 Bytes 28-9-2013 04:11:03
VBASE025.VDF : 7.11.104.247 2048 Bytes 28-9-2013 04:11:03
VBASE026.VDF : 7.11.104.248 2048 Bytes 28-9-2013 04:11:03
VBASE027.VDF : 7.11.104.249 2048 Bytes 28-9-2013 04:11:03
VBASE028.VDF : 7.11.104.250 2048 Bytes 28-9-2013 04:11:03
VBASE029.VDF : 7.11.104.251 2048 Bytes 28-9-2013 04:11:03
VBASE030.VDF : 7.11.104.252 2048 Bytes 28-9-2013 04:11:03
VBASE031.VDF : 7.11.105.54 114176 Bytes 30-9-2013 10:10:39
Engine version : 8.2.12.124
AEVDF.DLL : 8.1.3.4 102774 Bytes 13-6-2013 18:37:45
AESCRIPT.DLL : 8.1.4.152 516478 Bytes 26-9-2013 17:24:53
AESCN.DLL : 8.1.10.4 131446 Bytes 26-3-2013 13:53:41
AESBX.DLL : 8.2.16.26 1245560 Bytes 23-8-2013 12:28:20
AERDL.DLL : 8.2.0.128 688504 Bytes 13-6-2013 18:37:44
AEPACK.DLL : 8.3.2.28 749945 Bytes 13-9-2013 10:53:23
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 8-8-2013 14:57:37
AEHEUR.DLL : 8.1.4.664 6156666 Bytes 26-9-2013 17:24:52
AEHELP.DLL : 8.1.27.6 266617 Bytes 27-8-2013 16:14:24
AEGEN.DLL : 8.1.7.14 446839 Bytes 6-9-2013 11:44:12
AEEXP.DLL : 8.4.1.62 328055 Bytes 13-9-2013 10:53:23
AEEMU.DLL : 8.1.3.2 393587 Bytes 19-9-2012 13:42:55
AECORE.DLL : 8.1.32.0 201081 Bytes 23-8-2013 12:28:15
AEBB.DLL : 8.1.1.4 53619 Bytes 6-11-2012 07:20:34
AVWINLL.DLL : 13.6.20.2174 23608 Bytes 2-9-2013 12:30:06
AVPREF.DLL : 13.6.20.2174 48184 Bytes 2-9-2013 12:30:11
AVREP.DLL : 13.6.20.2174 175672 Bytes 2-9-2013 12:30:12
AVARKT.DLL : 13.6.20.2174 258104 Bytes 2-9-2013 12:30:07
AVEVTLOG.DLL : 13.6.20.2174 165432 Bytes 2-9-2013 12:30:09
SQLITE3.DLL : 3.7.0.1 397088 Bytes 19-9-2012 17:17:40
AVSMTP.DLL : 13.6.20.2174 60472 Bytes 2-9-2013 12:30:14
NETNT.DLL : 13.6.20.2174 13368 Bytes 2-9-2013 12:30:36
RCIMAGE.DLL : 13.6.20.2174 4788792 Bytes 2-9-2013 12:30:06
RCTEXT.DLL : 13.6.20.2175 66616 Bytes 2-9-2013 12:30:06
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Start of the scan: maandag 30 september 2013 12:33
Starting master boot sector scan:
Master boot sector HD0
[iNFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[iNFO] No virus was found!
Boot sector 'D:\'
[iNFO] No virus was found!
Starting search for hidden objects.
The scan of running processes will be started:
Scan process 'PresentationFontCache.exe' - '29' Module(s) have been scanned
Scan process 'DLS.exe' - '106' Module(s) have been scanned
Scan process 'OSPPSVC.EXE' - '26' Module(s) have been scanned
Scan process 'vssvc.exe' - '36' Module(s) have been scanned
Scan process 'OUTLOOK.EXE' - '196' Module(s) have been scanned
Scan process 'avscan.exe' - '92' Module(s) have been scanned
Scan process 'avcenter.exe' - '72' Module(s) have been scanned
Scan process 'HPNetworkCommunicatorCom.exe' - '68' Module(s) have been scanned
Scan process 'RunDll32.exe' - '55' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '66' Module(s) have been scanned
Scan process 'Rundll32.exe' - '49' Module(s) have been scanned
Scan process 'Skype.exe' - '97' Module(s) have been scanned
Scan process 'WISPTIS.EXE' - '32' Module(s) have been scanned
Scan process 'msmsgs.exe' - '43' Module(s) have been scanned
Scan process 'MPAPI3s.exe' - '24' Module(s) have been scanned
Scan process 'DymoQuickPrint.exe' - '61' Module(s) have been scanned
Scan process 'ScanToPCActivationApp.exe' - '51' Module(s) have been scanned
Scan process 'PcSync2.exe' - '51' Module(s) have been scanned
Scan process 'KPNBackupOnline.exe' - '67' Module(s) have been scanned
Scan process 'iPodService.exe' - '29' Module(s) have been scanned
Scan process 'SERVIC~1.EXE' - '48' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'jusched.exe' - '21' Module(s) have been scanned
Scan process 'olycamdetect.exe' - '26' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '64' Module(s) have been scanned
Scan process 'HPWuSchd2.exe' - '19' Module(s) have been scanned
Scan process 'LAUNCH~1.EXE' - '60' Module(s) have been scanned
Scan process 'lwbwheel.exe' - '21' Module(s) have been scanned
Scan process 'avgnt.exe' - '68' Module(s) have been scanned
Scan process 'MobileBroadband.exe' - '225' Module(s) have been scanned
Scan process 'RunDLL32.exe' - '52' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '25' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '37' Module(s) have been scanned
Scan process 'tv_w32.exe' - '40' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'AVWEBGRD.EXE' - '47' Module(s) have been scanned
Scan process 'TeamViewer.exe' - '108' Module(s) have been scanned
Scan process 'Explorer.EXE' - '103' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '48' Module(s) have been scanned
Scan process 'mbamgui.exe' - '29' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'VmbService.exe' - '81' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '56' Module(s) have been scanned
Scan process 'UsbClientService.exe' - '25' Module(s) have been scanned
Scan process 'BackupFP.exe' - '37' Module(s) have been scanned
Scan process 'TeamViewer_Service.exe' - '78' Module(s) have been scanned
Scan process 'svchost.exe' - '55' Module(s) have been scanned
Scan process 'sqlwriter.exe' - '28' Module(s) have been scanned
Scan process 'sqlbrowser.exe' - '17' Module(s) have been scanned
Scan process 'ReiGuard.exe' - '36' Module(s) have been scanned
Scan process 'daemonu.exe' - '31' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '37' Module(s) have been scanned
Scan process 'NitroPDFDriverService8.exe' - '19' Module(s) have been scanned
Scan process 'sqlservr.exe' - '46' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '21' Module(s) have been scanned
Scan process 'sqlservr.exe' - '57' Module(s) have been scanned
Scan process 'mbamservice.exe' - '38' Module(s) have been scanned
Scan process 'mbamscheduler.exe' - '27' Module(s) have been scanned
Scan process 'BackupSC.exe' - '23' Module(s) have been scanned
Scan process 'jqs.exe' - '32' Module(s) have been scanned
Scan process 'DymoPnpService.exe' - '43' Module(s) have been scanned
Scan process 'LoggerServer.exe' - '23' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '28' Module(s) have been scanned
Scan process 'BecHelperService.exe' - '52' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '65' Module(s) have been scanned
Scan process 'avguard.exe' - '80' Module(s) have been scanned
Scan process 'sched.exe' - '39' Module(s) have been scanned
Scan process 'spoolsv.exe' - '67' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '159' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '54' Module(s) have been scanned
Scan process 'lsass.exe' - '59' Module(s) have been scanned
Scan process 'services.exe' - '27' Module(s) have been scanned
Scan process 'winlogon.exe' - '80' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting to scan executable files (registry):
The registry was scanned ( '2313' files ).
Starting the file scan:
Begin scan in 'C:\' <WINDOWS>
C:\Avenger\msvcp100.dll-ren-966
[DETECTION] Is the TR/Trash.Gen Trojan
C:\Avenger\msvcr100.dll-ren-986
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054427.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054428.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054429.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054430.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054431.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054432.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054433.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054434.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054435.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054436.dll
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
Begin scan in 'D:\' <NIET GEBRUIKEN!!>
Beginning disinfection:
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054436.dll
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to the quarantine directory under the name '5612d006.qua'!
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054435.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '4e85ffa1.qua'!
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054434.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '1cdaa549.qua'!
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054433.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '7aedea8b.qua'!
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054432.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '3f69c7b5.qua'!
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054431.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '4072f5d4.qua'!
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054430.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '0ccad99e.qua'!
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054429.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '70d299ce.qua'!
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054428.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '5d88b683.qua'!
C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054427.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '44e08d1a.qua'!
C:\Avenger\msvcr100.dll-ren-986
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to the quarantine directory under the name '287aa1ed.qua'!
C:\Avenger\msvcp100.dll-ren-966
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '59c39878.qua'!
End of the scan: maandag 30 september 2013 14:53
Used time: 2:19:23 Hour(s)
The scan has been done completely.
14552 Scanned directories
1163966 Files were scanned
12 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
12 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
1163954 Files not concerned
16098 Archives were scanned
0 Warnings
12 Notes
552050 Objects were scanned with rootkit scan
0 Hidden objects were found
-
Hi, mmm we zijn er denk ik nog niet (zie report). Het blijft rommelen op de PC?
Malwarebytes Anti-Malware 1.75.0.1300
Databaseversie: v2013.09.27.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Shirley :: EIGENAAR-8B348D [administrator]
29-9-2013 20:43:21
mbam-log-2013-09-29 (20-43-21).txt
Scan type: Volledige scan (C:\|D:\|I:\|K:\|Z:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 548863
Verstreken tijd: 7 uur/uren, 24 minuut/minuten, 16 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 1
HKCU\Software\PriceGong (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 2
C:\Documents and Settings\Shirley\Application Data\PriceGong (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
Bestanden gedetecteerd: 31
C:\Program Files\SweetPacks\SweetPacksToolbarHelper.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\1.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\2229.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\2258.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\a.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\b.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\c.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\d.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\e.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\f.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\g.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\h.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\i.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\j.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\k.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\l.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\m.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\n.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\o.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\p.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\q.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\r.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\s.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\t.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\u.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\v.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\w.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\wlu.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\x.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\y.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\z.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
-
Goede morgen, ik heb gedaan wat je zei! en nu maar hopen dat het nu een keer afgelopen is:adore:
Starting Repairs...
Start (27-9-2013 6:42:44)
04 - Repair WMI
Start (27-9-2013 6:42:44)
Running Repair Under Current User Account
Running Repair Under System Account
Done (27-9-2013 6:47:50)
05 - Repair Windows Firewall
Start (27-9-2013 6:47:50)
Running Repair Under Current User Account
Running Repair Under System Account
Done (27-9-2013 6:48:03)
12 - Repair Winsock & DNS Cache
Start (27-9-2013 6:48:03)
Running Repair Under Current User Account
Running Repair Under System Account
Done (27-9-2013 6:48:16)
14 - Repair Proxy Settings
Start (27-9-2013 6:48:16)
Running Repair Under Current User Account
Running Repair Under System Account
Done (27-9-2013 6:48:20)
16 - Repair Windows Updates
Start (27-9-2013 6:48:20)
Running Repair Under Current User Account
Running Repair Under System Account
Done (27-9-2013 6:49:41)
20 - Repair MSI (Windows Installer)
Start (27-9-2013 6:49:41)
Running Repair Under Current User Account
Running Repair Under System Account
Done (27-9-2013 6:49:54)
25 - Restore Important Windows Services
Start (27-9-2013 6:49:54)
Running Repair Under Current User Account
Running Repair Under System Account
Done (27-9-2013 6:49:58)
26 - Set Windows Services To Default Startup
Start (27-9-2013 6:49:58)
Running Repair Under Current User Account
Running Repair Under System Account
Done (27-9-2013 6:50:15)
Cleaning up empty logs...
All Selected Repairs Done.
Done (27-9-2013 6:50:15)
Total Repair Time: 00:07:31
...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under Current User Account
-
Hi, De link werkte niet en dacht via google een werkende link te vinden maar vond daarbij de volgende waarschuwing:argh:
Ik heb malware report van gisteravond ook nog toegevoegd.
[TABLE]
[TR]
[TD]Dial-a-fix does not work with any Windows OS higher than Windows XP. This includes Windows Vista, Windows 7.
Dial-a-fix also has a critical unpatched bug that will delete your C:\Documents folder.
It is highly recommended to read the Warnings page before downloading and using this software.
[/TD]
[/TR]
[/TABLE]
Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free anti-malware download
Databaseversie: v2013.09.24.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Shirley :: EIGENAAR-8B348D [administrator]
24-9-2013 19:15:26
mbam-log-2013-09-24 (19-15-26).txt
Scan type: Volledige scan (C:\|D:\|I:\|K:\|Z:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 545821
Verstreken tijd: 6 uur/uren, 52 minuut/minuten, 36 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 2
C:\Program Files\rcpsetup_onlyad3.exe (PUP.Optional.RegCleanerPro) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\WINDOWS\system32\roboot.exe (PUP.Optional.PCPerformer.A) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
-
Ik kan geen enkele mail opslaan... hellup..please:adore:
-
-
mmm oke! Helaas ben ik nog niet van de rottigheid af. Als ik mail wil opslaan blijft dit gebeuren.
Soms als ik de outlook afsluit en weer opstart lukt het even weer wel maar
na een korte tijd gebeurd het weer. Ik hoop dat je het kan oplossen voor me.
Dank je wel,
Shirley
Ik krijg nog steeds bij het opslaan van mijn mail de volgende foutmeldingen
-
Hi, Er zat heel veel in de box van Avira. Dat wist ik niet dat deze bij tijd en wijle moest geleegd worden en ik dacht als het in quarantaine zit niets meer kon aanrichten? Ik ga de pc testen en hope for the best.... Ik laat het morgen weten of het opgelost is. Dank je wel en
Mooi weekend,
Shirley
-
Hi, Ik heb het report, nu wel gelukt:top:. Ik heb ipv in quarantaine voor verwijderd gekozen. Ik hoop dat dit geen consequenties heeft! Het was nog vroeg..... Tks want denk dat we er zijn... Er zat een Trojan horse te etteren...
Emsisoft Emergency Kit - Versie 4.0
Laatste Update: 20-9-2013 5:32:59
Gebruikersaccount: EIGENAAR-8B348D\Shirley
Scaninstellingen:
Scanmodus: Diepe scan
Objecten: Rootkits, Geheugen, Sporen, C:\, D:\
Detecteer PUPs: Aan
Scan archieven: Aan
ADS Scan: Aan
Bestandsextensiefilter: Uit
Geavanceerde cache: Aan
Directe schijftoegang: Uit
Scan gestart: 20-9-2013 5:35:25
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\4d1a870e.qua -> (Quarantine-8) -> (IFRAME 2) Ontdekt: Trojan.Iframe.CEG (
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\558dae39.qua -> (Quarantine-8) -> (IFRAME 2) Ontdekt: Trojan.Iframe.CEG (
Gescand: 496223
Gevonden: 2
Scan geëindigd: 20-9-2013 7:34:40
Scantijd: 1:59:15
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\4d1a870e.qua Verwijderd Trojan.Iframe.CEG (
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\558dae39.qua Verwijderd Trojan.Iframe.CEG (
Verwijderd 2
-
Hi, Ik heb gisteravond en vandaag alles afgezocht. Ik heb combofix al meerdere keren verwijderd en geinstalleerd. Ook dat mag niet helpen. Ik heb met de optie zoeken (Search companion) ook nog gezocht. Ik heb echt geen report van combofix. Het gekke is als ik bij configuratiescherm in de software kijk staat deze combofix ook niet tussen? Wat nu?
-
Goede morgen, Mooie dag! Ik heb combofix geïnstalleerd maar ik krijg geen report? Wat to do?
Tks, Shirley
-
sorry voor zo vaak dezelfde reports...Ik kreeg elke keer als ik op snel reageren drukte bij het verzenden deze foutmelding en dan werd deze website afgesloten en heb ik het talloze keren zoals je boven kan zien geprobeerd:rofl: en nu zie worden ze pas getoond... Ik hoop dat het niet al te ernstig is wat er op de PC huist... Dank je wel voor alle moeite alvast Groetjes, Shirley
-
Hi, hierbij het logreport! Ik hoop dat je het weet op te lossen. Ik kan heel de tijd me mail niet opslaan dan krijg ik een melding "de bewerking is mislukt".
Dank je wel alvast,
Logfile of random's system information tool 1.09 (written by random/random)
Run by Shirley at 2013-09-17 16:41:55
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 694 GB (87%) free of 800 GB
Total RAM: 3326 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:42:06, on 17-9-2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\KPN\Mobiel Internet Software\LoggerServer.exe
C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files\KPN Back-up Online\BackupSC.exe
C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\KPN Back-up Online\BackupFP.exe
C:\Program Files\Synology\Assistant\UsbClientService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Trust\250S Series\lwbwheel.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\File Type Assistant\tsassist.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
C:\PROGRA~1\MICROS~3\Office14\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\RSIT.exe
C:\Program Files\trend micro\Shirley.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EspressoBHO - {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\Espresso.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLSService] "C:\Program Files\DYMO\DYMO Label Software\DLSService.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized
O4 - HKCU\..\Run: [uninstallHelper] "C:\Program Files\W3i\UninstallHelper\UninstallHelper.exe" /silent /autorun
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [HP Officejet 6500 E710n-z (NET)] "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AG344D905JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1
O4 - HKCU\..\Run: [DymoQuickPrint] "C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-21-1644491937-1757981266-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'Default user')
O4 - Startup: Inktwaarschuwingen controleren - HP Officejet 6500 E710n-z (netwerk).lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe
O9 - Extra 'Tools' menuitem: HP Smart Print 2.1 - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1346769824031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346836882578
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BecHelperService - Unknown owner - C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: KPN Back-up Online SC - KPN - C:\Program Files\KPN Back-up Online\BackupSC.exe
O23 - Service: Mamut Synchronization Service (MamutSyncService) - Mamut ASA - C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files\Synology\Assistant\UsbClientService.exe
O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
--
End of file - 15773 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\ProgramUpdateCheck.job
C:\WINDOWS\tasks\SDMsgUpdate (TE).job
C:\WINDOWS\tasks\User_Feed_Synchronization-{DEC59399-4375-4259-88F2-4A61A75B72EF}.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\27zl3w7v.default
prefs.js - "browser.startup.homepage" - "MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"
prefs.js - "keyword.URL" - "Bing="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@dymo.com/DymoLabelFramework]
"Description"=DYMO Label Framework Plugin
"Path"=C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1]
"Description"=Microsoft Download Manager
"Path"=C:\WINDOWS\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files\Nitro\Pro 8\npnitromozilla.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\27zl3w7v.default\searchplugins\
bingp.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-12 462248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-18 192592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2012-12-18 1000984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-12 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6C6509-FE36-44B0-A917-6C2A0DDBDF88}]
HP Smart Print Helper - C:\Program Files\Hewlett-Packard\Smart Print 2.1\Espresso.dll [2012-12-14 2491856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-18 192592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-27 16875008]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-05-15 1634112]
"MobileBroadband"=C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2011-06-14 279552]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-09-02 347192]
"LWBMOUSE"=C:\Program Files\Trust\250S Series\lwbwheel.exe [2001-04-20 429568]
"PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2005-12-13 217088]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"DLSService"=C:\Program Files\DYMO\DYMO Label Software\DLSService.exe []
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]
"Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2011-11-29 96128]
"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2011-08-30 223104]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-09-06 39408]
"VoipBuster"=C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe [2013-06-24 19378496]
"KPNBackupOnline"=C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe [2012-06-27 9451384]
"UninstallHelper"=C:\Program Files\W3i\UninstallHelper\UninstallHelper.exe [2012-10-12 898200]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-11-30 1306624]
"HP Officejet 6500 E710n-z (NET)"=C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2012-10-17 1837672]
"DymoQuickPrint"=C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe [2011-01-28 1825360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-07-25 20681584]
C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Shirley\Menu Start\Programma's\Opstarten
Inktwaarschuwingen controleren - HP Officejet 6500 E710n-z (netwerk).lnk - C:\WINDOWS\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-15 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service"
"C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:*:Enabled:VoipBuster"
"C:\Program Files\Synology\Assistant\DSAssistant.exe"="C:\Program Files\Synology\Assistant\DSAssistant.exe:*:Enabled:DSAssistant"
"C:\Program Files\KPN Back-up Online\BackupUP.exe"="C:\Program Files\KPN Back-up Online\BackupUP.exe:*:Enabled:Updater"
"C:\Program Files\KPN Back-up Online\BackupFP.exe"="C:\Program Files\KPN Back-up Online\BackupFP.exe:*:Enabled:BackupFP"
"C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe:*:Enabled:BackupManager"
"C:\Program Files\File Type Assistant\tsassist.exe"="C:\Program Files\File Type Assistant\tsassist.exe:*:Enabled:ProgramUpdateCheck"
"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\FaxApplications.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\FaxApplications.exe:LocalSubNet:Enabled:HP Officejet 6500 E710n-z FaxApplications"
"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DigitalWizards.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DigitalWizards.exe:LocalSubNet:Enabled:HP Officejet 6500 E710n-z DigitalWizards"
"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\SendAFax.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\SendAFax.exe:LocalSubNet:Enabled:HP Officejet 6500 E710n-z SendFaxAppExe"
"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP apparaatinstellingen (HP Officejet 6500 E710n-z)"
"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Netwerkcommunicator (HP Officejet 6500 E710n-z)"
"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe:LocalSubNet:Enabled:HP Netwerkcommunicator-COM (HP Officejet 6500 E710n-z)"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe"="C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe:*:Enabled:sqlservr.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe"="C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe:*:Enabled:sqlbrowser.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\KPN Back-up Online\BackupUP.exe"="C:\Program Files\KPN Back-up Online\BackupUP.exe:*:Enabled:Updater"
"C:\Program Files\KPN Back-up Online\BackupFP.exe"="C:\Program Files\KPN Back-up Online\BackupFP.exe:*:Enabled:BackupFP"
"C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe:*:Enabled:BackupManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
======List of files/folders created in the last 1 month======
2013-09-17 16:41:55 ----D---- C:\rsit
2013-09-17 16:41:55 ----D---- C:\Program Files\trend micro
2013-09-17 16:41:49 ----A---- C:\Program Files\RSIT.exe
2013-09-16 21:55:15 ----D---- C:\Documents and Settings\All Users\Application Data\boost_interprocess
2013-09-16 21:42:15 ----D---- C:\WINDOWS\Temp
2013-09-16 21:42:15 ----A---- C:\WINDOWS\zoek-delete.exe
2013-09-14 20:26:49 ----SHD---- C:\Config.Msi
2013-09-13 22:06:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$
2013-09-13 22:06:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2013-09-13 22:05:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2013-09-13 10:17:34 ----D---- C:\Documents and Settings\Shirley\Application Data\Skype
2013-09-13 10:17:27 ----D---- C:\Program Files\Common Files\Skype
2013-09-13 10:17:25 ----RD---- C:\Program Files\Skype
2013-09-13 10:17:18 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2013-09-13 10:12:07 ----A---- C:\Program Files\SkypeSetupFull.exe
2013-09-12 15:37:07 ----D---- C:\Program Files\Common Files\Java
2013-09-12 15:36:54 ----A---- C:\WINDOWS\system32\javaws.exe
2013-09-12 15:36:42 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-09-12 15:36:42 ----A---- C:\WINDOWS\system32\javaw.exe
2013-09-12 15:36:42 ----A---- C:\WINDOWS\system32\java.exe
2013-09-12 15:36:22 ----D---- C:\Program Files\Java
2013-09-10 12:28:23 ----A---- C:\WINDOWS\ODBC.INI
2013-09-10 12:27:48 ----A---- C:\WINDOWS\system32\cdintf400.dll
2013-09-10 12:27:14 ----D---- C:\Program Files\Mamut
2013-09-10 12:20:24 ----A---- C:\WINDOWS\system32\perf-MSSQL10_50.MAMUT-sqlagtctr.dll
2013-09-10 12:20:11 ----A---- C:\WINDOWS\system32\perf-MSSQL$MAMUT-sqlctr10.50.1600.1.dll
2013-09-10 12:19:28 ----D---- C:\WINDOWS\system32\RsFx
2013-09-10 12:18:56 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2013-09-10 12:07:26 ----D---- C:\Program Files\Microsoft Sync Framework
2013-09-05 15:21:38 ----D---- C:\Documents and Settings\Shirley\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
2013-09-05 15:21:25 ----D---- C:\Program Files\Common Files\Adobe AIR
2013-09-03 21:30:02 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla
2013-09-03 21:30:01 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-09-03 21:29:40 ----D---- C:\Program Files\Mozilla Firefox
2013-09-03 21:28:47 ----A---- C:\Program Files\Firefox Setup Stub 23.0.1.exe
2013-08-29 19:22:56 ----HD---- C:\WINDOWS\PIF
2013-08-28 16:25:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$
======List of files/folders modified in the last 1 month======
2013-09-17 16:41:55 ----RD---- C:\Program Files
2013-09-17 12:40:41 ----D---- C:\WINDOWS\system32
2013-09-16 22:51:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-09-16 21:57:25 ----D---- C:\WINDOWS\Prefetch
2013-09-16 21:55:00 ----SHD---- C:\System Volume Information
2013-09-16 21:54:47 ----D---- C:\WINDOWS
2013-09-16 21:31:03 ----SD---- C:\WINDOWS\Tasks
2013-09-16 21:30:51 ----D---- C:\Program Files\Common Files
2013-09-16 20:41:26 ----D---- C:\WINDOWS\Registration
2013-09-16 14:20:47 ----D---- C:\Documents and Settings\Shirley\Application Data\Nitro PDF
2013-09-15 16:33:06 ----D---- C:\Documents and Settings\Shirley\Application Data\Nitro
2013-09-15 14:08:16 ----D---- C:\WINDOWS\Debug
2013-09-14 21:05:39 ----D---- C:\WINDOWS\system32\NtmsData
2013-09-14 20:30:16 ----SHD---- C:\WINDOWS\Installer
2013-09-14 19:29:45 ----D---- C:\WINDOWS\system32\drivers
2013-09-13 22:11:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-09-13 22:11:04 ----HD---- C:\WINDOWS\inf
2013-09-13 22:11:01 ----D---- C:\Program Files\Internet Explorer
2013-09-13 22:10:42 ----D---- C:\WINDOWS\ie8updates
2013-09-13 22:10:34 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-09-13 22:00:47 ----D---- C:\WINDOWS\system32\MRT
2013-09-13 21:55:24 ----A---- C:\WINDOWS\system32\MRT.exe
2013-09-13 12:18:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-13 06:55:51 ----D---- C:\WINDOWS\system32\CatRoot2
2013-09-12 15:36:24 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-09-12 15:36:24 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-09-11 09:18:35 ----D---- C:\Program Files\File Type Assistant
2013-09-10 12:45:14 ----SD---- C:\Documents and Settings\Shirley\Application Data\Microsoft
2013-09-10 12:28:23 ----A---- C:\WINDOWS\ODBCINST.INI
2013-09-10 12:27:34 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-09-10 12:27:19 ----RSD---- C:\WINDOWS\Fonts
2013-09-10 12:24:07 ----RSD---- C:\WINDOWS\assembly
2013-09-10 12:24:07 ----D---- C:\WINDOWS\Microsoft.NET
2013-09-10 12:20:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-10 12:19:32 ----D---- C:\Program Files\Microsoft SQL Server
2013-09-10 12:18:29 ----D---- C:\WINDOWS\WinSxS
2013-09-10 12:17:52 ----D---- C:\WINDOWS\system32\1033
2013-09-05 15:21:31 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2013-09-05 15:21:26 ----D---- C:\Program Files\Adobe
2013-09-05 15:21:15 ----D---- C:\Documents and Settings\Shirley\Application Data\Adobe
2013-09-03 21:31:39 ----D---- C:\Documents and Settings\Shirley\Application Data\mozilla
2013-09-03 21:24:50 ----D---- C:\WINDOWS\Network Diagnostic
2013-09-02 16:41:12 ----D---- C:\Documents and Settings\All Users\Application Data\Davilex Business
2013-08-31 12:26:12 ----D---- C:\Documents and Settings\Shirley\Application Data\vlc
2013-08-21 08:59:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2013-08-20 16:39:49 ----D---- C:\Program Files\backups
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2013-09-02 136672]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-03-28 37352]
R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2013-09-02 88840]
R2 mdvrmng;Mobile IP Route Manager; \??\C:\WINDOWS\system32\drivers\mdvrmng.sys []
R3 busenum;Synology Virtual USB Hub; C:\WINDOWS\system32\DRIVERS\busenum.sys [2012-08-27 45792]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-15 144384]
R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-15 10368]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2011-06-10 73344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-27 4742656]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-05-11 41888]
R3 LVUVC;Logitech QuickCam Fusion(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-05-11 3580832]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-15 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-06-16 109184]
R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-09-06 6912]
R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-15 32128]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbstor;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-15 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-15 14720]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\DOCUME~1\Shirley\LOCALS~1\Temp\RarSFX0\kerneld.x32 []
S3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2010-07-28 1756384]
S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2011-06-10 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [2011-06-10 11136]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys [2011-06-10 89856]
S3 huawei_cdcecm;huawei_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_jucdcecm.sys [2011-06-10 64512]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\WINDOWS\system32\DRIVERS\ew_juextctrl.sys [2011-06-10 26624]
S3 massfilter;MBB Mass Storage Filter Driver; C:\WINDOWS\system32\DRIVERS\massfilter.sys [2011-12-08 9216]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\WINDOWS\system32\DRIVERS\netaapl.sys [2012-03-26 18432]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SONYPVU1;Sony USB-filterstuurrapparaat (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2011-12-08 107776]
S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys [2011-12-08 116736]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2011-12-08 107776]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2011-12-08 107776]
S4 RsFx0150;RsFx0150 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-09-02 84024]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-09-02 108088]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-09-02 815160]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 BecHelperService;BecHelperService; C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe [2012-09-06 1915904]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 DymoPnpService;DYMO PnP Service; C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe [2011-01-28 32336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-09-12 182696]
R2 KPN Back-up Online SC;KPN Back-up Online SC; C:\Program Files\KPN Back-up Online\BackupSC.exe [2012-06-27 415608]
R2 MamutSyncService;Mamut Synchronization Service; C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe [2012-12-14 11776]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MSSQL$MAMUT;SQL Server (MAMUT); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe [2010-04-03 42884448]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [2012-12-13 196616]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 97632]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-09-12 5071712]
R2 UsbClientService;UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [2012-09-18 248704]
R2 VmbService;Vodafone Mobile Broadband-service; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-06-14 9216]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-06 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13 257416]
S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-06 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-10 194032]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-14 117656]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$MAMUT;SQL Server Agent (MAMUT); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 367456]
-----------------EOF-----------------
-
Done as told! en zie hier het rapport...
Ik ben benieuwd naar je feedback? Dank je wel alvast en mooie avond,
We vragen tegenwoordig om Rsit logjes.Zoek.exe Version 4.0.0.4 Updated 14-September-2013
Tool run by Shirley on ma 16-09-2013 at 21:19:50,76.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\DOCUME~1\Shirley\LOCALS~1\Temp\Rar$DIa0.057\zoek.scr [script inserted]
==== System Restore Info ======================
16-9-2013 21:20:49 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1644491937-1757981266-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{12760D28-0A7A-4375-A8B6-C0F47EA21AA9} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\27zl3w7v.default
user.js not found
---- Lines Search removed from prefs.js ----
---- Lines Search modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"c:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1346832550828,\"rdfTime\":1232707720000},\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\Program Files\\\\Microsoft\\\\Search Enhancement Pack\\\\Default Manager\\\\DMExtension\",\"mtime\":1346903037968,\"rdfTime\":1273492620000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1378236595290,\"rdfTime\":1376493606000}}}]");
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- Lines browser.startup.page modified from prefs.js ----
---- FireFox user.js and prefs.js backups ----
prefs_16-09-2013_2130_.backup
==== Deleting Files \ Folders ======================
"C:\Documents and Settings\Shirley\Menu Start\Programma's\Qtrax Player.lnk" deleted
"C:\WINDOWS\tasks\At1.job" deleted
"C:\WINDOWS\tasks\At2.job" deleted
"C:\WINDOWS\tasks\At3.job" deleted
"C:\WINDOWS\tasks\At4.job" deleted
"C:\WINDOWS\tasks\At5.job" deleted
"C:\WINDOWS\tasks\At6.job" deleted
"C:\WINDOWS\tasks\At7.job" deleted
"C:\WINDOWS\tasks\At8.job" deleted
"C:\Documents and Settings\All Users\Application Data\boost_interprocess\D060107CA1B2CE01\BACKUP_FP_MUTEX" deleted
"C:\Program Files\Common Files\ParetoLogic" deleted
"C:\Documents and Settings\Shirley\Application Data\ParetoLogic" deleted
"C:\Documents and Settings\Shirley\Application Data\DriverCure" deleted
"C:\Documents and Settings\Shirley\Application Data\DSite" deleted
"C:\Documents and Settings\Shirley\Qtrax" deleted
"C:\Documents and Settings\All Users\Application Data\boost_interprocess" not deleted
"C:\Documents and Settings\All Users\Application Data\ParetoLogic" deleted
"C:\WINDOWS\System32\AI_RecycleBin" deleted
"C:\Documents and Settings\All Users\Application Data\boost_interprocess\D060107CA1B2CE01" not deleted
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
2013-09-10 10:28:23 C0728A5F9A8BB6C5CC85E1EB02CFC129 403 ----a-w- C:\WINDOWS\ODBC.INI
====== C:\DOCUME~1\Shirley\LOCALS~1\Temp ====
2013-09-13 08:17:33 AC2CA2C713FDB6B491E8AA260075ECB4 2188944 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\BingBarSetup-Partner.exe
2013-09-10 10:26:42 7E6A5949EB8AC8B2DD5C8308BFF08D41 598016 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\certutil.exe
2013-09-10 10:26:26 F9F3AC8D429D0F0E21F638FE2114EA77 4247218 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\MamutBootstrapper\setup.exe
2013-09-10 10:26:17 BE88614985090A1CF6D46404D96C751B 9119232 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\MamutBootstrapper\mamut business software.msi
2013-09-10 10:26:11 CEFC82F6C5A3866EC247225F80D65890 5367710 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\MamutBootstrapper\mamut business software.exe
2013-09-10 10:12:29 2019A6394520A2BD3510D90CE69E05A0 74524000 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\MamutBootstrapper\ISSETUPPREREQUISITES\{57154C7C-EDB2-3BFD-A8BA-924C60913EBF}\sqlexpr_x86_enu.exe
2013-09-10 10:07:22 468854AB6E28C0A55777171BA8D5B01B 921088 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\MamutBootstrapper\ISSETUPPREREQUISITES\{80E0CCB7-CD66-4D50-ADD5-B64BCC98039D}\synchronization-v2.1-x86-enu.msi
2013-09-07 06:51:01 D0D8A48ED414BFE5B50F2C83408746B1 1177552 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_C15E1.tmp\setup.exe
====== Java Cache =====
2013-09-12 13:57:19 34974EBC4B9851E56765683501E4DA9E 12446 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\2\3b402a82-1af0d7a7
2013-09-12 13:52:41 581BE739266C1901E6AE268C34DBA438 6180 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\22\22e17456-36b89d76
2013-09-12 13:52:40 7F5135B0644F36A9791B615B0993C6EC 651 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\25\41c97319-17a6c575
2013-09-12 13:57:07 D80698A4A1D4696758C34FB854687A55 27665 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\27\5e64069b-53c994e7
2013-09-12 13:57:18 50CC385ADA39E542684EB3BC99B95074 52272 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\32\74ead020-6f8d19e5
2013-08-18 18:13:25 56218164EE019834EDBD46A2FA1AD2C1 151861 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\38\31eb7726-6809b2b0
2013-09-12 13:57:18 DEFE4A047817598E1957E15F017D9E7D 48809 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\51\4c3d3633-4cc33f43
2013-09-12 13:57:18 05B6BC465E85439351B9E1F42FFF85C4 23240 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\62\6fad133e-117c6f9e
====== C:\WINDOWS\system32 =====
2013-09-16 05:59:16 !HASH: COULD NOT OPEN FILE !!!!! 97787879 ----a-w- C:\WINDOWS\System32\??L
2013-09-13 04:54:15 A92C0EBD06660FE7A75605682163A7FE 97503480 ----a-w- C:\WINDOWS\System32\??L
2013-09-12 17:41:25 A5D78A802E77BFA998E39C3BA92895FE 97373152 ----a-w- C:\WINDOWS\System32\??L
2013-09-12 13:36:54 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 ----a-w- C:\WINDOWS\System32\javaws.exe
2013-09-12 13:36:54 409ADC57814C2E2A15A798BF4BE05ED3 144896 ----a-w- C:\WINDOWS\System32\javacpl.cpl
2013-09-12 13:36:42 EC94122E6DCB6E731D8513A89AC9CF12 175016 ----a-w- C:\WINDOWS\System32\javaw.exe
2013-09-12 13:36:42 EC2A0F271C0FD4AD57B137845577F539 175016 ----a-w- C:\WINDOWS\System32\java.exe
2013-09-12 13:36:42 65F0FBCDBBA20FC4B0DADCA922150A99 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll
2013-09-10 10:27:48 8C942BE66B44087A6D9F69E33776D3FC 4218880 ----a-w- C:\WINDOWS\System32\cdintf400.dll
2013-09-10 10:20:24 E5F6DE3C06CF0215D6E86D11339F8F74 47456 ----a-w- C:\WINDOWS\System32\perf-MSSQL10_50.MAMUT-sqlagtctr.dll
2013-09-10 10:20:11 B2E85EDAA157EE74547E210B23E204B6 73568 ----a-w- C:\WINDOWS\System32\perf-MSSQL$MAMUT-sqlctr10.50.1600.1.dll
2013-09-08 10:05:32 EC3BCD3C23B1C13707761EF807204594 96566691 ----a-w- C:\WINDOWS\System32\???6
2013-09-05 05:00:50 F912F7BC301561C2AA65426E9A108F25 96185213 ----a-w- C:\WINDOWS\System32\???6
====== C:\WINDOWS\system32\drivers =====
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2013-09-13 08:17:27 -------- d-----w- C:\Program Files\Common Files\Skype
2013-09-13 08:17:25 -------- d-----r- C:\Program Files\Skype
2013-09-13 08:12:07 32776560 ----a-w- C:\Program Files\SkypeSetupFull.exe
2013-09-12 13:37:07 -------- d-----w- C:\Program Files\Common Files\Java
2013-09-12 13:36:22 -------- d-----w- C:\Program Files\Java
2013-09-10 10:27:14 -------- d-----w- C:\Program Files\Mamut
2013-09-10 10:18:56 -------- d-----w- C:\Program Files\Microsoft Visual Studio 9.0
2013-09-05 13:21:25 -------- d-----w- C:\Program Files\Common Files\Adobe AIR
2013-09-03 19:30:01 -------- d-----w- C:\Program Files\Mozilla Maintenance Service
2013-09-03 19:28:47 281776 ----a-w- C:\Program Files\Firefox Setup Stub 23.0.1.exe
======= C: =====
====== C:\Documents and Settings\Shirley\Application Data ======
2013-09-13 08:17:34 -------- d-----w- C:\Documents and Settings\Shirley\Application Data\Skype
2013-09-05 13:21:38 -------- d-----w- C:\Documents and Settings\Shirley\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
2013-09-03 19:30:45 -------- d-----w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Mozilla
====== C:\Documents and Settings\Shirley ======
2013-09-15 12:10:48 -------- d--h--r- C:\Documents and Settings\Shirley\Onlangs geopend
====== C: exe-files ==
=== C: other files ==
2013-09-12 13:36:27 8C636C988365FC3E61F1B5C5ACECCB55 18675 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip
==== Firefox Extensions ======================
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\27zl3w7v.default
101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update
7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
43CEBDFA8B91BEB5FEBD4F9E6768AEF2 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
F045DF7AF127DC4BCC53421850114E15 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In
CA0E1DFBE480CF0BE13A0883BEB378B6 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U40
AF661355EBAB898EB92D5454AEF93CE0 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.400.43
F00A0EF5835E1B96F783D617F1948704 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
607D5DD893D217BCA2449F4A483818B5 - C:\Program Files\Nitro\Pro 8\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome
626791785FF2A338575E8AF0563D8333 - C:\WINDOWS\npMSDM.dll - Microsoft Download Manager Plugin
D487461B647B19ECF4AF4C930A47BB2D - C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll - DYMO Label Framework
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
BBAFE24293695D557DC2319346C316A7 - C:\Program Files\Nitro\Pro 8\npnitroie.dll - Nitro PDF plugin for Internet Explorer
BC487C715486F7BFD9D88FAB92549BFA - C:\Program Files\Nitro\Pro 8\npdf.dll - Nitro PDF Library
A9657C67E350EA087350DA5895307E54 - C:\Program Files\Nitro\Pro 8\NPShellExtension.dll - Nitro Pro ShellExtension
7D28153B7D586330678AD522B71D89CB - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight
3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaaabfjnbeinlpljodiajipidiompfl - C:\Documents and Settings\Shirley\Local Settings\Application Data\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.5.0.crx[]
Avira Toolbar - Han Struijk - Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Docs - Han Struijk - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Han Struijk - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Han Struijk - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Han Struijk - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Han Struijk - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome In-App Payments service - Shirley - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
==== Chrome Fix ======================
C:\Documents and Settings\Han Struijk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="You have just opened a new tab#"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"
{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} Unknown Url="Not_Found"
{E2C641D8-1D04-406F-B618-F0DC91567D5B} Bing Url="{searchTerms} - Bing"
{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD} Google Url="{searchTerms} - Buscar con Google"
==== Reset Google Chrome ======================
C:\Documents and Settings\Han Struijk\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Shirley\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Han Struijk\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Documents and Settings\Shirley\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1644491937-1757981266-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-1644491937-1757981266-1801674531-1011\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-1644491937-1757981266-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl deleted successfully
==== Empty IE Cache ======================
C:\Documents and Settings\Causeway\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Han Struijk\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Shirley\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Shirley\Local Settings\Temporary Internet Files\Content.IE5\6IG1OYFD will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\Shirley\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Documents and Settings\Han Struijk\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Documents and Settings\Shirley\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Shirley\LOCALS~1\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\Shirley\Local Settings\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\Documents and Settings\All Users\Application Data\boost_interprocess" not deleted
"C:\Documents and Settings\Shirley\Local Settings\Temporary Internet Files\Content.IE5\6IG1OYFD" not found
==== EOF on ma 16-09-2013 at 21:58:41,90 ======================
Download Zoek.zip naar het bureaublad.
- Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
- Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
- Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
- Dubbelklik vervolgens op Zoek.exe om de tool te starten.
- Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
- Kopieer nu onderstaande code en plak die in het grote invulvenster:
-
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
emptyclsid; firefoxlook; Chromelook; CHRdefaults; autoclean; iedefaults; filesrcm;
- Klik nu op de knop "Run script".
- Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
- Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
- Post het geopende logje in het volgende bericht als bijlage.
- Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
-
Hi, hier niet alles oke denk ik.
Ik kreeg deze foutmelding! meerdere malen.
Ik heb het hijack report toegevoegd.
Weten jullie wat er hier aan de hand is?
Dank je wel alvast en mooie avond!
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:51:56, on 16-9-2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\KPN\Mobiel Internet Software\LoggerServer.exe
C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files\KPN Back-up Online\BackupSC.exe
C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\KPN Back-up Online\BackupFP.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Synology\Assistant\UsbClientService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Trust\250S Series\lwbwheel.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\PROGRA~1\MICROS~3\Office14\OUTLOOK.EXE
C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\DYMO\DYMO Label Software\DLS.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Davilex Business\Davilex Business\Business.exe
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\File Type Assistant\tsassist.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EspressoBHO - {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\Espresso.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLSService] "C:\Program Files\DYMO\DYMO Label Software\DLSService.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized
O4 - HKCU\..\Run: [uninstallHelper] "C:\Program Files\W3i\UninstallHelper\UninstallHelper.exe" /silent /autorun
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [HP Officejet 6500 E710n-z (NET)] "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AG344D905JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1
O4 - HKCU\..\Run: [DymoQuickPrint] "C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-21-1644491937-1757981266-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'Default user')
O4 - Startup: Inktwaarschuwingen controleren - HP Officejet 6500 E710n-z (netwerk).lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe
O9 - Extra 'Tools' menuitem: HP Smart Print 2.1 - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1346769824031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346836882578
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BecHelperService - Unknown owner - C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: KPN Back-up Online SC - KPN - C:\Program Files\KPN Back-up Online\BackupSC.exe
O23 - Service: Mamut Synchronization Service (MamutSyncService) - Mamut ASA - C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files\Synology\Assistant\UsbClientService.exe
O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
--
End of file - 16383 bytes
foutmelding
in Archief Internet & Netwerk
Geplaatst:
klopt zag het later en de website is UP! lag idd aan de site!. Dank je wel voor de hulp