Ga naar inhoud

rare foutmelding en pc is traag en loopt vast


 Delen

Aanbevolen berichten

Hi, hier niet alles oke denk ik.

Ik kreeg deze foutmelding! meerdere malen.

post-16221-1417705544,4685_thumb.jpg

Ik heb het hijack report toegevoegd.

Weten jullie wat er hier aan de hand is?

Dank je wel alvast en mooie avond!

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:51:56, on 16-9-2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\KPN\Mobiel Internet Software\LoggerServer.exe

C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe

C:\Program Files\KPN Back-up Online\BackupSC.exe

C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\KPN Back-up Online\BackupFP.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\Synology\Assistant\UsbClientService.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\TeamViewer\Version8\TeamViewer.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Trust\250S Series\lwbwheel.exe

C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Olympus\ib\olycamdetect.exe

C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe

C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe

C:\Program Files\TeamViewer\Version8\tv_w32.exe

C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe

C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe

C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\WINDOWS\system32\RunDll32.exe

C:\WINDOWS\system32\WISPTIS.EXE

C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

C:\PROGRA~1\MICROS~3\Office14\OUTLOOK.EXE

C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\DYMO\DYMO Label Software\DLS.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Davilex Business\Davilex Business\Business.exe

C:\Program Files\Microsoft Office\Office14\EXCEL.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Microsoft Office\Office14\EXCEL.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\File Type Assistant\tsassist.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\HijackThis.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: EspressoBHO - {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\Espresso.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet

O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [DLSService] "C:\Program Files\DYMO\DYMO Label Software\DLSService.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup

O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized

O4 - HKCU\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized

O4 - HKCU\..\Run: [uninstallHelper] "C:\Program Files\W3i\UninstallHelper\UninstallHelper.exe" /silent /autorun

O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

O4 - HKCU\..\Run: [HP Officejet 6500 E710n-z (NET)] "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AG344D905JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1

O4 - HKCU\..\Run: [DymoQuickPrint] "C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-21-1644491937-1757981266-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'Default user')

O4 - Startup: Inktwaarschuwingen controleren - HP Officejet 6500 E710n-z (netwerk).lnk = ?

O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe

O9 - Extra 'Tools' menuitem: HP Smart Print 2.1 - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1346769824031

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346836882578

O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254

O17 - HKLM\System\CS1\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254

O17 - HKLM\System\CS2\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: BecHelperService - Unknown owner - C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: KPN Back-up Online SC - KPN - C:\Program Files\KPN Back-up Online\BackupSC.exe

O23 - Service: Mamut Synchronization Service (MamutSyncService) - Mamut ASA - C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: UsbClientService - Unknown owner - C:\Program Files\Synology\Assistant\UsbClientService.exe

O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

--

End of file - 16383 bytes

foutmelding.txt

Link naar reactie
Delen op andere sites


  • Reacties 30
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

We vragen tegenwoordig om Rsit logjes.

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
    
    
    emptyclsid;
    firefoxlook; 
    Chromelook; 
    CHRdefaults;
    autoclean; 
    iedefaults; 
    filesrcm;
    
    
    


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Link naar reactie
Delen op andere sites

Done as told! en zie hier het rapport...

Ik ben benieuwd naar je feedback? Dank je wel alvast en mooie avond,

We vragen tegenwoordig om Rsit logjes.

Zoek.exe Version 4.0.0.4 Updated 14-September-2013

Tool run by Shirley on ma 16-09-2013 at 21:19:50,76.

Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\DOCUME~1\Shirley\LOCALS~1\Temp\Rar$DIa0.057\zoek.scr [script inserted]

==== System Restore Info ======================

16-9-2013 21:20:49 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1644491937-1757981266-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{12760D28-0A7A-4375-A8B6-C0F47EA21AA9} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\27zl3w7v.default

user.js not found

---- Lines Search removed from prefs.js ----

---- Lines Search modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"c:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1346832550828,\"rdfTime\":1232707720000},\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\Program Files\\\\Microsoft\\\\Search Enhancement Pack\\\\Default Manager\\\\DMExtension\",\"mtime\":1346903037968,\"rdfTime\":1273492620000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1378236595290,\"rdfTime\":1376493606000}}}]");

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 1);

---- Lines browser.startup.page modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_16-09-2013_2130_.backup

==== Deleting Files \ Folders ======================

"C:\Documents and Settings\Shirley\Menu Start\Programma's\Qtrax Player.lnk" deleted

"C:\WINDOWS\tasks\At1.job" deleted

"C:\WINDOWS\tasks\At2.job" deleted

"C:\WINDOWS\tasks\At3.job" deleted

"C:\WINDOWS\tasks\At4.job" deleted

"C:\WINDOWS\tasks\At5.job" deleted

"C:\WINDOWS\tasks\At6.job" deleted

"C:\WINDOWS\tasks\At7.job" deleted

"C:\WINDOWS\tasks\At8.job" deleted

"C:\Documents and Settings\All Users\Application Data\boost_interprocess\D060107CA1B2CE01\BACKUP_FP_MUTEX" deleted

"C:\Program Files\Common Files\ParetoLogic" deleted

"C:\Documents and Settings\Shirley\Application Data\ParetoLogic" deleted

"C:\Documents and Settings\Shirley\Application Data\DriverCure" deleted

"C:\Documents and Settings\Shirley\Application Data\DSite" deleted

"C:\Documents and Settings\Shirley\Qtrax" deleted

"C:\Documents and Settings\All Users\Application Data\boost_interprocess" not deleted

"C:\Documents and Settings\All Users\Application Data\ParetoLogic" deleted

"C:\WINDOWS\System32\AI_RecycleBin" deleted

"C:\Documents and Settings\All Users\Application Data\boost_interprocess\D060107CA1B2CE01" not deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2013-09-10 10:28:23 C0728A5F9A8BB6C5CC85E1EB02CFC129 403 ----a-w- C:\WINDOWS\ODBC.INI

====== C:\DOCUME~1\Shirley\LOCALS~1\Temp ====

2013-09-13 08:17:33 AC2CA2C713FDB6B491E8AA260075ECB4 2188944 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\BingBarSetup-Partner.exe

2013-09-10 10:26:42 7E6A5949EB8AC8B2DD5C8308BFF08D41 598016 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\certutil.exe

2013-09-10 10:26:26 F9F3AC8D429D0F0E21F638FE2114EA77 4247218 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\MamutBootstrapper\setup.exe

2013-09-10 10:26:17 BE88614985090A1CF6D46404D96C751B 9119232 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\MamutBootstrapper\mamut business software.msi

2013-09-10 10:26:11 CEFC82F6C5A3866EC247225F80D65890 5367710 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\MamutBootstrapper\mamut business software.exe

2013-09-10 10:12:29 2019A6394520A2BD3510D90CE69E05A0 74524000 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\MamutBootstrapper\ISSETUPPREREQUISITES\{57154C7C-EDB2-3BFD-A8BA-924C60913EBF}\sqlexpr_x86_enu.exe

2013-09-10 10:07:22 468854AB6E28C0A55777171BA8D5B01B 921088 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Temp\MamutBootstrapper\ISSETUPPREREQUISITES\{80E0CCB7-CD66-4D50-ADD5-B64BCC98039D}\synchronization-v2.1-x86-enu.msi

2013-09-07 06:51:01 D0D8A48ED414BFE5B50F2C83408746B1 1177552 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_C15E1.tmp\setup.exe

====== Java Cache =====

2013-09-12 13:57:19 34974EBC4B9851E56765683501E4DA9E 12446 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\2\3b402a82-1af0d7a7

2013-09-12 13:52:41 581BE739266C1901E6AE268C34DBA438 6180 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\22\22e17456-36b89d76

2013-09-12 13:52:40 7F5135B0644F36A9791B615B0993C6EC 651 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\25\41c97319-17a6c575

2013-09-12 13:57:07 D80698A4A1D4696758C34FB854687A55 27665 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\27\5e64069b-53c994e7

2013-09-12 13:57:18 50CC385ADA39E542684EB3BC99B95074 52272 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\32\74ead020-6f8d19e5

2013-08-18 18:13:25 56218164EE019834EDBD46A2FA1AD2C1 151861 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\38\31eb7726-6809b2b0

2013-09-12 13:57:18 DEFE4A047817598E1957E15F017D9E7D 48809 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\51\4c3d3633-4cc33f43

2013-09-12 13:57:18 05B6BC465E85439351B9E1F42FFF85C4 23240 ----a-w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\62\6fad133e-117c6f9e

====== C:\WINDOWS\system32 =====

2013-09-16 05:59:16 !HASH: COULD NOT OPEN FILE !!!!! 97787879 ----a-w- C:\WINDOWS\System32\??L

2013-09-13 04:54:15 A92C0EBD06660FE7A75605682163A7FE 97503480 ----a-w- C:\WINDOWS\System32\??L

2013-09-12 17:41:25 A5D78A802E77BFA998E39C3BA92895FE 97373152 ----a-w- C:\WINDOWS\System32\??L

2013-09-12 13:36:54 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 ----a-w- C:\WINDOWS\System32\javaws.exe

2013-09-12 13:36:54 409ADC57814C2E2A15A798BF4BE05ED3 144896 ----a-w- C:\WINDOWS\System32\javacpl.cpl

2013-09-12 13:36:42 EC94122E6DCB6E731D8513A89AC9CF12 175016 ----a-w- C:\WINDOWS\System32\javaw.exe

2013-09-12 13:36:42 EC2A0F271C0FD4AD57B137845577F539 175016 ----a-w- C:\WINDOWS\System32\java.exe

2013-09-12 13:36:42 65F0FBCDBBA20FC4B0DADCA922150A99 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll

2013-09-10 10:27:48 8C942BE66B44087A6D9F69E33776D3FC 4218880 ----a-w- C:\WINDOWS\System32\cdintf400.dll

2013-09-10 10:20:24 E5F6DE3C06CF0215D6E86D11339F8F74 47456 ----a-w- C:\WINDOWS\System32\perf-MSSQL10_50.MAMUT-sqlagtctr.dll

2013-09-10 10:20:11 B2E85EDAA157EE74547E210B23E204B6 73568 ----a-w- C:\WINDOWS\System32\perf-MSSQL$MAMUT-sqlctr10.50.1600.1.dll

2013-09-08 10:05:32 EC3BCD3C23B1C13707761EF807204594 96566691 ----a-w- C:\WINDOWS\System32\???6

2013-09-05 05:00:50 F912F7BC301561C2AA65426E9A108F25 96185213 ----a-w- C:\WINDOWS\System32\???6

====== C:\WINDOWS\system32\drivers =====

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-09-13 08:17:27 -------- d-----w- C:\Program Files\Common Files\Skype

2013-09-13 08:17:25 -------- d-----r- C:\Program Files\Skype

2013-09-13 08:12:07 32776560 ----a-w- C:\Program Files\SkypeSetupFull.exe

2013-09-12 13:37:07 -------- d-----w- C:\Program Files\Common Files\Java

2013-09-12 13:36:22 -------- d-----w- C:\Program Files\Java

2013-09-10 10:27:14 -------- d-----w- C:\Program Files\Mamut

2013-09-10 10:18:56 -------- d-----w- C:\Program Files\Microsoft Visual Studio 9.0

2013-09-05 13:21:25 -------- d-----w- C:\Program Files\Common Files\Adobe AIR

2013-09-03 19:30:01 -------- d-----w- C:\Program Files\Mozilla Maintenance Service

2013-09-03 19:28:47 281776 ----a-w- C:\Program Files\Firefox Setup Stub 23.0.1.exe

======= C: =====

====== C:\Documents and Settings\Shirley\Application Data ======

2013-09-13 08:17:34 -------- d-----w- C:\Documents and Settings\Shirley\Application Data\Skype

2013-09-05 13:21:38 -------- d-----w- C:\Documents and Settings\Shirley\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant

2013-09-03 19:30:45 -------- d-----w- C:\Documents and Settings\Shirley\Local Settings\Application Data\Mozilla

====== C:\Documents and Settings\Shirley ======

2013-09-15 12:10:48 -------- d--h--r- C:\Documents and Settings\Shirley\Onlangs geopend

====== C: exe-files ==

=== C: other files ==

2013-09-12 13:36:27 8C636C988365FC3E61F1B5C5ACECCB55 18675 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\27zl3w7v.default

101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update

7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

43CEBDFA8B91BEB5FEBD4F9E6768AEF2 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

F045DF7AF127DC4BCC53421850114E15 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In

CA0E1DFBE480CF0BE13A0883BEB378B6 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U40

AF661355EBAB898EB92D5454AEF93CE0 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.400.43

F00A0EF5835E1B96F783D617F1948704 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

607D5DD893D217BCA2449F4A483818B5 - C:\Program Files\Nitro\Pro 8\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome

626791785FF2A338575E8AF0563D8333 - C:\WINDOWS\npMSDM.dll - Microsoft Download Manager Plugin

D487461B647B19ECF4AF4C930A47BB2D - C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll - DYMO Label Framework

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

BBAFE24293695D557DC2319346C316A7 - C:\Program Files\Nitro\Pro 8\npnitroie.dll - Nitro PDF plugin for Internet Explorer

BC487C715486F7BFD9D88FAB92549BFA - C:\Program Files\Nitro\Pro 8\npdf.dll - Nitro PDF Library

A9657C67E350EA087350DA5895307E54 - C:\Program Files\Nitro\Pro 8\NPShellExtension.dll - Nitro Pro ShellExtension

7D28153B7D586330678AD522B71D89CB - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight

3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

aaaaabfjnbeinlpljodiajipidiompfl - C:\Documents and Settings\Shirley\Local Settings\Application Data\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.5.0.crx[]

Avira Toolbar - Han Struijk - Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl

Docs - Han Struijk - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Han Struijk - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Han Struijk - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Han Struijk - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Gmail - Han Struijk - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Chrome In-App Payments service - Shirley - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Documents and Settings\Han Struijk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="You have just opened a new tab#"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} Unknown Url="Not_Found"

{E2C641D8-1D04-406F-B618-F0DC91567D5B} Bing Url="{searchTerms} - Bing"

{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD} Google Url="{searchTerms} - Buscar con Google"

==== Reset Google Chrome ======================

C:\Documents and Settings\Han Struijk\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Documents and Settings\Shirley\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Documents and Settings\Han Struijk\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Documents and Settings\Shirley\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1644491937-1757981266-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-1644491937-1757981266-1801674531-1011\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-1644491937-1757981266-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Causeway\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Han Struijk\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Shirley\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Shirley\Local Settings\Temporary Internet Files\Content.IE5\6IG1OYFD will be deleted at reboot

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\Shirley\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Documents and Settings\Han Struijk\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Shirley\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Shirley\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\Shirley\Local Settings\Temporary Internet Files\Content.IE5\index.dat" deleted

"C:\Documents and Settings\All Users\Application Data\boost_interprocess" not deleted

"C:\Documents and Settings\Shirley\Local Settings\Temporary Internet Files\Content.IE5\6IG1OYFD" not found

==== EOF on ma 16-09-2013 at 21:58:41,90 ======================

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
    
    
    emptyclsid;
    firefoxlook; 
    Chromelook; 
    CHRdefaults;
    autoclean; 
    iedefaults; 
    filesrcm;
    
    
    


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Link naar reactie
Delen op andere sites


Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites

Hi, hierbij het logreport! Ik hoop dat je het weet op te lossen. Ik kan heel de tijd me mail niet opslaan dan krijg ik een melding "de bewerking is mislukt".

Dank je wel alvast,

Logfile of random's system information tool 1.09 (written by random/random)

Run by Shirley at 2013-09-17 16:41:55

Microsoft Windows XP Home Edition Service Pack 3

System drive C: has 694 GB (87%) free of 800 GB

Total RAM: 3326 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:42:06, on 17-9-2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\KPN\Mobiel Internet Software\LoggerServer.exe

C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe

C:\Program Files\KPN Back-up Online\BackupSC.exe

C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\KPN Back-up Online\BackupFP.exe

C:\Program Files\Synology\Assistant\UsbClientService.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\TeamViewer\Version8\TeamViewer.exe

C:\Program Files\TeamViewer\Version8\tv_w32.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\RunDLL32.exe

C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Trust\250S Series\lwbwheel.exe

C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Olympus\ib\olycamdetect.exe

C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe

C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe

C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe

C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe

C:\Program Files\Messenger\msmsgs.exe

C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\WINDOWS\system32\RunDll32.exe

C:\WINDOWS\system32\WISPTIS.EXE

C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\File Type Assistant\tsassist.exe

C:\WINDOWS\explorer.exe

C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe

C:\PROGRA~1\MICROS~3\Office14\OUTLOOK.EXE

C:\Program Files\Microsoft Office\Office14\EXCEL.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\RSIT.exe

C:\Program Files\trend micro\Shirley.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: EspressoBHO - {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\Espresso.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet

O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [DLSService] "C:\Program Files\DYMO\DYMO Label Software\DLSService.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup

O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized

O4 - HKCU\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized

O4 - HKCU\..\Run: [uninstallHelper] "C:\Program Files\W3i\UninstallHelper\UninstallHelper.exe" /silent /autorun

O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

O4 - HKCU\..\Run: [HP Officejet 6500 E710n-z (NET)] "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AG344D905JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1

O4 - HKCU\..\Run: [DymoQuickPrint] "C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-21-1644491937-1757981266-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c2 -f video -m logitech -d 11.0.0.1217 (User 'Default user')

O4 - Startup: Inktwaarschuwingen controleren - HP Officejet 6500 E710n-z (netwerk).lnk = ?

O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe

O9 - Extra 'Tools' menuitem: HP Smart Print 2.1 - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1346769824031

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346836882578

O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254

O17 - HKLM\System\CS1\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254

O17 - HKLM\System\CS2\Services\Tcpip\..\{255D8F30-9448-4A09-9A27-2B03A87883E0}: NameServer = 192.168.2.254

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: BecHelperService - Unknown owner - C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: KPN Back-up Online SC - KPN - C:\Program Files\KPN Back-up Online\BackupSC.exe

O23 - Service: Mamut Synchronization Service (MamutSyncService) - Mamut ASA - C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: UsbClientService - Unknown owner - C:\Program Files\Synology\Assistant\UsbClientService.exe

O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

--

End of file - 15773 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\ProgramUpdateCheck.job

C:\WINDOWS\tasks\SDMsgUpdate (TE).job

C:\WINDOWS\tasks\User_Feed_Synchronization-{DEC59399-4375-4259-88F2-4A61A75B72EF}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\27zl3w7v.default

prefs.js - "browser.startup.homepage" - "MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

prefs.js - "keyword.URL" - "Bing="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@dymo.com/DymoLabelFramework]

"Description"=DYMO Label Framework Plugin

"Path"=C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.40.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1]

"Description"=Microsoft Download Manager

"Path"=C:\WINDOWS\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nitropdf.com/NitroPDF]

"Description"=NitroPDF Web Browser Plugin

"Path"=C:\Program Files\Nitro\Pro 8\npnitromozilla.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\27zl3w7v.default\searchplugins\

bingp.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-12 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-18 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2012-12-18 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-12 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6C6509-FE36-44B0-A917-6C2A0DDBDF88}]

HP Smart Print Helper - C:\Program Files\Hewlett-Packard\Smart Print 2.1\Espresso.dll [2012-12-14 2491856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-18 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-27 16875008]

"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]

"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]

"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []

"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-05-15 1634112]

"MobileBroadband"=C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2011-06-14 279552]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]

"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-09-02 347192]

"LWBMOUSE"=C:\Program Files\Trust\250S Series\lwbwheel.exe [2001-04-20 429568]

"PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2005-12-13 217088]

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]

""= []

"DLSService"=C:\Program Files\DYMO\DYMO Label Software\DLSService.exe []

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]

"Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2011-11-29 96128]

"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2011-08-30 223104]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-09-06 39408]

"VoipBuster"=C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe [2013-06-24 19378496]

"KPNBackupOnline"=C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe [2012-06-27 9451384]

"UninstallHelper"=C:\Program Files\W3i\UninstallHelper\UninstallHelper.exe [2012-10-12 898200]

"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-11-30 1306624]

"HP Officejet 6500 E710n-z (NET)"=C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2012-10-17 1837672]

"DymoQuickPrint"=C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe [2011-01-28 1825360]

"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-07-25 20681584]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten

Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\Shirley\Menu Start\Programma's\Opstarten

Inktwaarschuwingen controleren - HP Officejet 6500 E710n-z (netwerk).lnk - C:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-15 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"

"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"

"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service"

"C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:*:Enabled:VoipBuster"

"C:\Program Files\Synology\Assistant\DSAssistant.exe"="C:\Program Files\Synology\Assistant\DSAssistant.exe:*:Enabled:DSAssistant"

"C:\Program Files\KPN Back-up Online\BackupUP.exe"="C:\Program Files\KPN Back-up Online\BackupUP.exe:*:Enabled:Updater"

"C:\Program Files\KPN Back-up Online\BackupFP.exe"="C:\Program Files\KPN Back-up Online\BackupFP.exe:*:Enabled:BackupFP"

"C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe:*:Enabled:BackupManager"

"C:\Program Files\File Type Assistant\tsassist.exe"="C:\Program Files\File Type Assistant\tsassist.exe:*:Enabled:ProgramUpdateCheck"

"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\FaxApplications.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\FaxApplications.exe:LocalSubNet:Enabled:HP Officejet 6500 E710n-z FaxApplications"

"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DigitalWizards.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DigitalWizards.exe:LocalSubNet:Enabled:HP Officejet 6500 E710n-z DigitalWizards"

"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\SendAFax.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\SendAFax.exe:LocalSubNet:Enabled:HP Officejet 6500 E710n-z SendFaxAppExe"

"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP apparaatinstellingen (HP Officejet 6500 E710n-z)"

"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Netwerkcommunicator (HP Officejet 6500 E710n-z)"

"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe:LocalSubNet:Enabled:HP Netwerkcommunicator-COM (HP Officejet 6500 E710n-z)"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe"="C:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe:*:Enabled:sqlservr.exe"

"C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe"="C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe:*:Enabled:sqlbrowser.exe"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"

"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\KPN Back-up Online\BackupUP.exe"="C:\Program Files\KPN Back-up Online\BackupUP.exe:*:Enabled:Updater"

"C:\Program Files\KPN Back-up Online\BackupFP.exe"="C:\Program Files\KPN Back-up Online\BackupFP.exe:*:Enabled:BackupFP"

"C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe:*:Enabled:BackupManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"VIDC.I420"=lvcodec2.dll

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"VIDC.YVYU"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux4"=wdmaud.drv

"MSVideo"=vfwwdm32.dll

"MSVideo8"=VfWWDM32.dll

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"aux5"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-09-17 16:41:55 ----D---- C:\rsit

2013-09-17 16:41:55 ----D---- C:\Program Files\trend micro

2013-09-17 16:41:49 ----A---- C:\Program Files\RSIT.exe

2013-09-16 21:55:15 ----D---- C:\Documents and Settings\All Users\Application Data\boost_interprocess

2013-09-16 21:42:15 ----D---- C:\WINDOWS\Temp

2013-09-16 21:42:15 ----A---- C:\WINDOWS\zoek-delete.exe

2013-09-14 20:26:49 ----SHD---- C:\Config.Msi

2013-09-13 22:06:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$

2013-09-13 22:06:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$

2013-09-13 22:05:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$

2013-09-13 10:17:34 ----D---- C:\Documents and Settings\Shirley\Application Data\Skype

2013-09-13 10:17:27 ----D---- C:\Program Files\Common Files\Skype

2013-09-13 10:17:25 ----RD---- C:\Program Files\Skype

2013-09-13 10:17:18 ----D---- C:\Documents and Settings\All Users\Application Data\Skype

2013-09-13 10:12:07 ----A---- C:\Program Files\SkypeSetupFull.exe

2013-09-12 15:37:07 ----D---- C:\Program Files\Common Files\Java

2013-09-12 15:36:54 ----A---- C:\WINDOWS\system32\javaws.exe

2013-09-12 15:36:42 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll

2013-09-12 15:36:42 ----A---- C:\WINDOWS\system32\javaw.exe

2013-09-12 15:36:42 ----A---- C:\WINDOWS\system32\java.exe

2013-09-12 15:36:22 ----D---- C:\Program Files\Java

2013-09-10 12:28:23 ----A---- C:\WINDOWS\ODBC.INI

2013-09-10 12:27:48 ----A---- C:\WINDOWS\system32\cdintf400.dll

2013-09-10 12:27:14 ----D---- C:\Program Files\Mamut

2013-09-10 12:20:24 ----A---- C:\WINDOWS\system32\perf-MSSQL10_50.MAMUT-sqlagtctr.dll

2013-09-10 12:20:11 ----A---- C:\WINDOWS\system32\perf-MSSQL$MAMUT-sqlctr10.50.1600.1.dll

2013-09-10 12:19:28 ----D---- C:\WINDOWS\system32\RsFx

2013-09-10 12:18:56 ----D---- C:\Program Files\Microsoft Visual Studio 9.0

2013-09-10 12:07:26 ----D---- C:\Program Files\Microsoft Sync Framework

2013-09-05 15:21:38 ----D---- C:\Documents and Settings\Shirley\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant

2013-09-05 15:21:25 ----D---- C:\Program Files\Common Files\Adobe AIR

2013-09-03 21:30:02 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla

2013-09-03 21:30:01 ----D---- C:\Program Files\Mozilla Maintenance Service

2013-09-03 21:29:40 ----D---- C:\Program Files\Mozilla Firefox

2013-09-03 21:28:47 ----A---- C:\Program Files\Firefox Setup Stub 23.0.1.exe

2013-08-29 19:22:56 ----HD---- C:\WINDOWS\PIF

2013-08-28 16:25:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$

======List of files/folders modified in the last 1 month======

2013-09-17 16:41:55 ----RD---- C:\Program Files

2013-09-17 12:40:41 ----D---- C:\WINDOWS\system32

2013-09-16 22:51:20 ----A---- C:\WINDOWS\SchedLgU.Txt

2013-09-16 21:57:25 ----D---- C:\WINDOWS\Prefetch

2013-09-16 21:55:00 ----SHD---- C:\System Volume Information

2013-09-16 21:54:47 ----D---- C:\WINDOWS

2013-09-16 21:31:03 ----SD---- C:\WINDOWS\Tasks

2013-09-16 21:30:51 ----D---- C:\Program Files\Common Files

2013-09-16 20:41:26 ----D---- C:\WINDOWS\Registration

2013-09-16 14:20:47 ----D---- C:\Documents and Settings\Shirley\Application Data\Nitro PDF

2013-09-15 16:33:06 ----D---- C:\Documents and Settings\Shirley\Application Data\Nitro

2013-09-15 14:08:16 ----D---- C:\WINDOWS\Debug

2013-09-14 21:05:39 ----D---- C:\WINDOWS\system32\NtmsData

2013-09-14 20:30:16 ----SHD---- C:\WINDOWS\Installer

2013-09-14 19:29:45 ----D---- C:\WINDOWS\system32\drivers

2013-09-13 22:11:04 ----RSHDC---- C:\WINDOWS\system32\dllcache

2013-09-13 22:11:04 ----HD---- C:\WINDOWS\inf

2013-09-13 22:11:01 ----D---- C:\Program Files\Internet Explorer

2013-09-13 22:10:42 ----D---- C:\WINDOWS\ie8updates

2013-09-13 22:10:34 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2013-09-13 22:00:47 ----D---- C:\WINDOWS\system32\MRT

2013-09-13 21:55:24 ----A---- C:\WINDOWS\system32\MRT.exe

2013-09-13 12:18:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2013-09-13 06:55:51 ----D---- C:\WINDOWS\system32\CatRoot2

2013-09-12 15:36:24 ----A---- C:\WINDOWS\system32\npDeployJava1.dll

2013-09-12 15:36:24 ----A---- C:\WINDOWS\system32\deployJava1.dll

2013-09-11 09:18:35 ----D---- C:\Program Files\File Type Assistant

2013-09-10 12:45:14 ----SD---- C:\Documents and Settings\Shirley\Application Data\Microsoft

2013-09-10 12:28:23 ----A---- C:\WINDOWS\ODBCINST.INI

2013-09-10 12:27:34 ----D---- C:\Program Files\Common Files\Microsoft Shared

2013-09-10 12:27:19 ----RSD---- C:\WINDOWS\Fonts

2013-09-10 12:24:07 ----RSD---- C:\WINDOWS\assembly

2013-09-10 12:24:07 ----D---- C:\WINDOWS\Microsoft.NET

2013-09-10 12:20:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2013-09-10 12:19:32 ----D---- C:\Program Files\Microsoft SQL Server

2013-09-10 12:18:29 ----D---- C:\WINDOWS\WinSxS

2013-09-10 12:17:52 ----D---- C:\WINDOWS\system32\1033

2013-09-05 15:21:31 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2013-09-05 15:21:26 ----D---- C:\Program Files\Adobe

2013-09-05 15:21:15 ----D---- C:\Documents and Settings\Shirley\Application Data\Adobe

2013-09-03 21:31:39 ----D---- C:\Documents and Settings\Shirley\Application Data\mozilla

2013-09-03 21:24:50 ----D---- C:\WINDOWS\Network Diagnostic

2013-09-02 16:41:12 ----D---- C:\Documents and Settings\All Users\Application Data\Davilex Business

2013-08-31 12:26:12 ----D---- C:\Documents and Settings\Shirley\Application Data\vlc

2013-08-21 08:59:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$

2013-08-20 16:39:49 ----D---- C:\Program Files\backups

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2013-09-02 136672]

R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-03-28 37352]

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40448]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520]

R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2013-09-02 88840]

R2 mdvrmng;Mobile IP Route Manager; \??\C:\WINDOWS\system32\drivers\mdvrmng.sys []

R3 busenum;Synology Virtual USB Hub; C:\WINDOWS\system32\DRIVERS\busenum.sys [2012-08-27 45792]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-15 144384]

R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-15 10368]

R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2011-06-10 73344]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-27 4742656]

R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-05-11 41888]

R3 LVUVC;Logitech QuickCam Fusion(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-05-11 3580832]

R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-15 12288]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]

R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-06-16 109184]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-09-06 6912]

R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]

R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-15 32128]

R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]

R3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]

R3 usbstor;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-15 26368]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]

R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

S1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-15 14720]

S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\DOCUME~1\Shirley\LOCALS~1\Temp\RarSFX0\kerneld.x32 []

S3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2010-07-28 1756384]

S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2011-06-10 102784]

S3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [2011-06-10 11136]

S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []

S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys [2011-06-10 89856]

S3 huawei_cdcecm;huawei_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_jucdcecm.sys [2011-06-10 64512]

S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\WINDOWS\system32\DRIVERS\ew_juextctrl.sys [2011-06-10 26624]

S3 massfilter;MBB Mass Storage Filter Driver; C:\WINDOWS\system32\DRIVERS\massfilter.sys [2011-12-08 9216]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]

S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]

S3 Netaapl;Apple Mobile Device Ethernet Service; C:\WINDOWS\system32\DRIVERS\netaapl.sys [2012-03-26 18432]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]

S3 SONYPVU1;Sony USB-filterstuurrapparaat (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]

S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2011-12-08 107776]

S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys [2011-12-08 116736]

S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2011-12-08 107776]

S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2011-12-08 107776]

S4 RsFx0150;RsFx0150 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-09-02 84024]

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-09-02 108088]

R2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-09-02 815160]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]

R2 BecHelperService;BecHelperService; C:\Program Files\KPN\Mobiel Internet Software\BecHelperService.exe [2012-09-06 1915904]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 DymoPnpService;DYMO PnP Service; C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe [2011-01-28 32336]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-09-12 182696]

R2 KPN Back-up Online SC;KPN Back-up Online SC; C:\Program Files\KPN Back-up Online\BackupSC.exe [2012-06-27 415608]

R2 MamutSyncService;Mamut Synchronization Service; C:\Program Files\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe [2012-12-14 11776]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 MSSQL$MAMUT;SQL Server (MAMUT); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe [2010-04-03 42884448]

R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]

R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [2012-12-13 196616]

R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]

R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]

R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 97632]

R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-09-12 5071712]

R2 UsbClientService;UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [2012-09-18 248704]

R2 VmbService;Vodafone Mobile Broadband-service; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-06-14 9216]

R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-06 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-06 136176]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-10 194032]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-14 117656]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]

S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 SQLAgent$MAMUT;SQL Server Agent (MAMUT); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 367456]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

sorry voor zo vaak dezelfde reports...Ik kreeg elke keer als ik op snel reageren drukte post-16221-1417705544,8296_thumb.jpg bij het verzenden deze foutmelding en dan werd deze website afgesloten en heb ik het talloze keren zoals je boven kan zien geprobeerd:rofl: en nu zie worden ze pas getoond... Ik hoop dat het niet al te ernstig is wat er op de PC huist... Dank je wel voor alle moeite alvast Groetjes, Shirley

Link naar reactie
Delen op andere sites


Download 51a5bf3d99e8a-ComboFixlogo16.pngComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

  • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  • Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  • Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  • Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Illegal operation attempted on a registry key that has been marked for deletion.

Link naar reactie
Delen op andere sites

Hi, Ik heb gisteravond en vandaag alles afgezocht. Ik heb combofix al meerdere keren verwijderd en geinstalleerd. Ook dat mag niet helpen. Ik heb met de optie zoeken (Search companion) ook nog gezocht. Ik heb echt geen report van combofix. Het gekke is als ik bij configuratiescherm in de software kijk staat deze combofix ook niet tussen? Wat nu?

Link naar reactie
Delen op andere sites

 Delen


×
×
  • Nieuwe aanmaken...