Politie virus - Browser geblokeerd

[Yvontje82]

Hallo,

Vandaag werd ik weer verrast door een politie-virus.

Ik heb al MBAM laten draaien en een infectie verwijderd, maar het politie-virus staat er nog steeds op.

Zie hieronder het log-bestand van MBAM en HJT.

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Databaseversie: v2013.11.18.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Yvonne :: YVONNE-HP [administrator]

18-11-2013 8:28:06

mbam-log-2013-11-18 (08-28-06).txt

Scan type: Volledige scan (C:\|D:\|E:\|F:\|H:\|Q:\|)

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 495034

Verstreken tijd: 1 uur/uren, 57 minuut/minuten, 22 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 1

HKLM\SOFTWARE\Mozilla\Firefox\extensions|{336D0C35-8A85-403a-B9D2-65C292C39087} (PUP.Optional.Incredibar) -> Data: C:\Program Files\Web Assistant\Firefox -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 18:06:53, on 18-11-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16520)

FIREFOX: 24.0 (nl)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe

C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\725411SO\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11303 bytes

[Jion]

Dag Yvontje82,

Download Zoek.zip naar het bureaublad.

• 
  
• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

iedefaults;
emptyfolderscheck;delete
empyclsid;
autoclean;
startupall; 
filesrcm;

• 
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Yvontje82]

Zoek.exe Version 4.0.0.5 Updated 14-November-2013

Tool run by Yvonne on ma 18-11-2013 at 18:40:33,01.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Yvonne\Downloads\Zoek.zip\zoek\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-04-03-190126.log 32611 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\Cossacks - Back To War deleted successfully

C:\Program Files\Google deleted successfully

C:\Program Files\Symantec deleted successfully

C:\Program Files\Common Files\Symantec Shared deleted successfully

C:\ProgramData\Babylon deleted successfully

C:\ProgramData\Hitman Pro deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\ProgramData\vpywv deleted successfully

C:\Users\Yvonne\AppData\Roaming\8723ED43 deleted successfully

C:\Users\Yvonne\AppData\Roaming\Dava deleted successfully

C:\Users\Yvonne\AppData\Roaming\Opewn deleted successfully

C:\Users\Yvonne\AppData\Roaming\TP deleted successfully

C:\Users\Yvonne\AppData\Roaming\Yzroy deleted successfully

C:\Users\Yvonne\AppData\Local\PDFC deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\COMMON~1\DVDVideoSoft\TB deleted

C:\PROGRA~2\COMMON~1\AVG Secure Search deleted

C:\PROGRA~2\COMMON~1\Plasmoo deleted

C:\Users\Yvonne\AppData\Roaming\LimeWirePlus deleted

C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers deleted

C:\ProgramData\R8BL8vf.dat deleted

C:\ProgramData\boost_interprocess deleted

C:\Users\Yvonne\AppData\Local\SwvUpdater deleted

C:\Users\Yvonne\AppData\LocalLow\AVG Secure Search deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted

C:\Windows\tasks\SCHEDU~1.JOB deleted

C:\Windows\Syswow64\shoB9BF.tmp deleted

C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\searchplugins\aol-search.xml deleted

"C:\Users\Yvonne\AppData\Local\1499ebd4" deleted

"C:\ProgramData\24849327-4c0f-4727-b46a-8e2b07995d37" deleted

"C:\ProgramData\jmqosobgtlodwgp" deleted

"C:\ProgramData\b809c733-2806-4685-9860-19d56f0ed391\52660738-6950-4a85-8b59-3b5d5459e59d" deleted

"C:\ProgramData\b809c733-2806-4685-9860-19d56f0ed391\52cd583f-f0fd-4ebb-b360-7279ec06fd67" deleted

"C:\ProgramData\b809c733-2806-4685-9860-19d56f0ed391\75d73252-abef-4bae-b9ce-7256ed841a8b" deleted

"C:\ProgramData\b809c733-2806-4685-9860-19d56f0ed391\9105e910-27c2-44cb-a738-ad5c1f70e28e" deleted

"C:\ProgramData\b809c733-2806-4685-9860-19d56f0ed391\98b62fc2-4a32-47a3-8a5c-d3ed45d98fa3" deleted

"C:\ProgramData\b809c733-2806-4685-9860-19d56f0ed391\d6271337-d0d9-4e06-8fc3-f22d9190fa80" deleted

"C:\ProgramData\b809c733-2806-4685-9860-19d56f0ed391\e633c52d-378d-402f-b4c3-8ed1586c6d44" deleted

"C:\Users\Yvonne\AppData\Roaming\CACHE\~.~" deleted

"C:\Users\Yvonne\AppData\Roaming\Neyny\cixi.tmp" deleted

"C:\Programdata\Windows\sysprep.exe" deleted

"C:\ProgramData\b809c733-2806-4685-9860-19d56f0ed391" deleted

"C:\Users\Yvonne\AppData\Roaming\CACHE" deleted

"C:\Users\Yvonne\AppData\Roaming\Neyny" deleted

"C:\Programdata\Windows" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Yvonne\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2013-11-14 02:06:39 B798365F54AF889BFD7D04ED75C016B7 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-11-14 02:06:39 677857FAC307E46E44F710B6C6F84607 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2013-11-14 02:06:39 3CC9655434741363AF977498A2B5E425 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2013-11-14 02:06:38 E2E9F49C84C49C2DB5ADAF85D8CD8F1C 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-11-14 02:06:38 E26C86DE3AC36D09D201691B9D482D5B 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-11-14 02:06:38 C36E38AD3C7FAFF0E30C4CBCB28CE7FB 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-11-14 02:06:38 26ED02FA7B11FBFD87D4FF304EFFFFBF 231936 ----a-w- C:\Windows\SysWOW64\url.dll

2013-11-14 02:06:37 E1092FB18A2D53DFC20D2EA8AC158E4B 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-11-14 02:06:37 B8D440F705D52D9167C572ECF6522E89 1104896 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-11-14 02:06:37 AB3F4974C87DC6DE7E427CF713E88B28 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2013-11-14 02:06:36 FFA200640B887CBB737DA74C299BCE62 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-11-14 02:06:36 D36137E26569D22B6C395EB68CBE0018 1806848 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-11-14 02:06:36 58C300DB5ED80A46A778DECB9D02DA57 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-11-14 02:06:36 375652E4B01E421683437896DA8D76C4 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-11-14 02:06:35 AC986A1AD35CDBF07B0E5D1AC9D527B5 12344832 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-11-14 02:06:32 048FF8515CE100990423E96678112CDF 9739264 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-11-13 22:13:35 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\Windows\SysWOW64\crypt32.dll

2013-11-13 22:13:06 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\Windows\SysWOW64\authui.dll

2013-11-13 22:13:05 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\SysWOW64\credui.dll

2013-11-13 22:13:05 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2013-11-13 22:12:41 AA6F6457116B559B76BC6A012CB4C293 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll

2013-11-13 22:12:39 AD7FB087A238883D1618F29F7BBBD584 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll

2013-11-13 22:12:39 42B924C5F3924C1EB2539F22C10D7DF1 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll

2013-11-13 22:12:39 372948BB5E41CE42341C4398DE572E56 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll

2013-11-13 22:12:30 56E3313690866F99CD17AA1342F64AE1 311808 ----a-w- C:\Windows\SysWOW64\gdi32.dll

2013-11-13 22:12:25 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\SysWOW64\FWPUCLNT.DLL

2013-11-13 22:12:25 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\SysWOW64\nshwfp.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-11-14 02:06:39 714E9503AC7048E0212F79D8C1D6C3A7 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-11-14 02:06:39 3A4DB794F4B7FC36690A0A937A30B18B 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2013-11-14 02:06:38 C4AA30C01694001B8374CC62BF9AE6FF 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-11-14 02:06:38 88C40415EEB19F947E2105D48E87D1D2 248320 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-11-14 02:06:38 794F7FCD48CCB49BB1970904EA8E57C4 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2013-11-14 02:06:38 4971D89BD84E2F01DA004E4FAC202EED 237056 ----a-w- C:\Windows\Sysnative\url.dll

2013-11-14 02:06:37 E14025BFE959C7CFA495021AB93DB8ED 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-11-14 02:06:37 CDACE6BF6B7ECD8463430AF5318B4A38 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-11-14 02:06:37 979ADB9662E543212D786AADB6964E15 1346560 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-11-14 02:06:37 7873D45AA2C725D95A016898940FFB75 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2013-11-14 02:06:36 D914949662B98FAAEEBF37D0DC036BE6 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-11-14 02:06:36 BE18E52826AC6253F4BF2A814C9362D7 2334720 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-11-14 02:06:36 9A2FD60081F2B77C86C6A0D1A86B0170 816640 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-11-14 02:06:36 4FBFB5A1DFFC744C352A03DCE1D41DDC 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll

2013-11-14 02:06:33 26088C2096E08A85816AD4B37D7E03E5 10926080 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-11-14 02:06:33 1CFBE5D5844FDB11E1589BC74260FBB4 17847296 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-11-13 22:13:36 780F6ECC4F55D76C9730E6B6C9B31913 1474048 ----a-w- C:\Windows\Sysnative\crypt32.dll

2013-11-13 22:13:08 34152997FB906895290E0199AC94B85F 1930752 ----a-w- C:\Windows\Sysnative\authui.dll

2013-11-13 22:13:06 8563BA40DF4F1E93A61B70E2C8B60CF8 190464 ----a-w- C:\Windows\Sysnative\SmartcardCredentialProvider.dll

2013-11-13 22:13:06 4403D5ECE7D8323CAF1207D1AA38FA01 197120 ----a-w- C:\Windows\Sysnative\credui.dll

2013-11-13 22:12:42 31FFED18C7B836CEC1B559347E32E151 340992 ----a-w- C:\Windows\Sysnative\schannel.dll

2013-11-13 22:12:40 086F906B1D30C0A5D35FE0F6362DAB21 1447936 ----a-w- C:\Windows\Sysnative\lsasrv.dll

2013-11-13 22:12:39 B08EA91C774AA734E0B9881F85CD9F42 135680 ----a-w- C:\Windows\Sysnative\sspicli.dll

2013-11-13 22:12:39 747B9BA5412422F27934CB21131F0A3E 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll

2013-11-13 22:12:39 4D71227301DD8D09097B9E4CC6527E5A 30720 ----a-w- C:\Windows\Sysnative\lsass.exe

2013-11-13 22:12:38 7C46EC9CCDE6E793713FA01DB2EB918E 28672 ----a-w- C:\Windows\Sysnative\sspisrv.dll

2013-11-13 22:12:38 208EAAFF40DA400190AA0605C797BEA2 28160 ----a-w- C:\Windows\Sysnative\secur32.dll

2013-11-13 22:12:30 56325BB1FF19F2A5AC8713756AC41140 404480 ----a-w- C:\Windows\Sysnative\gdi32.dll

2013-11-13 22:12:26 D07EB640618F96490DB88C3CE58DB608 324096 ----a-w- C:\Windows\Sysnative\FWPUCLNT.DLL

2013-11-13 22:12:26 344789398EC3EE5A4E00C52B31847946 859648 ----a-w- C:\Windows\Sysnative\IKEEXT.DLL

2013-11-13 22:12:25 660C06F663F27760F565FD567B57625C 830464 ----a-w- C:\Windows\Sysnative\nshwfp.dll

====== C:\Windows\Sysnative\drivers =====

2013-11-13 22:13:21 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-11-13 22:12:41 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys

2013-11-13 22:12:41 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys

2013-11-13 22:12:40 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys

====== C:\Windows\Tasks ======

2013-11-18 17:06:24 8E88250AA0DF4DB801BEC75F38F44829 3272 ----a-w- C:\Windows\Sysnative\Tasks\{FA80624A-0168-492C-9323-D6B2765CDCF5}

2013-11-12 21:55:28 50122F2242E5CC7628A0D34B4FB8B241 3094 ----a-w- C:\Windows\Sysnative\Tasks\{88A11318-C758-4CB3-961A-78A3829777C7}

2013-10-21 13:27:12 C824E66D39EC8B63A00FBC2A28733843 3140 ----a-w- C:\Windows\Sysnative\Tasks\{C4E488D4-D9B1-4590-8E64-68B6D6FDB3B7}

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2013-10-21 13:15:42 -------- d-----w- C:\PROGRA~2\LMSOFT

======= C: =====

====== C:\Users\Yvonne\AppData\Roaming ======

2013-10-21 14:48:52 -------- d-----w- C:\Users\Yvonne\AppData\Local\IsolatedStorage

2013-10-21 14:28:53 -------- d-----w- C:\Users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LMSOFT

2013-10-21 13:39:55 -------- d-----w- C:\Users\Yvonne\AppData\Roaming\CoffeeCup Software

2013-10-21 13:22:38 -------- d-----w- C:\Users\Yvonne\AppData\Roaming\LMSOFT

====== C:\Users\Yvonne ======

2013-10-27 23:27:02 -------- d-----w- C:\ProgramData\Protexis

2013-10-24 22:50:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit

2013-10-24 22:50:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==

2068-06-03 20:05:14 BED6EDDBF28DB980AA8D3A42D4A05586 32881 ----a-w- C:\j2sdk1.4.2_05\jre\bin\jusched.exe

2068-06-03 20:05:14 260586772C36D427B364E0F8E9815450 241777 ----a-w- C:\j2sdk1.4.2_05\jre\bin\jucheck.exe

2068-06-03 20:05:12 BED6EDDBF28DB980AA8D3A42D4A05586 32881 ----a-w- C:\Program Files (x86)\Java\j2re1.4.2_05\bin\jusched.exe

2068-06-03 20:05:12 260586772C36D427B364E0F8E9815450 241777 ----a-w- C:\Program Files (x86)\Java\j2re1.4.2_05\bin\jucheck.exe

2013-11-14 21:55:48 F06EE764FF00B7A049862C8D50D4215D 730976 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.57\31.0.1650.57_31.0.1650.48_chrome_updater.exe

2013-11-14 02:06:38 E2E9F49C84C49C2DB5ADAF85D8CD8F1C 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-11-14 02:06:38 794F7FCD48CCB49BB1970904EA8E57C4 173056 ----a-w- C:\Windows\system64\ieUnatt.exe

2013-11-14 02:06:38 794F7FCD48CCB49BB1970904EA8E57C4 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-11-14 02:06:38 27DC2B3A141BE4566A0B45A5E5F4668A 763632 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-11-14 02:06:38 06085B62BC7E0C8E2605CEA38774D956 757488 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2013-11-13 22:12:39 4D71227301DD8D09097B9E4CC6527E5A 30720 ----a-w- C:\Windows\system64\lsass.exe

2013-11-13 22:12:39 4D71227301DD8D09097B9E4CC6527E5A 30720 ----a-w- C:\Windows\System32\lsass.exe

=== C: other files ==

2013-11-17 13:54:39 B6D0C63FF10E6794C61ADCD10A4BDA30 31034 ----a-w- C:\Users\Yvonne\Documents\Huishoud\Portfolio Yvonne\sollicitiatiebobinfobeheerderanalist.zip

2013-11-17 13:54:09 3B865679B8C5E2327F8820AEC3AA11B3 977616 ----a-w- C:\Users\Yvonne\Documents\Huishoud\Portfolio Yvonne\bijlagen.zip

2013-11-15 16:08:09 ED3EC4C99E4B90DF9A9BF59132455599 852258 ----a-w- C:\Users\Yvonne\Documents\Cursussen cq studie\Polariteitmassage\bijlagen.zip

2013-11-13 22:13:21 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\system64\drivers\afd.sys

2013-11-13 22:13:21 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-11-13 22:12:41 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\system64\drivers\cng.sys

2013-11-13 22:12:41 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\System32\drivers\cng.sys

2013-11-13 22:12:41 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\system64\drivers\ksecpkg.sys

2013-11-13 22:12:41 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2013-11-13 22:12:40 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\system64\drivers\ksecdd.sys

2013-11-13 22:12:40 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2155248324-3539292037-1374523505-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Corel Photo Downloader"="C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup"

"Spotify Web Helper"="C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"

"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"

"PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"HTC Sync Loader"="C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe -startup"

"F-Secure Manager"="C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE /splash"

"F-Secure TNB"="C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Corel Photo Downloader"="C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup"

"Spotify Web Helper"="C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"

"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Folders ======================

2012-01-22 10:21:25 1316 ----a-w- C:\Users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

2012-03-01 15:50:33 2029 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-05-2013 13:35]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-05-2013 13:35]

C:\Windows\tasks\HPCeeScheduleForYVONNE-HP$.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [14-09-2010 07:15]

C:\Windows\tasks\HPCeeScheduleForYvonne.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [14-09-2010 07:15]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForYvonne" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForYVONNE-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\Launch HTC Sync Loader" [C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe]

"C:\Windows\SysNative\tasks\RMCreator" [C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe]

"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\{38DF59D7-67EE-4B6C-B405-FBB323BC92E6}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" Downloading]

"C:\Windows\SysNative\tasks\{82AE7F7E-0A46-4FA9-9B61-83F712DAD24C}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" Downloading]

"C:\Windows\SysNative\tasks\{88A11318-C758-4CB3-961A-78A3829777C7}" ["c:\program files (x86)\internet explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype]

"C:\Windows\SysNative\tasks\{B8920AB9-3F4C-4BF0-BD57-65B099240783}" ["c:\program files (x86)\internet explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype]

"C:\Windows\SysNative\tasks\{CEF387AE-FE17-4327-AE07-38934CF7FB9A}" ["c:\program files (x86)\internet explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{336D0C35-8A85-403a-B9D2-65C292C39087}"="C:\Program Files\Web Assistant\Firefox" []

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"litmus-ff@f-secure.com"="C:\Program Files (x86)\PC Veilig\NRS\litmus-ff@f-secure.com" [29-10-2013 03:29]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default

- Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

- ScrapBook Plus - %ProfilePath%\extensions\scrapbookplus@addons.mozilla.org.xpi

- ScrapBook - %ProfilePath%\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi

- Pinterest Pin Button - %ProfilePath%\extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi

- Search By Image by Google - %ProfilePath%\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.450.18

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{443789B7-F39C-4b5c-9287-DA72D38F4FE6} AOL Search Url="AOL Search"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{d43b3890-80c7-4010-a95d-1e77b5924dc3} Unknown Url="Not_Found"

{d944bb61-2e34-4dbf-a683-47e505c587dc} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2155248324-3539292037-1374523505-1000\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} deleted successfully

HKEY_USERS\S-1-5-21-2155248324-3539292037-1374523505-1000\Software\Microsoft\Internet Explorer\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Yvonne\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Yvonne\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Yvonne\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\725411SO will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2FC4FCGB will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\57W2RGB4 will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8Y1CDT1H will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AQDN1GP1 will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BKV32VCS will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D07G179B will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DD897VIJ will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EPCO261U will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F6ZF3YL6 will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FSLB6GJP will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IAN0DOF2 will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KI15ZWG4 will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SJ5J8PHL will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UM05VZXU will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UYIT7X1L will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XUS2DVB9 will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Yvonne\AppData\Local\Mozilla\Firefox\Profiles\6hgtzfhm.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Yvonne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Yvonne\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\725411SO" deleted

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2FC4FCGB" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\57W2RGB4" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8Y1CDT1H" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AQDN1GP1" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BKV32VCS" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D07G179B" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DD897VIJ" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EPCO261U" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F6ZF3YL6" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FSLB6GJP" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IAN0DOF2" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KI15ZWG4" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SJ5J8PHL" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UM05VZXU" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UYIT7X1L" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XUS2DVB9" not found

==== EOF on ma 18-11-2013 at 19:23:53,44 ======================

[Jion]

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• 
  
• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

[Yvontje82]

Hallo jion,

Helaas was ik vergeten om de handelingen uit je laatste bericht nog te doen, dus.....ben weer gepakt door dat virus.

Kan ik dan weer dat script uitvoeren dat je eerder had geplaatst of is dat toch steeds net anders...?

Hierbij het MBAM log:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Databaseversie: v2013.12.02.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Yvonne :: YVONNE-HP [administrator]

4-12-2013 16:50:16

mbam-log-2013-12-04 (16-50-16).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 251069

Verstreken tijd: 10 minuut/minuten, 17 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Hierbij het HJT log:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:51:43, on 4-12-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16520)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe

C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Yvonne\Downloads\HijackThis(1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11469 bytes

[Jion]

Download Zoek.zip naar het bureaublad.

• 
  
• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

{08B0E5C0-4FCB-11CF-AAA5-00401C608501};c
autoclean;
startupall; 
filesrcm;

• 
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Yvontje82]

Zoek.exe Version 4.0.0.5 Updated 30-November-2013

Tool run by Yvonne on wo 04-12-2013 at 21:54:22,53.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Yvonne\Downloads\Zoek.zip\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-04-03-190126.log 32611 bytes

C:\zoek-results2013-11-18-182353.log 30991 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2155248324-3539292037-1374523505-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Yahoo not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-11-20 10:11:11 515E4684008E955DE0C81E6A7AEA1C2A 306688 ----a-w- C:\Windows\IsUninst.exe

====== C:\Users\Yvonne\AppData\Local\Temp ====

2013-11-25 04:20:17 316BC1B77C9753CBCD49B3990DF56A8C 35095200 ----a-w- C:\Users\Yvonne\AppData\Local\Temp\SkypeSetup.exe

2013-11-24 15:50:43 C12AA09AA5947BD28EDF2F94C341BFDE 465920 ----a-w- C:\Users\Yvonne\AppData\Local\Temp\COMAP.EXE

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-11-21 23:03:36 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys

2013-11-21 23:03:36 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys

2013-11-21 23:03:36 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys

2013-11-21 23:03:36 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys

2013-11-21 23:03:36 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys

2013-11-21 23:03:35 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys

2013-11-21 23:03:35 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys

2013-11-13 22:13:21 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-11-13 22:12:41 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys

2013-11-13 22:12:41 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys

2013-11-13 22:12:40 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys

====== C:\Windows\Tasks ======

2013-11-18 18:24:11 C322FF035DF8C05214F40D2DEAE3C31A 522 ----a-w- C:\Windows\Tasks\Scheduled scanning task.job

2013-11-18 18:24:11 60BD9C3643BA94647DCAAA0E5BD19507 3298 ----a-w- C:\Windows\Sysnative\Tasks\Scheduled scanning task

2013-11-18 17:06:24 8E88250AA0DF4DB801BEC75F38F44829 3272 ----a-w- C:\Windows\Sysnative\Tasks\{FA80624A-0168-492C-9323-D6B2765CDCF5}

2013-11-12 21:55:28 50122F2242E5CC7628A0D34B4FB8B241 3094 ----a-w- C:\Windows\Sysnative\Tasks\{88A11318-C758-4CB3-961A-78A3829777C7}

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2013-11-22 10:50:50 -------- d-----w- C:\PROGRA~2\Steam

2013-11-19 00:25:51 -------- d-----w- C:\PROGRA~2\GameShadow

2013-11-19 00:16:28 -------- d-----w- C:\PROGRA~2\Firefly Studios

======= C: =====

====== C:\Users\Yvonne\AppData\Roaming ======

2013-11-24 15:50:40 -------- d-----w- C:\Users\Yvonne\AppData\Roaming\CyberLink

2013-11-19 00:25:56 -------- d-----w- C:\Users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameShadow

2013-11-18 18:24:06 -------- d-----w- C:\Users\Yvonne\AppData\Local\PDFC

2013-11-18 18:01:45 -------- d-----w- C:\Users\Yvonne\AppData\Local\Temp

====== C:\Users\Yvonne ======

2013-11-22 10:50:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2013-11-19 00:23:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios

====== C: exe-files ==

2068-06-03 20:05:14 BED6EDDBF28DB980AA8D3A42D4A05586 32881 ----a-w- C:\j2sdk1.4.2_05\jre\bin\jusched.exe

2068-06-03 20:05:14 260586772C36D427B364E0F8E9815450 241777 ----a-w- C:\j2sdk1.4.2_05\jre\bin\jucheck.exe

2068-06-03 20:05:12 BED6EDDBF28DB980AA8D3A42D4A05586 32881 ----a-w- C:\Program Files (x86)\Java\j2re1.4.2_05\bin\jusched.exe

2068-06-03 20:05:12 260586772C36D427B364E0F8E9815450 241777 ----a-w- C:\Program Files (x86)\Java\j2re1.4.2_05\bin\jucheck.exe

2013-11-30 06:03:32 C6CA25804A7F161D3D9986DF5A305EBD 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BeforeUpgradingToWin81.exe

2013-11-30 06:03:32 9DDACC673C7EE9F8C8FFE66E0EA1AA5A 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AfterUpgradingToWin81.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2155248324-3539292037-1374523505-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Corel Photo Downloader"="C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup"

"Spotify Web Helper"="C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"

"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"

"PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"HTC Sync Loader"="C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe -startup"

"F-Secure Manager"="C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE /splash"

"F-Secure TNB"="C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Corel Photo Downloader"="C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup"

"Spotify Web Helper"="C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"

"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Folders ======================

2012-01-22 10:21:25 1316 ----a-w- C:\Users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

2012-03-01 15:50:33 2029 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-05-2013 13:35]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-05-2013 13:35]

C:\Windows\tasks\HPCeeScheduleForYVONNE-HP$.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [14-09-2010 07:15]

C:\Windows\tasks\HPCeeScheduleForYvonne.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [14-09-2010 07:15]

C:\Windows\tasks\Scheduled scanning task.job --a------ C:\PROGRA2\PCVEIL1\ANTI-V1\fsav.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForYvonne" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForYVONNE-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\Launch HTC Sync Loader" [C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe]

"C:\Windows\SysNative\tasks\RMCreator" [C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe]

"C:\Windows\SysNative\tasks\Scheduled scanning task" [C:\PROGRA~2\PCVEIL~1\ANTI-V~1\fsav.exe]

"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\{38DF59D7-67EE-4B6C-B405-FBB323BC92E6}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" Downloading]

"C:\Windows\SysNative\tasks\{82AE7F7E-0A46-4FA9-9B61-83F712DAD24C}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" Downloading]

"C:\Windows\SysNative\tasks\{88A11318-C758-4CB3-961A-78A3829777C7}" ["c:\program files (x86)\internet explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype]

"C:\Windows\SysNative\tasks\{B8920AB9-3F4C-4BF0-BD57-65B099240783}" ["c:\program files (x86)\internet explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype]

"C:\Windows\SysNative\tasks\{CEF387AE-FE17-4327-AE07-38934CF7FB9A}" ["c:\program files (x86)\internet explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"litmus-ff@f-secure.com"="C:\Program Files (x86)\PC Veilig\NRS\litmus-ff@f-secure.com" [03-12-2013 12:15]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default

- Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

- ScrapBook Plus - %ProfilePath%\extensions\scrapbookplus@addons.mozilla.org.xpi

- ScrapBook - %ProfilePath%\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi

- Pinterest Pin Button - %ProfilePath%\extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi

- Search By Image by Google - %ProfilePath%\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.450.18

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{443789B7-F39C-4b5c-9287-DA72D38F4FE6} AOL Search Url="AOL Search"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Yvonne\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0D5H89SD will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\12C0O2F1 will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1H77R58Y will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4FN3JC16 will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6N1WZAJP will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6ONE59RI will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8YI0DQFO will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HJLI4R2R will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QH34C23S will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RUE42NJT will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SD3M1F73 will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XN168W6U will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Yvonne\AppData\Local\Mozilla\Firefox\Profiles\6hgtzfhm.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Yvonne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Yvonne\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0D5H89SD" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\12C0O2F1" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1H77R58Y" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4FN3JC16" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6N1WZAJP" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6ONE59RI" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8YI0DQFO" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HJLI4R2R" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QH34C23S" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RUE42NJT" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SD3M1F73" not found

"C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XN168W6U" not found

==== EOF on wo 04-12-2013 at 22:26:35,51 ======================

[Jion]

Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:

DDS - Bleeping Computer download.

DDS - Bleeping Computer download.

DDS - Infospyware.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met DDS (hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

• 
  
• Windows XP: Dubbelklik op DDS om de tool te starten.
  
• Windows Vista,7,8: Rechtsklik op DDS en klik op "Als administrator uitvoeren".
  
• Vink in het volgende scherm dds.txt en attach.txt aan en klik op "Start"
  
• Laat de tool ongehinderd zijn werk doen. Als de scan gereed is klikt u op "OK"
  
• Post de inhoud van het geopende DDS.txt in het volgende bericht.
  (Plaats het attach logje alleen indien hierom wordt gevraagd!)
  

[Yvontje82]

Ik had met rechtermuisklik niet de mogelijkheid om "als administrator" te kiezen.

DDS (Ver_2012-11-05.02) - NTFS_AMD64

Internet Explorer: 9.0.8112.16520 BrowserJavaVersion: 10.45.2

Run by Yvonne at 17:51:47 on 2013-12-05

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2305 [GMT 1:00]

.

AV: PC Veilig 9.12 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}

SP: PC Veilig 9.12 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: PC Veilig 9.12 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k apphost

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe

C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE

C:\Program Files (x86)\PC Veilig\Anti-Virus\FSGK32.EXE

C:\Windows\system32\svchost.exe -k ftpsvc

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k iissvcs

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\PC Veilig\Anti-Virus\fssm32.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files (x86)\PC Veilig\Common\FSLAUNCH.EXE

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxps://www.google.nl/

uSearch Bar = Preserve

mWinlogon: Userinit = userinit.exe,

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Browsing Protection Class: {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

TB: Browsing Protection Toolbar: {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup

uRun: [spotify Web Helper] "C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup

mRun: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash

mRun: [F-Secure TNB] "C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\Yvonne\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: HideFastUserSwitching = dword:0

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

LSP: C:\Program Files (x86)\PC Veilig\FSPS\program\FSLSP.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab

DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

TCP: NameServer = 192.168.2.254

TCP: Interfaces\{00FD4177-C23D-46E3-88DF-567CE2664FE7} : DHCPNameServer = 192.168.2.254

TCP: Interfaces\{FE0C91F8-4195-459F-B0D9-1B29F873801A} : DHCPNameServer = 192.168.42.129

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll

x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

x64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background

x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update

x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/search/search?q={searchTerms}&s_it=amonetizetest1-ff&s_qt=sb&tb_uuid=6E325D1C86524114B0FFD3C020A22E18&tb_oid=01-05-2013&tb_mrud=02-05-2013

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-10-09 22:33; {53A03D43-5363-4669-8190-99061B2DEBA5}; C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

============= SERVICES / DRIVERS ===============

.

R0 fsbts;fsbts;C:\Windows\System32\drivers\fsbts.sys [2013-5-11 56016]

R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\PC Veilig\HIPS\drivers\fshs.sys [2013-5-11 59784]

R1 FSFW;F-Secure Firewall Driver;C:\Windows\System32\drivers\fsdfw.sys [2013-5-11 94024]

R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\PC Veilig\Anti-Virus\minifilter\fsvista.sys [2013-5-11 16768]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-2 203264]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]

R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]

R2 F-Secure Gatekeeper Handler Starter;FSGKHS;C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe [2013-5-11 221608]

R2 ftpsvc;Microsoft FTP-service;C:\Windows\System32\svchost.exe -k ftpsvc [2009-7-14 27136]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]

R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-2-2 1128952]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-2-2 116240]

R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\PC Veilig\Anti-Virus\minifilter\fsgk.sys [2013-5-11 202176]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-2-2 1002848]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]

S1 FSES;F-Secure Email Scanning Driver;C:\Windows\System32\drivers\fses.sys [2013-5-11 50384]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]

S3 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe [2013-5-11 60352]

S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]

S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-7 59392]

S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-21 1255736]

S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files (x86)\PC Veilig\Anti-Virus\win2k\fsfilter.sys [2013-5-11 41640]

S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files (x86)\PC Veilig\Anti-Virus\win2k\fsrec.sys [2013-5-11 27048]

.

=============== Created Last 30 ================

.

2013-12-04 21:26:47 -------- d-sh--w- C:\$RECYCLE.BIN

2013-12-04 21:21:27 24064 ----a-w- C:\Windows\zoek-delete.exe

2013-12-04 21:21:26 -------- d-----w- C:\Users\Yvonne\AppData\Local\Temp

2013-12-03 09:15:30 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6A36D5BD-8E9B-461C-92B8-1FB28E8CDBD8}\mpengine.dll

2013-11-22 10:50:50 -------- d-----w- C:\Program Files (x86)\Steam

2013-11-21 23:03:36 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-11-21 23:03:36 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-11-21 23:03:36 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-11-21 23:03:36 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-11-21 23:03:36 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-11-21 23:03:35 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-11-21 23:03:35 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-11-20 10:11:11 306688 ----a-w- C:\Windows\IsUninst.exe

2013-11-19 00:25:56 45056 ----a-r- C:\Users\Yvonne\AppData\Roaming\Microsoft\Installer\{5A2F371F-8B5D-46B4-833C-0612B065BEC7}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe

2013-11-19 00:25:56 45056 ----a-r- C:\Users\Yvonne\AppData\Roaming\Microsoft\Installer\{5A2F371F-8B5D-46B4-833C-0612B065BEC7}\GameShadow.exe_0A3DE514292C4EBA987823B82B0B2BA2.exe

2013-11-19 00:25:56 45056 ----a-r- C:\Users\Yvonne\AppData\Roaming\Microsoft\Installer\{5A2F371F-8B5D-46B4-833C-0612B065BEC7}\ARPPRODUCTICON.exe

2013-11-19 00:25:51 -------- d-----w- C:\Program Files (x86)\GameShadow

2013-11-19 00:16:28 -------- d-----w- C:\Program Files (x86)\Firefly Studios

2013-11-19 00:15:28 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll

2013-11-19 00:15:28 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe

2013-11-19 00:15:28 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll

2013-11-19 00:15:28 180224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll

2013-11-19 00:15:27 749568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll

2013-11-19 00:15:21 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll

2013-11-19 00:15:20 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll

2013-11-18 18:24:06 -------- d-----w- C:\Users\Yvonne\AppData\Local\PDFC

2013-11-18 17:40:13 -------- d-----w- C:\zoek_backup

2013-11-13 22:13:36 1474048 ----a-w- C:\Windows\System32\crypt32.dll

2013-11-13 22:13:35 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-11-13 22:13:21 497152 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-11-13 22:13:08 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-11-13 22:13:06 197120 ----a-w- C:\Windows\System32\credui.dll

2013-11-13 22:13:06 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll

2013-11-13 22:13:06 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-11-13 22:13:05 168960 ----a-w- C:\Windows\SysWow64\credui.dll

2013-11-13 22:13:05 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll

.

==================== Find3M ====================

.

2013-11-11 04:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe

2013-10-13 14:55:42 2334720 ----a-w- C:\Windows\System32\jscript9.dll

2013-10-13 14:47:43 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-10-13 14:46:53 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-10-13 14:42:36 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-10-13 14:42:11 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-10-13 14:35:12 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-10-13 09:48:06 1806848 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-10-13 09:35:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-10-13 09:35:38 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-10-13 09:30:14 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-10-13 09:29:02 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-10-13 09:25:39 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll

2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

2013-10-09 01:29:20 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-10-09 01:29:20 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-10-08 05:51:05 873384 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-10-08 05:51:00 796072 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-10-08 05:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll

2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll

2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll

2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll

2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll

2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll

2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll

2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll

2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe

2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll

2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll

.

============= FINISH: 17:52:36,54 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-05.02)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 20-5-2011 20:48:20

System Uptime: 5-12-2013 17:42:58 (0 hours ago)

.

Motherboard: PEGATRON CORPORATION | | 2A99

Processor: AMD Athlon II X4 640 Processor | CPU 1 | 1800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 918 GiB total, 825,744 GiB free.

D: is FIXED (NTFS) - 13 GiB total, 1,639 GiB free.

E: is CDROM (CDFS)

F: is Removable

H: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: F-Secure Email Scanning Driver

Device ID: ROOT\LEGACY_FSES\0000

Manufacturer:

Name: F-Secure Email Scanning Driver

PNP Device ID: ROOT\LEGACY_FSES\0000

Service: FSES

.

==== System Restore Points ===================

.

RP299: 22-11-2013 3:00:14 - Windows Update

RP300: 22-11-2013 11:50:01 - Installed Steam

RP301: 26-11-2013 7:46:10 - Windows Update

RP302: 29-11-2013 14:54:58 - Windows Update

RP303: 3-12-2013 10:14:29 - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Agatha Christie - Peril at End House

ATI Catalyst Install Manager

ATI Stream SDK v2 Developer

AVG Security Toolbar

Bejeweled 2 Deluxe

Bing Rewards Client Installer

Blackhawk Striker 2

Blasterball 3

Bounce Symphony

Cake Mania

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Chuzzle Deluxe

CyberLink DVD Suite Deluxe

Dora's World Adventure

DVD Menu Pack for HP MediaSmart Video

Farm Frenzy

FATE

Final Drive Nitro

Free Audio CD Burner version 1.4.8

Free YouTube Download version 3.1.35.903

Free YouTube to MP3 Converter version 3.11.22.508

GameShadow

Google Chrome

Google Update Helper

Hewlett-Packard ACLM.NET v1.2.1.1

HP Auto

HP Client Services

HP Customer Experience Enhancements

HP Game Console

HP Games

HP MediaSmart DVD

HP MediaSmart Music

HP MediaSmart Photo

HP MediaSmart SmartMenu

HP MediaSmart Video

HP Odometer

HP Setup

HP Setup Manager

HP Support Assistant

HP Support Information

HP Update

HP Vision Hardware Diagnostics

HTC BMP USB Driver

HTC Driver Installer

HTC Sync

HydraVision

Java 2 Runtime Environment, SE v1.4.2_05

Java 2 SDK, SE v1.4.2_05

Java 7 Update 45

Java Auto Updater

Java 6 Update 25 (64-bit)

JCreator LE 3.10

KPN Draadloos Netwerk Assistent

LabelPrint

LightScribe System Software

LMSOFT Web Creator Pro 6

Magic Desktop

Malwarebytes Anti-Malware versie 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft .NET Framework 4 Extended

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Dutch) 2007

Microsoft Office InfoPath MUI (Dutch) 2007

Microsoft Office Klik-en-Klaar 2010

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Dutch) 2007

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared 64-bit MUI (Dutch) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Starter 2010 - Nederlands

Microsoft Office Word MUI (Dutch) 2007

Microsoft Silverlight

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Movie Theme Pack for HP MediaSmart Video

Mozilla Firefox 24.0 (x86 nl)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

MusicStation

Mystery P.I. - The London Caper

NVIDIA Drivers

NVIDIA ForceWare Network Access Manager

PC Veilig

PDF Complete Special Edition

Penguins!

PhotoNow!

PictureMover

Pizza Chef 2

Plants vs. Zombies

PlayReady PC Runtime amd64

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

QuickTime

Ralink RT2860 Wireless LAN Card

Realtek High Definition Audio Driver

Recovery Manager

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)

Skype™ 6.9

Spotify

Steam

Stronghold Legends

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

Uninstall 1.0.0.1

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition

Update voor Microsoft Office Excel 2007 Help (KB963678)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)

Update voor Microsoft Office Word 2007 Help (KB963665)

Virtual Villagers 4 - The Tree of Life

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

World Cup Cricket 20-20

World of Tanks

Zuma Deluxe

.

==== End Of File ===========================

[Jion]

Het DDS logje ziet er netjes uit. Heb je nog last van het politievirus?

Zo ja, enkel in je browser (welke?) of direct als je Windows opgestart hebt?

Wat wel opvalt is dat je nog met resten van een verouderde Java zit. Dit is een beruchte manier om malware binnen te halen.

Voer het volgende daarvoor eens uit:

1.

Ga via Start - Configuratiescherm - Programma's verwijderen en verwijder daar ALLES wat je ziet van JAVA.

2.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

3.

Ga naar Java en download daar de correcte Java versie.

• 
  
• Klik op "Gratis Java-download".
  
• Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
  
• Het bestand jxpiinstall.exe wordt aangeboden - kies hier voor "bestand opslaan".
  
• Sluit alle programma's die eventueel open zijn - zeker je web browser!
  
• Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  
• Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
  
• Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  
• Herhaal dit tot alle oudere versies verdwenen zijn.
  
• Na het verwijderen van alle oudere versies, herstart je pc.
  
• Klik vervolgens op jxpiinstall.exe om de nieuwste versie van Java te installeren.
  
• Vink de installatie van de Ask toolbar uit en ga dan verder met de installatie.