Vermoedelijk vervuilde pc-mozilla start niet meer

  • Marion Koppert

    Beste mensen,

    Vermoedelijk heb ik toch de nodige malware of zo op mijn pc gekregen. Mozilla start niet meer op, ook de draadloze functie valt regelmatig weg. Of dit hier ook mee te maken heeft weet ik niet maar hier volgen mijn logjes:

    # AdwCleaner v2.301 - Verslag gemaakt op 22/05/2013 om 18:38:35

    # Geactualiseerd op 16/05/2013 door Xplode

    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

    # Gebruiker : koppert - DESKTOP

    # Opstarten Modus : Normale modus

    # Gelanceerd vanaf : C:\Users\koppert\Desktop\adwcleaner.exe

    # Optie

    ***** *****

    Gestopt & Verwijdert : IB Updater

    Gestopt & Verwijdert : IBUpdaterService

    Gestopt & Verwijdert : WajamUpdater

    ***** *****

    File Verwijdert : C:\END

    File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

    File Verwijdert : C:\user.js

    File Verwijdert : C:\Users\koppert\AppData\Roaming\Mozilla\Firefox\Profiles\0638k6t5.default\searchplugins\MyStart Search.xml

    Map Verwijdert : C:\Program Files (x86)\AVG Secure Search

    Map Verwijdert : C:\Program Files (x86)\Wajam

    Map Verwijdert : C:\Program Files\IB Updater

    Map Verwijdert : C:\ProgramData\AVG Secure Search

    Map Verwijdert : C:\ProgramData\Partner

    Map Verwijdert : C:\Users\koppert\AppData\Local\AVG Secure Search

    Map Verwijdert : C:\Users\koppert\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

    Map Verwijdert : C:\Users\koppert\AppData\Local\Temp\avg@toolbar

    Map Verwijdert : C:\Users\koppert\AppData\Local\Temp\Wajam

    Map Verwijdert : C:\Users\koppert\AppData\Local\Wajam

    Map Verwijdert : C:\Users\koppert\AppData\LocalLow\AVG Secure Search

    Map Verwijdert : C:\Users\koppert\AppData\Roaming\dvdvideosoftiehelpers

    Map Verwijdert : C:\Users\koppert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam

    Map Verwijdert : C:\Windows\SysWOW64\WNLT

    Verwijdert bij het opstarten : C:\Program Files (x86)\Common Files\AVG Secure Search

    ***** *****

    Sleutel Verwijdert : HKCU\Software\AVG Secure Search

    Sleutel Verwijdert : HKCU\Software\Conduit

    Sleutel Verwijdert : HKCU\Software\IGearSettings

    Sleutel Verwijdert : HKCU\Software\IM

    Sleutel Verwijdert : HKCU\Software\ImInstaller

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

    Sleutel Verwijdert : HKCU\Software\Softonic

    Sleutel Verwijdert : HKCU\Software\Wajam

    Sleutel Verwijdert : HKCU\Software\WNLT

    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}

    Sleutel Verwijdert : HKLM\Software\AVG Secure Search

    Sleutel Verwijdert : HKLM\Software\AVG Security Toolbar

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\Extension.DLL

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\S

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamBHO

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamDownloader

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1

    Sleutel Verwijdert : HKLM\Software\Conduit

    Sleutel Verwijdert : HKLM\Software\IB Updater

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

    Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

    Sleutel Verwijdert : HKLM\Software\Wajam

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT

    Sleutel Verwijdert : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

    Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1

    Waarde Verwijdert : HKCU\Software\Mozilla\Firefox\Extensions

    Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

    Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\extensions

    Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\extensions

    Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\Extensions

    Waarde Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar

    ***** *****

    -\\ Internet Explorer v10.0.9200.16576

    Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Mozilla Firefox v20.0.1 (nl)

    File : C:\Users\koppert\AppData\Roaming\Mozilla\Firefox\Profiles\0638k6t5.default\prefs.js

    C:\Users\koppert\AppData\Roaming\Mozilla\Firefox\Profiles\0638k6t5.default\user.js … Verwijdert !

    Verwijdert : user_pref(“avg.install.installDirPath”, “C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.2.0.1”);

    Verwijdert : user_pref(“extensions.incredibar.actvtyRptTime”, “1351351902286”);

    Verwijdert : user_pref(“extensions.incredibar.admin”, false);

    Verwijdert : user_pref(“extensions.incredibar.aflt”, “orgnl”);

    Verwijdert : user_pref(“extensions.incredibar.afterInstallRpt”, “sent”);

    Verwijdert : user_pref(“extensions.incredibar.cntry”, “NL”);

    Verwijdert : user_pref(“extensions.incredibar.dfltLng”, “EN”);

    Verwijdert : user_pref(“extensions.incredibar.dfltSrch”, false);

    Verwijdert : user_pref(“extensions.incredibar.dfltlng”, “en”);

    Verwijdert : user_pref(“extensions.incredibar.dfltsrch”, “false”);

    Verwijdert : user_pref(“extensions.incredibar.did”, “10643”);

    Verwijdert : user_pref(“extensions.incredibar.envrmnt”, “production”);

    Verwijdert : user_pref(“extensions.incredibar.excTlbr”, false);

    Verwijdert : user_pref(“extensions.incredibar.hdrMd5”, “5FB9FFF6B5582299943AC649D4CBB9F0”);

    Verwijdert : user_pref(“extensions.incredibar.hmpg”, false);

    Verwijdert : user_pref(“extensions.incredibar.hrdid”, “204c3cc00000000000008c89a5805f02”);

    Verwijdert : user_pref(“extensions.incredibar.id”, “204c3cc00000000000008c89a5805f02”);

    Verwijdert : user_pref(“extensions.incredibar.installerproductid”, “26”);

    Verwijdert : user_pref(“extensions.incredibar.instlDay”, “15627”);

    Verwijdert : user_pref(“extensions.incredibar.instlRef”, “”);

    Verwijdert : user_pref(“extensions.incredibar.instlday”, “15627”);

    Verwijdert : user_pref(“extensions.incredibar.instlref”, “”);

    Verwijdert : user_pref(“extensions.incredibar.isDcmntCmplt”, true);

    Verwijdert : user_pref(“extensions.incredibar.isdcmntcmplt”, true);

    Verwijdert : user_pref(“extensions.incredibar.keywordurl”, “”);

    Verwijdert : user_pref(“extensions.incredibar.lastVrsnTs”, “1.5.11.1417:57:07”);

    Verwijdert : user_pref(“extensions.incredibar.mntrvrsn”, “1.2.0”);

    Verwijdert : user_pref(“extensions.incredibar.newTab”, false);

    Verwijdert : user_pref(“extensions.incredibar.newtab”, “false”);

    Verwijdert : user_pref(“extensions.incredibar.newtaburl”, “”);

    Verwijdert : user_pref(“extensions.incredibar.noFFXTlbr”, false);

    Verwijdert : user_pref(“extensions.incredibar.ppd”, “1”);

    Verwijdert : user_pref(“extensions.incredibar.prdct”, “incredibar”);

    Verwijdert : user_pref(“extensions.incredibar.productid”, “26”);

    Verwijdert : user_pref(“extensions.incredibar.prtnrId”, “Incredibar”);

    Verwijdert : user_pref(“extensions.incredibar.prtnrid”, “Incredibar”);

    Verwijdert : user_pref(“extensions.incredibar.sg”, “none”);

    Verwijdert : user_pref(“extensions.incredibar.smplGrp”, “none”);

    Verwijdert : user_pref(“extensions.incredibar.smplgrp”, “none”);

    Verwijdert : user_pref(“extensions.incredibar.srch”, “”);

    Verwijdert : user_pref(“extensions.incredibar.srchprvdr”, “”);

    Verwijdert : user_pref(“extensions.incredibar.tlbrId”, “base”);

    Verwijdert : user_pref(“extensions.incredibar.tlbrid”, “base”);

    Verwijdert : user_pref(“extensions.incredibar.upn2”, “6PQMCvSaBI”);

    Verwijdert : user_pref(“extensions.incredibar.upn2n”, “92543750317266378”);

    Verwijdert : user_pref(“extensions.incredibar.vrsn”, “1.5.11.14”);

    Verwijdert : user_pref(“extensions.incredibar.vrsnTs”, “1.5.11.1417:57:07”);

    Verwijdert : user_pref(“extensions.incredibar.vrsni”, “1.5.11.14”);

    Verwijdert : user_pref(“extensions.incredibar.vrsnts”, “1.5.11.1417:57:07”);

    Verwijdert : user_pref(“extensions.incredibar_i.aflt”, “orgnl”);

    Verwijdert : user_pref(“extensions.incredibar_i.dfltLng”, “”);

    Verwijdert : user_pref(“extensions.incredibar_i.did”, “10643”);

    Verwijdert : user_pref(“extensions.incredibar_i.excTlbr”, false);

    Verwijdert : user_pref(“extensions.incredibar_i.id”, “204c3cc00000000000008c89a5805f02”);

    Verwijdert : user_pref(“extensions.incredibar_i.installerproductid”, “26”);

    Verwijdert : user_pref(“extensions.incredibar_i.instlDay”, “15627”);

    Verwijdert : user_pref(“extensions.incredibar_i.instlRef”, “”);

    Verwijdert : user_pref(“extensions.incredibar_i.ms_url_id”, “”);

    Verwijdert : user_pref(“extensions.incredibar_i.newTab”, false);

    Verwijdert : user_pref(“extensions.incredibar_i.ppd”, “1”);

    Verwijdert : user_pref(“extensions.incredibar_i.prdct”, “incredibar”);

    Verwijdert : user_pref(“extensions.incredibar_i.productid”, “26”);

    Verwijdert : user_pref(“extensions.incredibar_i.prtnrId”, “Incredibar”);

    Verwijdert : user_pref(“extensions.incredibar_i.smplGrp”, “none”);

    Verwijdert : user_pref(“extensions.incredibar_i.tlbrId”, “base”);

    Verwijdert : user_pref(“extensions.incredibar_i.tlbrSrchUrl”, "hxxp://mystart.Incredibar.com/?a=6PQMCvSaBI&loc=IB

    Verwijdert : user_pref(“extensions.incredibar_i.upn2”, “6PQMCvSaBI”);

    Verwijdert : user_pref(“extensions.incredibar_i.upn2n”, “92543750317266378”);

    Verwijdert : user_pref(“extensions.incredibar_i.vrsn”, “1.5.11.14”);

    Verwijdert : user_pref(“extensions.incredibar_i.vrsnTs”, “1.5.11.1417:57:07”);

    Verwijdert : user_pref(“extensions.incredibar_i.vrsni”, “1.5.11.14”);

    Verwijdert : user_pref(“{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_blackList”, "form=CONTLB|babsrc=too

    Verwijdert : user_pref(“{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer”, "hxxp://isearch.avg.com/

    Verwijdert : user_pref(“{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer”, "hxxp://isearch.avg.

    Verwijdert : user_pref(“{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList”, “{\”search.babylon.com\

    Verwijdert : user_pref(“{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList”, "form=CONTLB|babsrc=too

    Verwijdert : user_pref(“{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_referrer”, "hxxp://isearch.avg.com/

    Verwijdert : user_pref(“{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_temp_referer”, "hxxp://isearch.avg.

    Verwijdert : user_pref(“{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList”, “{\”search.babylon.com\

    -\\ Google Chrome v27.0.1453.93

    File : C:\Users\koppert\AppData\Local\Google\Chrome\User Data\Default\Preferences

    De file bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner.txt - -

    ########## EOF - C:\AdwCleaner.txt - ##########

    Malwarebytes Anti-Malware 1.75.0.1300

    www.malwarebytes.org

    Databaseversie: v2013.05.22.08

    Windows 7 Service Pack 1 x64 NTFS

    Internet Explorer 10.0.9200.16576

    koppert :: DESKTOP

    22-5-2013 20:19:27

    mbam-log-2013-05-22 (20-19-27).txt

    Scan type: Snelle scan

    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

    Uitgeschakelde scan opties: P2P

    Objecten gescand: 250883

    Verstreken tijd: 5 minuut/minuten, 20 seconde(n)

    Geheugenprocessen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    (einde)

    Mijn logje van Hijackthis komt nog in volgende bericht. Deze log kon ik niet hierbij posten omdat ik de melding kreeg dat mijn berichttekst te lang was.

    Groetjes,

    Groby

  • Marion Koppert

    Hierbij dan mijn log van hijackthis:

    Logfile of random's system information tool 1.09 (written by random/random)

    Run by koppert at 2013-05-22 22:07:24

    Microsoft Windows 7 Home Premium Service Pack 1

    System drive C: has 1465 GB (79%) free of 1855 GB

    Total RAM: 4078 MB (43% free)

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 22:07:33, on 22-5-2013

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v10.0 (10.00.9200.16576)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

    C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

    C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

    C:\Program Files (x86)\CyberLink\Shared files\brs.exe

    C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe

    C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe

    C:\Program Files (x86)\iTunes\iTunesHelper.exe

    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

    C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe

    C:\PROGRA~2\Raptr\raptr.exe

    C:\PROGRA~2\Raptr\raptr_im.exe

    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    C:\Program Files\trend micro\koppert.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    F2 - REG:system.ini: UserInit=userinit.exe

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

    O2 - BHO: IconixBHOClass Class - {761233B6-F228-49E4-8F6B-668499D4E55A} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

    O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe”

    O4 - HKLM\..\Run: C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

    O4 - HKLM\..\Run: C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun

    O4 - HKLM\..\Run: C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

    O4 - HKLM\..\Run: C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

    O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe”

    O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe”

    O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”

    O4 - HKLM\..\Run: “C:\Program Files (x86)\iTunes\iTunesHelper.exe”

    O4 - HKLM\..\Run: “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe”

    O4 - HKLM\..\RunOnce: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

    O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –no-startup-window

    O4 - HKCU\..\Run: “C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”

    O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

    O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun

    O4 - HKCU\..\Run: C:\PROGRA~2\Raptr\raptrstub.exe –startup

    O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)

    O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)

    O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)

    O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)

    O4 - HKUS\S-1-5-21-2579152848-2309383289-322844936-1001\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)

    O4 - HKUS\S-1-5-21-2579152848-2309383289-322844936-1001\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing)

    O9 - Extra ‘Tools’ menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing)

    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: (no name) - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll

    O9 - Extra ‘Tools’ menuitem: Email ID Preferences - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll

    O9 - Extra button: (no name) - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll

    O9 - Extra ‘Tools’ menuitem: About Email ID - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

    O9 - Extra ‘Tools’ menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

    O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)

    O9 - Extra ‘Tools’ menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)

    O9 - Extra button: Casino La Vida - {11E47561-BAE2-4F72-8213-8818E62BB124} - C:\Microgaming\Casino\casinolavida\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: Jackpot City - {2E9CD141-9025-4018-802A-8F3DEF6B07FC} - C:\Microgaming\Casino\jackpotcity\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: UK Casino Club - {309B0300-0C8A-4A4C-8610-E6DCC6150B6F} - C:\Microgaming\Casino\UKCasinoClub\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: King Neptunes - {41B00985-B707-4422-882E-9418812B0736} - C:\Microgaming\Casino\KingNeptunes\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: Lucky Nugget Casino - {525A59B5-5432-492C-9063-D168EFDBC4BE} - C:\Microgaming\Casino\LuckyNugget\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: Captain Cooks Casino - {7FC4233C-B0D1-41F4-998E-9F1470EA21D9} - C:\Microgaming\Casino\CaptainCooks\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: Gaming Club - {C59EF4A1-3B78-4F58-8BDA-1C530689F32F} - C:\Microgaming\Casino\GamingClub\casinogame.exe (file missing) (HKCU)

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: Accelerated graphics

    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

    O23 - Service: Iconix Update Service (IconixService) - Unknown owner - C:\Program Files (x86)\Common Files\Iconix\IconixService.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

    O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

    O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: vToolbarUpdater15.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    End of file - 15716 bytes

    ======Listing Processes======

    \SystemRoot\System32\smss.exe

    %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

    wininit.exe

    %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

    winlogon.exe

    C:\Windows\system32\services.exe

    C:\Windows\system32\lsass.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k NetworkService

    “C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe”

    C:\Windows\system32\nvvsvc.exe -session -first

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”

    “taskhost.exe”

    “C:\Windows\system32\Dwm.exe”

    C:\Windows\Explorer.EXE

    “C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe”

    “C:\Program Files\Bonjour\mDNSResponder.exe”

    “C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe”

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    “C:\Program Files (x86)\Common Files\Iconix\IconixService.exe”

    “C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe” -s

    “C:\Program Files\ESET\ESET Smart Security\egui.exe” /hide /waitservice

    “C:\Program Files\Windows Sidebar\sidebar.exe” /autoRun

    “C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”

    “c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe”

    “C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe”

    “C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe”

    “C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe” /AUTORUN

    “C:\Program Files (x86)\PowerISO\PWRISOVM.EXE”

    “C:\Program Files (x86)\CyberLink\Shared files\brs.exe”

    “C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe”

    “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe”

    “C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe”

    “C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe” /autorun

    “C:\Program Files (x86)\iTunes\iTunesHelper.exe”

    “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe”

    “C:/Program Files/NVIDIA Corporation/Display/nvtray.exe” -user_has_logged_in 1

    “C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe”

    C:\Windows\system32\svchost.exe -k imgsvc

    “C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe”

    “C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe”

    “C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”

    “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe”

    WLIDSvcM.exe 3808

    “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe”

    “C:\Program Files\iPod\bin\iPodService.exe”

    C:\Windows\system32\SearchIndexer.exe /Embedding

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    “C:\Program Files\Windows Media Player\wmpnetwk.exe”

    “C:\Windows\System32\WUDFHost.exe” -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fe931074-1942-4b6c-9800-3633b72a126f -SystemEventPortName:HostProcess-fbb4c3f0-4c7a-4fa1-b23c-6f5c7c4b79cb -IoCancelEventPortName:HostProcess-b583caad-98b3-4442-b256-fc49e99441de -NonStateChangingEventPortName:HostProcess-3fad7679-b57d-481b-8723-303401866357 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:96fc5e5a-2343-4a2e-bb17-e91f5e09e35b -DeviceGroupId:WpdFsGroup

    C:\Windows\System32\svchost.exe -k LocalServicePeerNet

    “C:\PROGRA~2\Raptr\raptr.exe” –log_to_file –from_stub –startup

    raptr_im.exe

    “C:\Program Files\Internet Explorer\iexplore.exe”

    “C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:5616 CREDAT:267521 /prefetch:2

    “C:\Program Files (x86)\Raptr\raptr_ep64.exe”

    C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

    “C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe”

    C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_202_ActiveX.exe -Embedding

    “C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:5616 CREDAT:3872108 /prefetch:2

    “C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:5616 CREDAT:1578270 /prefetch:2

    “C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe”

    “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe”

    “C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe”

    “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe”

    taskeng.exe {66D67A49-F8D3-4A30-B276-57762FC4501E}

    “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe” /autoupdate /silent /autoclose

    taskhost.exe $(Arg0)

    “C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon”

    “C:\Windows\system32\SearchFilterHost.exe” 0 516 520 528 65536 524

    “C:\Users\koppert\Desktop\RSITx64.exe”

    C:\Windows\system32\wbem\wmiprvse.exe

    ======Scheduled tasks folder======

    C:\Windows\tasks\Adobe Flash Player Updater.job

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

    =========Mozilla firefox=========

    ProfilePath - C:\Users\koppert\AppData\Roaming\Mozilla\Firefox\Profiles\0638k6t5.default

    prefs.js - “browser.search.useDBForOrder” - true

    prefs.js - “browser.startup.homepage” - “www.google.nl”

    “{336D0C35-8A85-403a-B9D2-65C292C39087}”=C:\Program Files\IB Updater\Firefox

    “{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}”=C:\Program Files\IB Updater\Firefox

    “Description”=Adobe® Flash® Player 11.7.700.202 Plugin

    “Path”=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

    “Description”=Adobe Shockwave Player

    “Path”=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

    “Description”=

    “Path”=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

    “Description”=Java™ Deployment Toolkit

    “Path”=C:\Windows\SysWOW64\npDeployJava1.dll

    “Description”=

    “Path”=C:\Windows\system32\Wat\npWatWeb.dll

    “Description”=Ag Player Plugin

    “Path”=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

    “Description”=WLPG Install MIME type

    “Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    “Description”=WLPG Install MIME type

    “Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    “Description”=WLPG Install MIME type

    “Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    “Description”=Google Update

    “Path”=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

    “Description”=Google Update

    “Path”=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

    “Description”=VLC Multimedia Plugin

    “Path”=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

    “Description”=Handles PDFs in-place in Firefox

    “Path”=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

    “Description”=Adobe® Flash® Player 11.7.700.202 Plugin

    “Path”=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll

    “Description”=

    “Path”=C:\Windows\system32\Wat\npWatWeb.dll

    “Description”=Ag Player Plugin

    “Path”=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

    C:\Program Files (x86)\Mozilla Firefox\extensions\

    {972ce4c6-7e08-4474-a285-3208198ce6fd}

    C:\Program Files (x86)\Mozilla Firefox\components\

    binary.manifest

    browsercomps.dll

    C:\Program Files (x86)\Mozilla Firefox\searchplugins\

    bing.xml

    bolcom-nl.xml

    google.xml

    marktplaats-nl.xml

    wikipedia-nl.xml

    ======Registry dump======

    Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

    Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll

    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

    IconixBHOClass Class - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll

    Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    “RTHDVCPL”=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

    “egui”=C:\Program Files\ESET\ESET Smart Security\egui.exe

    “Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe

    “GoogleChromeAutoLaunch_ACE26633DC755D76AF39CE01DFEF37D8”=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    “TomTomHOME.exe”=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

    “swg”=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    “Skype”=C:\Program Files (x86)\Skype\Phone\Skype.exe

    “Raptr”=C:\PROGRA~2\Raptr\raptrstub.exe

    “IAStorIcon”=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

    “CLMLServer”=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

    “BrMfcWnd”=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

    “ControlCenter3”=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe

    “PWRISOVM.EXE”=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

    “BDRegion”=C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

    “RemoteControl”=C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe

    “LanguageShortcut”=C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe

    “APSDaemon”=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

    “iTunesHelper”=C:\Program Files (x86)\iTunes\iTunesHelper.exe

    “SDTray”=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

    “Malwarebytes Anti-Malware”=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

    WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    “SecurityProviders”=credssp.dll

    “ConsentPromptBehaviorAdmin”=5

    “ConsentPromptBehaviorUser”=3

    “EnableUIADesktopToggle”=0

    “dontdisplaylastusername”=0

    “legalnoticecaption”=

    “legalnoticetext”=

    “shutdownwithoutlogon”=1

    “undockwithoutlogon”=1

    “NoActiveDesktop”=1

    “NoActiveDesktopChanges”=1

    “ForceActiveDesktopOn”=0

    “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe”=“C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon”

    “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe”=“C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service”

    “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe”=“C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater”

    “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe”=“C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service”

    “vidc.mrle”=msrle32.dll

    “vidc.msvc”=msvidc32.dll

    “msacm.imaadpcm”=imaadp32.acm

    “msacm.msg711”=msg711.acm

    “msacm.msgsm610”=msgsm32.acm

    “msacm.msadpcm”=msadp32.acm

    “midimapper”=midimap.dll

    “wavemapper”=msacm32.drv

    “VIDC.UYVY”=msyuv.dll

    “VIDC.YUY2”=msyuv.dll

    “VIDC.YVYU”=msyuv.dll

    “VIDC.IYUV”=iyuv_32.dll

    “vidc.i420”=lvcod64.dll

    “VIDC.YVU9”=tsbyuv.dll

    “msacm.l3acm”=C:\Windows\SysWOW64\l3codeca.acm

    “vidc.cvid”=iccvid.dll

    “msacm.siren”=sirenacm.dll

    “aux”=wdmaud.drv

    “wave1”=wdmaud.drv

    “midi1”=wdmaud.drv

    “mixer1”=wdmaud.drv

    “aux1”=wdmaud.drv

    “wave3”=wdmaud.drv

    “midi3”=wdmaud.drv

    “mixer3”=wdmaud.drv

    “wave4”=wdmaud.drv

    “midi4”=wdmaud.drv

    “mixer4”=wdmaud.drv

    “wave2”=wdmaud.drv

    “midi2”=wdmaud.drv

    “mixer2”=wdmaud.drv

    “wave”=wdmaud.drv

    “midi”=wdmaud.drv

    “mixer”=wdmaud.drv

    “MSVideo”=vfwwdm32.dll

    “MSVideo8”=VfWWDM32.dll

    “wave5”=wdmaud.drv

    “midi5”=wdmaud.drv

    “mixer5”=wdmaud.drv

    “aux2”=wdmaud.drv

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1

    .js - open - C:\Windows\System32\WScript.exe “%1” %*

    ======List of files/folders created in the last 1 month======

    2013-05-22 22:07:25 —-D—- C:\Program Files\trend micro

    2013-05-22 22:07:24 —-D—- C:\rsit

    2013-05-22 20:27:18 —-D—- C:\Program Files (x86)\ESET

    2013-05-22 20:17:04 —-D—- C:\Users\koppert\AppData\Roaming\Malwarebytes

    2013-05-22 20:16:14 —-D—- C:\ProgramData\Malwarebytes

    2013-05-22 20:16:13 —-D—- C:\Program Files (x86)\Malwarebytes' Anti-Malware

    2013-05-22 20:16:13 —-A—- C:\Windows\system32\drivers\mbam.sys

    2013-05-22 18:38:43 —-A—- C:\Windows\DeleteOnReboot.bat

    2013-05-22 18:38:35 —-A—- C:\AdwCleaner.txt

    2013-05-22 11:46:56 —-D—- C:\ProgramData\Spybot - Search & Destroy

    2013-05-22 11:46:51 —-A—- C:\Windows\system32\sdnclean64.exe

    2013-05-22 11:46:47 —-D—- C:\Program Files (x86)\Spybot - Search & Destroy 2

    2013-05-15 20:31:42 —-A—- C:\Windows\SYSWOW64\ieui.dll

    2013-05-15 20:31:41 —-A—- C:\Windows\system32\ieui.dll

    2013-05-15 20:31:41 —-A—- C:\Windows\system32\ie4uinit.exe

    2013-05-15 20:31:40 —-A—- C:\Windows\SYSWOW64\iesetup.dll

    2013-05-15 20:31:36 —-A—- C:\Windows\system32\iesetup.dll

    2013-05-15 20:31:34 —-A—- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

    2013-05-15 20:31:34 —-A—- C:\Windows\SYSWOW64\msfeeds.dll

    2013-05-15 20:31:34 —-A—- C:\Windows\SYSWOW64\iesysprep.dll

    2013-05-15 20:31:34 —-A—- C:\Windows\SYSWOW64\iernonce.dll

    2013-05-15 20:31:34 —-A—- C:\Windows\system32\RegisterIEPKEYs.exe

    2013-05-15 20:31:34 —-A—- C:\Windows\system32\msfeeds.dll

    2013-05-15 20:31:34 —-A—- C:\Windows\system32\iesysprep.dll

    2013-05-15 20:31:34 —-A—- C:\Windows\system32\iernonce.dll

    2013-05-15 20:31:33 —-A—- C:\Windows\SYSWOW64\iertutil.dll

    2013-05-15 20:31:33 —-A—- C:\Windows\system32\iertutil.dll

    2013-05-15 20:31:32 —-A—- C:\Windows\SYSWOW64\urlmon.dll

    2013-05-15 20:31:32 —-A—- C:\Windows\system32\urlmon.dll

    2013-05-15 20:31:32 —-A—- C:\Windows\system32\jscript.dll

    2013-05-15 20:31:31 —-A—- C:\Windows\SYSWOW64\jscript.dll

    2013-05-15 20:31:31 —-A—- C:\Windows\system32\jscript9.dll

    2013-05-15 20:31:30 —-A—- C:\Windows\SYSWOW64\jscript9.dll

    2013-05-15 20:31:29 —-A—- C:\Windows\SYSWOW64\wininet.dll

    2013-05-15 20:31:29 —-A—- C:\Windows\SYSWOW64\jsproxy.dll

    2013-05-15 20:31:29 —-A—- C:\Windows\system32\jsproxy.dll

    2013-05-15 20:31:28 —-A—- C:\Windows\system32\wininet.dll

    2013-05-15 20:31:26 —-A—- C:\Windows\SYSWOW64\mshtml.dll

    2013-05-15 20:31:23 —-A—- C:\Windows\system32\mshtml.dll

    2013-05-15 20:31:21 —-A—- C:\Windows\system32\ieframe.dll

    2013-05-15 20:31:19 —-A—- C:\Windows\SYSWOW64\ieframe.dll

    2013-05-15 09:39:38 —-A—- C:\Windows\system32\drivers\dxgmms1.sys

    2013-05-15 09:39:38 —-A—- C:\Windows\system32\drivers\dxgkrnl.sys

    2013-05-15 09:39:38 —-A—- C:\Windows\system32\cdd.dll

    2013-05-15 09:39:28 —-A—- C:\Windows\system32\shell32.dll

    2013-05-15 09:39:27 —-A—- C:\Windows\system32\authui.dll

    2013-05-15 09:39:26 —-A—- C:\Windows\system32\shdocvw.dll

    2013-05-15 09:39:25 —-A—- C:\Windows\SYSWOW64\shell32.dll

    2013-05-15 09:39:25 —-A—- C:\Windows\SYSWOW64\shdocvw.dll

    2013-05-15 09:39:25 —-A—- C:\Windows\SYSWOW64\authui.dll

    2013-05-15 09:39:25 —-A—- C:\Windows\system32\consent.exe

    2013-05-15 09:39:25 —-A—- C:\Windows\system32\appinfo.dll

    2013-05-15 09:39:20 —-A—- C:\Windows\system32\wwansvc.dll

    2013-05-15 09:39:20 —-A—- C:\Windows\system32\wwanprotdim.dll

    2013-05-15 09:39:20 —-A—- C:\Windows\system32\win32k.sys

    2013-05-14 22:18:14 —-A—- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe

    2013-04-26 21:24:45 —-D—- C:\Users\koppert\AppData\Roaming\Raptr

    2013-04-26 21:24:45 —-D—- C:\Program Files (x86)\Raptr

    2013-04-24 23:46:18 —-A—- C:\Windows\system32\drivers\ntfs.sys

    ======List of files/folders modified in the last 1 month======

    2013-05-22 22:07:33 —-D—- C:\Windows\Prefetch

    2013-05-22 22:07:25 —-RD—- C:\Program Files

    2013-05-22 21:28:18 —-D—- C:\Windows\Temp

    2013-05-22 20:39:12 —-D—- C:\Windows\system32\config

    2013-05-22 20:32:14 —-D—- C:\Windows

    2013-05-22 20:27:19 —-D—- C:\Windows\Downloaded Program Files

    2013-05-22 20:27:18 —-RD—- C:\Program Files (x86)

    2013-05-22 20:16:14 —-HD—- C:\ProgramData

    2013-05-22 20:16:13 —-D—- C:\Windows\system32\drivers

    2013-05-22 20:15:36 —-A—- C:\Windows\SYSWOW64\log.txt

    2013-05-22 18:38:43 —-D—- C:\Windows\SysWOW64

    2013-05-22 14:52:51 —-D—- C:\Users\koppert\AppData\Roaming\vlc

    2013-05-22 13:24:43 —-A—- C:\Windows\ntbtlog.txt

    2013-05-22 11:46:56 —-D—- C:\Windows\system32\Tasks

    2013-05-22 11:46:55 —-SD—- C:\ProgramData\Microsoft

    2013-05-22 11:46:51 —-D—- C:\Windows\System32

    2013-05-22 11:23:45 —-D—- C:\Users\koppert\AppData\Roaming\uTorrent

    2013-05-21 15:12:20 —-D—- C:\Torrent downloads

    2013-05-20 22:30:06 —-D—- C:\Program Files (x86)\Steam

    2013-05-20 19:13:36 —-D—- C:\Windows\system32\NDF

    2013-05-17 13:55:44 —-D—- C:\Program Files (x86)\Mozilla Firefox

    2013-05-16 16:00:28 —-D—- C:\Windows\inf

    2013-05-16 16:00:28 —-A—- C:\Windows\system32\PerfStringBackup.INI

    2013-05-16 04:18:56 —-D—- C:\Windows\rescache

    2013-05-16 03:26:16 —-D—- C:\Windows\Microsoft.NET

    2013-05-16 03:26:03 —-RSD—- C:\Windows\assembly

    2013-05-16 03:17:29 —-D—- C:\Windows\winsxs

    2013-05-16 03:15:17 —-D—- C:\Windows\SYSWOW64\nl-NL

    2013-05-16 03:15:17 —-D—- C:\Windows\system32\nl-NL

    2013-05-16 03:15:17 —-D—- C:\Windows\AppPatch

    2013-05-16 03:15:16 —-D—- C:\Program Files\Internet Explorer

    2013-05-16 03:15:16 —-D—- C:\Program Files (x86)\Internet Explorer

    2013-05-16 03:13:13 —-D—- C:\Users\koppert\AppData\Roaming\Skype

    2013-05-15 20:39:26 —-SHD—- C:\Windows\Installer

    2013-05-15 20:39:26 —-D—- C:\ProgramData\Microsoft Help

    2013-05-15 20:35:59 —-A—- C:\Windows\system32\MRT.exe

    2013-05-15 20:31:56 —-D—- C:\Windows\system32\catroot

    2013-05-15 20:31:55 —-D—- C:\Windows\system32\catroot2

    2013-05-15 20:30:59 —-SHD—- C:\System Volume Information

    2013-05-14 22:18:20 —-A—- C:\Windows\SYSWOW64\FlashPlayerApp.exe

    2013-05-08 03:59:11 —-D—- C:\Windows\Minidump

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys

    R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys

    R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys

    R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys

    R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys

    R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys

    R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys

    R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys

    R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys

    R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl

    R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys

    R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\drivers\asmthub3.sys

    R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\drivers\asmtxhci.sys

    R3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0); C:\Windows\system32\DRIVERS\CamDrL64.sys

    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys

    R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys

    R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys

    R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys

    R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys

    R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys

    R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys

    S0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys

    S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

    S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys

    S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys

    S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys

    S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys

    S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys

    S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys

    S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys

    S3 wsvd;wsvd; C:\Windows\system32\DRIVERS\wsvd.sys

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe

    R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

    R2 IconixService;Iconix Update Service; C:\Program Files (x86)\Common Files\Iconix\IconixService.exe

    R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe

    R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

    R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

    R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

    R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

    R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

    R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

    R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

    R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe

    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

    S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe

    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

    S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

    S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe

    S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe

    S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

    —————–EOF—————–

    Alvast bedankt voor de moeite. Mocht het niet lukken dan wordt het een schone installatie. Maar ja, als het niet nodig is, liever niet natuurlijk.

    Groetjes,

    Groby

  • fazantje

    Hoi Marion,

    Sorry voor de late reactie:o

    Download Combofix hier en plaats het op jou bureaublad.

    Schakel nu eerst jou virusscanner uit.

    Deze gaat weer aan nadat computer opnieuw is opgestart.

    Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link,

    want Combofix wordt dagelijks geupdate.

    OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt

    van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

    Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

    Dubbelklik op Combofix.exe

    Volg de instructies, aanvaard de disclaimer.

    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

    De scan kan, afhankelijk van de besmetting 40 tot wel 100 minuten duren, dus denk niet van hij zit vast.

    Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.

    Plaats in jou volgende bericht het logje van Combofix.

    Succes,

    Huib;)

  • Marion Koppert

    Hoi Huib,

    Moet het logje vanaf mijn laptop versturen, want na de herstart doet IE ook niks meer. Ik krijg wel de browser geopend, maar ik kan geen pagina openen, hij is “dood” zeg maar.

    En je hoeft je niet te verontschuldigen voor een late reactie, ik ben allang blij dat er een keer iemand reageert. Haast hebben we niet.

    Hierbij dus mijn logje van combofix:

    ComboFix 13-05-23.01 - koppert 23-05-2013 13:13:11.1.4 - x64

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4078.2684

    Gestart vanuit: c:\users\koppert\Desktop\ComboFix.exe

    AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

    FW: ESET Persoonlijke firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

    SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

    .

    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\users\koppert\AppData\Roaming\inst.exe

    c:\users\koppert\AppData\Roaming\vso_ts_preview.xml

    .

    .

    (((((((((((((((((((( Bestanden Gemaakt van 2013-04-23 to 2013-05-23 ))))))))))))))))))))))))))))))

    .

    .

    2013-05-23 11:18 . 2013-05-23 11:18 ——– d—–w- c:\users\UpdatusUser\AppData\Local\temp

    2013-05-23 11:18 . 2013-05-23 11:18 ——– d—–w- c:\users\Default\AppData\Local\temp

    2013-05-22 20:07 . 2013-05-22 20:20 ——– d—–w- c:\program files\trend micro

    2013-05-22 20:07 . 2013-05-22 20:07 ——– d—–w- C:\rsit

    2013-05-22 18:17 . 2013-05-22 18:17 ——– d—–w- c:\users\koppert\AppData\Roaming\Malwarebytes

    2013-05-22 18:16 . 2013-05-22 18:16 ——– d—–w- c:\programdata\Malwarebytes

    2013-05-22 18:16 . 2013-05-22 18:16 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware

    2013-05-22 18:16 . 2013-04-04 12:50 25928 —-a-w- c:\windows\system32\drivers\mbam.sys

    2013-05-22 16:38 . 2013-05-22 16:38 121 —-a-w- c:\windows\DeleteOnReboot.bat

    2013-05-22 09:46 . 2013-05-22 10:19 ——– d—–w- c:\programdata\Spybot - Search & Destroy

    2013-05-22 09:46 . 2013-05-23 10:55 ——– d—–w- c:\program files (x86)\Spybot - Search & Destroy 2

    2013-05-22 09:46 . 2013-05-22 09:46 ——– d—–w- c:\users\koppert\AppData\Local\Programs

    2013-05-15 07:39 . 2013-04-10 06:01 265064 —-a-w- c:\windows\system32\drivers\dxgmms1.sys

    2013-05-14 20:18 . 2013-05-14 20:18 17613192 —-a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

    2013-04-26 19:24 . 2013-05-23 10:56 ——– d—–w- c:\users\koppert\AppData\Roaming\Raptr

    2013-04-26 19:24 . 2013-05-22 22:17 ——– d—–w- c:\program files (x86)\Raptr

    2013-04-24 21:46 . 2013-04-12 14:45 1656680 —-a-w- c:\windows\system32\drivers\ntfs.sys

    .

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2013-05-20 17:05 . 2012-08-29 14:01 45856 —-a-w- c:\windows\system32\drivers\avgtpx64.sys

    2013-05-15 18:35 . 2011-07-18 20:31 75016696 —-a-w- c:\windows\system32\MRT.exe

    2013-05-14 20:18 . 2012-07-28 10:13 692104 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe

    2013-05-14 20:18 . 2011-08-10 19:09 71048 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

    2013-05-14 11:13 . 2011-03-29 01:36 22240 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

    2013-04-13 05:49 . 2013-05-15 07:39 135168 —-a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

    2013-04-13 05:49 . 2013-05-15 07:39 350208 —-a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

    2013-04-13 05:49 . 2013-05-15 07:39 308736 —-a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll

    2013-04-13 05:49 . 2013-05-15 07:39 111104 —-a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll

    2013-04-13 04:45 . 2013-05-15 07:39 474624 —-a-w- c:\windows\apppatch\AcSpecfc.dll

    2013-04-13 04:45 . 2013-05-15 07:39 2176512 —-a-w- c:\windows\apppatch\AcGenral.dll

    2013-04-07 08:54 . 2012-10-14 15:56 1455408 —-a-w- c:\windows\system32\dmwu.exe

    2013-04-07 08:53 . 2012-10-14 15:56 33792 —-a-w- c:\windows\system32\ImHttpComm.dll

    2013-03-29 22:38 . 2013-03-29 22:38 1054720 —-a-w- c:\windows\system32\MsSpellCheckingFacility.exe

    2013-03-29 22:38 . 2013-03-29 22:38 73728 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

    2013-03-29 22:38 . 2013-03-29 22:38 719360 —-a-w- c:\windows\SysWow64\mshtmlmedia.dll

    2013-03-29 22:38 . 2013-03-29 22:38 523264 —-a-w- c:\windows\SysWow64\vbscript.dll

    2013-03-29 22:38 . 2013-03-29 22:38 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll

    2013-03-29 22:38 . 2013-03-29 22:38 38400 —-a-w- c:\windows\SysWow64\imgutil.dll

    2013-03-29 22:38 . 2013-03-29 22:38 226304 —-a-w- c:\windows\system32\elshyph.dll

    2013-03-29 22:38 . 2013-03-29 22:38 185344 —-a-w- c:\windows\SysWow64\elshyph.dll

    2013-03-29 22:38 . 2013-03-29 22:38 158720 —-a-w- c:\windows\SysWow64\msls31.dll

    2013-03-29 22:38 . 2013-03-29 22:38 150528 —-a-w- c:\windows\SysWow64\iexpress.exe

    2013-03-29 22:38 . 2013-03-29 22:38 138752 —-a-w- c:\windows\SysWow64\wextract.exe

    2013-03-29 22:38 . 2013-03-29 22:38 137216 —-a-w- c:\windows\SysWow64\ieUnatt.exe

    2013-03-29 22:38 . 2013-03-29 22:38 12800 —-a-w- c:\windows\SysWow64\mshta.exe

    2013-03-29 22:38 . 2013-03-29 22:38 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll

    2013-03-29 22:38 . 2013-03-29 22:38 97280 —-a-w- c:\windows\system32\mshtmled.dll

    2013-03-29 22:38 . 2013-03-29 22:38 92160 —-a-w- c:\windows\system32\SetIEInstalledDate.exe

    2013-03-29 22:38 . 2013-03-29 22:38 905728 —-a-w- c:\windows\system32\mshtmlmedia.dll

    2013-03-29 22:38 . 2013-03-29 22:38 81408 —-a-w- c:\windows\system32\icardie.dll

    2013-03-29 22:38 . 2013-03-29 22:38 762368 —-a-w- c:\windows\system32\ieapfltr.dll

    2013-03-29 22:38 . 2013-03-29 22:38 62976 —-a-w- c:\windows\system32\pngfilt.dll

    2013-03-29 22:38 . 2013-03-29 22:38 61952 —-a-w- c:\windows\SysWow64\tdc.ocx

    2013-03-29 22:38 . 2013-03-29 22:38 599552 —-a-w- c:\windows\system32\vbscript.dll

    2013-03-29 22:38 . 2013-03-29 22:38 52224 —-a-w- c:\windows\system32\msfeedsbs.dll

    2013-03-29 22:38 . 2013-03-29 22:38 51200 —-a-w- c:\windows\system32\imgutil.dll

    2013-03-29 22:38 . 2013-03-29 22:38 48640 —-a-w- c:\windows\system32\mshtmler.dll

    2013-03-29 22:38 . 2013-03-29 22:38 452096 —-a-w- c:\windows\system32\dxtmsft.dll

    2013-03-29 22:38 . 2013-03-29 22:38 441856 —-a-w- c:\windows\system32\html.iec

    2013-03-29 22:38 . 2013-03-29 22:38 361984 —-a-w- c:\windows\SysWow64\html.iec

    2013-03-29 22:38 . 2013-03-29 22:38 281600 —-a-w- c:\windows\system32\dxtrans.dll

    2013-03-29 22:38 . 2013-03-29 22:38 27648 —-a-w- c:\windows\system32\licmgr10.dll

    2013-03-29 22:38 . 2013-03-29 22:38 270848 —-a-w- c:\windows\system32\iedkcs32.dll

    2013-03-29 22:38 . 2013-03-29 22:38 247296 —-a-w- c:\windows\system32\webcheck.dll

    2013-03-29 22:38 . 2013-03-29 22:38 235008 —-a-w- c:\windows\system32\url.dll

    2013-03-29 22:38 . 2013-03-29 22:38 23040 —-a-w- c:\windows\SysWow64\licmgr10.dll

    2013-03-29 22:38 . 2013-03-29 22:38 216064 —-a-w- c:\windows\system32\msls31.dll

    2013-03-29 22:38 . 2013-03-29 22:38 197120 —-a-w- c:\windows\system32\msrating.dll

    2013-03-29 22:38 . 2013-03-29 22:38 173568 —-a-w- c:\windows\system32\ieUnatt.exe

    2013-03-29 22:38 . 2013-03-29 22:38 167424 —-a-w- c:\windows\system32\iexpress.exe

    2013-03-29 22:38 . 2013-03-29 22:38 1509376 —-a-w- c:\windows\system32\inetcpl.cpl

    2013-03-29 22:38 . 2013-03-29 22:38 149504 —-a-w- c:\windows\system32\occache.dll

    2013-03-29 22:38 . 2013-03-29 22:38 144896 —-a-w- c:\windows\system32\wextract.exe

    2013-03-29 22:38 . 2013-03-29 22:38 1441280 —-a-w- c:\windows\SysWow64\inetcpl.cpl

    2013-03-29 22:38 . 2013-03-29 22:38 1400416 —-a-w- c:\windows\system32\ieapfltr.dat

    2013-03-29 22:38 . 2013-03-29 22:38 13824 —-a-w- c:\windows\system32\mshta.exe

    2013-03-29 22:38 . 2013-03-29 22:38 136192 —-a-w- c:\windows\system32\iepeers.dll

    2013-03-29 22:38 . 2013-03-29 22:38 135680 —-a-w- c:\windows\system32\IEAdvpack.dll

    2013-03-29 22:38 . 2013-03-29 22:38 12800 —-a-w- c:\windows\system32\msfeedssync.exe

    2013-03-29 22:38 . 2013-03-29 22:38 102912 —-a-w- c:\windows\system32\inseng.dll

    2013-03-29 22:38 . 2013-03-29 22:38 77312 —-a-w- c:\windows\system32\tdc.ocx

    2013-03-19 06:04 . 2013-04-10 02:02 5550424 —-a-w- c:\windows\system32\ntoskrnl.exe

    2013-03-19 05:46 . 2013-04-10 02:02 43520 —-a-w- c:\windows\system32\csrsrv.dll

    2013-03-19 05:04 . 2013-04-10 02:02 3968856 —-a-w- c:\windows\SysWow64\ntkrnlpa.exe

    2013-03-19 05:04 . 2013-04-10 02:02 3913560 —-a-w- c:\windows\SysWow64\ntoskrnl.exe

    2013-03-19 04:47 . 2013-04-10 02:02 6656 —-a-w- c:\windows\SysWow64\apisetschema.dll

    2013-03-19 03:06 . 2013-04-10 02:02 112640 —-a-w- c:\windows\system32\smss.exe

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    .

    “Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”

    “GoogleChromeAutoLaunch_ACE26633DC755D76AF39CE01DFEF37D8”=“c:\program files (x86)\Google\Chrome\Application\chrome.exe”

    “TomTomHOME.exe”=“c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”

    “swg”=“c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

    “Skype”=“c:\program files (x86)\Skype\Phone\Skype.exe”

    “Raptr”=“c:\progra~2\Raptr\raptrstub.exe”

    .

    “IAStorIcon”=“c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe”

    “CLMLServer”=“c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe”

    “BrMfcWnd”=“c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe”

    “ControlCenter3”=“c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe”

    “PWRISOVM.EXE”=“c:\program files (x86)\PowerISO\PWRISOVM.EXE”

    “BDRegion”=“c:\program files (x86)\Cyberlink\Shared Files\brs.exe”

    “RemoteControl”=“c:\program files (x86)\CyberLink\PowerDVD\PDVDServ.exe”

    “LanguageShortcut”=“c:\program files (x86)\CyberLink\PowerDVD\Language\Language.exe”

    “APSDaemon”=“c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”

    “iTunesHelper”=“c:\program files (x86)\iTunes\iTunesHelper.exe”

    .

    “ConsentPromptBehaviorAdmin”= 5 (0x5)

    “ConsentPromptBehaviorUser”= 3 (0x3)

    “EnableUIADesktopToggle”= 0 (0x0)

    .

    BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe

    .

    R0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys

    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe

    R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys

    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys

    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys

    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys

    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe

    R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys

    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe

    S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys

    S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys

    S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys

    S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys

    S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys

    S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe

    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

    S2 IconixService;Iconix Update Service;c:\program files (x86)\Common Files\Iconix\IconixService.exe

    S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe

    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

    S2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe

    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys

    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys

    S3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0);c:\windows\system32\DRIVERS\CamDrL64.sys

    S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys

    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys

    S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys

    .

    .

    — Andere Services/Drivers In Geheugen —

    .

    *NewlyCreated* - WS2IFSL

    .

    2013-05-22 02:30 1165776 —-a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.93\Installer\chrmstp.exe

    .

    Inhoud van de ‘Gedeelde Taken’ map

    .

    2013-05-23 c:\windows\Tasks\Adobe Flash Player Updater.job

    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    .

    2013-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe

    .

    2013-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe

    .

    .

    ——— X64 Entries ———–

    .

    .

    “RTHDVCPL”=“c:\program files\Realtek\Audio\HDA\RAVCpl64.exe”

    “egui”=“c:\program files\ESET\ESET Smart Security\egui.exe”

    .

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

    FontCache

    .

    ——- Bijkomende Scan ——-

    .

    uLocal Page = c:\windows\system32\blank.htm

    uStart Page = hxxp://www.google.nl/

    mLocal Page = c:\windows\SysWOW64\blank.htm

    uInternet Settings,ProxyOverride = *.local

    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

    IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4

    TCP: DhcpNameServer = 192.168.0.1

    FF - ProfilePath - c:\users\koppert\AppData\Roaming\Mozilla\Firefox\Profiles\0638k6t5.default\

    FF - prefs.js: browser.startup.homepage - www.google.nl

    .

    - - - - ORPHANS VERWIJDERD - - - -

    .

    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

    ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll

    ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll

    ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll

    ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll

    AddRemove-captaincooks - c:\microgaming\Casino\CaptainCooks\install.exe

    AddRemove-casinolavida - c:\microgaming\Casino\casinolavida\install.exe

    AddRemove-gamingclub - c:\microgaming\Casino\GamingClub\install.exe

    AddRemove-jackpotcity - c:\microgaming\Casino\jackpotcity\install.exe

    AddRemove-kingneptunes - c:\microgaming\Casino\KingNeptunes\install.exe

    AddRemove-luckynugget - c:\microgaming\Casino\LuckyNugget\install.exe

    AddRemove-Play2Win - c:\program files (x86)\Play2Win\uninst.exe

    AddRemove-ukcasinoclub - c:\microgaming\Casino\UKCasinoClub\install.exe

    .

    .

    .

    “ImagePath”=“\??\c:\program files (x86)\CyberLink\PowerDVD\000.fcl”

    .

    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    .

    @Denied: (2) (LocalSystem)

    “Progid”=“ChromeHTML”

    .

    @Denied: (2) (LocalSystem)

    “Progid”=“ChromeHTML”

    .

    @Denied: (2) (LocalSystem)

    “Progid”=“ChromeHTML”

    .

    @Denied: (2) (LocalSystem)

    “Progid”=“ChromeHTML”

    .

    @Denied: (2) (LocalSystem)

    “Progid”=“ChromeHTML”

    .

    @Denied: (A 2) (Everyone)

    @=“FlashBroker”

    “LocalizedString”=“@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101”

    .

    “Enabled”=dword:00000001

    .

    @=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe”

    .

    @=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”

    .

    @Denied: (A 2) (Everyone)

    @=“IFlashBroker5”

    .

    @=“{00020424-0000-0000-C000-000000000046}”

    .

    @=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”

    “Version”=“1.0”

    .

    @Denied: (A 2) (Everyone)

    @=“FlashBroker”

    “LocalizedString”=“@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101”

    .

    “Enabled”=dword:00000001

    .

    @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe”

    .

    @=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”

    .

    @Denied: (A 2) (Everyone)

    @=“Shockwave Flash Object”

    .

    @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx”

    “ThreadingModel”=“Apartment”

    .

    @=“0”

    .

    @=“ShockwaveFlash.ShockwaveFlash.11”

    .

    @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1”

    .

    @=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”

    .

    @=“1.0”

    .

    @=“ShockwaveFlash.ShockwaveFlash”

    .

    @Denied: (A 2) (Everyone)

    @=“Macromedia Flash Factory Object”

    .

    @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx”

    “ThreadingModel”=“Apartment”

    .

    @=“FlashFactory.FlashFactory.1”

    .

    @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1”

    .

    @=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”

    .

    @=“1.0”

    .

    @=“FlashFactory.FlashFactory”

    .

    @Denied: (A 2) (Everyone)

    @=“IFlashBroker5”

    .

    @=“{00020424-0000-0000-C000-000000000046}”

    .

    @=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”

    “Version”=“1.0”

    .

    @Denied: (Full) (Everyone)

    .

    Voltooingstijd: 2013-05-23 13:20:57

    ComboFix-quarantined-files.txt 2013-05-23 11:20

    .

    Pre-Run: 1.550.049.570.816 bytes beschikbaar

    Post-Run: 1.550.182.379.520 bytes beschikbaar

    .

    - - End Of File - - 4F35073A68AECECF4DEF83EABF95B17D

    Groetjes,

    Marion

  • Ben

    Hallo,

    Herstart je pc als het goed is heb je daarna weer internet?

    Laat dat even weten.

    Gr.Ben

  • Marion Koppert

    Hoi Ben,

    Heb opnieuw opgestart, maar google kan alleen zo een pagina openen, niet via geschiedenis of favorieten. Mozilla kan nog steeds niet opstarten. Ik zie alleen even zo'n draaiend kringeltje en dan stopt dat.

    Ik heb wél internet, chrome doet het nu nog wel. Maar er is toch iets niet helemaal jofel. Ik had eerder geprobeerd om Spybot Search and destroy te laten scannen. De scan lukte wel, maar fixen lukte niet. Liep het programma meteen vast. Ook in veilige modus, dus vandaar dat ik denk dat ik toch wel wat rotzooi op de pc heb. Dat heb je als je wat langer op vakantie gaat en zoonlief kan zich uitleven, haha.

    Maar hopelijk hebben jullie iets aan de logfiles.

    Groetjes,

    Marion

  • Ben

    Hallo,

    Doe het volgende:

    Download zoek.exe naar het bureaublad.

    Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

    (hier of hier) kan je lezen hoe je dat doet.

    * Dubbelklik op Zoek.exe om de tool te starten.

    * Kopieer nu het onderstaande vet gedrukte code en plak die in het grote invulvenster:

    * Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.

    firefoxlook;

    chromelook;

    standardsearch;

    filesrcm;

    autoclean;

    startupall;

    *Klik nu op de knop "Run script".

    * Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    * Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    * Post nu de inhoud van het geopende logje in het volgende bericht.

    Gr.Ben

  • Marion Koppert

    Hallo Ben

    Google Chrome doet het gelukkig nog wel goed.

    Hier mijn logje:

    Zoek.exe Version 4.0.0.2 Updated 22-May-2013

    Tool run by koppert on do 23-05-2013 at 20:12:26,54.

    Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

    Running in: Normal Mode Internet Access Detected

    ==== Deleting CLSID Registry Keys ======================

    ==== Deleting CLSID Registry Values ======================

    ==== Running Processes ======================

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

    C:\Program Files (x86)\Common Files\Iconix\IconixService.exe

    c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe

    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

    C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

    C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

    C:\Program Files (x86)\CyberLink\Shared files\brs.exe

    C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe

    C:\Program Files (x86)\iTunes\iTunesHelper.exe

    C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe

    C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe

    C:\PROGRA~2\Raptr\raptr.exe

    C:\PROGRA~2\Raptr\raptr_im.exe

    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Users\koppert\Downloads\zoek (1).exe

    C:\Windows\SysWOW64\cmd.exe

    C:\Windows\SysWOW64\cmd.exe

    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

    ==== Batch Command(s) Run By Tool======================

    C:\Windows\System32\dmwu.exe deleted successfully

    ==== Deleting Files \ Folders ======================

    “C:\Windows\SysNative\dmwu.exe” not found

    “C:\Program Files (x86)\Common Files\DVDVideoSoft\bin” deleted

    “C:\Users\koppert\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd” deleted

    “C:\Windows\Syswow64\jmdp” deleted

    “C:\Windows\Syswow64\ARFC” deleted

    ==== System Specs ======================

    Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

    Memory (RAM): 4078 MB

    CPU Info: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz

    CPU Speed: 3054,1 MHz

    Sound Card: Speakers (Realtek High Definiti |

    Display Adapters: NVIDIA GeForce GTX 550 Ti | NVIDIA GeForce GTX 550 Ti | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

    Monitors: 1x; Generic PnP Monitor |

    Screen Resolution: 1440 X 900 - 32 bit

    Network: Network Present

    Network Adapters: Realtek PCIe GBE Family Controller | Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter

    CD / DVD Drives: 2x (E: | J: | ) E: TSSTcorpCDDVDW SH-216AB | J:

    Ports: COM Ports NOT Present. LPT Port NOT Present.

    Mouse: 8 Button Wheel Mouse Present

    Hard Disks: C: 1811,9GB | D: 50,0GB

    Hard Disks - Free: C: 1428,7GB | D: 10,2GB

    Manufacturer *: American Megatrends Inc.

    BIOS Info: AT/AT COMPATIBLE | 08/15/11 | MEDION - 7292010

    Time Zone: West-Europa (standaardtijd)

    Motherboard *: MEDIONPC MS-7728

    Internet Explorer Version: 10.0.9200.16576

    Sun Java version: No Java Installed?

    Country: Nederland

    Language: NLD

    ==== Files Recently Created / Modified ======================

    ====== C:\Windows ====

    2013-05-23 11:12:02 F042EE4C8D66248D9B86DCF52ABAE416 256000 —-a-w- C:\Windows\PEV.exe

    2013-05-23 11:12:02 9E05A9C264C8A908A8E79450FCBFF047 80412 —-a-w- C:\Windows\grep.exe

    2013-05-23 11:12:02 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 —-a-w- C:\Windows\zip.exe

    2013-05-23 11:12:02 0297C72529807322B152F517FDB0A9FC 406528 —-a-w- C:\Windows\SWSC.exe

    2013-05-23 11:12:02 0277C027A26428DB64EF4F64F52BB4FD 208896 —-a-w- C:\Windows\MBR.exe

    2013-05-22 16:38:43 CEBB5A5A9638E71791AD3D84729938B2 121 —-a-w- C:\Windows\DeleteOnReboot.bat

    ====== C:\Users\koppert\AppData\Local\Temp ====

    ====== C:\Windows\SysWOW64 =====

    2013-05-15 18:31:42 49834B94A8E8383B700EDDEF46C2AE6A 2706432 —-a-w- C:\Windows\SysWOW64\mshtml.tlb

    2013-05-15 18:31:42 28AEB03752D716BF149DBC93A9ACC17E 391168 —-a-w- C:\Windows\SysWOW64\ieui.dll

    2013-05-15 18:31:40 DFDBC397D0DDBD1AFA3CB400D4C003A9 61440 —-a-w- C:\Windows\SysWOW64\iesetup.dll

    2013-05-15 18:31:34 5915AA67DECA289F7B4AFB686CDB09E9 71680 —-a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

    2013-05-15 18:31:34 52AA8A8DA4175580F365D275EB53DBE3 493056 —-a-w- C:\Windows\SysWOW64\msfeeds.dll

    2013-05-15 18:31:34 3CC9825BFFE7B7429C8B79B0395ACDA8 33280 —-a-w- C:\Windows\SysWOW64\iernonce.dll

    2013-05-15 18:31:34 366D8EA2ADCBA228C9487BC6D2427DDC 109056 —-a-w- C:\Windows\SysWOW64\iesysprep.dll

    2013-05-15 18:31:33 F59A16A9418044C1D505C53DA370B099 2046976 —-a-w- C:\Windows\SysWOW64\iertutil.dll

    2013-05-15 18:31:32 65C95886E1B17001ADDF163AC18C5525 1130496 —-a-w- C:\Windows\SysWOW64\urlmon.dll

    2013-05-15 18:31:31 0142341520F0A0F2B0E312335B96705B 690688 —-a-w- C:\Windows\SysWOW64\jscript.dll

    2013-05-15 18:31:30 C9A062F32FF600C96795B43CD9A53151 2877440 —-a-w- C:\Windows\SysWOW64\jscript9.dll

    2013-05-15 18:31:29 5ABB3F36AF17007F33FA275E96A2C95E 1767424 —-a-w- C:\Windows\SysWOW64\wininet.dll

    2013-05-15 18:31:29 03180AFD271BFD88813F428421BC4A1A 39424 —-a-w- C:\Windows\SysWOW64\jsproxy.dll

    2013-05-15 18:31:26 7A468BC721C1D34E60389D3F2F87BBEA 14323712 —-a-w- C:\Windows\SysWOW64\mshtml.dll

    2013-05-15 18:31:19 D5E5A86F49ACC11768D8339094C3AFD8 13760512 —-a-w- C:\Windows\SysWOW64\ieframe.dll

    2013-05-15 07:39:25 E904178851A6A44BFA97E064EF779E9D 1796096 —-a-w- C:\Windows\SysWOW64\authui.dll

    2013-05-15 07:39:25 565D78187494FB5F08B5A52DEB2AEA7A 12872704 —-a-w- C:\Windows\SysWOW64\shell32.dll

    2013-05-15 07:39:25 1F05F5A16881CD928C82D53CEFCF4477 180224 —-a-w- C:\Windows\SysWOW64\shdocvw.dll

    2013-05-14 20:18:14 830E8F94EDF8D6E770FD3426D8FB4FD8 17613192 —-a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe

    ====== C:\Windows\SysWOW64\drivers =====

    ====== C:\Windows\Sysnative =====

    2013-05-15 18:31:42 9B2BB51ED6D28860A48CFF46FD6D3DC1 2706432 —-a-w- C:\Windows\Sysnative\mshtml.tlb

    2013-05-15 18:31:41 FE6CB2001A8C2A85B617CD3FC85D8242 526336 —-a-w- C:\Windows\Sysnative\ieui.dll

    2013-05-15 18:31:41 42758AF68D3C4912C8D8A18088AD2555 51712 —-a-w- C:\Windows\Sysnative\ie4uinit.exe

    2013-05-15 18:31:36 97588F2871E1FE8E3EB57B17B98DF03B 67072 —-a-w- C:\Windows\Sysnative\iesetup.dll

    2013-05-15 18:31:34 EC6E8273B6CB79CA5B7B00CA82D1FCEE 136704 —-a-w- C:\Windows\Sysnative\iesysprep.dll

    2013-05-15 18:31:34 A197763AA7487807279AB61CD6835CEF 89600 —-a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe

    2013-05-15 18:31:34 7DAA72F6C30D81EE31EC2BDC90054326 603136 —-a-w- C:\Windows\Sysnative\msfeeds.dll

    2013-05-15 18:31:34 168602AB16D30D5D6E091CA609FC7E75 39936 —-a-w- C:\Windows\Sysnative\iernonce.dll

    2013-05-15 18:31:33 9D6B9124B582F0FBF275B434CE5A672C 2647552 —-a-w- C:\Windows\Sysnative\iertutil.dll

    2013-05-15 18:31:32 E34F0440799F9A0F9DC4265F4ADA75C1 1365504 —-a-w- C:\Windows\Sysnative\urlmon.dll

    2013-05-15 18:31:32 772EC073332D1BA2DBEC32C6D063811A 855552 —-a-w- C:\Windows\Sysnative\jscript.dll

    2013-05-15 18:31:31 2C96C695B6015042AC867EA419A45C20 3958784 —-a-w- C:\Windows\Sysnative\jscript9.dll

    2013-05-15 18:31:29 254502230F2259D255D4149C235173B1 53248 —-a-w- C:\Windows\Sysnative\jsproxy.dll

    2013-05-15 18:31:28 27A9000C534AA9BADC9EE74940F50C6D 2242048 —-a-w- C:\Windows\Sysnative\wininet.dll

    2013-05-15 18:31:23 C56EF4C50A1FEED0CC9B7AE068CBBBBB 19231232 —-a-w- C:\Windows\Sysnative\mshtml.dll

    2013-05-15 18:31:21 7F4F74880E0B586EB7A9E225C34B1296 15404032 —-a-w- C:\Windows\Sysnative\ieframe.dll

    2013-05-15 07:39:38 943F527DF79E6B400104341AA7023C75 144384 —-a-w- C:\Windows\Sysnative\cdd.dll

    2013-05-15 07:39:28 1BFC94665BCA35F9001ADC7BFB167C63 14172672 —-a-w- C:\Windows\Sysnative\shell32.dll

    2013-05-15 07:39:27 3EF480BFED1B5947A32585E30A58D4ED 1930752 —-a-w- C:\Windows\Sysnative\authui.dll

    2013-05-15 07:39:26 22A0AE97360C1B146FDD9AA55AC0E989 197120 —-a-w- C:\Windows\Sysnative\shdocvw.dll

    2013-05-15 07:39:25 E948D1D42DC68923ABD75EEB5BCCD1D3 111448 —-a-w- C:\Windows\Sysnative\consent.exe

    2013-05-15 07:39:25 9D2A2369AB4B08A4905FE72DB104498F 70144 —-a-w- C:\Windows\Sysnative\appinfo.dll

    2013-05-15 07:39:20 FE90B750AB808FB9DD8FBB428B5FF83B 230400 —-a-w- C:\Windows\Sysnative\wwansvc.dll

    2013-05-15 07:39:20 A11523523B31086DD760C0189C763359 3153920 —-a-w- C:\Windows\Sysnative\win32k.sys

    2013-05-15 07:39:20 30B1489F2DCD8DC1AB6BB60CA6093615 48640 —-a-w- C:\Windows\Sysnative\wwanprotdim.dll

    ====== C:\Windows\Sysnative\drivers =====

    2013-05-22 18:16:13 0BB97D43299910CBFBA59C461B99B910 25928 —-a-w- C:\Windows\Sysnative\drivers\mbam.sys

    2013-05-15 07:39:38 AF2E16242AA723F68F461B6EAE2EAD3D 983400 —-a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

    2013-05-15 07:39:38 1F04CFB79DD5FB7694468CE3FB3DCC31 265064 —-a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys

    2013-04-24 21:46:18 B98F8C6E31CD07B2E6F71F7F648E38C0 1656680 —-a-w- C:\Windows\Sysnative\drivers\ntfs.sys

    ====== C:\Windows\Tasks ======

    ====== C:\Windows\Temp ======

    ======= C:\Program Files =====

    2013-05-22 20:07:25 ——– d—–w- C:\Program Files\trend micro

    ======= C:\Program Files (x86) =====

    2013-05-22 09:46:47 ——– d—–w- C:\Program Files (x86)\Spybot - Search & Destroy 2

    2013-04-26 19:24:45 ——– d—–w- C:\Program Files (x86)\Raptr

    ======= C: =====

    2013-05-22 16:38:35 B9D8456F28CE24A012BB7758CA0893B9 16956 —-a-w- C:\AdwCleaner.txt

    ====== C:\Users\koppert\AppData\Roaming ======

    2013-05-23 14:46:02 ——– d—–w- C:\users\koppert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD

    2013-05-23 11:20:58 ——– d—–w- C:\users\UpdatusUser\AppData\Local\temp

    2013-05-23 11:20:58 ——– d—–w- C:\users\Public\AppData\Local\temp

    2013-05-23 11:20:58 ——– d—–w- C:\users\Gebruiker\AppData\Local\temp

    2013-05-23 11:20:58 ——– d—–w- C:\users\Default\AppData\Local\temp

    2013-05-23 11:20:58 ——– d—–w- C:\users\Default User\AppData\Local\temp

    2013-05-22 09:46:01 ——– d—–w- C:\users\koppert\AppData\Local\Programs

    2013-04-26 19:24:54 ——– d—–w- C:\users\koppert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr

    2013-04-26 19:24:45 ——– d—–w- C:\users\koppert\AppData\Roaming\Raptr

    ====== C:\Users\koppert ======

    2013-05-23 11:20:58 ——– d—–w- C:\Users\Public\AppData

    2013-05-22 09:46:56 ——– d—–w- C:\ProgramData\Spybot - Search & Destroy

    ====== C: exe-files ==

    2013-05-23 11:12:02 F042EE4C8D66248D9B86DCF52ABAE416 256000 —-a-w- C:\Windows\PEV.exe

    2013-05-23 11:12:02 9E05A9C264C8A908A8E79450FCBFF047 80412 —-a-w- C:\Windows\grep.exe

    2013-05-23 11:12:02 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 —-a-w- C:\Windows\zip.exe

    2013-05-23 11:12:02 0297C72529807322B152F517FDB0A9FC 406528 —-a-w- C:\Windows\SWSC.exe

    2013-05-23 11:12:02 0277C027A26428DB64EF4F64F52BB4FD 208896 —-a-w- C:\Windows\MBR.exe

    2013-05-22 20:07:25 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\koppert.exe

    2013-05-22 20:05:06 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\koppert\Desktop\RSITx64.exe

    2013-05-22 20:04:59 CD48C7F951ADC4FE99DA4BCFD86BF5DF 73 —-a-w- C:\Users\koppert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5AOE0KGW\RSITX64.EXE

    2013-05-22 16:37:48 0A90C8A3F94564E7EAF541981EAFA52A 632031 —-a-w- C:\Users\koppert\Desktop\adwcleaner.exe

    2013-05-22 09:43:21 272A7ED33C052AA6F3F56802853CCC48 55454464 —-a-w- C:\Users\koppert\Desktop\spybot-search-destroy.exe

    2013-05-22 02:30:02 8DBEEA5D392D86AF6FF75E881157C88E 11299168 —-a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\27.0.1453.93\27.0.1453.93_26.0.1410.64_chrome_updater.exe

    2013-05-21 05:57:50 BD617F4C5797AD18EC30199042AE75D4 30722056 —-a-w- C:\Users\koppert\AppData\Roaming\Raptr\raptr-3.1.6-r73201-release.exe

    2013-05-20 20:31:19 6890BBE8CF2A55ABCFDB16822C40C0A7 3448384 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\AirMech\AirMech.exe

    2013-05-20 20:31:15 D6317A0A9B5FABD16EA6377758C5E2E8 92072 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe

    2013-05-20 20:31:13 384763C39D46FCD367E92CF7B5D1ED34 77736 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\vtex.exe

    2013-05-20 20:31:13 07D1715D4A76136A7A7275315CFB3405 77736 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\vvis.exe

    2013-05-20 20:31:12 DA49313F36F5D936256782157C18E506 87464 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\vrad.exe

    2013-05-20 20:31:08 34184865AC694F973385EF5ADF45F740 137128 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\splitskybox.exe

    2013-05-20 20:31:07 BD09B41F52EF48CC2F19E441BECCCFDC 86952 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\shadercompile.exe

    2013-05-20 20:30:58 8D069D4730A909D270617572F7A84AC7 144808 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\hammer.exe

    2013-05-20 20:30:57 2D7F73B8F2BC6932F0497E8060655003 201128 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\glview.exe

    2013-05-20 20:30:54 A5910EADEA41F34354C86BEDADE6FEAA 186792 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\captioncompiler.exe

    2013-05-20 20:30:54 206EBAA00DE81788A30B904AE0BA5737 102400 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\demoinfo.exe

    2013-05-20 20:30:23 F901FF91F748227DC55B9E89B61B6A62 708520 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\mksheet.exe

    2013-05-20 20:30:23 E51673807211C499D93E6AC89C3C3013 417192 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\vbspinfo.exe

    2013-05-20 20:30:23 D628AA3FBD564E9A3A8E6820AFD3A6AF 1678248 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\hlfaceposer.exe

    2013-05-20 20:30:23 D24195F8607721EE773178DCE9D01191 690600 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\normal2ssbump.exe

    2013-05-20 20:30:23 CE0394AF908618167749BACDD37201B2 659880 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\vpk.exe

    2013-05-20 20:30:23 A596779D15F271E865EE7FECDA6367B1 695720 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\height2normal.exe

    2013-05-20 20:30:23 83EF29F6F2F1E5DE4BB1BCF17E918183 721320 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\vtf2tga.exe

    2013-05-20 20:30:23 6F2672EAE4EC4BD2B9CA93E1FD3B6EA2 1690024 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\dmxedit.exe

    2013-05-20 20:30:23 6EA3CD6AA0674C69B5C79716FEA0D864 637864 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\pfm2tgas.exe

    2013-05-20 20:30:23 6D9AF5A5937649683796C8667BFE03D8 2749352 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\qc_eyes.exe

    2013-05-20 20:30:23 4BA8FBC11BFC46ECF045A2B66ED815AF 1890728 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\studiomdl.exe

    2013-05-20 20:30:23 3F75DEA2345927963830A458FD878008 304552 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\motionmapper.exe

    2013-05-20 20:30:23 3A63FBCDFBE13B75812E34DFF6995EAD 423336 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\bspzip.exe

    2013-05-20 20:30:23 2FD631F9966A5075B1D364586C0079E4 1458088 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\vbsp.exe

    2013-05-20 20:30:23 0F92F31E8FE77FAE12D955A23E2B93C3 468904 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\hlmv.exe

    2013-05-20 20:30:23 08F780BD9A49F23770494A5925DCED3B 3241896 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\elementviewer.exe

    2013-05-20 20:30:23 06953C786A98EBA2F3AB4DB03FD652C8 706472 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\height2ssbump.exe

    2013-05-20 17:19:34 47876C11373B62C974CA845F0434EC5C 4214336 —-a-w- C:\Program Files (x86)\Raptr\vcredist_x86.exe

    2013-05-20 17:19:32 DFBADE9590DC2A8C3AEEA2CE528DA909 55360 —-a-w- C:\Program Files (x86)\Raptr\raptrstub.exe

    2013-05-20 17:19:32 86D03FB2D2C9C29446692BA5C0574CEE 46144 —-a-w- C:\Program Files (x86)\Raptr\raptr_im.exe

    2013-05-20 17:19:30 22908B8D27FE9EFE2BE1903C3ED23CC6 64576 —-a-w- C:\Program Files (x86)\Raptr\raptr.exe

    2013-05-20 17:19:30 1FCC19E1FAB0AFF4A25C9775A70DF055 2405456 —-a-w- C:\Program Files (x86)\Raptr\ffmpeg.exe

    2013-05-20 17:19:28 6AC4042DD83C99F68E84A2A71FB5E0AE 45120 —-a-w- C:\Program Files (x86)\Raptr\f2p_ping.exe

    2013-05-20 17:05:18 4B817450226F93C31ADD5BCC27FED27A 1015984 —-a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe

    2013-05-18 14:56:19 7C271BBD974C760F516F1C9F9B61E0F2 106496 —-a-w- C:\Program Files (x86)\Steam\SteamApps\coldfire522\source sdk base\hl2.exe

    === C: other files ==

    2013-05-23 15:49:16 D9B71461E815FC816900359FF4B41013 39717 —-a-w- C:\Users\koppert\Downloads\iron-man-3_english-733412 (1).zip

    2013-05-23 15:40:57 50654D0F305042177A6D5AB384942023 39694 —-a-w- C:\Users\koppert\Downloads\ef43c15f174f0bb5e750c69fde5889405d266a00.zip

    2013-05-23 15:39:54 48F9AAAE5498CB1909722E3494842683 34216 —-a-w- C:\Users\koppert\Downloads\Iron.Man.3.2013.R6.720p.x264.AC3._www.ENGSUB.NET.zip

    2013-05-23 15:38:53 B8871D0B6A38B49AE28914B104BD30C1 38266 —-a-w- C:\Users\koppert\Downloads\Iron.Man.3.2013.R6.LiNE.x264._www.ENGSUB.NET.zip

    2013-05-23 15:37:55 FE6BEA0AA128DF7EF9ADB147C42FD97C 42088 —-a-w- C:\Users\koppert\Downloads\Iron.Man.3.2013.R6.HDScr.LINE.600MB._www.ENGSUB.NET.zip

    2013-05-23 15:35:46 D9B71461E815FC816900359FF4B41013 39717 —-a-w- C:\Users\koppert\Downloads\Iron.Man.3.2013.R6.HDScr.LINE.NoSUBS.NoBLURS.XViD.AC3.HQ.Hive-CM8._www.ENGSUB.NET.zip

    2013-05-23 15:33:09 7BF26819C5B64266E895403AF15CA8CD 38812 —-a-w- C:\Users\koppert\Downloads\iron-man-3_english-733185.zip

    2013-05-23 15:32:05 D9B71461E815FC816900359FF4B41013 39717 —-a-w- C:\Users\koppert\Downloads\iron-man-3_english-733412.zip

    2013-05-23 15:30:42 FCC199AF4DC72DD9DF88F0373BB360CA 34105 —-a-w- C:\Users\koppert\Downloads\956b71a2aa95af09f28fa36db3c3955d089796f6.zip

    2013-05-23 15:18:52 AB725CB9C757EC3906ECBF82F991FC7A 29677 —-a-w- C:\Users\koppert\Downloads\Ondertitel.com-4-Snitch-2013-BDRip-XviD-AN0NYM0US.zip

    2013-05-23 14:46:51 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 —-a-w- C:\Users\koppert\AppData\Roaming\Raptr\data\jordi1337\config\certificates\x509\tls_peers\xmpp-server7.raptr.com

    2013-05-23 14:46:47 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 —-a-w- C:\Users\koppert\AppData\Roaming\Raptr\data\jordi1337\config\certificates\x509\tls_peers\xmpp-server2.raptr.com

    2013-05-23 10:56:46 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 —-a-w- C:\Users\koppert\AppData\Roaming\Raptr\data\jordi1337\config\certificates\x509\tls_peers\xmpp-server5.raptr.com

    2013-05-23 08:37:16 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 —-a-w- C:\Users\koppert\AppData\Roaming\Raptr\data\jordi1337\config\certificates\x509\tls_peers\xmpp-server8.raptr.com

    2013-05-22 22:18:03 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 —-a-w- C:\Users\koppert\AppData\Roaming\Raptr\data\jordi1337\config\certificates\x509\tls_peers\xmpp-server4.raptr.com

    2013-05-22 18:16:13 0BB97D43299910CBFBA59C461B99B910 25928 —-a-w- C:\Windows\System32\drivers\mbam.sys

    2013-05-22 16:38:43 CEBB5A5A9638E71791AD3D84729938B2 121 —-a-w- C:\Windows\DeleteOnReboot.bat

    2013-05-22 11:24:32 613C29DBA2D59564527A4A568ED4B481 4860 —-a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip

    2013-05-22 11:24:32 613C29DBA2D59564527A4A568ED4B481 4860 —-a-w- C:\Backup My Data\All Users\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip

    2013-05-20 20:31:13 86BD57000A5CD2DFA3A939BD9D135D42 238 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\vtex.bat

    2013-05-20 20:31:07 BDA83C1C2CFA59B4C8FEBE9803B3717B 454 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\set_sdk_env.bat

    2013-05-20 20:31:00 F434B725B541E0F7ECB896FFF2409DC5 265 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\HLMV.bat

    2013-05-20 20:30:57 623B0B2CE9360BC3CD57EDDBE0ABB3EA 264 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\Hammer.bat

    2013-05-20 20:30:56 60B8D5BCECAAB70BBC4209178569EA8E 276 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\Faceposer.bat

    2013-05-20 20:30:54 1479DA9CB7BC8DC4C6B392749EC965DE 240 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\check_sdk_env.bat

    2013-05-20 20:30:23 1B958C1F563F4AF9F8340D074E012ABD 7255976 —-a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\itemtest.com

    2013-05-20 17:19:00 C13E49E66953F4DE54BE6AD1E7330ACB 7558318 —-a-w- C:\Program Files (x86)\Raptr\library.zip

    ==== Startup Registry Enabled ======================

    “Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”

    “Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”

    “GoogleChromeAutoLaunch_ACE26633DC755D76AF39CE01DFEF37D8”=“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe –no-startup-window”

    “TomTomHOME.exe”=“C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”

    “swg”=“C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

    “Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”

    “Raptr”=“C:\PROGRA~2\Raptr\raptrstub.exe –startup”

    “mctadmin”=“C:\Windows\System32\mctadmin.exe”

    “IAStorIcon”=“C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe”

    “CLMLServer”=“C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe”

    “BrMfcWnd”=“C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN”

    “ControlCenter3”=“C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun”

    “PWRISOVM.EXE”=“C:\Program Files (x86)\PowerISO\PWRISOVM.EXE”

    “BDRegion”=“C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe”

    “RemoteControl”=“C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe”

    “LanguageShortcut”=“C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe”

    “APSDaemon”=“C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”

    “iTunesHelper”=“C:\Program Files (x86)\iTunes\iTunesHelper.exe”

    “Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”

    “GoogleChromeAutoLaunch_ACE26633DC755D76AF39CE01DFEF37D8”=“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe –no-startup-window”

    “TomTomHOME.exe”=“C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”

    “swg”=“C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

    “Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”

    “Raptr”=“C:\PROGRA~2\Raptr\raptrstub.exe –startup”

    ==== Startup Registry Enabled x64 ======================

    “RTHDVCPL”=“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s”

    “egui”=“C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice”

    ==== Task Scheduler Jobs ======================

    C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==== Firefox Extensions ======================

    ProfilePath: C:\Users\koppert\AppData\Roaming\Mozilla\Firefox\Profiles\0638k6t5.default

    - Undetermined - C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1

    - Undetermined - C:\Program Files\IB Updater\Firefox

    - DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

    AppDir: C:\Program Files (x86)\Mozilla Firefox

    - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ==== Firefox Plugins ======================

    ==== Chrome Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

    ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.2.0.5\avg.crx

    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

    nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\koppert\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx

    DVDVideoSoft Browser Extension - koppert - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

    ==== Set IE to Default ======================

    Old Values:

    “Start Page”=“http://www.google.nl/”

    New Values:

    “Start Page”=“http://www.google.nl/”

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

    “DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”

    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR”

    {2B675658-493F-4B1B-B497-C210AA17D7A4} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_nlNL492”

    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

    ==== HijackThis Entries ======================

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: IconixBHOClass Class - {761233B6-F228-49E4-8F6B-668499D4E55A} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

    O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe”

    O4 - HKLM\..\Run: C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

    O4 - HKLM\..\Run: C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun

    O4 - HKLM\..\Run: C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

    O4 - HKLM\..\Run: C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

    O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe”

    O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe”

    O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”

    O4 - HKLM\..\Run: “C:\Program Files (x86)\iTunes\iTunesHelper.exe”

    O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –no-startup-window

    O4 - HKCU\..\Run: “C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”

    O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

    O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun

    O4 - HKCU\..\Run: C:\PROGRA~2\Raptr\raptrstub.exe –startup

    O4 - HKUS\S-1-5-21-2579152848-2309383289-322844936-1001\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)

    O4 - HKUS\S-1-5-21-2579152848-2309383289-322844936-1001\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)

    O4 - HKUS\S-1-5-21-2579152848-2309383289-322844936-1001\..\RunOnce: C:\Windows\Web\Wallpaper\MEDION\start.vbs (User ‘UpdatusUser’)

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing)

    O9 - Extra ‘Tools’ menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing)

    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: (no name) - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll

    O9 - Extra ‘Tools’ menuitem: Email ID Preferences - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll

    O9 - Extra button: (no name) - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll

    O9 - Extra ‘Tools’ menuitem: About Email ID - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll

    O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)

    O9 - Extra ‘Tools’ menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)

    O9 - Extra button: Casino La Vida - {11E47561-BAE2-4F72-8213-8818E62BB124} - C:\Microgaming\Casino\casinolavida\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: Jackpot City - {2E9CD141-9025-4018-802A-8F3DEF6B07FC} - C:\Microgaming\Casino\jackpotcity\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: UK Casino Club - {309B0300-0C8A-4A4C-8610-E6DCC6150B6F} - C:\Microgaming\Casino\UKCasinoClub\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: King Neptunes - {41B00985-B707-4422-882E-9418812B0736} - C:\Microgaming\Casino\KingNeptunes\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: Lucky Nugget Casino - {525A59B5-5432-492C-9063-D168EFDBC4BE} - C:\Microgaming\Casino\LuckyNugget\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: Captain Cooks Casino - {7FC4233C-B0D1-41F4-998E-9F1470EA21D9} - C:\Microgaming\Casino\CaptainCooks\casinogame.exe (file missing) (HKCU)

    O9 - Extra button: Gaming Club - {C59EF4A1-3B78-4F58-8BDA-1C530689F32F} - C:\Microgaming\Casino\GamingClub\casinogame.exe (file missing) (HKCU)

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: Accelerated graphics

    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

    O23 - Service: Iconix Update Service (IconixService) - Unknown owner - C:\Program Files (x86)\Common Files\Iconix\IconixService.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: vToolbarUpdater15.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    ==== Empty IE Cache ======================

    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\koppert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\koppert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

    C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    ==== Empty FireFox Cache ======================

    C:\users\koppert\AppData\Local\Mozilla\Firefox\Profiles\0638k6t5.default\Cache emptied successfully

    ==== Empty Chrome Cache ======================

    C:\users\koppert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied

    C:\Users\koppert\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== EOF on do 23-05-2013 at 20:20:49,71 ======================

    Groetjes,

    Marion

  • Ben

    Hallo,

    Download de Junkware Removal Tool by Thisisu naar je bureaublad

    • Het is aanbevolen om beveiligingssoftware tijdelijk uit te schakelen, deze kan namelijk conflicteren met JRT.exe

    • Windows XP: Start de tool doormiddel van dubbelklik.

    • Windows Vista/7/8: Rechtsklik JRT.exe en kies voor “Uitvoeren als administrator”.

    • De tool zal daarna je systeem scannen.

    • De scan kan afhankelijk van je systeemspecificaties soms vrij lang duren, wacht geduldig af.

    • Als de scan voltooid is zal een logje (JRT.txt) op je bureaublad opgeslagen worden en automatisch openen.

    • Post de inhoud van deze log in je volgende bericht.

    Vertel meteen hoe hert hierna gaat.(je heb een pb)

    Gr.Ben

  • Marion Koppert

    Hoi Ben,

    Je hebt pb terug.

    Hier mijn logje:

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Junkware Removal Tool (JRT) by Thisisu

    Version: 4.9.4 (05.06.2013:1)

    OS: Windows 7 Home Premium x64

    Ran by koppert on do 23-05-2013 at 20:53:31,47

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ~~~ Services

    ~~~ Registry Values

    ~~~ Registry Keys

    ~~~ Files

    ~~~ Folders

    ~~~ FireFox

    Emptied folder: C:\Users\koppert\AppData\Roaming\mozilla\firefox\profiles\0638k6t5.default\minidumps

    ~~~ Event Viewer Logs were cleared

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Scan was completed on do 23-05-2013 at 20:56:11,07

    End of JRT log

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Internet Explore gaat weer goed nu, mijn favorieten kon ik niet openen,nu weer wel. Mozilla Firefox blijft problemen geven, kan ik niet openen. Misschien verwijderen en opnieuw installeren? Kan dat natuurlijk altijd eens proberen.

    Groetjes en bedankt zover,

    Marion

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.