Hallo Frans.
Ik heb verder geen idee meer waar ik het moet zoeken.
Zoals ik eerder aangaf is er niet in Office maar binnen Windows iets verkeerd gegaan.
Als er via de malwarescanners en virusscanners niets gevonden is dan is de enige oplossing een schone install.
Maar dat is natuurlijk afhankelijk van hoe belangrijk je bestanden zijn van Office.
Zelf heb ik voor zo'n situatie altijd een imagebestand van C op de externe drive, scheelt een hoop werk.
Hoi Huib,
Je gelooft het vast niet maar ik heb de computer een paar dagen helemaal niet aangekeken. Ik zag het eigenlijk niet zitten om alles er weer af te halen en dan weer opnieuw te beginnen.
Start ik de PC weer op heb ik ineens weer zo'n politievirus en kan ik helemaal niets meer en dat terwijl ik er sinds ons laatste contact helemaal niets meer mee heb gedaan.
Al balend toch maar weer alle scanners eroverheen gehaald. Hij is nu wel weg maar voor ik ook maar iets ga doen zou ik het op prijs stellen als je de logjes wilt nakijken.
Ik had weer drie Trojan's
Frans
# AdwCleaner v2.306 - Verslag gemaakt op 12/08/2013 om 20:14:39
# Geactualiseerd op 19/07/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Frans - FRANS-PC
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Frans\Desktop\adwcleaner.exe
# Optie
***** *****
***** *****
***** *****
***** *****
-\\ Internet Explorer v10.0.9200.16635
Het register bevat geen enkele ongeoorloofde invoer.
-\\ Mozilla Firefox v22.0 (nl)
File : C:\Users\Frans\AppData\Roaming\Mozilla\Firefox\Profiles\3ejk19s3.default\prefs.js
De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
Logfile of random's system information tool 1.09 (written by random/random)
Run by Frans at 2013-08-12 21:44:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 525 GB (56%) free of 941 GB
Total RAM: 6071 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:44:19, on 12-8-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Sitecom\Common\RaUI.exe
C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\trend micro\Frans.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM\..\Run: C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG\AVG2013\avgui.exe” /TRAYONLY
O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe” -launchedbylogin
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files (x86)\Sitecom\Common\RaUI.exe
O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra ‘Tools’ menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hitachi Backup Service (HitachiBackupService) - Hitachi GST - C:\Program Files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SessionLauncher - Unknown owner - C:\Users\Frans\AppData\Local\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (file missing)
O23 - Service: vToolbarUpdater15.0.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 11694 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=7e0ef12d-75a7-4f7e-a87e-0b623ec5b62d /coreSdkOptions=4382 /logConfFile=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\ec8e7d4a-b041-4e53-9317-3308ba377533-1b8-oopp.tmp” /loggerName=AVG.RS.Core /binaryPath=“C:\Program Files (x86)\AVG\AVG2013\” /registryPath=“SYSTEM\CurrentControlSet\Services\Avg\Avg2013” /tempPath=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\”
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 24861344
\??\C:\Windows\system32\conhost.exe "-203542140-1299634829197605374-9440609091220066778-1634470651211839334-210689987
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”
“C:\Windows\system32\Dwm.exe”
C:\Windows\Explorer.EXE
“taskhost.exe”
“C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe”
“C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe”
“C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe”
“C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe”
“C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE”
C:\Windows\SysWOW64\svchost.exe -k netsvcs
“C:\Program Files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe”
“c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe”
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe”
“C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe” /background
“C:\Program Files\Logitech\SetPointP\SetPoint.exe” /launchGaming
“C:\Program Files\Windows Sidebar\sidebar.exe” /autoRun
“C:\Program Files (x86)\Sitecom\Common\RaUI.exe” -s
“C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe”
“C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe”
“C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe”
“C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe”
“C:\Program Files (x86)\AVG\AVG2013\avgui.exe” /TRAYONLY
KHALMNPR.EXE /API
“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe”
“C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe”
“C:\Program Files (x86)\AVG\AVG2013\avgemca.exe”
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe” /starttray
“C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe”
“C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe”
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {9F669DD6-BB20-41AA-BC4C-AA3300C5EBE2}
“C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe”
“c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe”
“C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe”
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
“C:\Program Files (x86)\Mozilla Firefox\firefox.exe”
“C:\Windows\System32\WUDFHost.exe” -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e951112b-c02d-4797-a4eb-ea9b96de03ee -SystemEventPortName:HostProcess-e8754968-e669-49ef-b104-27c6380ef294 -IoCancelEventPortName:HostProcess-8174256c-eba1-4553-89b0-72dd348b2aa0 -NonStateChangingEventPortName:HostProcess-fc8342e6-afda-47e4-9de2-e5a5b4303fcd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ca98a3bb-adc9-4eef-b7b7-32655a74d075 -DeviceGroupId:WpdFsGroup
“C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM”
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
“C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe” Local\{8C56E2A9-ABF3-488D-BDD2-3FC8B4071503}
“C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe” 0
“C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe”
“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
“C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe”
“C:\Users\Frans\Desktop\RSITx64.exe”
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HP Photo Creations Messager.job
C:\Windows\tasks\HPCeeScheduleForFRANS-PC$.job
C:\Windows\tasks\PCDRScheduledMaintenance.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Frans\AppData\Roaming\Mozilla\Firefox\Profiles\3ejk19s3.default
prefs.js - “browser.startup.homepage” - “http://www.geocaching.com/”
prefs.js - “extensions.enabledItems” - “{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3, DeviceDetection@logitech.com:1.20.0.66, avg@igeared:6.103.018.001, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15”
“Description”=Adobe® Flash® Player 11.8.800.94 Plugin
“Path”=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
“Description”=Canon MycameraPlugin
“Path”=C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
“Description”=Garmin GPS Control for Firefox
“Path”=C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
“Description”=Google Earth in your browser
“Path”=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
“Description”=Java™ Deployment Toolkit
“Path”=C:\Windows\SysWOW64\npDeployJava1.dll
“Description”=Oracle® Next Generation Java™ Plug-In
“Path”=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
“Description”=
“Path”=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
“Description”=Adobe® Flash® Player 11.8.800.94 Plugin
“Path”=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
“Description”=
“Path”=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
“Description”=
“Path”=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Users\Frans\AppData\Roaming\Mozilla\Firefox\Profiles\3ejk19s3.default\extensions\
DeviceDetection@logitech.com
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
C:\Users\Frans\AppData\Roaming\Mozilla\Firefox\Profiles\3ejk19s3.default\searchplugins\
Startpins.xml
======Registry dump======
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
“SmartMenu”=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
“PC-Doctor for Windows localizer”=C:\Program Files\PC-Doctor for Windows\localizer.exe
“AdobeAAMUpdater-1.0”=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
“EvtMgr6”=C:\Program Files\Logitech\SetPointP\SetPoint.exe
“Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe
“hpsysdrv”=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
“IAStorIcon”=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
“StartCCC”=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
“Easybits Recovery”=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
“RoxWatchTray”=C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
“AVG_UI”=C:\Program Files (x86)\AVG\AVG2013\avgui.exe
“SwitchBoard”=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
“AdobeCS6ServiceManager”=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
“SunJavaUpdateSched”=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
“Adobe ARM”=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Sitecom Wireless Utility.lnk - C:\Program Files (x86)\Sitecom\Common\RaUI.exe
Spyder3Utility.lnk - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableLUA”=0
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableSecureUIAPath”=1
“NoDrives”=0
“NoDrives”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“vidc.uyvy”=msyuv.dll
“vidc.yuy2”=msyuv.dll
“vidc.yvyu”=msyuv.dll
“vidc.iyuv”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“vidc.yvu9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“wave2”=wdmaud.drv
“midi2”=wdmaud.drv
“mixer2”=wdmaud.drv
“aux2”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-08-12 20:32:50 —-D—- C:\Program Files (x86)\ESET
2013-08-12 20:14:39 —-A—- C:\AdwCleaner.txt
2013-08-08 16:26:08 —-N—- C:\bootsqm.dat
2013-07-31 16:26:39 —-D—- C:\Windows\Sun
2013-07-30 20:31:30 —-D—- C:\Program Files (x86)\Microsoft Visual Studio
2013-07-30 20:31:20 —-D—- C:\Windows\PCHEALTH
2013-07-30 20:30:12 —-D—- C:\Program Files\Microsoft Office
2013-07-30 20:29:16 —-RHD—- C:\MSOCache
2013-07-28 08:36:50 —-SHD—- C:\$RECYCLE.BIN
2013-07-28 08:15:00 —-D—- C:\Windows\Temp
2013-07-28 08:15:00 —-A—- C:\Windows\zoek-delete.exe
2013-07-28 08:14:48 —-D—- C:\Program Files (x86)\HiJackThis
2013-07-27 22:59:02 —-A—- C:\Windows\zip.exe
2013-07-27 22:59:02 —-A—- C:\Windows\SWSC.exe
2013-07-27 22:59:02 —-A—- C:\Windows\SWREG.exe
2013-07-27 22:59:02 —-A—- C:\Windows\sed.exe
2013-07-27 22:59:02 —-A—- C:\Windows\PEV.exe
2013-07-27 22:59:02 —-A—- C:\Windows\NIRCMD.exe
2013-07-27 22:59:02 —-A—- C:\Windows\MBR.exe
2013-07-27 22:59:02 —-A—- C:\Windows\grep.exe
2013-07-27 22:59:00 —-D—- C:\ComboFix
2013-07-27 22:58:56 —-D—- C:\Qoobox
2013-07-27 17:38:17 —-D—- C:\rsit
2013-07-27 14:46:07 —-D—- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-27 14:46:07 —-A—- C:\Windows\system32\drivers\mbam.sys
2013-07-20 15:57:17 —-D—- C:\Program Files (x86)\GCTool
2013-07-20 01:51:00 —-A—- C:\Windows\system32\drivers\avgloga.sys
2013-07-20 01:50:56 —-A—- C:\Windows\system32\drivers\avgidsha.sys
2013-07-20 01:50:56 —-A—- C:\Windows\system32\drivers\avgidsdrivera.sys
2013-07-20 01:50:50 —-A—- C:\Windows\system32\drivers\avgldx64.sys
======List of files/folders modified in the last 1 month======
2013-08-13 06:00:16 —-D—- C:\Windows\Tasks
2013-08-13 06:00:16 —-D—- C:\Windows\SysWOW64
2013-08-13 06:00:16 —-D—- C:\Windows\system32\wfp
2013-08-13 06:00:16 —-D—- C:\Windows\system32\wbem
2013-08-13 06:00:16 —-D—- C:\Windows\system32\DriverStore
2013-08-13 06:00:16 —-D—- C:\Windows\system32\catroot2
2013-08-13 06:00:16 —-D—- C:\Windows
2013-08-13 06:00:15 —-D—- C:\Windows\system32\CodeIntegrity
2013-08-13 06:00:14 —-D—- C:\Windows\AppCompat
2013-08-13 06:00:14 —-D—- C:\ProgramData\Microsoft Help
2013-08-13 06:00:10 —-D—- C:\Windows\registration
2013-08-13 05:57:12 —-D—- C:\Windows\system32\LogFiles
2013-08-12 21:44:14 —-D—- C:\Program Files\trend micro
2013-08-12 20:58:46 —-D—- C:\Program Files (x86)\Mozilla Firefox
2013-08-12 20:43:50 —-D—- C:\Windows\system32\config
2013-08-12 20:32:50 —-RD—- C:\Program Files (x86)
2013-08-12 20:27:38 —-D—- C:\Users\Frans\AppData\Roaming\HpUpdate
2013-08-12 20:27:38 —-D—- C:\Users\Frans\AppData\Roaming\HP Support Assistant
2013-08-12 20:06:46 —-D—- C:\ProgramData\MFAData
2013-08-12 20:06:20 —-D—- C:\Windows\System32
2013-08-12 20:06:20 —-D—- C:\Windows\inf
2013-08-12 20:06:20 —-A—- C:\Windows\system32\PerfStringBackup.INI
2013-08-12 20:05:13 —-SHD—- C:\Windows\Installer
2013-08-06 16:42:52 —-D—- C:\Windows\Prefetch
2013-07-31 21:21:30 —-SHD—- C:\System Volume Information
2013-07-31 18:34:52 —-D—- C:\Windows\SYSWOW64\drivers
2013-07-31 18:30:20 —-D—- C:\Windows\system32\drivers
2013-07-31 17:21:30 —-D—- C:\Windows\winsxs
2013-07-31 17:00:34 —-RSD—- C:\Windows\assembly
2013-07-31 16:59:22 —-A—- C:\Windows\win.ini
2013-07-30 20:31:43 —-D—- C:\Program Files (x86)\Microsoft Works
2013-07-30 20:31:33 —-D—- C:\Program Files (x86)\Microsoft Office
2013-07-30 20:31:30 —-D—- C:\Program Files (x86)\Common Files
2013-07-30 20:31:23 —-RSD—- C:\Windows\Fonts
2013-07-30 20:31:20 —-D—- C:\Program Files (x86)\Microsoft.NET
2013-07-30 20:30:53 —-D—- C:\Program Files\Common Files\Microsoft Shared
2013-07-30 20:30:12 —-RD—- C:\Program Files
2013-07-30 20:30:03 —-D—- C:\Windows\ShellNew
2013-07-28 14:55:39 —-A—- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-07-28 13:25:17 —-D—- C:\Program Files (x86)\Google
2013-07-28 11:38:58 —-A—- C:\Windows\ntbtlog.txt
2013-07-28 08:11:25 —-D—- C:\ProgramData
2013-07-27 23:09:11 —-A—- C:\Windows\system.ini
2013-07-27 23:06:41 —-D—- C:\Windows\AppPatch
2013-07-27 06:56:18 —-A—- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-07-25 16:53:59 —-RD—- C:\Program Files (x86)\Online Services
2013-07-25 16:53:59 —-HD—- C:\Program Files (x86)\Uninstall Information
2013-07-25 16:53:59 —-HD—- C:\Program Files (x86)\Temp
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\WinGDB3
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Windows Photo Viewer
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Windows Media Player
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Windows Mail
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Windows Defender
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Reference Assemblies
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Realtek
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\ProtectDisc Driver Installer
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Oracle
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\MSBuild
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\MozBackup
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Microsoft Sync Framework
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Microsoft Silverlight
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Java
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Intel
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\HP Photo Creations
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Garmin
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\EasyBits For Kids
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Datacolor
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\Cyberlink
2013-07-25 16:53:59 —-D—- C:\Program Files (x86)\ATI Technologies
2013-07-15 16:14:58 —-D—- C:\Windows\system32\Tasks
2013-07-15 16:08:32 —-A—- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys
R3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\Windows\system32\DRIVERS\SNTUSB64.SYS
R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys
S1 A2DDA;A2 Direct Disk Access Support Driver; \??\K:\EmsisoftEmergencyKit\Run\a2ddax64.sys
S1 RxFilter;RxFilter; C:\Windows\system32\DRIVERS\RxFilter.sys
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
S3 Spyder3;Datacolor Spyder3; C:\Windows\system32\DRIVERS\Spyder3.sys
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys
S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe
R2 HitachiBackupService;Hitachi Backup Service; C:\Program Files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe
R2 RoxWatch10;Roxio Hard Drive Watcher 10; C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
R3 RoxMediaDB10;RoxMediaDB10; C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
S2 RoxLiveShare10;LiveShare P2P Server 10; C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
S2 SessionLauncher;SessionLauncher; C:\Users\Frans\AppData\Local\Temp\DX9\SessionLauncher.exe
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
S2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
—————–EOF—————–
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.08.12.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Frans :: FRANS-PC
12-8-2013 20:19:01
mbam-log-2013-08-12 (20-19-01).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 225080
Verstreken tijd: 7 minuut/minuten, 7 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 2
C:\Users\Frans\AppData\Roaming\cache.dat (Trojan.MalPack.gen) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Frans\AppData\Local\Temp\md4MPZJ4.zip.part (Trojan.MalPack.gen) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
Hallo Huib,
Het heeft even geduurd want het wilde niet helemaal lukken.
Bijgaand het logje van Combo fix
Van het windows onderhoudscentrum krijg ik de volgende mededeling
Update voor SafeNet USB SuperPro/UltraPro downloaden
SafeNet USB SuperPro/UltraPro werkt niet meer naar behoren.
Er is een update beschikbaar waarmee dit probleem wordt opgelost.
Moet ik dit doen?
Ook krijg ik het bericht dat windows security center is uitgeschakeld alleen als ik op inschakelen klik krijg ik een foutmelding
Frans
ComboFix 13-08-13.02 - Frans 13-08-2013 21:22:36.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6071.4463
Gestart vanuit: c:\users\Frans\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-07-13 to 2013-08-13 ))))))))))))))))))))))))))))))
.
.
2013-08-13 19:26 . 2013-08-13 19:26 ——– d—–w- c:\users\Public\AppData\Local\temp
2013-08-13 19:26 . 2013-08-13 19:26 ——– d—–w- c:\users\Default\AppData\Local\temp
2013-08-12 18:32 . 2013-08-12 18:32 ——– d—–w- c:\program files (x86)\ESET
2013-07-31 14:26 . 2013-07-31 14:26 ——– d—–w- c:\windows\Sun
2013-07-30 18:31 . 2013-07-30 18:31 ——– d—–w- c:\windows\PCHEALTH
2013-07-30 18:30 . 2013-07-30 18:30 ——– d—–w- c:\program files\Microsoft Office
2013-07-30 18:29 . 2013-07-30 18:29 ——– d—–r- C:\MSOCache
2013-07-28 06:15 . 2013-08-13 19:25 ——– d—–w- c:\users\Frans\AppData\Local\Temp
2013-07-28 06:15 . 2013-07-28 06:07 24064 —-a-w- c:\windows\zoek-delete.exe
2013-07-27 15:38 . 2013-07-27 15:40 ——– d—–w- C:\rsit
2013-07-27 12:46 . 2013-07-27 12:46 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-27 12:46 . 2013-04-04 12:50 25928 —-a-w- c:\windows\system32\drivers\mbam.sys
2013-07-25 14:38 . 2013-07-25 14:38 ——– d—–w- c:\users\Frans\AppData\Local\kIvwoQsE
2013-07-25 14:38 . 2013-07-25 14:53 ——– d—–w- c:\users\Frans\AppData\Local\Dirty
2013-07-25 14:38 . 2013-07-25 14:38 ——– d—–w- c:\users\Frans\AppData\Local\sPoYELNv
2013-07-20 13:58 . 2013-07-20 13:58 ——– d—–w- c:\users\Frans\AppData\Local\By_Gpsgek
2013-07-20 13:57 . 2013-07-20 13:57 ——– d—–w- c:\program files (x86)\GCTool
2013-07-19 23:51 . 2013-07-19 23:51 311608 —-a-w- c:\windows\system32\drivers\avgloga.sys
2013-07-19 23:50 . 2013-07-19 23:50 71480 —-a-w- c:\windows\system32\drivers\avgidsha.sys
2013-07-19 23:50 . 2013-07-19 23:50 246072 —-a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-07-19 23:50 . 2013-07-19 23:50 206648 —-a-w- c:\windows\system32\drivers\avgldx64.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-13 15:09 . 2012-07-13 06:26 79672 —-a-w- c:\windows\system32\drivers\AFD.SYS
2013-08-13 15:09 . 2009-07-14 00:10 79672 —-a-w- c:\windows\system32\drivers\WS2IFSL.SYS
2013-07-15 14:08 . 2012-07-14 22:19 71048 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-15 14:08 . 2012-07-14 22:19 692104 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-10 15:07 . 2012-07-16 01:52 78185248 —-a-w- c:\windows\system32\MRT.exe
2013-07-09 23:32 . 2013-07-09 23:32 45880 —-a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-06-30 23:45 . 2013-06-30 23:45 116536 —-a-w- c:\windows\system32\drivers\avgmfx64.sys
2013-06-14 12:30 . 2013-06-14 12:30 53248 —-a-r- c:\users\Frans\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-06-14 12:30 . 2012-07-15 09:12 18960 —-a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-06-12 19:48 . 2012-07-18 19:02 867240 —-a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:48 . 2012-07-18 19:02 789416 —-a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-12 19:47 . 2013-06-19 14:43 96168 —-a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-11 23:43 . 2013-07-10 15:06 1767936 —-a-w- c:\windows\SysWow64\wininet.dll
2013-06-11 23:43 . 2013-07-10 15:06 2877440 —-a-w- c:\windows\SysWow64\jscript9.dll
2013-06-11 23:42 . 2013-07-10 15:06 61440 —-a-w- c:\windows\SysWow64\iesetup.dll
2013-06-11 23:42 . 2013-07-10 15:06 109056 —-a-w- c:\windows\SysWow64\iesysprep.dll
2013-06-11 23:26 . 2013-07-10 15:06 51712 —-a-w- c:\windows\system32\ie4uinit.exe
2013-06-11 23:26 . 2013-07-10 15:06 2241024 —-a-w- c:\windows\system32\wininet.dll
2013-06-11 23:26 . 2013-07-10 15:06 1365504 —-a-w- c:\windows\system32\urlmon.dll
2013-06-11 23:25 . 2013-07-10 15:05 19238912 —-a-w- c:\windows\system32\mshtml.dll
2013-06-11 23:25 . 2013-07-10 15:06 603136 —-a-w- c:\windows\system32\msfeeds.dll
2013-06-11 23:25 . 2013-07-10 15:06 855552 —-a-w- c:\windows\system32\jscript.dll
2013-06-11 23:25 . 2013-07-10 15:06 3958784 —-a-w- c:\windows\system32\jscript9.dll
2013-06-11 23:25 . 2013-07-10 15:06 53248 —-a-w- c:\windows\system32\jsproxy.dll
2013-06-11 23:25 . 2013-07-10 15:06 67072 —-a-w- c:\windows\system32\iesetup.dll
2013-06-11 23:25 . 2013-07-10 15:06 526336 —-a-w- c:\windows\system32\ieui.dll
2013-06-11 23:25 . 2013-07-10 15:06 39936 —-a-w- c:\windows\system32\iernonce.dll
2013-06-11 23:25 . 2013-07-10 15:06 2648576 —-a-w- c:\windows\system32\iertutil.dll
2013-06-11 23:25 . 2013-07-10 15:06 136704 —-a-w- c:\windows\system32\iesysprep.dll
2013-06-11 23:25 . 2013-07-10 15:05 15404032 —-a-w- c:\windows\system32\ieframe.dll
2013-06-11 22:51 . 2013-07-10 15:06 71680 —-a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50 . 2013-07-10 15:06 89600 —-a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-07 03:22 . 2013-07-10 15:06 2706432 —-a-w- c:\windows\system32\mshtml.tlb
2013-06-07 02:37 . 2013-07-10 15:06 2706432 —-a-w- c:\windows\SysWow64\mshtml.tlb
2013-06-05 03:34 . 2013-07-10 14:15 3153920 —-a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 14:16 624128 —-a-w- c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 14:16 509440 —-a-w- c:\windows\SysWow64\qedit.dll
2013-05-24 22:35 . 2013-05-24 22:35 226304 —-a-w- c:\windows\system32\elshyph.dll
2013-05-24 22:35 . 2013-05-24 22:35 185344 —-a-w- c:\windows\SysWow64\elshyph.dll
2013-05-24 22:35 . 2013-05-24 22:35 158720 —-a-w- c:\windows\SysWow64\msls31.dll
2013-05-24 22:35 . 2013-05-24 22:35 1054720 —-a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-24 22:35 . 2013-05-24 22:35 73728 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-24 22:35 . 2013-05-24 22:35 719360 —-a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-24 22:35 . 2013-05-24 22:35 523264 —-a-w- c:\windows\SysWow64\vbscript.dll
2013-05-24 22:35 . 2013-05-24 22:35 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-24 22:35 . 2013-05-24 22:35 38400 —-a-w- c:\windows\SysWow64\imgutil.dll
2013-05-24 22:35 . 2013-05-24 22:35 150528 —-a-w- c:\windows\SysWow64\iexpress.exe
2013-05-24 22:35 . 2013-05-24 22:35 138752 —-a-w- c:\windows\SysWow64\wextract.exe
2013-05-24 22:35 . 2013-05-24 22:35 137216 —-a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-24 22:35 . 2013-05-24 22:35 12800 —-a-w- c:\windows\SysWow64\mshta.exe
2013-05-24 22:35 . 2013-05-24 22:35 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-24 22:35 . 2013-05-24 22:35 61952 —-a-w- c:\windows\SysWow64\tdc.ocx
2013-05-24 22:35 . 2013-05-24 22:35 361984 —-a-w- c:\windows\SysWow64\html.iec
2013-05-24 22:35 . 2013-05-24 22:35 23040 —-a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-24 22:35 . 2013-05-24 22:35 197120 —-a-w- c:\windows\system32\msrating.dll
2013-05-24 22:35 . 2013-05-24 22:35 1441280 —-a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-24 22:35 . 2013-05-24 22:35 81408 —-a-w- c:\windows\system32\icardie.dll
2013-05-24 22:35 . 2013-05-24 22:35 762368 —-a-w- c:\windows\system32\ieapfltr.dll
2013-05-24 22:35 . 2013-05-24 22:35 452096 —-a-w- c:\windows\system32\dxtmsft.dll
2013-05-24 22:35 . 2013-05-24 22:35 441856 —-a-w- c:\windows\system32\html.iec
2013-05-24 22:35 . 2013-05-24 22:35 281600 —-a-w- c:\windows\system32\dxtrans.dll
2013-05-24 22:35 . 2013-05-24 22:35 216064 —-a-w- c:\windows\system32\msls31.dll
2013-05-24 22:35 . 2013-05-24 22:35 1400416 —-a-w- c:\windows\system32\ieapfltr.dat
2013-05-24 22:35 . 2013-05-24 22:35 905728 —-a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-24 22:35 . 2013-05-24 22:35 270848 —-a-w- c:\windows\system32\iedkcs32.dll
2013-05-24 22:35 . 2013-05-24 22:35 235008 —-a-w- c:\windows\system32\url.dll
2013-05-24 22:35 . 2013-05-24 22:35 1509376 —-a-w- c:\windows\system32\inetcpl.cpl
2013-05-24 22:35 . 2013-05-24 22:35 97280 —-a-w- c:\windows\system32\mshtmled.dll
2013-05-24 22:35 . 2013-05-24 22:35 599552 —-a-w- c:\windows\system32\vbscript.dll
2013-05-24 22:35 . 2013-05-24 22:35 27648 —-a-w- c:\windows\system32\licmgr10.dll
2013-05-24 22:35 . 2013-05-24 22:35 247296 —-a-w- c:\windows\system32\webcheck.dll
2013-05-24 22:35 . 2013-05-24 22:35 173568 —-a-w- c:\windows\system32\ieUnatt.exe
2013-05-24 22:35 . 2013-05-24 22:35 167424 —-a-w- c:\windows\system32\iexpress.exe
2013-05-24 22:35 . 2013-05-24 22:35 149504 —-a-w- c:\windows\system32\occache.dll
2013-05-24 22:35 . 2013-05-24 22:35 144896 —-a-w- c:\windows\system32\wextract.exe
2013-05-24 22:35 . 2013-05-24 22:35 102912 —-a-w- c:\windows\system32\inseng.dll
2013-05-24 22:35 . 2013-05-24 22:35 92160 —-a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-24 22:35 . 2013-05-24 22:35 62976 —-a-w- c:\windows\system32\pngfilt.dll
2013-05-24 22:35 . 2013-05-24 22:35 52224 —-a-w- c:\windows\system32\msfeedsbs.dll
2013-05-24 22:35 . 2013-05-24 22:35 51200 —-a-w- c:\windows\system32\imgutil.dll
2013-05-24 22:35 . 2013-05-24 22:35 48640 —-a-w- c:\windows\system32\mshtmler.dll
2013-05-24 22:35 . 2013-05-24 22:35 13824 —-a-w- c:\windows\system32\mshta.exe
2013-05-24 22:35 . 2013-05-24 22:35 136192 —-a-w- c:\windows\system32\iepeers.dll
2013-05-24 22:35 . 2013-05-24 22:35 135680 —-a-w- c:\windows\system32\IEAdvpack.dll
2013-05-24 22:35 . 2013-05-24 22:35 12800 —-a-w- c:\windows\system32\msfeedssync.exe
2013-05-24 22:35 . 2013-05-24 22:35 77312 —-a-w- c:\windows\system32\tdc.ocx
2013-05-24 22:34 . 2013-05-24 22:34 9728 —ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 5632 —ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 4096 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 4096 —ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3072 —ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 9728 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 5632 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 5632 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 5632 —ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3584 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3584 —ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3072 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3072 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3072 —ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”
.
“hpsysdrv”=“c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe”
“IAStorIcon”=“c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe”
“StartCCC”=“c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
“Easybits Recovery”=“c:\program files (x86)\EasyBits For Kids\ezRecover.exe”
“RoxWatchTray”=“c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe”
“AVG_UI”=“c:\program files (x86)\AVG\AVG2013\avgui.exe”
“SwitchBoard”=“c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe”
“AdobeCS6ServiceManager”=“c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe”
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe”
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe -s
Spyder3Utility.lnk - c:\program files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
.
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableLUA”= 0 (0x0)
“EnableUIADesktopToggle”= 0 (0x0)
“EnableSecureUIAPath”= 1 (0x1)
.
“HP Software Update”=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
“Adobe Reader Speed Launcher”=“c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe”
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe”
.
R1 A2DDA;A2 Direct Disk Access Support Driver;k:\emsisoftemergencykit\Run\a2ddax64.sys;k:\emsisoftemergencykit\Run\a2ddax64.sys
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe
R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
R2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
R2 SessionLauncher;SessionLauncher;c:\users\Frans\AppData\Local\Temp\DX9\SessionLauncher.exe;c:\users\Frans\AppData\Local\Temp\DX9\SessionLauncher.exe
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
R2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys;c:\windows\SYSNATIVE\DRIVERS\Spyder3.sys
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
S2 HitachiBackupService;Hitachi Backup Service;c:\program files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe;c:\program files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys;c:\windows\SYSNATIVE\Drivers\Sentinel64.sys
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys
S3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;c:\windows\system32\DRIVERS\SNTUSB64.SYS;c:\windows\SYSNATIVE\DRIVERS\SNTUSB64.SYS
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Inhoud van de ‘Gedeelde Taken’ map
.
2013-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
.
2013-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
2013-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
2013-08-13 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe
.
2013-07-23 c:\windows\Tasks\HPCeeScheduleForFRANS-PC$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
.
2013-06-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe
.
.
——— X64 Entries ———–
.
.
“SmartMenu”=“c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe”
“PC-Doctor for Windows localizer”=“c:\program files\PC-Doctor for Windows\localizer.exe”
“AdobeAAMUpdater-1.0”=“c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
“EvtMgr6”=“c:\program files\Logitech\SetPointP\SetPoint.exe”
.
——- Bijkomende Scan ——-
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Frans\AppData\Roaming\Mozilla\Firefox\Profiles\3ejk19s3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.geocaching.com/
FF - ExtSQL: 2013-06-14 14:30; {F003DA68-8256-4b37-A6C4-350FA04494DF}; c:\program files\Logitech\SetPointP\LogiSmoothFirefoxExt
.
- - - - ORPHANS VERWIJDERD - - - -
.
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx”
“ThreadingModel”=“Apartment”
.
@=“0”
.
@=“ShockwaveFlash.ShockwaveFlash.11”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“ShockwaveFlash.ShockwaveFlash”
.
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx”
“ThreadingModel”=“Apartment”
.
@=“FlashFactory.FlashFactory.1”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“FlashFactory.FlashFactory”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-08-13 21:28:32
ComboFix-quarantined-files.txt 2013-08-13 19:28
.
Pre-Run: 549.512.531.968 bytes beschikbaar
Post-Run: 549.449.207.808 bytes beschikbaar
.
- - End Of File - - 99AA393CE795EB2191E7E46A17DE26A5
D41D8CD98F00B204E9800998ECF8427E
Hoi Frans,
Je schreef o.a.:
>>>Update voor SafeNet USB SuperPro/UltraPro downloaden
SafeNet USB SuperPro/UltraPro werkt niet meer naar behoren.
Er is een update beschikbaar waarmee dit probleem wordt opgelost.
Moet ik dit doen? <<<
Ja, maar pas als we klaar zijn met het schoonmaken van jou computer.
Dit is van jou USB
Combo heeft wat gevonden, maar dit gaan we met zoek exe verwijderen (dit schrijf ik om verwarring te voorkomen).
Doe het volgende:
Download zoek.exe naar het bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze in conflict komen met zoek.exe
Dubbelklik op Zoek.exe om de tool te starten.
Kopieer nu het onderstaande vet gedrukte code en plak die in het grote invulvenster.
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
firefoxlook;
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
c:\users\Frans\AppData\Local\kIvwoQsE;f
c:\users\Frans\AppData\Local\Dirty;f
c:\users\Frans\AppData\Local\sPoYELNv;f
Klik nu op de knop “Run script”.
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze nodig is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht.
Vertel gelijk hoe het nu is met jou probleem.
Succes,
Huib;)
Hoi
Wat er is gebeurd weet ik niet precies maar ik had plotseling geen internetverbinding meer en het lukte me niet deze weer tot stand te brengen.
Ik heb daarom de computer teruggezet naar een eerdere datum (12-8).
Ik heb daarom combofix nog maar een keertje gedraaid. Hierbij het logje.
De eerder gemelde foutberichten zijn nu ook verdwenen.
Frans
ComboFix 13-08-13.02 - Frans 13-08-2013 22:15:54.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6071.4085
Gestart vanuit: c:\users\Frans\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-07-13 to 2013-08-13 ))))))))))))))))))))))))))))))
.
.
2013-08-13 20:26 . 2013-08-13 20:26 ——– d—–w- c:\users\Public\AppData\Local\temp
2013-08-13 20:26 . 2013-08-13 20:26 ——– d—–w- c:\users\Default\AppData\Local\temp
2013-08-12 18:32 . 2013-08-12 18:32 ——– d—–w- c:\program files (x86)\ESET
2013-07-31 14:26 . 2013-07-31 14:26 ——– d—–w- c:\windows\Sun
2013-07-30 18:31 . 2013-07-30 18:31 ——– d—–w- c:\windows\PCHEALTH
2013-07-30 18:30 . 2013-07-30 18:30 ——– d—–w- c:\program files\Microsoft Office
2013-07-30 18:29 . 2013-07-30 18:29 ——– d—–r- C:\MSOCache
2013-07-28 06:15 . 2013-08-13 20:26 ——– d—–w- c:\users\Frans\AppData\Local\Temp
2013-07-28 06:15 . 2013-07-28 06:07 24064 —-a-w- c:\windows\zoek-delete.exe
2013-07-27 15:38 . 2013-07-27 15:40 ——– d—–w- C:\rsit
2013-07-27 12:46 . 2013-07-27 12:46 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-27 12:46 . 2013-04-04 12:50 25928 —-a-w- c:\windows\system32\drivers\mbam.sys
2013-07-25 14:38 . 2013-07-25 14:38 ——– d—–w- c:\users\Frans\AppData\Local\kIvwoQsE
2013-07-25 14:38 . 2013-07-25 14:53 ——– d—–w- c:\users\Frans\AppData\Local\Dirty
2013-07-25 14:38 . 2013-07-25 14:38 ——– d—–w- c:\users\Frans\AppData\Local\sPoYELNv
2013-07-20 13:58 . 2013-07-20 13:58 ——– d—–w- c:\users\Frans\AppData\Local\By_Gpsgek
2013-07-20 13:57 . 2013-07-20 13:57 ——– d—–w- c:\program files (x86)\GCTool
2013-07-19 23:51 . 2013-07-19 23:51 311608 —-a-w- c:\windows\system32\drivers\avgloga.sys
2013-07-19 23:50 . 2013-07-19 23:50 71480 —-a-w- c:\windows\system32\drivers\avgidsha.sys
2013-07-19 23:50 . 2013-07-19 23:50 246072 —-a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-07-19 23:50 . 2013-07-19 23:50 206648 —-a-w- c:\windows\system32\drivers\avgldx64.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-15 14:08 . 2012-07-14 22:19 71048 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-15 14:08 . 2012-07-14 22:19 692104 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-10 15:07 . 2012-07-16 01:52 78185248 —-a-w- c:\windows\system32\MRT.exe
2013-07-09 23:32 . 2013-07-09 23:32 45880 —-a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-06-30 23:45 . 2013-06-30 23:45 116536 —-a-w- c:\windows\system32\drivers\avgmfx64.sys
2013-06-14 12:30 . 2013-06-14 12:30 53248 —-a-r- c:\users\Frans\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-06-14 12:30 . 2012-07-15 09:12 18960 —-a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-06-12 19:48 . 2012-07-18 19:02 867240 —-a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:48 . 2012-07-18 19:02 789416 —-a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-12 19:47 . 2013-06-19 14:43 96168 —-a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-11 23:43 . 2013-07-10 15:06 1767936 —-a-w- c:\windows\SysWow64\wininet.dll
2013-06-11 23:43 . 2013-07-10 15:06 2877440 —-a-w- c:\windows\SysWow64\jscript9.dll
2013-06-11 23:42 . 2013-07-10 15:06 61440 —-a-w- c:\windows\SysWow64\iesetup.dll
2013-06-11 23:42 . 2013-07-10 15:06 109056 —-a-w- c:\windows\SysWow64\iesysprep.dll
2013-06-11 23:26 . 2013-07-10 15:06 51712 —-a-w- c:\windows\system32\ie4uinit.exe
2013-06-11 23:26 . 2013-07-10 15:06 2241024 —-a-w- c:\windows\system32\wininet.dll
2013-06-11 23:26 . 2013-07-10 15:06 1365504 —-a-w- c:\windows\system32\urlmon.dll
2013-06-11 23:25 . 2013-07-10 15:05 19238912 —-a-w- c:\windows\system32\mshtml.dll
2013-06-11 23:25 . 2013-07-10 15:06 603136 —-a-w- c:\windows\system32\msfeeds.dll
2013-06-11 23:25 . 2013-07-10 15:06 855552 —-a-w- c:\windows\system32\jscript.dll
2013-06-11 23:25 . 2013-07-10 15:06 3958784 —-a-w- c:\windows\system32\jscript9.dll
2013-06-11 23:25 . 2013-07-10 15:06 53248 —-a-w- c:\windows\system32\jsproxy.dll
2013-06-11 23:25 . 2013-07-10 15:06 67072 —-a-w- c:\windows\system32\iesetup.dll
2013-06-11 23:25 . 2013-07-10 15:06 526336 —-a-w- c:\windows\system32\ieui.dll
2013-06-11 23:25 . 2013-07-10 15:06 39936 —-a-w- c:\windows\system32\iernonce.dll
2013-06-11 23:25 . 2013-07-10 15:06 2648576 —-a-w- c:\windows\system32\iertutil.dll
2013-06-11 23:25 . 2013-07-10 15:06 136704 —-a-w- c:\windows\system32\iesysprep.dll
2013-06-11 23:25 . 2013-07-10 15:05 15404032 —-a-w- c:\windows\system32\ieframe.dll
2013-06-11 22:51 . 2013-07-10 15:06 71680 —-a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50 . 2013-07-10 15:06 89600 —-a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-07 03:22 . 2013-07-10 15:06 2706432 —-a-w- c:\windows\system32\mshtml.tlb
2013-06-07 02:37 . 2013-07-10 15:06 2706432 —-a-w- c:\windows\SysWow64\mshtml.tlb
2013-06-05 03:34 . 2013-07-10 14:15 3153920 —-a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 14:16 624128 —-a-w- c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 14:16 509440 —-a-w- c:\windows\SysWow64\qedit.dll
2013-05-24 22:35 . 2013-05-24 22:35 226304 —-a-w- c:\windows\system32\elshyph.dll
2013-05-24 22:35 . 2013-05-24 22:35 185344 —-a-w- c:\windows\SysWow64\elshyph.dll
2013-05-24 22:35 . 2013-05-24 22:35 158720 —-a-w- c:\windows\SysWow64\msls31.dll
2013-05-24 22:35 . 2013-05-24 22:35 1054720 —-a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-24 22:35 . 2013-05-24 22:35 73728 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-24 22:35 . 2013-05-24 22:35 719360 —-a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-24 22:35 . 2013-05-24 22:35 523264 —-a-w- c:\windows\SysWow64\vbscript.dll
2013-05-24 22:35 . 2013-05-24 22:35 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-24 22:35 . 2013-05-24 22:35 38400 —-a-w- c:\windows\SysWow64\imgutil.dll
2013-05-24 22:35 . 2013-05-24 22:35 150528 —-a-w- c:\windows\SysWow64\iexpress.exe
2013-05-24 22:35 . 2013-05-24 22:35 138752 —-a-w- c:\windows\SysWow64\wextract.exe
2013-05-24 22:35 . 2013-05-24 22:35 137216 —-a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-24 22:35 . 2013-05-24 22:35 12800 —-a-w- c:\windows\SysWow64\mshta.exe
2013-05-24 22:35 . 2013-05-24 22:35 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-24 22:35 . 2013-05-24 22:35 61952 —-a-w- c:\windows\SysWow64\tdc.ocx
2013-05-24 22:35 . 2013-05-24 22:35 361984 —-a-w- c:\windows\SysWow64\html.iec
2013-05-24 22:35 . 2013-05-24 22:35 23040 —-a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-24 22:35 . 2013-05-24 22:35 197120 —-a-w- c:\windows\system32\msrating.dll
2013-05-24 22:35 . 2013-05-24 22:35 1441280 —-a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-24 22:35 . 2013-05-24 22:35 81408 —-a-w- c:\windows\system32\icardie.dll
2013-05-24 22:35 . 2013-05-24 22:35 762368 —-a-w- c:\windows\system32\ieapfltr.dll
2013-05-24 22:35 . 2013-05-24 22:35 452096 —-a-w- c:\windows\system32\dxtmsft.dll
2013-05-24 22:35 . 2013-05-24 22:35 441856 —-a-w- c:\windows\system32\html.iec
2013-05-24 22:35 . 2013-05-24 22:35 281600 —-a-w- c:\windows\system32\dxtrans.dll
2013-05-24 22:35 . 2013-05-24 22:35 216064 —-a-w- c:\windows\system32\msls31.dll
2013-05-24 22:35 . 2013-05-24 22:35 1400416 —-a-w- c:\windows\system32\ieapfltr.dat
2013-05-24 22:35 . 2013-05-24 22:35 905728 —-a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-24 22:35 . 2013-05-24 22:35 270848 —-a-w- c:\windows\system32\iedkcs32.dll
2013-05-24 22:35 . 2013-05-24 22:35 235008 —-a-w- c:\windows\system32\url.dll
2013-05-24 22:35 . 2013-05-24 22:35 1509376 —-a-w- c:\windows\system32\inetcpl.cpl
2013-05-24 22:35 . 2013-05-24 22:35 97280 —-a-w- c:\windows\system32\mshtmled.dll
2013-05-24 22:35 . 2013-05-24 22:35 599552 —-a-w- c:\windows\system32\vbscript.dll
2013-05-24 22:35 . 2013-05-24 22:35 27648 —-a-w- c:\windows\system32\licmgr10.dll
2013-05-24 22:35 . 2013-05-24 22:35 247296 —-a-w- c:\windows\system32\webcheck.dll
2013-05-24 22:35 . 2013-05-24 22:35 173568 —-a-w- c:\windows\system32\ieUnatt.exe
2013-05-24 22:35 . 2013-05-24 22:35 167424 —-a-w- c:\windows\system32\iexpress.exe
2013-05-24 22:35 . 2013-05-24 22:35 149504 —-a-w- c:\windows\system32\occache.dll
2013-05-24 22:35 . 2013-05-24 22:35 144896 —-a-w- c:\windows\system32\wextract.exe
2013-05-24 22:35 . 2013-05-24 22:35 102912 —-a-w- c:\windows\system32\inseng.dll
2013-05-24 22:35 . 2013-05-24 22:35 92160 —-a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-24 22:35 . 2013-05-24 22:35 62976 —-a-w- c:\windows\system32\pngfilt.dll
2013-05-24 22:35 . 2013-05-24 22:35 52224 —-a-w- c:\windows\system32\msfeedsbs.dll
2013-05-24 22:35 . 2013-05-24 22:35 51200 —-a-w- c:\windows\system32\imgutil.dll
2013-05-24 22:35 . 2013-05-24 22:35 48640 —-a-w- c:\windows\system32\mshtmler.dll
2013-05-24 22:35 . 2013-05-24 22:35 13824 —-a-w- c:\windows\system32\mshta.exe
2013-05-24 22:35 . 2013-05-24 22:35 136192 —-a-w- c:\windows\system32\iepeers.dll
2013-05-24 22:35 . 2013-05-24 22:35 135680 —-a-w- c:\windows\system32\IEAdvpack.dll
2013-05-24 22:35 . 2013-05-24 22:35 12800 —-a-w- c:\windows\system32\msfeedssync.exe
2013-05-24 22:35 . 2013-05-24 22:35 77312 —-a-w- c:\windows\system32\tdc.ocx
2013-05-24 22:34 . 2013-05-24 22:34 9728 —ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 5632 —ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 4096 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 4096 —ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3072 —ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 9728 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 5632 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 5632 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 5632 —ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3584 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3584 —ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3072 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3072 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 3072 —ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 2560 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-24 22:34 . 2013-05-24 22:34 2560 —ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”
.
“hpsysdrv”=“c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe”
“IAStorIcon”=“c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe”
“StartCCC”=“c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
“Easybits Recovery”=“c:\program files (x86)\EasyBits For Kids\ezRecover.exe”
“RoxWatchTray”=“c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe”
“AVG_UI”=“c:\program files (x86)\AVG\AVG2013\avgui.exe”
“SwitchBoard”=“c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe”
“AdobeCS6ServiceManager”=“c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe”
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe”
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe -s
Spyder3Utility.lnk - c:\program files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
.
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableLUA”= 0 (0x0)
“EnableUIADesktopToggle”= 0 (0x0)
“EnableSecureUIAPath”= 1 (0x1)
.
“HP Software Update”=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
“Adobe Reader Speed Launcher”=“c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe”
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe”
.
R1 A2DDA;A2 Direct Disk Access Support Driver;k:\emsisoftemergencykit\Run\a2ddax64.sys;k:\emsisoftemergencykit\Run\a2ddax64.sys
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe
R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
R2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
R2 SessionLauncher;SessionLauncher;c:\users\Frans\AppData\Local\Temp\DX9\SessionLauncher.exe;c:\users\Frans\AppData\Local\Temp\DX9\SessionLauncher.exe
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
R2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys;c:\windows\SYSNATIVE\DRIVERS\Spyder3.sys
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
S2 HitachiBackupService;Hitachi Backup Service;c:\program files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe;c:\program files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys;c:\windows\SYSNATIVE\Drivers\Sentinel64.sys
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys
S3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;c:\windows\system32\DRIVERS\SNTUSB64.SYS;c:\windows\SYSNATIVE\DRIVERS\SNTUSB64.SYS
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Inhoud van de ‘Gedeelde Taken’ map
.
2013-08-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
.
2013-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
2013-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
2013-08-12 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe
.
2013-07-23 c:\windows\Tasks\HPCeeScheduleForFRANS-PC$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
.
2013-06-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe
.
.
——— X64 Entries ———–
.
.
“SmartMenu”=“c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe”
“PC-Doctor for Windows localizer”=“c:\program files\PC-Doctor for Windows\localizer.exe”
“AdobeAAMUpdater-1.0”=“c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
“EvtMgr6”=“c:\program files\Logitech\SetPointP\SetPoint.exe”
.
——- Bijkomende Scan ——-
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Frans\AppData\Roaming\Mozilla\Firefox\Profiles\3ejk19s3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.geocaching.com/
FF - ExtSQL: 2013-06-14 14:30; {F003DA68-8256-4b37-A6C4-350FA04494DF}; c:\program files\Logitech\SetPointP\LogiSmoothFirefoxExt
.
- - - - ORPHANS VERWIJDERD - - - -
.
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx”
“ThreadingModel”=“Apartment”
.
@=“0”
.
@=“ShockwaveFlash.ShockwaveFlash.11”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“ShockwaveFlash.ShockwaveFlash”
.
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx”
“ThreadingModel”=“Apartment”
.
@=“FlashFactory.FlashFactory.1”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“FlashFactory.FlashFactory”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-08-13 22:27:56
ComboFix-quarantined-files.txt 2013-08-13 20:27
ComboFix2.txt 2013-08-13 19:28
.
Pre-Run: 549.497.679.872 bytes beschikbaar
Post-Run: 549.978.447.872 bytes beschikbaar
.
- - End Of File - - 62879DC9C480865B79B0F746B029B53F
D41D8CD98F00B204E9800998ECF8427E
Hoi
Bijgaand het logje van zoek.exe
Frans.
Zoek.exe Version 4.0.0.4 Updated 10-August-2013
Tool run by Frans on di 13-08-2013 at 22:50:37,50.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Frans\Desktop\zoek.exe
==== System Restore Info ======================
13-8-2013 22:51:49 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe
C:\Program Files (x86)\Sitecom\Common\RaUI.exe
C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Users\Frans\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
“c:\users\Frans\AppData\Local\kIvwoQsE” deleted
“c:\users\Frans\AppData\Local\Dirty” deleted
“c:\users\Frans\AppData\Local\sPoYELNv” deleted
==== System Specs ======================
Windows: Windows XP Home Edition Service Pack 2 (Build 2600)
Memory (RAM): 6072 MB
CPU Info: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
CPU Speed: 2947,0 MHz
Sound Card: Luidsprekers (Realtek High Defi |
ATI HDMI Output (ATI High Defin |
Realtek Digital Output (Realtek |
Display Adapters: ATI Radeon HD 5450 | ATI Radeon HD 5450 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 2x; HP 2229h Wide LCD Monitor | HP 2229h Wide LCD Monitor |
Screen Resolution: 1680 X 1050 - 32 bit
Network: Network Present
Network Adapters: 802.11n Wireless PCI Express Card LAN Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (E: | ) E: hp CDDVDW TS-H653R
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 918,9GB | D: 12,6GB
Hard Disks - Free: C: 515,1GB | D: 1,7GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 06/25/10 | HPQOEM - 20100625
Time Zone: West-Europa (standaardtijd)
Motherboard *: MSI IONA
Internet Explorer Version: 10.0.9200.16635
Sun Java version: 1.7.0_25
Country: Nederland
Language: NLD
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2013-07-27 20:59:02 F042EE4C8D66248D9B86DCF52ABAE416 256000 —-a-w- C:\Windows\PEV.exe
2013-07-27 20:59:02 9E05A9C264C8A908A8E79450FCBFF047 80412 —-a-w- C:\Windows\grep.exe
2013-07-27 20:59:02 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 —-a-w- C:\Windows\zip.exe
2013-07-27 20:59:02 0297C72529807322B152F517FDB0A9FC 406528 —-a-w- C:\Windows\SWSC.exe
2013-07-27 20:59:02 0277C027A26428DB64EF4F64F52BB4FD 208896 —-a-w- C:\Windows\MBR.exe
====== C:\Users\Frans\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-07-27 12:46:07 0BB97D43299910CBFBA59C461B99B910 25928 —-a-w- C:\Windows\Sysnative\drivers\mbam.sys
2013-07-19 23:50:56 C8D9EEACF266512C1FA52E2ECF5AD944 71480 —-a-w- C:\Windows\Sysnative\drivers\avgidsha.sys
2013-07-19 23:50:56 241C32E942869FD1351CC5864976C3AC 246072 —-a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys
2013-07-19 23:50:50 FACD18A89FDEBC35C85CAF762B294BE2 206648 —-a-w- C:\Windows\Sysnative\drivers\avgldx64.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-07-30 18:30:12 ——– d—–w- C:\Program Files\Microsoft Office
======= C:\Program Files (x86) =====
2013-08-12 18:32:50 ——– d—–w- C:\Program Files (x86)\ESET
2013-07-30 18:31:30 ——– d—–w- C:\Program Files (x86)\Microsoft Visual Studio
2013-07-30 18:31:30 ——– d—–w- C:\Program Files (x86)\Common Files\DESIGNER
2013-07-20 13:57:17 ——– d—–w- C:\Program Files (x86)\GCTool
======= C: =====
2013-08-12 18:14:39 F6211C74C15ECCC9CA9BFA1EFF6DC9B1 891 —-a-w- C:\AdwCleaner.txt
2013-08-08 14:26:08 E91D566C1738BAF3CE9E420A8FE7FB2C 3344 ——w- C:\bootsqm.dat
====== C:\Users\Frans\AppData\Roaming ======
2013-08-13 20:27:58 ——– d—–w- C:\users\Public\AppData\Local\temp
2013-08-13 20:27:58 ——– d—–w- C:\users\Default\AppData\Local\temp
2013-08-13 20:27:58 ——– d—–w- C:\users\Default User\AppData\Local\temp
2013-07-28 10:01:27 1BBDA0E4F8AFB975E63313FF4425B005 1456 —-a-w- C:\users\Frans\AppData\Local\Adobe Opslaan voor web 13.0 Prefs
2013-07-28 06:15:00 ——– d—–w- C:\users\Frans\AppData\Local\Temp
2013-07-20 13:58:27 ——– d—–w- C:\users\Frans\AppData\Local\By_Gpsgek
====== C:\Users\Frans ======
2013-08-12 18:32:37 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 —-a-w- C:\Users\Frans\Desktop\esetsmartinstaller_enu.exe
2013-07-31 16:29:57 178A34E5554DCE485E1262DDF027960C 2237968 —-a-w- C:\Users\Frans\Desktop\tdsskiller.exe
2013-07-30 18:32:28 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2013-07-30 14:17:08 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2013-07-28 11:26:45 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
====== C: exe-files ==
2013-08-12 18:32:57 CE0D0B11986FD2C0247AE88A59B36A6E 579904 —-a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2013-08-12 18:32:57 BDB7D97012F9B3102DB72AA76A24942A 546944 —-a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
2013-08-12 18:32:57 7C9EEC809FB9CDA26EFC245C001EA980 2347384 —-a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2013-08-12 18:32:57 7ABF8849E76732C357F419B1AF5668F2 546944 —-a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2013-08-12 18:32:57 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 —-a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2013-08-12 18:32:37 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 —-a-w- C:\Users\Frans\Desktop\esetsmartinstaller_enu.exe
=== C: other files ==
2013-08-13 19:32:07 508871BBC9250EFF2133BBEB22AF76A4 890 —-a-w- C:\ProgramData\AVG2013\IDS\quarantine\52462103-3a55-47d3-844e-9128c0647fc5.zip
2013-08-13 18:53:20 BC0BE8909623324AA4A301F9FD8FFA7B 470 —-a-w- C:\ProgramData\AVG2013\IDS\quarantine\bdc7bdc2-3a5b-47d3-844e-9128c0647fc5.zip
2013-08-13 18:44:37 E10D18D2C4D536BE5E8452B9E6BA7D19 470 —-a-w- C:\ProgramData\AVG2013\IDS\quarantine\b424b746-3a5b-47d3-844e-9128c0647fc5.zip
2013-08-13 18:44:24 556CC074AEF2EFD1D7B880D42876D9B3 470 —-a-w- C:\ProgramData\AVG2013\IDS\quarantine\0fe41ccf-3a39-47d3-844e-9128c0647fc5.zip
2013-08-13 15:13:03 E5798E4DA0BF51A1875D72F1E0647202 471 —-a-w- C:\ProgramData\AVG2013\IDS\quarantine\baed5064-3a39-47d3-844e-9128c0647fc5.zip
2013-08-13 15:05:37 788A5D4DBAE86F063198C253B77086AF 13919458 —-a-w- C:\ProgramData\AVG2013\IDS\quarantine\594c747d-3a3f-47d3-bcf2-9128c0647fc5.zip
2013-08-13 14:31:17 7FFC95E559CBB5D8A1D4D4C6809ED216 2292101 —-a-w- C:\ProgramData\AVG2013\IDS\quarantine\1d1a3b09-3a20-47d3-bcf2-9128c0647fc5.zip
==== Startup Registry Enabled ======================
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“hpsysdrv”=“c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe”
“IAStorIcon”=“C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe”
“StartCCC”=“C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun”
“Easybits Recovery”=“C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe”
“RoxWatchTray”=“C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe”
“AVG_UI”=“C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY”
“SwitchBoard”=“C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe”
“AdobeCS6ServiceManager”=“C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin”
“SunJavaUpdateSched”=“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
==== Startup Registry Enabled x64 ======================
“SmartMenu”=“C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background”
“PC-Doctor for Windows localizer”=“C:\Program Files\PC-Doctor for Windows\localizer.exe”
“AdobeAAMUpdater-1.0”=“C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
“EvtMgr6”=“C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming”
==== Startup Registry Disabled ======================
“HP Software Update”=“C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe”
“Adobe Reader Speed Launcher”=“\”C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\“”
“Adobe ARM”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“SunJavaUpdateSched”=“\”C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\“”
==== Startup Folders ======================
2012-07-12 19:57:37 1997 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sitecom Wireless Utility.lnk
2012-07-13 16:22:41 1345 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\HP Photo Creations Messager.job –a——
C:\Windows\tasks\HPCeeScheduleForFRANS-PC$.job –a—— C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
C:\Windows\tasks\PCDRScheduledMaintenance.job –a—— C:\Program Files\PC-Doctor for Windows\pcdrcui.exe
==== Firefox Extensions ======================
ProfilePath: C:\Users\Frans\AppData\Roaming\Mozilla\Firefox\Profiles\3ejk19s3.default
- Logitech - %ProfilePath%\extensions\DeviceDetection@logitech.com
- Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Frans\AppData\Roaming\Mozilla\Firefox\Profiles\3ejk19s3.default
0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash
2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.16
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
edaibbiobngpbmeonadpbfafbkimjbdd - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
No DefaultScope Set For HKCU
New Values:
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR”
{1256452D-B72C-4C17-9DA9-D3762F0E5BF5} AVG Secure Search Url=“https://isearch.avg.com/search?cid={23D001C1-298C-49A5-85B8-2C71BF34FEA3}&mid=0e463870c27f47d097579128c0647fc5-149c76dc139fda7aa54551bedf1b1dbe86d36a1f&lang=nl&ds=AVG&pr=fr&d=2012-10-14”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
{F4B96B51-14B9-4C65-A398-B4E598E277A1} Bing Url=“http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox”
==== HijackThis Entries ======================
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM\..\Run: C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG\AVG2013\avgui.exe” /TRAYONLY
O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe” -launchedbylogin
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files (x86)\Sitecom\Common\RaUI.exe
O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra ‘Tools’ menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hitachi Backup Service (HitachiBackupService) - Hitachi GST - C:\Program Files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SessionLauncher - Unknown owner - C:\Users\Frans\AppData\Local\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (file missing)
O23 - Service: vToolbarUpdater15.0.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Frans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Frans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Frans\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on di 13-08-2013 at 23:13:53,78 ======================
Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's