Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
dutchcoppi
Hallo Heren,
Al geruime tijd heb ik een trage PC.
Ik heb windows XP.
Graag jullie hulp !
Mvg,
Geert
# AdwCleaner v2.306 - Verslag gemaakt op 08/08/2013 om 20:15:43
# Geactualiseerd op 19/07/2013 door Xplode
# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
# Gebruiker : Geert - GEERT
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Documents and Settings\Geert\Bureaublad\adwcleaner.exe
# Optie
***** *****
***** *****
***** *****
Sleutel Verwijderd : HKCU\Software\APN PIP
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Sleutel Verwijderd : HKLM\Software\PIP
***** *****
-\\ Internet Explorer v8.0.6001.18702
Het register bevat geen enkele ongeoorloofde invoer.
-\\ Mozilla Firefox v14.0.1 (nl)
File : C:\Documents and Settings\Geert\Application Data\Mozilla\Firefox\Profiles\c3kwohmx.default\prefs.js
De file bevat geen enkele ongeoorloofde invoer.
File : C:\Documents and Settings\Tessa\Application Data\Mozilla\Firefox\Profiles\imehe7nk.default\prefs.js
De file bevat geen enkele ongeoorloofde invoer.
File : C:\Documents and Settings\Jelle\Application Data\Mozilla\Firefox\Profiles\k854hlti.default\prefs.js
De file bevat geen enkele ongeoorloofde invoer.
-\\ Google Chrome v28.0.1500.95
File : C:\Documents and Settings\Geert\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
Logfile of random's system information tool 1.09 (written by random/random)
Run by Geert at 2013-08-08 20:43:15
Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (10%) free of 38 GB
Total RAM: 1535 MB (29% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:30, on 8-8-2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Internetbeveiliging\fshoster32.exe
C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Microsoft Lync\communicator.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Internetbeveiliging\fshoster32.exe
C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MyTomTom 3\MyTomTomSA.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Documents and Settings\Geert\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Geert\Bureaublad\RSIT.exe
C:\Program Files\trend micro\Geert.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 146.191.228.22:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Lync add-on BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: “C:\Program Files\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: nwiz.exe /install
O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: “C:\program files\real\realplayer\update\realsched.exe” -osboot
O4 - HKLM\..\Run: “C:\Program Files\LogMeIn\x86\LogMeInSystray.exe”
O4 - HKLM\..\Run: “C:\Program Files\Microsoft Lync\communicator.exe” /fromrunkey
O4 - HKLM\..\Run: rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM\..\Run: “C:\Program Files\Internetbeveiliging\fshoster32.exe” -app -hosterid:1
O4 - HKLM\..\Run: “C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE” /splash
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: “C:\Program Files\Microsoft ActiveSync\wcescomm.exe”
O4 - HKCU\..\Run: “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU\..\Run: “C:\Program Files\MyTomTom 3\MyTomTomSA.exe”
O4 - HKCU\..\Run: “C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”
O4 - HKUS\S-1-5-18\..\Run: “C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” -t (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: “C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” -t (User ‘Default user’)
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Geert\Application Data\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll
O9 - Extra ‘Tools’ menuitem: Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=1007
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - Invalid registry found
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - Unknown owner - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\\MAGIX\\Common\\Database\\bin\\fbserver.exe (file missing)
O23 - Service: FreemakeVideoCapture - Unknown owner - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe (file missing)
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
–
End of file - 13894 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1644491937-2146943873-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1644491937-2146943873-725345543-1003.job
C:\WINDOWS\tasks\ReclaimerResumeInstallLogin_Geert.job
C:\WINDOWS\tasks\ReclaimerResumeInstall_Geert.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Geert\Application Data\Mozilla\Firefox\Profiles\c3kwohmx.default
prefs.js - “extensions.enabledItems” - “{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16”
“{20a82645-c095-46ed-80e3-08825760534b}”=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
“{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}”=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
“Description”=ABN AMRO e.dentifier2 Plug-in 1.0 for Mozilla
“Path”=C:\Program Files\ABN AMRO e.dentifier2\Mozilla\npBECON.dll
“Description”=Adobe® Flash® Player 11.7.700.224 Plugin
“Path”=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
“Description”=Adobe Shockwave Player
“Path”=C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll
“Description”=
“Path”=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
“Description”=Google Earth in your browser
“Path”=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
“Description”=Picasa3 plugin
“Path”=C:\Program Files\Google\Picasa3\npPicasa3.dll
“Description”=Java™ Deployment Toolkit
“Path”=C:\WINDOWS\system32\npDeployJava1.dll
“Description”=Oracle® Next Generation Java™ Plug-In
“Path”=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
“Description”=Ag Player Plugin
“Path”=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
“Description”=Office Authorization plug-in for NPAPI browsers
“Path”=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
“Description”=Microsoft SharePoint Plug-in for Firefox
“Path”=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
“Description”=Windows Presentation Foundation plug-in for Mozilla browsers
“Path”=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
“Description”=RealPlayer™ LiveConnect-Enabled Plug-In
“Path”=c:\program files\real\realplayer\Netscape6\nppl3260.dll
“Description”=RealJukebox Netscape Plugin
“Path”=c:\program files\real\realplayer\Netscape6\nprjplug.dll
“Description”=RealNetworks™ RealPlayer Chrome Background Extension Plug-In
“Path”=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
“Description”=RealPlayer™ HTML5VideoShim Plug-In
“Path”=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
“Description”=RealPlayer Download Plugin
“Path”=c:\program files\real\realplayer\Netscape6\nprpplugin.dll
“Description”=Google Update
“Path”=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
“Description”=Google Update
“Path”=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npRACtrl.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
LMIProxyHelper.exe
npMeetingJoinPluginOC.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npRACtrl.dll
nprjplug.dll
nprpplugin.dll
QuickTimePlugin.class
ractrlkeyhook.dll
unicows.dll
C:\Program Files\Mozilla Firefox\searchplugins\
bing.xml
bolcom-nl.xml
google.xml
marktplaats-nl.xml
wikipedia-nl.xml
C:\Documents and Settings\Geert\Application Data\Mozilla\Firefox\Profiles\c3kwohmx.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
======Registry dump======
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents
Lync Browser Helper - C:\Program Files\Microsoft Lync\OCHelper.dll
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll
Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
“BCSSync”=C:\Program Files\Microsoft Office\Office14\BCSSync.exe
“NvCplDaemon”=C:\WINDOWS\system32\NvCpl.dll
“nwiz”=nwiz.exe /install
“NvMediaCenter”=C:\WINDOWS\system32\NvMcTray.dll
“APSDaemon”=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
“NeroFilterCheck”=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
“TkBellExe”=C:\program files\real\realplayer\update\realsched.exe
“LogMeIn GUI”=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
“Communicator”=C:\Program Files\Microsoft Lync\communicator.exe
“Ptipbmf”=ptipbmf.dll,SetWriteCacheMode
“PtiuPbmd”=ptipbm.dll,SetWriteBack
“QuickTime Task”=C:\Program Files\QuickTime\qttask.exe
“iTunesHelper”=C:\Program Files\iTunes\iTunesHelper.exe
“F-Secure Hoster (45123)”=C:\Program Files\Internetbeveiliging\fshoster32.exe
“F-Secure Manager”=C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE
“SunJavaUpdateSched”=C:\Program Files\Common Files\Java\Java Update\jusched.exe
“H/PC Connection Agent”=C:\Program Files\Microsoft ActiveSync\wcescomm.exe
“MSMSGS”=C:\Program Files\Messenger\msmsgs.exe
“MyTomTomSA.exe”=C:\Program Files\MyTomTom 3\MyTomTomSA.exe
“OfficeSyncProcess”=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\AirVideoServer\AirVideoServer.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
C:\PROGRA~1\Toshiba\BLUETO~1\TOSBTM~1.EXE
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE
C:\Documents and Settings\Geert\Menu Start\Programma's\Opstarten
Dropbox.lnk - C:\Documents and Settings\Geert\Application Data\Dropbox\bin\Dropbox.exe
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
“{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoDriveTypeAutoRun”=323
“NoInstrumentation”=0
“NoDriveAutoRun”=67108863
“NoDrives”=0
“NoResolveSearch”=1
“HonorAutoRunSetting”=1
“NoDriveAutoRun”=67108863
“NoDriveTypeAutoRun”=323
“NoDrives”=0
“%windir%\system32\sessmgr.exe”=“%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019”
“C:\WINDOWS\system32\ftp.exe”=“C:\WINDOWS\system32\ftp.exe:*:Enabled:FTP-bestandsoverdrachtprogramma”
“C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE”=“C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE:*:Enabled:ActiveSync Connection Manager”
“C:\Program Files\Microsoft ActiveSync\WCESMGR.EXE”=“C:\Program Files\Microsoft ActiveSync\WCESMGR.EXE:*:Enabled:ActiveSync Application”
“C:\Program Files\Mozilla Firefox\firefox.exe”=“C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox”
“C:\WINDOWS\system32\dpnsvr.exe”=“C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server”
“C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe”
“C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe”=“C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe”
“C:\Program Files\HP\Digital Imaging\bin\hposid01.exe”=“C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe”
“C:\WINDOWS\system32\PnkBstrA.exe”=“C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA”
“C:\WINDOWS\system32\PnkBstrB.exe”=“C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB”
“C:\Program Files\Microsoft ActiveSync\rapimgr.exe”=“C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager”
“C:\Program Files\Messenger\msmsgs.exe”=“C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger”
“%windir%\Network Diagnostic\xpnetdiag.exe”=“%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000”
“C:\Program Files\Skype\Plugin Manager\skypePM.exe”=“C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager”
“C:\Program Files\Java\jre6\bin\java.exe”=“C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary”
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger”
“C:\Documents and Settings\Geert\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe”=“C:\Documents and Settings\Geert\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player”
“C:\Program Files\Microsoft Office\Office14\GROOVE.EXE”=“C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace”
“C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE”=“C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote”
“C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE”=“C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook”
“C:\Program Files\Google\Google Earth\client\googleearth.exe”=“C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth”
“C:\Documents and Settings\Geert\Bureaublad\GeocacheSubmitter.exe”=“C:\Documents and Settings\Geert\Bureaublad\GeocacheSubmitter.exe:*:Enabled:Geocache Submitter”
“E:\MOHAA\moh_spearhead.exe”=“E:\MOHAA\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault™ Spearhead”
“C:\Program Files\Internet Explorer\iexplore.exe”=“C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer”
“C:\Program Files\SopCast\SopCast.exe”=“C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application”
“C:\WINDOWS\system32\dpvsetup.exe”=“C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test”
“C:\WINDOWS\system32\rundll32.exe”=“C:\WINDOWS\system32\rundll32.exe:*:Enabled:Een DLL-bestand als toepassing starten”
“E:\Program Files\rFactor\rFactor.exe”=“E:\Program Files\rFactor\rFactor.exe:*:Enabled:rFactor”
“C:\Program Files\Java\jre6\bin\javaw.exe”=“C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary”
“C:\Program Files\EA GAMES\MOHAA\MOHAA.exe”=“C:\Program Files\EA GAMES\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault”
“C:\Program Files\AirVideoServer\AirVideoServer.exe”=“C:\Program Files\AirVideoServer\AirVideoServer.exe:*:Enabled:Air Video Server”
“C:\Program Files\Bonjour\mDNSResponder.exe”=“C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service”
“G:\Games\World_of_Tanks\WorldOfTanks.exe”=“G:\Games\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks”
“C:\WINDOWS\system32\javaw.exe”=“C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary”
“C:\WINDOWS\system32\dllhoster.exe”=“C:\WINDOWS\system32\dllhoster.exe”
“C:\Documents and Settings\Geert\Application Data\Dropbox\bin\Dropbox.exe”=“C:\Documents and Settings\Geert\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox”
“C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe”=“C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit”
“C:\Program Files\iTunes\iTunes.exe”=“C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes”
“C:\Program Files\Microsoft Lync\communicator.exe”=“C:\Program Files\Microsoft Lync\communicator.exe:*:Enabled:Lync”
“C:\Program Files\Microsoft Lync\UcMapi.exe”=“C:\Program Files\Microsoft Lync\UcMapi.exe:*:Enabled:UcMapi”
“%windir%\system32\sessmgr.exe”=“%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019”
“C:\Program Files\MSN Messenger\msncall.exe”=“C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)”
“C:\Program Files\MSN Messenger\livecall.exe”=“C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)”
“C:\Program Files\Microsoft ActiveSync\rapimgr.exe”=“C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager”
“C:\Program Files\Microsoft ActiveSync\wcescomm.exe”=“C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager”
“C:\Program Files\Microsoft ActiveSync\WCESMgr.exe”=“C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application”
“%windir%\Network Diagnostic\xpnetdiag.exe”=“%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000”
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger”
“midimapper”=midimap.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msadpcm”=msadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.trspch”=tssoft32.acm
“vidc.cvid”=iccvid.dll
“VIDC.I420”=msh263.drv
“vidc.iv31”=ir32_32.dll
“vidc.iv32”=ir32_32.dll
“vidc.iv41”=ir41_32.ax
“VIDC.IYUV”=iyuv_32.dll
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVU9”=tsbyuv.dll
“VIDC.YVYU”=msyuv.dll
“wavemapper”=msacm32.drv
“msacm.msg723”=msg723.acm
“vidc.M263”=msh263.drv
“vidc.M261”=msh261.drv
“msacm.msaudio1”=msaud32.acm
“msacm.sl_anet”=sl_anet.acm
“msacm.iac2”=C:\WINDOWS\system32\iac25_32.ax
“vidc.iv50”=ir50_32.dll
“msacm.l3acm”=C:\WINDOWS\system32\l3codeca.acm
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“msacm.lhacm”=lhacm.acm
“VIDC.MPG4”=mpg4c32.dll
“VIDC.MP42”=mpg4c32.dll
“vidc.VP60”=vp6vfw.dll
“vidc.VP61”=vp6vfw.dll
“vidc.VP62”=vp6vfw.dll
“MSVideo8”=VfWWDM32.dll
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“VIDC.XFR1”=xfcodec.dll
“msacm.siren”=sirenacm.dll
======List of files/folders created in the last 1 month======
2013-08-08 20:43:15 —-DC—- C:\rsit
2013-08-08 20:15:43 —-AC—- C:\AdwCleaner.txt
2013-08-08 20:11:50 —-D—- C:\WINDOWS\ERUNT
2013-08-08 20:11:48 —-AC—- C:\DelFix.txt
2013-08-08 20:07:04 —-D—- C:\Program Files\trend micro
2013-07-27 10:22:56 —-A—- C:\WINDOWS\system32\javaws.exe
2013-07-27 10:22:44 —-A—- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-07-27 10:22:44 —-A—- C:\WINDOWS\system32\javaw.exe
2013-07-27 10:22:44 —-A—- C:\WINDOWS\system32\java.exe
2013-07-22 21:08:15 —-A—- C:\WINDOWS\system32\drivers\fsbts.sys
2013-07-22 21:04:45 —-A—- C:\WINDOWS\prodsett_copy.ini
2013-07-22 20:43:19 —-D—- C:\Program Files\Internetbeveiliging
2013-07-22 20:33:12 —-DC—- C:\Documents and Settings\All Users\Application Data\F-Secure
======List of files/folders modified in the last 1 month======
2013-08-08 20:42:29 —-D—- C:\WINDOWS\system32\drivers
2013-08-08 20:22:02 —-D—- C:\Documents and Settings\Geert\Application Data\Dropbox
2013-08-08 20:21:41 —-D—- C:\WINDOWS\Temp
2013-08-08 20:19:02 —-D—- C:\WINDOWS\system32
2013-08-08 20:16:27 —-AC—- C:\WINDOWS\SchedLgU.Txt
2013-08-08 20:11:50 —-D—- C:\WINDOWS
2013-08-08 20:07:04 —-D—- C:\Program Files
2013-08-08 19:51:26 —-DC—- C:\Documents and Settings\All Users\Application Data\LogMeIn
2013-08-06 22:37:19 —-SD—- C:\WINDOWS\Tasks
2013-08-06 22:35:54 —-AC—- C:\WINDOWS\NeroDigital.ini
2013-08-03 20:14:59 —-SHD—- C:\WINDOWS\Installer
2013-08-03 20:13:24 —-D—- C:\Program Files\Google
2013-08-02 19:43:58 —-D—- C:\WINDOWS\system32\LogFiles
2013-07-27 10:23:56 —-D—- C:\Program Files\Mozilla Firefox
2013-07-27 10:22:13 —-AC—- C:\WINDOWS\system32\npDeployJava1.dll
2013-07-27 10:22:13 —-AC—- C:\WINDOWS\system32\deployJava1.dll
2013-07-22 20:57:10 —-D—- C:\Program Files\SUPERAntiSpyware
2013-07-22 20:43:41 —-D—- C:\WINDOWS\WinSxS
2013-07-22 20:23:34 —-HD—- C:\WINDOWS\inf
2013-07-22 20:23:31 —-D—- C:\WINDOWS\system32\CatRoot2
2013-07-21 11:34:22 —-D—- C:\WINDOWS\Debug
2013-07-20 21:37:50 —-AC—- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-07-19 14:24:41 —-D—- C:\Program Files\Microsoft Lync
2013-07-19 14:24:40 —-D—- C:\Program Files\Microsoft Silverlight
2013-07-19 14:24:40 —-D—- C:\Program Files\Internet Explorer
2013-07-19 14:19:33 —-RSD—- C:\WINDOWS\assembly
2013-07-19 14:09:10 —-D—- C:\WINDOWS\Microsoft.NET
2013-07-19 14:03:40 —-AC—- C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-19 14:01:14 —-DC—- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-07-19 13:57:26 —-RSHDC—- C:\WINDOWS\system32\dllcache
2013-07-19 13:43:15 —-AC—- C:\WINDOWS\system32\MRT.exe
2013-07-19 13:42:31 —-D—- C:\WINDOWS\ie8updates
2013-07-19 12:37:44 —-D—- C:\WINDOWS\system32\XPSViewer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fasttx2k;fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
R0 fsbts;fsbts; C:\WINDOWS\system32\Drivers\fsbts.sys
R0 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys
R0 viasraid;viasraid; C:\WINDOWS\system32\DRIVERS\viasraid.sys
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\HIPS\drivers\fshs.sys
R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS
R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
R3 fsni;fsni; \??\C:\Program Files\Internetbeveiliging\apps\CCF_Scanning\fsnixp32.sys
R3 fsnitdi;fsnitdi; \??\C:\Program Files\Internetbeveiliging\apps\CCF_Scanning\fsnitdi32.sys
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys
R3 LMImirr;LMImirr; C:\WINDOWS\system32\DRIVERS\LMImirr.sys
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys
R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys
R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys
S0 UlSata;UlSata; C:\WINDOWS\system32\DRIVERS\ulsata.sys
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
S3 61883;61883-eenheidsapparaat; C:\WINDOWS\system32\DRIVERS\61883.sys
S3 a6xc2ite;a6xc2ite; C:\WINDOWS\system32\drivers\a6xc2ite.sys
S3 aoxhe9sy;aoxhe9sy; C:\WINDOWS\system32\drivers\aoxhe9sy.sys
S3 Avc;AVC-apparaat; C:\WINDOWS\system32\DRIVERS\avc.sys
S3 catchme;catchme; \??\C:\DOCUME~1\Geert\LOCALS~1\Temp\catchme.sys
S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys
S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2; C:\WINDOWS\system32\DRIVERS\aabed2.sys
S3 grmnusb;Garmin USB Driver; C:\WINDOWS\system32\drivers\grmnusb.sys
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys
S3 SABProcEnum;SABProcEnum; \??\C:\Program Files\Internet Explorer\SABProcEnum.sys
S3 SASENUM;SASENUM; \\??\\C:\\Program Files\\SUPERAntiSpyware\\SASENUM.SYS
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudobex.sys
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys
S3 usb_rndisx;USB RNDIS-adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 usbser;Nokia USB Serial Port Driver ; C:\WINDOWS\system32\DRIVERS\usbser.sys
S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys
S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys
S4 WS2IFSL;Windows Socket 2.0 Non-IFS-omgeving voor serviceproviderondersteuning; C:\WINDOWS\System32\drivers\ws2ifsl.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe
R2 fshoster;F-Secure Dll Hoster; C:\Program Files\Internetbeveiliging\fshoster32.exe
R2 FSORSPClient;F-Secure ORSP Client; C:\Program Files\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
R2 msoidsvc;Microsoft Online Services Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe
R3 FSMA;F-Secure Management Agent; C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe
S2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\\MAGIX\\Common\\Database\\bin\\fbserver.exe
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
—————–EOF—————–
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.08.01.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Geert :: GEERT
8-8-2013 20:24:04
mbam-log-2013-08-08 (20-24-04).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 276156
Verstreken tijd: 15 minuut/minuten, 48 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
