Hoi
De pc doet nog hetzelfde dus…
Volgens mij had ik het bestandje van Rsit al geplaatst,maar hierbij nogmaals.
Logfile of random's system information tool 1.09 (written by random/random)
Run by ericpeggy at 2013-10-14 20:21:47
Microsoft Windows 7 Ultimate Service Pack 1
System drive G: has 168 GB (55%) free of 305 GB
Total RAM: 2047 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:21:53 PM, on 10/14/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
G:\Windows\system32\taskhost.exe
G:\Windows\system32\Dwm.exe
G:\Windows\Explorer.EXE
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Windows Live\Companion\companionuser.exe
G:\Program Files\Windows Live\Mail\wlmail.exe
G:\Program Files\Windows Live\Contacts\wlcomm.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Windows\system32\config\systemprofile\Desktop\RSIT.exe
G:\Program Files\trend micro\ericpeggy.exe
G:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uden.kliknieuws.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - G:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - G:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: “G:\Program Files\Microsoft IntelliPoint\ipoint.exe”
O4 - HKLM\..\Run: “G:\Program Files\Microsoft IntelliType Pro\itype.exe”
O4 - HKLM\..\Run: “G:\Program Files\Windows Live\Family Safety\fsui.exe” -autorun
O4 - HKLM\..\Run: “G:\Program Files\Avira\AntiVir Desktop\avgnt.exe” /min
O4 - HKLM\..\Run: “G:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “G:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: “G:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “G:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKCU\..\Run: G:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU “G:\Windows\system32\config\SYSTEM~1\AppData\Local\Temp\E_S206C.tmp” /EF “HKCU”
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: G:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: G:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18\..\Run: “G:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe” ASO-616B5711-6DAE-4795-A05F-39A1E5104020 (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: “G:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe” ASO-616B5711-6DAE-4795-A05F-39A1E5104020 (User ‘Default user’)
O9 - Extra button: @G:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - G:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @G:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @G:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Download Video - {3B54DEAB-C6D4-48a8-8C32-A70558643400} - G:\Program Files\FinalVideoDownloader\fvdRunner.html
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - G:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - G:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: g:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: g:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - G:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - G:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - G:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - G:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - G:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - G:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - G:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - G:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - G:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - G:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - G:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - G:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: FsUsbExService - Teruten - G:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - G:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - G:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - G:\Windows\system32\IoctlSvc.exe
O23 - Service: Realtek11nSU - Realtek - G:\Program Files\Sitecom\WiFi USB adapter N300 Utility\RtlService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - G:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - G:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe (file missing)
–
End of file - 9076 bytes
======Scheduled tasks folder======
G:\Windows\tasks\Adobe Flash Player Updater.job
G:\Windows\tasks\Final Media Player Update Checker.job
G:\Windows\tasks\GoogleUpdateTaskMachineCore.job
G:\Windows\tasks\GoogleUpdateTaskMachineUA.job
G:\Windows\tasks\SmartDefrag.job
=========Mozilla firefox=========
ProfilePath - G:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\f0v84hdj.default
prefs.js - “extensions.enabledItems” - “{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37, downloader@finalvideotools.com:1.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7”
“downloader@finalvideotools.com”=G:\Program Files\FinalVideoDownloader\Firefox
“Description”=Adobe® Flash® Player 10
“Path”=G:\Windows\system32\Macromed\Flash\NPSWF32.dll
“Description”=Adobe Shockwave Player
“Path”=G:\Windows\system32\Adobe\Director\np32dsw.dll
“Description”=
“Path”=G:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
“Description”=Java™ Deployment Toolkit
“Path”=G:\Windows\system32\npDeployJava1.dll
“Description”=Oracle® Next Generation Java™ Plug-In
“Path”=G:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
“Description”=
“Path”=G:\Windows\system32\Wat\npWatWeb.dll
“Description”=Ag Player Plugin
“Path”=G:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
“Description”=Office Authorization plug-in for NPAPI browsers
“Path”=G:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
“Description”=Microsoft SharePoint Plug-in for Firefox
“Path”=G:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL
“Description”=WLPG Install MIME type
“Path”=G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=Google Update
“Path”=G:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
“Description”=Google Update
“Path”=G:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=G:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
G:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
G:\Program Files\Mozilla Firefox\components\
aboutCertError.js
aboutPrivateBrowsing.js
aboutRights.js
aboutRobots.js
aboutSessionRestore.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat
G:\Program Files\Mozilla Firefox\plugins\
npnul32.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
G:\Program Files\Mozilla Firefox\searchplugins\
bolcom-nl.xml
google.xml
marktplaats-nl.xml
vandale-nl.xml
wikipedia-nl.xml
yahoo-nl.xml
======Registry dump======
Spybot-S&D IE Protection - G:\PROGRA~1\SPYBOT~1\SDHelper.dll
Java™ Plug-In SSV Helper - G:\Program Files\Java\jre7\bin\ssv.dll
Windows Live ID Sign-in Helper - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Windows Live Messenger Companion Helper - G:\Program Files\Windows Live\Companion\companioncore.dll
Office Document Cache Handler - G:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
Java™ Plug-In 2 SSV Helper - G:\Program Files\Java\jre7\bin\jp2ssv.dll
“IntelliPoint”=G:\Program Files\Microsoft IntelliPoint\ipoint.exe
“itype”=G:\Program Files\Microsoft IntelliType Pro\itype.exe
“fssui”=G:\Program Files\Windows Live\Family Safety\fsui.exe
“avgnt”=G:\Program Files\Avira\AntiVir Desktop\avgnt.exe
“Adobe ARM”=G:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“APSDaemon”=G:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
“SunJavaUpdateSched”=G:\Program Files\Common Files\Java\Java Update\jusched.exe
“iTunesHelper”=G:\Program Files\iTunes\iTunesHelper.exe
“EPSON SX430 Series”=G:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE
G:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
G:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
G:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
G:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
G:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
G:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe
G:\Program Files\Cyberlink\Shared files\brs.exe
G:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
G:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE
G:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
G:\Program Files\iTunes\iTunesHelper.exe
G:\Program Files\Samsung\Kies\KiesAirMessage.exe
G:\Program Files\Samsung\Kies\Kies.exe
G:\Program Files\Samsung\Kies\KiesTrayAgent.exe
G:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
G:\Program Files\Common Files\Apple\Internet Services\ubd.exe
G:\Program Files\ASUS\OLINK\OLink.exe
G:\Program Files\CyberLink\PowerDVD9\Language\Language.exe
G:\Program Files\QuickTime\QTTask.exe
G:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
G:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
cmd.exe /c RD /S /Q G:\Program Files\Search Results Toolbar
G:\Users\ericpeggy\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
G:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
G:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=0
“ConsentPromptBehaviorUser”=3
“EnableLUA”=0
“EnableUIADesktopToggle”=0
“PromptOnSecureDesktop”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoDriveTypeAutoRun”=145
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“vidc.uyvy”=msyuv.dll
“vidc.yuy2”=msyuv.dll
“vidc.yvyu”=msyuv.dll
“vidc.iyuv”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“vidc.yvu9”=tsbyuv.dll
“msacm.l3acm”=G:\Windows\System32\l3codeca.acm
“vidc.cvid”=iccvid.dll
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“msacm.siren”=sirenacm.dll
“msacm.divxa32”=msaud32_divx.acm
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
======File associations======
.js - edit - G:\Windows\System32\Notepad.exe %1
.js - open - G:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2013-10-14 18:11:43 —-D—- G:\rsit
2013-10-14 18:11:43 —-D—- G:\Program Files\trend micro
2013-10-14 17:41:24 —-D—- G:\AdwCleaner
2013-10-13 12:17:23 —-D—- G:\Windows\system32\Wat
2013-10-13 09:54:47 —-D—- G:\Windows\system32\config\systemprofile\AppData\Roaming\Nero
2013-10-12 22:20:15 —-D—- G:\Windows\system32\%LOCALAPPDATA%
2013-10-12 21:27:38 —-D—- G:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla
2013-10-12 18:02:08 —-A—- G:\Windows\system32\scavengeui.dll
2013-10-12 18:02:06 —-A—- G:\Windows\system32\mswsock.dll
2013-10-12 18:02:06 —-A—- G:\Windows\system32\drivers\tcpip.sys
2013-10-12 18:02:06 —-A—- G:\Windows\system32\drivers\afd.sys
2013-10-12 18:02:05 —-A—- G:\Windows\system32\ntoskrnl.exe
2013-10-12 18:02:05 —-A—- G:\Windows\system32\ntkrnlpa.exe
2013-10-12 18:02:04 —-A—- G:\Windows\system32\tdh.dll
2013-10-12 18:02:04 —-A—- G:\Windows\system32\ntdll.dll
2013-10-12 18:02:04 —-A—- G:\Windows\system32\advapi32.dll
2013-10-12 18:02:02 —-A—- G:\Windows\system32\drivers\usbscan.sys
2013-10-12 18:02:02 —-A—- G:\Windows\system32\drivers\hidparse.sys
2013-10-12 18:02:02 —-A—- G:\Windows\system32\drivers\hidclass.sys
2013-10-12 18:02:01 —-A—- G:\Windows\system32\win32k.sys
2013-10-12 18:02:00 —-A—- G:\Windows\system32\drivers\dxgkrnl.sys
2013-10-12 18:01:59 —-A—- G:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-12 18:01:59 —-A—- G:\Windows\system32\lpk.dll
2013-10-12 18:01:59 —-A—- G:\Windows\system32\fontsub.dll
2013-10-12 18:01:59 —-A—- G:\Windows\system32\dciman32.dll
2013-10-12 18:01:59 —-A—- G:\Windows\system32\atmlib.dll
2013-10-12 18:01:59 —-A—- G:\Windows\system32\atmfd.dll
2013-10-12 18:01:58 —-A—- G:\Windows\system32\comctl32.dll
2013-10-12 18:01:57 —-A—- G:\Windows\system32\WebClnt.dll
2013-10-12 18:01:56 —-A—- G:\Windows\system32\drivers\mrxdav.sys
2013-10-12 18:01:56 —-A—- G:\Windows\system32\davclnt.dll
2013-10-12 17:59:28 —-A—- G:\Windows\system32\drivers\usbcir.sys
2013-10-12 17:59:15 —-A—- G:\Windows\system32\drivers\Wdf01000.sys
2013-10-12 17:25:42 —-A—- G:\Windows\system32\drivers\usbuhci.sys
2013-10-12 17:25:42 —-A—- G:\Windows\system32\drivers\usbport.sys
2013-10-12 17:25:42 —-A—- G:\Windows\system32\drivers\usbohci.sys
2013-10-12 17:25:42 —-A—- G:\Windows\system32\drivers\usbhub.sys
2013-10-12 17:25:42 —-A—- G:\Windows\system32\drivers\usbehci.sys
2013-10-12 17:25:42 —-A—- G:\Windows\system32\drivers\usbd.sys
2013-10-12 17:25:42 —-A—- G:\Windows\system32\drivers\usbccgp.sys
2013-10-12 17:10:52 —-A—- G:\Windows\system32\jscript.dll
2013-10-12 17:10:51 —-A—- G:\Windows\system32\jsproxy.dll
2013-10-12 17:10:51 —-A—- G:\Windows\system32\jscript9.dll
2013-10-12 17:10:51 —-A—- G:\Windows\system32\iesetup.dll
2013-10-12 17:10:50 —-A—- G:\Windows\system32\urlmon.dll
2013-10-12 17:10:50 —-A—- G:\Windows\system32\RegisterIEPKEYs.exe
2013-10-12 17:10:50 —-A—- G:\Windows\system32\msfeeds.dll
2013-10-12 17:10:50 —-A—- G:\Windows\system32\ieui.dll
2013-10-12 17:10:50 —-A—- G:\Windows\system32\iesysprep.dll
2013-10-12 17:10:50 —-A—- G:\Windows\system32\iernonce.dll
2013-10-12 17:10:50 —-A—- G:\Windows\system32\ie4uinit.exe
2013-10-12 17:10:49 —-A—- G:\Windows\system32\iertutil.dll
2013-10-12 17:10:48 —-A—- G:\Windows\system32\wininet.dll
2013-10-12 17:10:47 —-A—- G:\Windows\system32\ieframe.dll
2013-10-12 17:10:45 —-A—- G:\Windows\system32\mshtml.dll
2013-10-11 21:19:09 —-D—- G:\Windows\system32\config\systemprofile\AppData\Roaming\Malwarebytes
2013-10-11 20:32:11 —-D—- G:\Windows\system32\config\systemprofile\AppData\Roaming\Windows Live Writer
2013-10-11 20:19:53 —-D—- G:\Windows\system32\config\systemprofile\AppData\Roaming\Avira
2013-10-11 20:15:02 —-D—- G:\Windows\system32\cache
2013-10-11 20:10:37 —-D—- G:\Windows\system32\config\systemprofile\AppData\Roaming\Identities
======List of files/folders modified in the last 1 month======
2013-10-14 20:21:52 —-D—- G:\Windows\Temp
2013-10-14 19:35:01 —-D—- G:\Windows\system32\config
2013-10-14 19:31:58 —-D—- G:\Windows\Prefetch
2013-10-14 19:23:33 —-SHD—- G:\System Volume Information
2013-10-14 18:11:43 —-RD—- G:\Program Files
2013-10-14 18:08:53 —-D—- G:\Windows\system32\drivers
2013-10-14 17:44:13 —-D—- G:\Program Files\Common Files
2013-10-14 17:44:12 —-HD—- G:\ProgramData
2013-10-14 17:43:05 —-D—- G:\Windows\System32
2013-10-14 17:43:05 —-D—- G:\Windows\inf
2013-10-14 17:43:05 —-A—- G:\Windows\system32\PerfStringBackup.INI
2013-10-14 17:40:41 —-D—- G:\Windows\system32\FxsTmp
2013-10-13 12:17:37 —-D—- G:\Windows
2013-10-13 12:17:35 —-D—- G:\Windows\winsxs
2013-10-13 12:17:21 —-D—- G:\Windows\system32\catroot
2013-10-13 11:46:38 —-SD—- G:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft
2013-10-13 10:53:38 —-D—- G:\Windows\Logs
2013-10-13 10:18:23 —-D—- G:\Windows\Panther
2013-10-13 10:18:22 —-D—- G:\Windows\debug
2013-10-13 10:17:48 —-D—- G:\Program Files\CCleaner
2013-10-13 09:55:04 —-A—- G:\Windows\NeroDigital.ini
2013-10-13 09:37:19 —-SHD—- G:\Recovery
2013-10-13 00:00:16 —-D—- G:\Windows\rescache
2013-10-12 23:13:01 —-D—- G:\Windows\Microsoft.NET
2013-10-12 23:13:00 —-RSD—- G:\Windows\assembly
2013-10-12 21:27:51 —-D—- G:\Program Files\Mozilla Firefox
2013-10-12 17:26:28 —-D—- G:\Windows\system32\DriverStore
2013-10-12 17:23:39 —-D—- G:\Windows\system32\catroot2
2013-10-12 17:18:50 —-D—- G:\Program Files\Microsoft Silverlight
2013-10-12 17:16:39 —-D—- G:\Windows\system32\nl-NL
2013-10-12 17:16:39 —-D—- G:\Windows\system32\en-US
2013-10-12 17:16:39 —-D—- G:\Program Files\Internet Explorer
2013-10-12 17:14:25 —-D—- G:\Windows\system32\MRT
2013-10-12 17:12:07 —-A—- G:\Windows\system32\MRT.exe
2013-10-12 17:12:01 —-SHD—- G:\Windows\Installer
2013-10-12 17:11:59 —-SHD—- G:\Config.Msi
2013-10-11 21:00:11 —-D—- G:\Windows\Tasks
2013-10-11 21:00:11 —-D—- G:\Windows\system32\wfp
2013-10-11 21:00:07 —-D—- G:\Windows\system32\wbem
2013-10-11 20:58:33 —-HD—- G:\Windows\system32\GroupPolicy
2013-10-11 20:58:33 —-D—- G:\Windows\system32\Tasks
2013-10-11 20:58:33 —-D—- G:\Windows\system32\CodeIntegrity
2013-10-11 20:58:29 —-D—- G:\Windows\AppCompat
2013-10-11 20:58:15 —-D—- G:\ProgramData\AVG SafeGuard toolbar
2013-10-11 20:58:08 —-D—- G:\Program Files\Common Files\microsoft shared
2013-10-11 20:57:37 —-D—- G:\Windows\registration
2013-10-11 20:57:16 —-HD—- G:\Windows\system32\GroupPolicyUsers
2013-10-11 20:56:32 —-RD—- G:\Users
2013-10-08 21:38:11 —-A—- G:\Windows\system32\FlashPlayerApp.exe
2013-10-02 14:28:30 —-D—- G:\Program Files\AVG SafeGuard toolbar
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; G:\Windows\System32\drivers\rdyboost.sys
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; G:\Windows\system32\drivers\vmbus.sys
R1 avgtp;avgtp; \??\G:\Windows\system32\drivers\avgtpx86.sys
R1 avipbb;avipbb; G:\Windows\system32\DRIVERS\avipbb.sys
R1 avkmgr;avkmgr; G:\Windows\system32\DRIVERS\avkmgr.sys
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; G:\Windows\system32\drivers\csc.sys
R1 ssmdrv;ssmdrv; G:\Windows\system32\DRIVERS\ssmdrv.sys
R1 vwififlt;Virtual WiFi Filter Driver; G:\Windows\system32\DRIVERS\vwififlt.sys
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control ; \??\G:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
R2 avgntflt;avgntflt; G:\Windows\system32\DRIVERS\avgntflt.sys
R2 fssfltr;FssFltr; G:\Windows\system32\DRIVERS\fssfltr.sys
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; G:\Windows\system32\DRIVERS\mdc8021x.sys
R2 Parvdm;Parvdm; G:\Windows\system32\DRIVERS\parvdm.sys
R3 amdkmdag;amdkmdag; G:\Windows\system32\DRIVERS\atikmdag.sys
R3 amdkmdap;amdkmdap; G:\Windows\system32\DRIVERS\atikmpag.sys
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; G:\Windows\system32\drivers\AtiHdmi.sys
R3 FsUsbExDisk;FsUsbExDisk; \??\G:\Windows\system32\FsUsbExDisk.SYS
R3 GEARAspiWDM;GEAR ASPI Filter Driver; G:\Windows\system32\DRIVERS\GEARAspiWDM.sys
R3 RTL8167;Realtek 8167 NT Driver; G:\Windows\system32\DRIVERS\Rt86win7.sys
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; G:\Windows\system32\DRIVERS\RTL8192su.sys
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; G:\Windows\system32\DRIVERS\vwifimp.sys
S2 Ca1528av;SPCA1528 Video Camera Service; G:\Windows\System32\Drivers\Ca1528av.sys
S3 aic78xx;aic78xx; G:\Windows\system32\DRIVERS\djsvs.sys
S3 amdagp;AMD AGP Bus Filter Driver; G:\Windows\system32\drivers\amdagp.sys
S3 atikmdag;atikmdag; G:\Windows\system32\DRIVERS\atikmdag.sys
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; G:\Windows\system32\DRIVERS\b57nd60x.sys
S3 BthAvrcp;Bluetooth AVRCP Profile; G:\Windows\system32\DRIVERS\BthAvrcp.sys
S3 BthEnum;Bluetooth Request Block Driver; G:\Windows\system32\drivers\BthEnum.sys
S3 BthPan;Bluetooth Device (Personal Area Network); G:\Windows\system32\DRIVERS\bthpan.sys
S3 BTHPORT;Bluetooth Port Driver; G:\Windows\System32\Drivers\BTHport.sys
S3 BTHUSB;Bluetooth Radio USB Driver; G:\Windows\System32\Drivers\BTHUSB.sys
S3 Bulk1528;SPCA1528 Still Camera Service; G:\Windows\System32\Drivers\Bulk1528.sys
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\G:\Windows\system32\drivers\BVRPMPR5.SYS
S3 dc3d;MS Hardware Device Detection Driver (USB); G:\Windows\system32\DRIVERS\dc3d.sys
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); G:\Windows\system32\DRIVERS\ssudbus.sys
S3 dgderdrv;dgderdrv; G:\Windows\System32\drivers\dgderdrv.sys
S3 DrvAgent32;DrvAgent32; \??\G:\Windows\system32\Drivers\DrvAgent32.sys
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; G:\Windows\system32\DRIVERS\E1G60I32.sys
S3 FTDIBUS;USB Serial Converter Driver; G:\Windows\system32\drivers\ftdibus.sys
S3 FTSER2K;USB Serial Port Driver; G:\Windows\system32\drivers\ftser2k.sys
S3 NuidFltr;NUID filter driver; G:\Windows\system32\DRIVERS\NuidFltr.sys
S3 pciide;pciide; G:\Windows\system32\drivers\pciide.sys
S3 Point32;Microsoft IntelliPoint Filter Driver; G:\Windows\system32\DRIVERS\point32.sys
S3 RDPDR;Terminal Server Device Redirector Driver; G:\Windows\System32\drivers\rdpdr.sys
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; G:\Windows\System32\drivers\rdpvideominiport.sys
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); G:\Windows\system32\DRIVERS\rfcomm.sys
S3 s3cap;s3cap; G:\Windows\system32\drivers\vms3cap.sys
S3 sisagp;SIS AGP Bus Filter; G:\Windows\system32\drivers\sisagp.sys
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); G:\Windows\system32\DRIVERS\ssudmdm.sys
S3 storvsc;storvsc; G:\Windows\system32\drivers\storvsc.sys
S3 Synth3dVsc;Synth3dVsc; G:\Windows\System32\drivers\synth3dvsc.sys
S3 TsUsbFlt;TsUsbFlt; G:\Windows\system32\drivers\tsusbflt.sys
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; G:\Windows\system32\drivers\tsusbhub.sys
S3 USBAAPL;Apple Mobile USB Driver; G:\Windows\System32\Drivers\usbaapl.sys
S3 usbscan;USB Scanner Driver; G:\Windows\system32\DRIVERS\usbscan.sys
S3 VGPU;VGPU; G:\Windows\System32\drivers\rdvgkmd.sys
S3 viaagp;VIA AGP Bus Filter; G:\Windows\system32\drivers\viaagp.sys
S3 ViaC7;VIA C7 Processor Driver; G:\Windows\system32\DRIVERS\viac7.sys
S3 VMBusHID;VMBusHID; G:\Windows\system32\drivers\VMBusHID.sys
S3 WinUsb;SAMSUNG Android USB Driver; G:\Windows\system32\DRIVERS\WinUsb.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; G:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 AMD External Events Utility;AMD External Events Utility; G:\Windows\system32\atiesrxx.exe
R2 AntiVirSchedulerService;Avira Scheduler; G:\Program Files\Avira\AntiVir Desktop\sched.exe
R2 AntiVirService;Avira Real-Time Protection; G:\Program Files\Avira\AntiVir Desktop\avguard.exe
R2 Apple Mobile Device;Apple Mobile Device; G:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
R2 Bonjour Service;Bonjour-service; G:\Program Files\Bonjour\mDNSResponder.exe
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; G:\Windows\System32\svchost.exe
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); G:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); G:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); G:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
R2 fsssvc;Windows Live Family Safety Service; G:\Program Files\Windows Live\Family Safety\fsssvc.exe
R2 FsUsbExService;FsUsbExService; G:\Windows\system32\FsUsbExService.Exe
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; G:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; G:\Windows\system32\IoctlSvc.exe
R2 Realtek11nSU;Realtek11nSU; G:\Program Files\Sitecom\WiFi USB adapter N300 Utility\RtlService.exe
R2 SBSDWSCService;SBSD Security Center Service; G:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
R2 wlidsvc;Windows Live ID Sign-in Assistant; G:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; G:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Update-service (gupdate); G:\Program Files\Google\Update\GoogleUpdate.exe
S2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12; G:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; G:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 AppMgmt;@appmgmts.dll,-3250; G:\Windows\system32\svchost.exe
S3 gupdatem;Google Update-service (gupdatem); G:\Program Files\Google\Update\GoogleUpdate.exe
S3 iPod Service;iPod-service; G:\Program Files\iPod\bin\iPodService.exe
S3 NMIndexingService;NMIndexingService; G:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
S3 ose;Office Source Engine; G:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 osppsvc;Office Software Protection Platform; G:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; G:\Windows\System32\svchost.exe
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; G:\Windows\System32\svchost.exe
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; G:\Windows\system32\Wat\WatAdminSvc.exe
S4 wlcrasvc;Windows Live Mesh remote connections service; G:\Program Files\Windows Live\Mesh\wlcrasvc.exe
—————–EOF—————–
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
