Toch maar even een paar logjes

rudi

17-10-2013 17:12

Heren,
vanmiddag stuiterde Windows verkenner er een paar keer uit evendals IE.
Ik heb toen toch maar even het stappenplan doorlopen en Mbam vond in ieder geval iets (inmiddels verwijderd)
Hierbij de logjes misschien kunnen jullie er iets van maken? Bedankt alvast.
# AdwCleaner v3.008 - Report created 17/10/2013 at 16:45:36
# Updated 17/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : R. Adelerhof - RADELERHOF-PC
# Running from : C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SORE0KS4\adwcleaner.exe
# Option : Clean
***** *****
***** *****
***** *****
***** *****
***** *****
-\\ Internet Explorer v10.0.9200.16720
-\\ Mozilla Firefox v20.0.1 (nl)
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
Logfile of random's system information tool 1.09 (written by random/random)
Run by R. Adelerhof at 2013-10-17 17:04:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 125 GB (62%) free of 203 GB
Total RAM: 8078 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:04:11, on 17-10-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\trend micro\R. Adelerhof.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hardware.startpagina.nl/prikbord/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file)
O3 - Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\ASUS\APRP\APRP.EXE”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe” “C:\Program Files (x86)\Cyberlink\DVD Suite” UpdateWithCreateOnce “Software\CyberLink\PowerStarter”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKLM\..\Run: “C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe” -osboot
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OnlineBackupService - CloudBackup - C:\Program Files\ArgewebBackup\OnlineBackupService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
–
End of file - 15775 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
winlogon.exe
“C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe”
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
“C:\Windows\system32\FBAgent.exe”
“C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe”
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 26321152
\??\C:\Windows\system32\conhost.exe "7740531561459281348-10313424261043210338129222665416893798821633923797165702872
/QuitInfo:000000000000049C;00000000000004A0; /AddRef;
“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe”
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”
“C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe”
“taskhost.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe”
“C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe”
“C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe”
“C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe”
taskeng.exe {013749D0-CDE8-4507-98E4-DF973B3208DD}
/QuitInfo:00000000000004EC;00000000000004F0; /AddRef;
/QuitInfo:00000000000004E0;00000000000004F8;
“C:\Windows\system32\Dwm.exe”
/loadhooks /Parent:0000000000000850
C:\Windows\Explorer.EXE
taskeng.exe {851D66E9-BE4A-49EE-82EA-2255C4922BEB}
ATKOSD.exe
C:\Windows\system32\svchost.exe -k bthsvcs
“C:\Program Files\Intel\WiFi\bin\EvtEng.exe”
“C:\Program Files\ASUS\P4G\BatteryLife.exe”
“C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe”
“C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe”
“C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe”
“C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe”
“C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe” /service
KBFiltr.exe
WDC.exe
“C:\Program Files\Intel\iCLS Client\HeciServer.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe”
“C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe” -sMSSQLSERVER
C:\Windows\System32\svchost.exe -k HPZ12
“C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe” /s “NIS” /m “C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\diMaster.dll” /prefetch:1
“C:\Program Files\ArgewebBackup\OnlineBackupService.exe”
“C:\Windows\System32\igfxtray.exe”
“C:\Windows\System32\hkcmd.exe”
“C:\Program Files\Elantech\ETDCtrl.exe”
“C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe” /MAXX3
“C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe” /c /a /s UserSession2
“C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe”
“C:\Windows\System32\rundll32.exe” “C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll”,TrayApp
“C:\Program Files (x86)\ASUS\Splendid\ACMON.exe”
“C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe”
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
“C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe”
“C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe”
“C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe”
“C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe” -osboot
“C:/Program Files/NVIDIA Corporation/Display/nvtray.exe” -user_has_logged_in 1
C:\Windows\System32\svchost.exe -k HPZ12
“C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe”
“C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe”
“C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe”
C:\Windows\system32\svchost.exe -k imgsvc
“C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”
“C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe”
C:\Windows\system32\wbem\unsecapp.exe -Embedding
“C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe”
WLIDSvcM.exe 4776
C:\Windows\system32\wbem\wmiprvse.exe
“C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe”
“C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe”
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
“C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe” -Embedding
“C:\Windows\AsScrPro.exe”
“C:\Program Files\Elantech\ETDCtrlHelper.exe”
“C:\Program Files\Elantech\ETDGesture.exe”
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
“C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe”
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe” -s
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe”
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
“C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe”
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
“C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe”
“C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe”
“C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe”
“C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe” /DisableUI
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe”
“C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe”
“C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe”
C:\Windows\system32\svchost.exe -k SDRSVC
“C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE”
“C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe”
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3085899422-3526582053-2542983109-10018_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3085899422-3526582053-2542983109-10018 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon” “1”
“C:\Windows\system32\SearchFilterHost.exe” 0 520 524 532 65536 528
taskhost.exe $(Arg0)
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon”
“C:\Users\R. Adelerhof\Desktop\RSITx64.exe”
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
=========Mozilla firefox=========
ProfilePath - C:\Users\R. Adelerhof\AppData\Roaming\Mozilla\Firefox\Profiles\dusbzwjy.default
prefs.js - “browser.startup.homepage” - “https://www.facebook.com/”
“Description”=Adobe® Flash® Player 11.9.900.117 Plugin
“Path”=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
“Description”=Intel IPT WebApi plugin
“Path”=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
“Description”=This plugin updates Intel WebAPI component
“Path”=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
“Description”=Office Authorization plug-in for NPAPI browsers
“Path”=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
“Description”=Microsoft SharePoint Plug-in for Firefox
“Path”=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=NVIDIA stereo images plugin for Mozilla browsers
“Path”=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
“Description”=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
“Path”=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
“Description”=RealPlayer™ LiveConnect-Enabled Plug-In
“Path”=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
“Description”=RealNetworks™ RealDownloader Chrome Background Extension Plug-In
“Path”=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
“Description”=RealNetworks™ RealDownloader HTML5VideoShim Plug-In
“Path”=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
“Description”=RealNetworks™ RealDownloader Peppe rFlash Video Shim Plug-In
“Path”=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
“Description”=RealPlayer Download Plugin
“Path”=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
“Description”=RealDownloader Plugin
“Path”=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
“Description”=Adobe® Flash® Player 11.9.900.117 Plugin
“Path”=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
“Description”=Office Authorization plug-in for NPAPI browsers
“Path”=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
bing.xml
bolcom-nl.xml
google.xml
marktplaats-nl.xml
wikipedia-nl.xml
======Registry dump======
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
{8dcb7100-df86-4384-8842-8fa844297b3f}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“ETDCtrl”=C:\Program Files\Elantech\ETDCtrl.exe
“RtHDVBg”=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
“BLEServicesCtrl”=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
“BTMTrayAgent”=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
“AmIcoSinglun64”=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\R. Adelerhof\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart
C:\Users\R. Adelerhof\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
“Adobe ARM”=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“ASUSPRP”=C:\Program Files (x86)\ASUS\APRP\APRP.EXE
“ASUSWebStorage”=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
“USB3MON”=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
“ATKOSD2”=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
“ATKMEDIA”=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
“HControlUser”=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
“ASUS InstantKey”=C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
“Wireless Console 3”=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
“RemoteControl10”=C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
“UpdatePSTShortCut”=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe
“BCSSync”=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
“TkBellExe”=C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
“AppInit_DLLs”=“C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll”
C:\Windows\system32\igfxdev.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“MSVideo8”=VfWWDM32.dll
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“wave2”=wdmaud.drv
“midi2”=wdmaud.drv
“mixer2”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2013-10-09 23:28:56 —-A—- C:\Windows\SYSWOW64\ieui.dll
2013-10-09 23:28:55 —-A—- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-09 23:28:55 —-A—- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-09 23:28:55 —-A—- C:\Windows\SYSWOW64\iesetup.dll
2013-10-09 23:28:55 —-A—- C:\Windows\SYSWOW64\iertutil.dll
2013-10-09 23:28:55 —-A—- C:\Windows\SYSWOW64\iernonce.dll
2013-10-09 23:28:55 —-A—- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 23:28:55 —-A—- C:\Windows\system32\ieui.dll
2013-10-09 23:28:55 —-A—- C:\Windows\system32\iesysprep.dll
2013-10-09 23:28:55 —-A—- C:\Windows\system32\iesetup.dll
2013-10-09 23:28:55 —-A—- C:\Windows\system32\iernonce.dll
2013-10-09 23:28:55 —-A—- C:\Windows\system32\ie4uinit.exe
2013-10-09 23:28:54 —-A—- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-09 23:28:54 —-A—- C:\Windows\system32\msfeeds.dll
2013-10-09 23:28:54 —-A—- C:\Windows\system32\iertutil.dll
2013-10-09 23:28:53 —-A—- C:\Windows\SYSWOW64\jscript9.dll
2013-10-09 23:28:53 —-A—- C:\Windows\SYSWOW64\jscript.dll
2013-10-09 23:28:53 —-A—- C:\Windows\system32\jscript9.dll
2013-10-09 23:28:53 —-A—- C:\Windows\system32\jscript.dll
2013-10-09 23:28:52 —-A—- C:\Windows\SYSWOW64\urlmon.dll
2013-10-09 23:28:52 —-A—- C:\Windows\system32\urlmon.dll
2013-10-09 23:28:51 —-A—- C:\Windows\SYSWOW64\wininet.dll
2013-10-09 23:28:51 —-A—- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-09 23:28:51 —-A—- C:\Windows\SYSWOW64\ieframe.dll
2013-10-09 23:28:51 —-A—- C:\Windows\system32\wininet.dll
2013-10-09 23:28:51 —-A—- C:\Windows\system32\jsproxy.dll
2013-10-09 23:28:50 —-A—- C:\Windows\system32\ieframe.dll
2013-10-09 23:28:49 —-A—- C:\Windows\system32\mshtml.dll
2013-10-09 23:28:47 —-A—- C:\Windows\SYSWOW64\mshtml.dll
2013-10-09 13:05:34 —-A—- C:\Windows\SYSWOW64\lpk.dll
2013-10-09 13:05:34 —-A—- C:\Windows\SYSWOW64\fontsub.dll
2013-10-09 13:05:34 —-A—- C:\Windows\SYSWOW64\dciman32.dll
2013-10-09 13:05:34 —-A—- C:\Windows\SYSWOW64\comctl32.dll
2013-10-09 13:05:34 —-A—- C:\Windows\SYSWOW64\atmlib.dll
2013-10-09 13:05:34 —-A—- C:\Windows\SYSWOW64\atmfd.dll
2013-10-09 13:05:34 —-A—- C:\Windows\system32\lpk.dll
2013-10-09 13:05:34 —-A—- C:\Windows\system32\fontsub.dll
2013-10-09 13:05:34 —-A—- C:\Windows\system32\dciman32.dll
2013-10-09 13:05:34 —-A—- C:\Windows\system32\comctl32.dll
2013-10-09 13:05:34 —-A—- C:\Windows\system32\atmlib.dll
2013-10-09 13:05:34 —-A—- C:\Windows\system32\atmfd.dll
2013-10-09 13:05:33 —-A—- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-09 13:05:32 —-A—- C:\Windows\system32\drivers\usbvideo.sys
2013-10-09 13:05:32 —-A—- C:\Windows\system32\drivers\usbscan.sys
2013-10-09 13:05:32 —-A—- C:\Windows\system32\drivers\usbcir.sys
2013-10-09 13:05:32 —-A—- C:\Windows\system32\drivers\hidparse.sys
2013-10-09 13:05:32 —-A—- C:\Windows\system32\drivers\hidclass.sys
2013-10-09 13:05:31 —-A—- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-09 13:05:31 —-A—- C:\Windows\SYSWOW64\davclnt.dll
2013-10-09 13:05:31 —-A—- C:\Windows\system32\WebClnt.dll
2013-10-09 13:05:31 —-A—- C:\Windows\system32\drivers\mrxdav.sys
2013-10-09 13:05:31 —-A—- C:\Windows\system32\davclnt.dll
2013-10-09 13:05:30 —-A—- C:\Windows\SYSWOW64\mswsock.dll
2013-10-09 13:05:30 —-A—- C:\Windows\system32\mswsock.dll
2013-10-09 13:05:30 —-A—- C:\Windows\system32\drivers\tcpip.sys
2013-10-09 13:05:30 —-A—- C:\Windows\system32\drivers\afd.sys
2013-10-09 13:05:29 —-A—- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-09 13:05:29 —-A—- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-09 13:05:29 —-A—- C:\Windows\system32\win32k.sys
2013-10-09 13:05:29 —-A—- C:\Windows\system32\tdh.dll
2013-10-09 13:05:29 —-A—- C:\Windows\system32\ntoskrnl.exe
2013-10-09 13:05:29 —-A—- C:\Windows\system32\advapi32.dll
2013-10-09 13:05:28 —-A—- C:\Windows\SYSWOW64\wow32.dll
2013-10-09 13:05:28 —-A—- C:\Windows\SYSWOW64\user.exe
2013-10-09 13:05:28 —-A—- C:\Windows\SYSWOW64\tdh.dll
2013-10-09 13:05:28 —-A—- C:\Windows\SYSWOW64\setup16.exe
2013-10-09 13:05:28 —-A—- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-09 13:05:28 —-A—- C:\Windows\SYSWOW64\ntdll.dll
2013-10-09 13:05:28 —-A—- C:\Windows\SYSWOW64\instnm.exe
2013-10-09 13:05:28 —-A—- C:\Windows\SYSWOW64\advapi32.dll
2013-10-09 13:05:28 —-A—- C:\Windows\system32\wow64.dll
2013-10-09 13:05:28 —-A—- C:\Windows\system32\ntdll.dll
2013-10-09 13:05:25 —-A—- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 13:05:25 —-A—- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 13:05:24 —-A—- C:\Windows\system32\scavengeui.dll
2013-10-09 13:05:24 —-A—- C:\Windows\system32\drivers\usbuhci.sys
2013-10-09 13:05:24 —-A—- C:\Windows\system32\drivers\usbport.sys
2013-10-09 13:05:24 —-A—- C:\Windows\system32\drivers\usbohci.sys
2013-10-09 13:05:24 —-A—- C:\Windows\system32\drivers\usbhub.sys
2013-10-09 13:05:24 —-A—- C:\Windows\system32\drivers\usbehci.sys
2013-10-09 13:05:24 —-A—- C:\Windows\system32\drivers\usbd.sys
2013-10-09 13:05:24 —-A—- C:\Windows\system32\drivers\usbccgp.sys
2013-10-09 13:05:24 —-A—- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-02 11:49:26 —-D—- C:\AdwCleaner
2013-09-19 17:49:51 —-D—- C:\Program Files (x86)\IB47
2013-09-19 17:49:51 —-A—- C:\Windows\SYSWOW64\UNWISE.INI
======List of files/folders modified in the last 1 month======
2013-10-17 17:04:10 —-D—- C:\Program Files\trend micro
2013-10-17 17:04:01 —-D—- C:\Windows\Temp
2013-10-17 16:53:04 —-D—- C:\Windows\system32\MRT
2013-10-17 16:53:02 —-D—- C:\Windows\debug
2013-10-17 16:53:00 —-A—- C:\Windows\system32\MRT.exe
2013-10-17 16:52:56 —-SHD—- C:\System Volume Information
2013-10-17 16:52:40 —-D—- C:\Windows\System32
2013-10-17 16:52:40 —-D—- C:\Windows\inf
2013-10-17 16:52:40 —-A—- C:\Windows\system32\PerfStringBackup.INI
2013-10-17 16:48:17 —-A—- C:\Windows\SYSWOW64\log.txt
2013-10-17 16:46:18 —-D—- C:\Windows\system32\Tasks
2013-10-17 16:46:16 —-D—- C:\Windows\system32\config
2013-10-17 16:46:07 —-D—- C:\ProgramData\NVIDIA
2013-10-17 15:51:51 —-D—- C:\Users\R. Adelerhof\AppData\Roaming\GoodSync
2013-10-17 13:01:08 —-D—- C:\ProgramData\Davilex Business
2013-10-11 16:42:19 —-D—- C:\Windows
2013-10-11 16:42:16 —-RD—- C:\Program Files (x86)
2013-10-11 11:17:59 —-D—- C:\Windows\Panther
2013-10-11 10:43:36 —-AD—- C:\ProgramData\Temp
2013-10-11 10:43:28 —-D—- C:\Program Files (x86)\SpywareBlaster
2013-10-10 21:24:42 —-RSD—- C:\Windows\assembly
2013-10-10 21:24:42 —-D—- C:\Windows\Microsoft.NET
2013-10-10 15:55:58 —-HDC—- C:\ProgramData\{60DDF087-751A-4FF1-8938-1F443130BCE9}
2013-10-10 15:55:56 —-SHD—- C:\Windows\Installer
2013-10-10 15:55:56 —-HD—- C:\Config.Msi
2013-10-10 15:55:55 —-D—- C:\Microloon2013
2013-10-10 08:33:25 —-D—- C:\Windows\winsxs
2013-10-10 08:32:39 —-D—- C:\Windows\SysWOW64
2013-10-10 08:32:39 —-D—- C:\Windows\system32\drivers
2013-10-10 08:32:39 —-D—- C:\Program Files\Internet Explorer
2013-10-10 08:32:39 —-D—- C:\Program Files (x86)\Internet Explorer
2013-10-10 08:32:38 —-D—- C:\Windows\system32\nl-NL
2013-10-10 08:32:38 —-D—- C:\Windows\AppPatch
2013-10-10 08:32:37 —-D—- C:\Windows\system32\DriverStore
2013-10-09 23:30:35 —-D—- C:\ProgramData\Microsoft Help
2013-10-09 23:29:04 —-D—- C:\Windows\system32\catroot2
2013-10-09 23:29:04 —-D—- C:\Windows\system32\catroot
2013-10-09 23:27:55 —-D—- C:\Program Files\Microsoft Silverlight
2013-10-09 23:27:55 —-D—- C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 23:26:59 —-A—- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-09 13:18:41 —-A—- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-08 19:51:48 —-D—- C:\Windows\system32\NDF
2013-10-08 18:01:26 —-D—- C:\ProgramData\Davilex
2013-10-03 11:25:33 —-D—- C:\Program Files (x86)\Microloon BAPI Beheer
2013-09-27 13:35:27 —-D—- C:\Windows\SoftwareDistribution
2013-09-27 13:30:24 —-D—- C:\Program Files\CCleaner
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20131002.001\BHDrvx64.sys
R1 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20131015.003\IDSvia64.sys
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys
R3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys
R3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys
R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys
R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20131016.032\ENG64.SYS
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20131016.032\EX64.SYS
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
R2 GsServer;GoodSync Server; C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
R2 OnlineBackupService;OnlineBackupService; C:\Program Files\ArgewebBackup\OnlineBackupService.exe
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
S4 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
—————–EOF—————–
Mbam volgt zo
rudi

17-10-2013 17:16

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.10.17.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
R. Adelerhof :: RADELERHOF-PC
17-10-2013 16:47:08
mbam-log-2013-10-17 (16-47-08).txt
Scan type: Volledige scan (C:\|D:\|E:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 441604
Verstreken tijd: 28 minuut/minuten, 10 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 3
C:\$Recycle.Bin\S-1-5-21-3085899422-3526582053-2542983109-1001\$RDLHQOI.exe (PUP.Optional.Firseria) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\R. Adelerhof\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\stubinst_pkg_en-eu.cab (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
D:\RADELERHOF-PC\Backup Set 2013-04-22 083344\Backup Files 2013-04-28 190003\Backup files 1.zip (PUP.Optional.RegCleanerPro) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
Ben

17-10-2013 20:32

Hallo,
Download
Zoek.zip naar het bureaublad.
Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
Dubbelklik vervolgens op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
firefoxlook;
emptyclsid;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.
rudi

17-10-2013 21:23

Hartstikke bedankt Ben,
(tu)
Dit is hem
Zoek.exe Version 4.0.0.5 Updated 17-October-2013
Tool run by R. Adelerhof on do 17-10-2013 at 20:55:39,20.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\R. Adelerhof\Desktop\zoek\zoek.exe
==== System Restore Info ======================
17-10-2013 20:56:04 Zoek.exe System Restore Point Created Succesfully.
==== Empty Folders Check ======================
C:\Program Files\Google deleted successfully
C:\Program Files\McAfee deleted successfully
C:\Program Files\Symantec deleted successfully
C:\ProgramData\WinZipEC deleted successfully
C:\Users\R. Adelerhof\AppData\Roaming\WinRAR deleted successfully
C:\Users\R. Adelerhof\AppData\Local\CrashDumps deleted successfully
C:\Users\R. Adelerhof\AppData\Local\MigWiz deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3085899422-3526582053-2542983109-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3085899422-3526582053-2542983109-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
==== Running Processes ======================
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\R. Adelerhof\Desktop\zoek\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\R. Adelerhof\AppData\LocalLow\FileConverter_1.4 deleted
==== System Specs ======================
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8078 MB
CPU Info: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
CPU Speed: 2553,8 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce GT 630M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel(R) Centrino(R) Wireless-N 2230 | Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) | Bluetooth Device (Personal Area Network)
CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A DS8A8SH
Ports: COM5 | COM7 | COM4 | COM6 | COM3 LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 198,2GB | D: 906,2GB | G: 0,0MB
Hard Disks - Free: C: 121,3GB | D: 604,5GB | G: 0,0MB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 05/23/12 | _ASUS_ - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK COMPUTER INC. N76VM
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Norton Internet Security disabled (Outdated)
Firewall: Norton Internet Security disabled
Internet Explorer Version: 10.0.9200.16721
Mozilla Firefox version: 20.0.1 (x86 nl)
Adobe Reader version: 10.1.8.24
Flash Player version: 11.9.900.117
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\RF0C2~1.ADE\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
2013-10-09 21:28:56 5E775F0C365F01A8A7382BBEFC4A53A5 391168 —-a-w- C:\Windows\SysWOW64\ieui.dll
2013-10-09 21:28:56 351B1A5B8A02A59DD29D122B0D231FA6 2706432 —-a-w- C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 21:28:55 BE8F3297A0BC3D3E3B66D9A45F64F0B9 61440 —-a-w- C:\Windows\SysWOW64\iesetup.dll
2013-10-09 21:28:55 6E9013E3D112E26A42EC057CAE990649 109056 —-a-w- C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 21:28:55 58A43D9DFFF91C1457EC47BDCF969B59 71680 —-a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 21:28:55 556F70EDECE99CCD64C7D8897F3264F4 33280 —-a-w- C:\Windows\SysWOW64\iernonce.dll
2013-10-09 21:28:55 122B216B091D06F672CC8D331128FB06 2048512 —-a-w- C:\Windows\SysWOW64\iertutil.dll
2013-10-09 21:28:54 883C0D3A22CE87A3203CD5518EBB5758 493056 —-a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 21:28:53 E02C01EB0ED522327AFF3BE5CBCF6017 690688 —-a-w- C:\Windows\SysWOW64\jscript.dll
2013-10-09 21:28:53 5A847E98EAF032928E67EE52DE08952D 2876928 —-a-w- C:\Windows\SysWOW64\jscript9.dll
2013-10-09 21:28:52 61DC3F2BE3093FE22CD717260946D7AD 1141248 —-a-w- C:\Windows\SysWOW64\urlmon.dll
2013-10-09 21:28:51 E4FEB264B47360B7296AEA4E052F88D8 1767936 —-a-w- C:\Windows\SysWOW64\wininet.dll
2013-10-09 21:28:51 DC7DB5BC0E2D135103730E08FE1C540D 39424 —-a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 21:28:51 8F5EAAF76A6811332A8C67DB0D4C395F 13761024 —-a-w- C:\Windows\SysWOW64\ieframe.dll
2013-10-09 21:28:47 A7221924181C8EB92B64C5A2D888BEA5 14335488 —-a-w- C:\Windows\SysWOW64\mshtml.dll
2013-10-09 11:05:34 CC23295DA8F7B5C53F93804D2F5D30EB 25600 —-a-w- C:\Windows\SysWOW64\lpk.dll
2013-10-09 11:05:34 8CC4638FA7B5B921B9080CF962582C0B 70656 —-a-w- C:\Windows\SysWOW64\fontsub.dll
2013-10-09 11:05:34 7D27E63B54DB093BB0D9E95F81094D75 34304 —-a-w- C:\Windows\SysWOW64\atmlib.dll
2013-10-09 11:05:34 75F5E1FE8D55CF8E577E0EC5F2290D3F 530432 —-a-w- C:\Windows\SysWOW64\comctl32.dll
2013-10-09 11:05:34 5C6B44F9CAAC475B7B9EBBC29CB7F065 295424 —-a-w- C:\Windows\SysWOW64\atmfd.dll
2013-10-09 11:05:34 2342EC9254F4C60CA98441BD65C89E12 10240 —-a-w- C:\Windows\SysWOW64\dciman32.dll
2013-10-09 11:05:31 EAF4712B706936C0B10D3B5319B37E81 81920 —-a-w- C:\Windows\SysWOW64\davclnt.dll
2013-10-09 11:05:31 75E8EBD7040CE238684333F97014762A 205824 —-a-w- C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 11:05:30 E94C583CDE2348950155F2AF2876F34D 231424 —-a-w- C:\Windows\SysWOW64\mswsock.dll
2013-10-09 11:05:29 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 —-a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-09 11:05:29 482C8CD985C727C7C78A5E9B320947F0 3969472 —-a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-09 11:05:28 DEE3A05EB88EAFE9C5FF9643676ECC60 14336 —-a-w- C:\Windows\SysWOW64\ntvdm64.dll
2013-10-09 11:05:28 DA1340AC8B22D0719F47222C8D508393 25600 —-a-w- C:\Windows\SysWOW64\setup16.exe
2013-10-09 11:05:28 D67472125471784DE7147946EDA25FEB 640512 —-a-w- C:\Windows\SysWOW64\advapi32.dll
2013-10-09 11:05:28 D37B27C1F5FE8CFFCCA80FFD4F91149B 5120 —-a-w- C:\Windows\SysWOW64\wow32.dll
2013-10-09 11:05:28 A2B0924D50F4435FD389499047CE553A 1292192 —-a-w- C:\Windows\SysWOW64\ntdll.dll
2013-10-09 11:05:28 8C3D064E7B7C0F3685A441A37A93C5D1 7680 —-a-w- C:\Windows\SysWOW64\instnm.exe
2013-10-09 11:05:28 5244D544B022E70881794563D657B5EF 2048 —-a-w- C:\Windows\SysWOW64\user.exe
2013-10-09 11:05:28 401D25136E26B237D77DA1BF1198B3BD 619520 —-a-w- C:\Windows\SysWOW64\tdh.dll
2013-10-09 11:05:25 2A01B40C8334A8124001CFAC256FCA83 102608 —-a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-10-09 21:28:56 990235D752A40F5F8243ED537FAB2035 2706432 —-a-w- C:\Windows\Sysnative\mshtml.tlb
2013-10-09 21:28:55 C4DDAC3F3062739C4C2BB759B36E005D 51712 —-a-w- C:\Windows\Sysnative\ie4uinit.exe
2013-10-09 21:28:55 A80B91A93EDFFDE3DD2646D6E4CDDC44 67072 —-a-w- C:\Windows\Sysnative\iesetup.dll
2013-10-09 21:28:55 991A9D6B797B4D7E9EB29BE1FB4B1D28 526336 —-a-w- C:\Windows\Sysnative\ieui.dll
2013-10-09 21:28:55 742B2C69643527763E162C0BA923D086 136704 —-a-w- C:\Windows\Sysnative\iesysprep.dll
2013-10-09 21:28:55 4163195B6D07D3434BDEA78C293B7E0E 89600 —-a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
2013-10-09 21:28:55 38CFAC1BAFEBC8B0AF8A22093803D38E 39936 —-a-w- C:\Windows\Sysnative\iernonce.dll
2013-10-09 21:28:54 214E39F0A8E382F1889B26B46DE0AF81 603136 —-a-w- C:\Windows\Sysnative\msfeeds.dll
2013-10-09 21:28:54 199BD40B1890E1EEFF7438B59787534F 2647552 —-a-w- C:\Windows\Sysnative\iertutil.dll
2013-10-09 21:28:53 D383602755758FA81166B0FD8AFE6D40 3959296 —-a-w- C:\Windows\Sysnative\jscript9.dll
2013-10-09 21:28:53 7B4E06047031B2AAA4AE10F00C59BFC7 855552 —-a-w- C:\Windows\Sysnative\jscript.dll
2013-10-09 21:28:52 882AC0DD997CFC90FBB468D698BD55C6 1365504 —-a-w- C:\Windows\Sysnative\urlmon.dll
2013-10-09 21:28:51 D28B35DE88D27EFB27DF4B1E8319E3C0 2241024 —-a-w- C:\Windows\Sysnative\wininet.dll
2013-10-09 21:28:51 16A3E229F60FA4B05573A0937AB3C3CB 53248 —-a-w- C:\Windows\Sysnative\jsproxy.dll
2013-10-09 21:28:50 CCDB8FDC289AA9AFA5F8827A2ADB21AD 15404544 —-a-w- C:\Windows\Sysnative\ieframe.dll
2013-10-09 21:28:49 F026C6F104758D0EB215B017016FAE27 19252224 —-a-w- C:\Windows\Sysnative\mshtml.dll
2013-10-09 11:05:34 E1BB958681BE311E7CFF06CFEC5F1F2B 368128 —-a-w- C:\Windows\Sysnative\atmfd.dll
2013-10-09 11:05:34 D6BAE9B4B210D71CDDADC224CEFCDB5F 100864 —-a-w- C:\Windows\Sysnative\fontsub.dll
2013-10-09 11:05:34 A5ED9421B8D09ED4F57CDA386307713E 14336 —-a-w- C:\Windows\Sysnative\dciman32.dll
2013-10-09 11:05:34 9028D1621C43DF8DFBD1C76860412A11 633856 —-a-w- C:\Windows\Sysnative\comctl32.dll
2013-10-09 11:05:34 796B47A4B82EF1C39F13435B88834C48 41472 —-a-w- C:\Windows\Sysnative\lpk.dll
2013-10-09 11:05:34 142671F462619CB64BA74F5B70136CB4 46080 —-a-w- C:\Windows\Sysnative\atmlib.dll
2013-10-09 11:05:31 B32AB94A432289AC2DF77A3DCAD32EED 102400 —-a-w- C:\Windows\Sysnative\davclnt.dll
2013-10-09 11:05:31 0EB0E5D22B1760F2DBCE632F2DD7A54D 259584 —-a-w- C:\Windows\Sysnative\WebClnt.dll
2013-10-09 11:05:30 9A9F9F1A77D6A80EE28B57664F00013E 327168 —-a-w- C:\Windows\Sysnative\mswsock.dll
2013-10-09 11:05:29 A3FCC4F97551087D65F8FEE879FEF736 859648 —-a-w- C:\Windows\Sysnative\tdh.dll
2013-10-09 11:05:29 63A580C88CFAF72A92550940054569EF 878080 —-a-w- C:\Windows\Sysnative\advapi32.dll
2013-10-09 11:05:29 5B9A6A310326D9C438F2C19FBBE97C97 5549504 —-a-w- C:\Windows\Sysnative\ntoskrnl.exe
2013-10-09 11:05:29 19320B121BFE7462EADD50A42C81AFD0 3155968 —-a-w- C:\Windows\Sysnative\win32k.sys
2013-10-09 11:05:28 CAAAC014C5C56A69F710B5F1B836DE22 1732032 —-a-w- C:\Windows\Sysnative\ntdll.dll
2013-10-09 11:05:28 70833F5A59F65908698093889C34BCA2 243712 —-a-w- C:\Windows\Sysnative\wow64.dll
2013-10-09 11:05:25 764DF431D13537A575752009E7740F18 124112 —-a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 11:05:24 56661BB55AE4633677F846FFCD080ECA 461312 —-a-w- C:\Windows\Sysnative\scavengeui.dll
====== C:\Windows\Sysnative\drivers =====
2013-10-09 11:05:33 E2C933EDBC389386EBE6D2BA953F43D8 785624 —-a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2013-10-09 11:05:32 9661DA76B4531B2DA272ECCE25A8AF24 42496 —-a-w- C:\Windows\Sysnative\drivers\usbscan.sys
2013-10-09 11:05:32 856E76B3641746ABBC2946BED1372098 32896 —-a-w- C:\Windows\Sysnative\drivers\hidparse.sys
2013-10-09 11:05:32 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 —-a-w- C:\Windows\Sysnative\drivers\usbcir.sys
2013-10-09 11:05:32 597C3699384E53CC59587ED50CCE5CA2 76800 —-a-w- C:\Windows\Sysnative\drivers\hidclass.sys
2013-10-09 11:05:32 1F775DA4CF1A3A1834207E975A72E9D7 185344 —-a-w- C:\Windows\Sysnative\drivers\usbvideo.sys
2013-10-09 11:05:31 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 —-a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
2013-10-09 11:05:30 40AF23633D197905F03AB5628C558C51 1903552 —-a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2013-10-09 11:05:30 314C17917AC8523EC77A710215012A65 497152 —-a-w- C:\Windows\Sysnative\drivers\afd.sys
2013-10-09 11:05:24 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 —-a-w- C:\Windows\Sysnative\drivers\usbport.sys
2013-10-09 11:05:24 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 —-a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2013-10-09 11:05:24 A83D0EC9AE4C31704442099D40BA2471 30720 —-a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2013-10-09 11:05:24 9406D801042FAF859CF81B2C886413DC 25600 —-a-w- C:\Windows\Sysnative\drivers\usbohci.sys
2013-10-09 11:05:24 88612F1CE3BF42256913BF6E61C70D52 983488 —-a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
2013-10-09 11:05:24 861C197502A5057E68F0AC75D9EFCDD7 7808 —-a-w- C:\Windows\Sysnative\drivers\usbd.sys
2013-10-09 11:05:24 311C1DD1088E55BEAE15954D17F50646 52736 —-a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2013-10-09 11:05:24 280E90CBF4B2DDD169F0728CB44D726F 343040 —-a-w- C:\Windows\Sysnative\drivers\usbhub.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
2013-10-17 16:59:18 ——– d—–w- C:\Program Files (x86)\ESET
2013-09-19 15:49:51 ——– d—–w- C:\Program Files (x86)\IB47
======= C: =====
====== C:\Users\R. Adelerhof\AppData\Roaming ======
2013-09-19 15:49:51 ——– d—–w- C:\Users\R. Adelerhof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IB47
====== C:\Users\R. Adelerhof ======
2013-09-19 15:49:51 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IB47
====== C: exe-files ==
2013-10-17 16:59:22 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 —-a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2013-10-17 15:03:49 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\R. Adelerhof\Desktop\Virusscanners e.d\RSITx64.exe
=== C: other files ==
==== Startup Registry Enabled ======================
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“ASUSPRP”=“C:\Program Files (x86)\ASUS\APRP\APRP.EXE”
“ASUSWebStorage”=“C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S”
“USB3MON”=“C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
“ATKOSD2”=“C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe”
“ATKMEDIA”=“C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe”
“HControlUser”=“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe”
“ASUS InstantKey”=“C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe”
“Wireless Console 3”=“C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe”
“RemoteControl10”=“C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe”
“UpdatePSTShortCut”=“C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Cyberlink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter”
“BCSSync”=“C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices”
“TkBellExe”=“C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe -osboot”
“AppInit_DLLs”=“C:\\Windows\\SysWOW64\\nvinit.dll”
==== Startup Registry Enabled x64 ======================
“IgfxTray”=“C:\Windows\system32\igfxtray.exe”
“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe”
“RtHDVBg”=“C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 ”
“BLEServicesCtrl”=“C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe”
“BTMTrayAgent”=“rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp”
“AmIcoSinglun64”=“C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe”
“ETDCtrl”=“%ProgramFiles%\Elantech\ETDCtrl.exe ”
“AppInit_DLLs”=“C:\\Windows\\SysWOW64\\nvinit.dll C:\\Windows\\SysWOW64\\nvinit.dll”
==== Startup Registry Disabled x64 ======================
“command”=“C:\\Program Files (x86)\\ASUS\\Splendid\\ACMON.exe”
“hkey”=“HKLM”
“item”=“ACMON”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“\”C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\“”
“hkey”=“HKLM”
“item”=“Adobe Reader Speed Launcher”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“C:\\Windows\\AsScrPro.exe”
“hkey”=“HKLM”
“item”=“ASUS Screen Saver Protector”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“\”C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\“”
“hkey”=“HKLM”
“item”=“CLMLServer”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s”
“hkey”=“HKLM”
“item”=“RTHDVCPL”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Spotify”
“hkey”=“HKCU”
“command”=“\”C:\\Users\\R. Adelerhof\\AppData\\Roaming\\Spotify\\Spotify.exe\“ /uri spotify:autostart”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Spotify Web Helper”
“hkey”=“HKCU”
“command”=“\”C:\\Users\\R. Adelerhof\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\“”
==== Startup Folders ======================
2012-02-24 02:50:52 2062 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job –a——
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job –a—— C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\4Team updater”
“C:\Windows\SysNative\tasks\Adobe Flash Player Updater”
“C:\Windows\SysNative\tasks\ASUS Live Update”
“C:\Windows\SysNative\tasks\ASUS P4G”
“C:\Windows\SysNative\tasks\ASUS Quick Gesture”
“C:\Windows\SysNative\tasks\ASUS Quick Gesture (x64)”
“C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor”
“C:\Windows\SysNative\tasks\ASUS USB Charger Plus”
“C:\Windows\SysNative\tasks\ATKOSD2”
“C:\Windows\SysNative\tasks\CCleanerSkipUAC”
“C:\Windows\SysNative\tasks\CreateChoiceProcessTask”
“C:\Windows\SysNative\tasks\DeviceDetector”
“C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d”
“C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon”
“C:\Windows\SysNative\tasks\Norton WSC Integration”
“C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\SidebarExecute”
“C:\Windows\SysNative\tasks\User_Feed_Synchronization-{72EEAF20-EAE3-4992-80A1-48B0BFD70261}”
“C:\Windows\SysNative\tasks\{182146CF-EA83-4BE9-A6F9-02722294562C}”
“C:\Windows\SysNative\tasks\{233FF460-1F07-4BAE-B6F9-C0EA14035AB6}”
“C:\Windows\SysNative\tasks\{23D0B590-D599-4077-97AB-E3921214939C}”
“C:\Windows\SysNative\tasks\{2E84014D-1418-4507-8ED4-B00C19C43379}”
“C:\Windows\SysNative\tasks\{410854BA-2A3A-420B-9C71-570E72DA0784}”
“C:\Windows\SysNative\tasks\{4912F5E4-A75B-4275-B5F7-1E84E7B84933}”
“C:\Windows\SysNative\tasks\{6F9CAABE-D315-4AA3-A1EC-A80F66B4DFE3}”
“C:\Windows\SysNative\tasks\{8882AB83-EAB3-4F23-895B-FA0093EC1C3B}”
“C:\Windows\SysNative\tasks\{8A95D8A6-EE2D-4F79-8F84-809D98805F0D}”
“C:\Windows\SysNative\tasks\{8D7E82B6-9724-4709-A885-98FC41112896}”
“C:\Windows\SysNative\tasks\{93B7C62F-685C-4375-9427-0C6FD30687CC}”
“C:\Windows\SysNative\tasks\{98AE72B5-C153-4250-9A46-01480FC781C9}”
“C:\Windows\SysNative\tasks\{B2CE391C-84BA-4D7A-A473-B0384DA80445}”
“C:\Windows\SysNative\tasks\{D9534966-C615-40FF-B1C9-765E72F1F810}”
“C:\Windows\SysNative\tasks\{DA9A8E03-F444-49E6-8C32-7346EEBF67CF}”
“C:\Windows\SysNative\tasks\{DB88E81A-6052-4A11-AC51-2FD31D74953D}”
“C:\Windows\SysNative\tasks\{DE2524CA-8994-44C1-8E6C-2B5DA65E3856}”
“C:\Windows\SysNative\tasks\{EDFC3F20-46CA-4EA3-9176-B31AD7695127}”
“C:\Windows\SysNative\tasks\{F8567E27-5B33-4149-A257-DBB06025E3FD}”
“C:\Windows\SysNative\tasks\{FDAC3EEE-02E5-43DC-A0DA-882CAC7ABF25}”
“C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer”
“C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor”
“C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask”
==== Firefox Extensions Registry ======================
“{ABDE892B-13A8-4d1b-88E6-365A6E755758}”=“C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext”
==== Firefox Extensions ======================
ProfilePath: C:\Users\R. Adelerhof\AppData\Roaming\Mozilla\Firefox\Profiles\dusbzwjy.default
- Fastest Facebook - %ProfilePath%\extensions\{288479BE-1B9E-11E2-80EA-F3246188709B}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\R. Adelerhof\AppData\Roaming\Mozilla\Firefox\Profiles\dusbzwjy.default
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit)
0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit)
06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit)
558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://hardware.startpagina.nl/prikbord/”
New Values:
“Start Page”=“http://hardware.startpagina.nl/prikbord/”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{4013E288-A676-4E64-84AC-BD02F8907908}”
{4013E288-A676-4E64-84AC-BD02F8907908} Vinden.nl Url=“http://www.vinden.nl/?refer=opensearch&q={searchTerms}”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
{9F1E6B77-8689-4784-A4FB-FDFA0DB933C9} Bing Url=“http://www.bing.com/search?q={searchTerms}&r=893”
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper deleted successfully
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\ASUS\APRP\APRP.EXE”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe” “C:\Program Files (x86)\Cyberlink\DVD Suite” UpdateWithCreateOnce “Software\CyberLink\PowerStarter”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKLM\..\Run: “C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe” -osboot
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OnlineBackupService - CloudBackup - C:\Program Files\ArgewebBackup\OnlineBackupService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1EHZH6SG will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\RF0C2~1.ADE\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1EHZH6SG” deleted
==== EOF on do 17-10-2013 at 21:21:34,20 ======================
Ben

17-10-2013 21:27

Hallo,
Dat ziet er weer lekker opgeruimd uit, hoe gaat het nu ?
rudi

17-10-2013 21:51

Helemaal de oude. Geen klachten meer
Dank je
Ben

17-10-2013 21:58

Hallo,
Dan mag je de gebruikte programma's weer verwijderen, ook AdwCleaner want die kan je niet updaten.
Er komt wel om de zoveel tijd een programma update daarom moet hij steeds verwijderd worden.
rudi

17-10-2013 22:19

Dank je…ga ik doen
fazantje

24-10-2013 20:47

Omdat dit topic is opgelost word het gesloten.
Wilt U Uw topic als nog weer openen, stuur dan een privé bericht naar Ben of Huib (fazantje).
Zij zullen dan het “slotje” er van af halen en het topic is weer open.
Het AV team.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Toch maar even een paar logjes

rudi

rudi

Ben

rudi

Ben

rudi

Ben

rudi

fazantje