E-mail wordt herkend als Spam

JaapTon

30-10-2013 22:14

Beste mensen,
Alle binnenkomende mail van een xxxx@upcmail.nl gebruiker wordt door AVG (betaalde versie) herkend als Spam en als zodanig in de map ongewenste Ongewenste mail geplaatst (Outlook 2003).
In AVG is echter geen enkele instelling die daarop zou kunnen wijzen. Voor de zekerheid heb ik AVG gedeïnstalleerd, het register opgeschoond en daarna AVG weer geïnstalleerd.
Dit alles zonder resultaat. Zet ik AVG tijdelijk uit, dan gaat alles goed. Maar, dit is spontaan opgetreden en daarom geef ik toch niet direct AVG de schuld.
Ondertussen heb ik daarvoor UPC en AVG benaderd, deze onderzoeken nog het e.e.a.
Willen jullie mijn logjes controleren? Bij voorbaat dank.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.10.30.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Jaap :: PC_JAAP
30-10-2013 19:50:39
mbam-log-2013-10-30 (19-50-39).txt
Scan type: Volledige scan (C:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 692709
Verstreken tijd: 1 uur/uren, 55 minuut/minuten, 45 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
# AdwCleaner v3.010 - Report created 30/10/2013 at 21:53:21
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Jaap - PC_JAAP
# Running from : C:\Users\Jaap\Downloads\adwcleaner.exe
# Option : Clean
***** *****
***** *****
***** *****
***** *****
***** *****
-\\ Internet Explorer v10.0.9200.16720
-\\ Mozilla Firefox v24.0 (nl)
-\\ Google Chrome v
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
JaapTon

30-10-2013 22:16

en het logje van rsit:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jaap at 2013-10-30 22:00:10
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 1784 GB (94%) free of 1901 GB
Total RAM: 4087 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:00:16, on 30-10-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\HsMgr.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files\ASUS Xonar DG Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Program Files\trend micro\Jaap.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://syb.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG\AVG2014\avgui.exe” /TRAYONLY
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-3906335905-361290431-4065351820-1006\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-3906335905-361290431-4065351820-1006\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://jat.axiscam.net/activex/AMC.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PCloudd - Iomega Corp - C:\Program Files (x86)\Iomega Storage Manager\pCloudd.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 11072 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=fab63d53-c67e-4d41-86d4-98086ab9e262 /coreSdkOptions=4364 /logConfFile=“C:\Windows\TEMP\e671e83e-6107-4e39-8235-7210e87ceb5b-1b0-oopp.tmp” /loggerName=AVG.RS.Core /binaryPath=“C:\Program Files (x86)\AVG\AVG2014\”
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
“C:\Windows\system32\nvvsvc.exe”
“C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe”
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
“C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe”
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”
C:\Windows\system32\svchost.exe -k apphost
“C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe”
“C:\Program Files (x86)\AVG\AVG2014\avgfws.exe”
“C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe”
“C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe”
“C:\Program Files\Bonjour\mDNSResponder.exe”
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe”
“C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE”
“C:\Program Files (x86)\Iomega Storage Manager\pCloudd.exe”
“C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe”
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
“C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”
WLIDSvcM.exe 2544
“C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe”
“C:\Program Files (x86)\AVG\AVG2014\avgemca.exe”
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
“C:\Windows\System32\WUDFHost.exe” -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6be72453-3ee2-41ac-b87e-9bf4999044df -SystemEventPortName:HostProcess-aa9899c9-8006-40be-9546-bdbe97db0822 -IoCancelEventPortName:HostProcess-0bc76cd8-e3d1-443f-8851-cc89bc0e8e57 -NonStateChangingEventPortName:HostProcess-71aa9a05-947c-4990-bfc6-ae0e4c83f86a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8e01d719-2339-4900-a721-917e44d911b5 -DeviceGroupId:WpdFsGroup
taskeng.exe {9DB8FD06-3651-427B-B4C0-C3C1C9E3552A}
“C:\Windows\system32\Dwm.exe”
C:\Windows\Explorer.EXE
“taskhost.exe”
“C:\Windows\SysWOW64\HsMgr.exe” Envoke
“C:\Windows\system\HsMgr64.exe” Envoke
“C:\Program Files\Logitech\SetPointP\SetPoint.exe” /launchGaming
“C:\Program Files\Windows Sidebar\sidebar.exe” /autoRun
“C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE”
“C:\Program Files (x86)\AVG\AVG2014\avgui.exe” /TRAYONLY
“C:/Program Files/NVIDIA Corporation/Display/nvtray.exe” -user_has_logged_in 1
“C:\Program Files\ASUS Xonar DG Audio\Customapp\ASUSAUDIOCENTER.EXE”
C:\Windows\system32\SearchIndexer.exe /Embedding
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=29c2f418-0b2c-4a46-9730-f01789d00f31 /coreSdkOptions=4096 /logConfFile=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\46b1492d-d8a0-4544-8cfb-190c0758df20-c30-oopp.tmp” /loggerName=AVG.NS.Core /binaryPath=“C:\Program Files (x86)\AVG\AVG2014\” /tempPath=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\”
KHALMNPR.EXE /API
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
“C:\Program Files (x86)\Mozilla Firefox\firefox.exe”
“C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE”
“C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE” -Embedding
C:\Windows\splwow64.exe 8192
“C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe”
C:\Windows\system32\sppsvc.exe
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon”
“C:\Windows\system32\SearchFilterHost.exe” 0 532 536 544 65536 540
“C:\Windows\sysWow64\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3906335905-361290431-4065351820-10003_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3906335905-361290431-4065351820-10003 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon” “1”
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3906335905-361290431-4065351820-10004_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3906335905-361290431-4065351820-10004 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon” “1”
“C:\Users\Jaap\Downloads\RSITx64.exe”
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Jaap\AppData\Roaming\Mozilla\Firefox\Profiles\lgkhkjqz.default
prefs.js - “browser.startup.homepage” - “http://www.nu.nl/|http://www.google.nl/|http://access.startpagina.nl/prikbord/list.php?118|http://antivirus.startpagina.nl/prikbord/list.php?190|http://hardware.startpagina.nl/prikbord/list.php?874|http://msn-messenger.startpagina.nl/prikbord/|https://www.facebook.com/index.php?stype=lo&lh=Ac-7MaqyaKh297PN|https://login.live.com/login.srf?wa=wsignin1.0&ct=1360231380&rver=6.1.6206.0&sa=1&ntprob=-1&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2F%3Fowa%3D1%26owasuffix%3Dowa%252f&id=64855&snsc=1&cbcxt=mail”
prefs.js - “extensions.enabledItems” - “{3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, avg@igeared:6.011.025.001, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16”
“Description”=Adobe® Flash® Player 11.9.900.117 Plugin
“Path”=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
“Description”=Adobe Shockwave Player
“Path”=C:\Windows\system32\Adobe\Director\np32dsw.dll
“Description”=
“Path”=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
“Description”=Canon MycameraPlugin
“Path”=C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
“Description”=Google Earth in your browser
“Path”=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
“Description”=Java™ Deployment Toolkit
“Path”=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
“Description”=Oracle® Next Generation Java™ Plug-In
“Path”=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=NVIDIA stereo images plugin for Mozilla browsers
“Path”=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
“Description”=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
“Path”=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
“Description”=Adobe® Flash® Player 11.9.900.117 Plugin
“Path”=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
“Description”=Oracle® Next Generation Java™ Plug-In
“Path”=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
======Registry dump======
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
“PtiuPbmd”=ulutil2.dll,SetWriteBack
“Cmaudio8788”=C:\Windows\syswow64\RunDll32.exe
“Cmaudio8788GX”=C:\Windows\syswow64\HsMgr.exe
“Cmaudio8788GX64”=C:\Windows\system\HsMgr64.exe
“Logitech Download Assistant”=C:\Windows\System32\LogiLDA.dll
“EvtMgr6”=C:\Program Files\Logitech\SetPointP\SetPoint.exe
“Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
“IJNetworkScanUtility”=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
“APSDaemon”=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
“AVG_UI”=C:\Program Files (x86)\AVG\AVG2014\avgui.exe
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“vidc.uyvy”=msyuv.dll
“vidc.yuy2”=msyuv.dll
“vidc.yvyu”=msyuv.dll
“vidc.iyuv”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“vidc.yvu9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
“wave5”=wdmaud.drv
“midi5”=wdmaud.drv
“mixer5”=wdmaud.drv
“wave6”=wdmaud.drv
“midi6”=wdmaud.drv
“mixer6”=wdmaud.drv
“aux”=wdmaud.drv
“wave7”=wdmaud.drv
“midi7”=wdmaud.drv
“mixer7”=wdmaud.drv
“wave8”=wdmaud.drv
“midi8”=wdmaud.drv
“mixer8”=wdmaud.drv
“wave9”=wdmaud.drv
“midi9”=wdmaud.drv
“mixer9”=wdmaud.drv
“aux2”=wdmaud.drv
“aux3”=wdmaud.drv
“wave4”=wdmaud.drv
“midi4”=wdmaud.drv
“mixer4”=wdmaud.drv
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“wave2”=wdmaud.drv
“midi2”=wdmaud.drv
“mixer2”=wdmaud.drv
“wave3”=wdmaud.drv
“midi3”=wdmaud.drv
“mixer3”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open -
======List of files/folders created in the last 1 month======
2013-10-30 21:52:08 —-D—- C:\AdwCleaner
2013-10-29 22:33:21 —-D—- C:\Users\Jaap\AppData\Roaming\AVG
2013-10-29 22:31:35 —-D—- C:\ProgramData\AVG
2013-10-29 22:31:18 —-SHD—- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-10-29 22:20:21 —-D—- C:\Users\Jaap\AppData\Roaming\AVG2014
2013-10-29 22:19:23 —-HD—- C:\$AVG
2013-10-29 22:19:22 —-D—- C:\ProgramData\AVG2014
2013-10-29 22:18:37 —-D—- C:\Program Files (x86)\AVG
2013-10-29 12:18:39 —-D—- C:\ProgramData\Logitech
2013-10-29 12:17:56 —-D—- C:\Users\Jaap\AppData\Roaming\Leadertech
2013-10-29 12:17:09 —-A—- C:\Windows\system32\drivers\LNonPnP.sys
2013-10-29 12:16:26 —-D—- C:\ProgramData\Logishrd
2013-10-29 12:16:20 —-D—- C:\Program Files\Logitech
2013-10-29 12:16:05 —-D—- C:\Program Files\Common Files\Logishrd
2013-10-29 12:15:19 —-D—- C:\Users\Jaap\AppData\Roaming\Logitech
2013-10-29 12:15:19 —-D—- C:\Users\Jaap\AppData\Roaming\Logishrd
2013-10-18 22:26:26 —-D—- C:\ProgramData\Oracle
2013-10-18 22:26:07 —-A—- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-10 18:47:54 —-A—- C:\Windows\system32\drivers\usbuhci.sys
2013-10-10 18:47:54 —-A—- C:\Windows\system32\drivers\usbport.sys
2013-10-10 18:47:54 —-A—- C:\Windows\system32\drivers\usbohci.sys
2013-10-10 18:47:54 —-A—- C:\Windows\system32\drivers\usbhub.sys
2013-10-10 18:47:54 —-A—- C:\Windows\system32\drivers\usbehci.sys
2013-10-10 18:47:54 —-A—- C:\Windows\system32\drivers\usbd.sys
2013-10-10 18:47:54 —-A—- C:\Windows\system32\drivers\usbccgp.sys
2013-10-10 17:08:22 —-A—- C:\Windows\SYSWOW64\ieui.dll
2013-10-10 17:08:22 —-A—- C:\Windows\system32\ieui.dll
2013-10-10 17:08:21 —-A—- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-10 17:08:21 —-A—- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-10 17:08:21 —-A—- C:\Windows\SYSWOW64\iesetup.dll
2013-10-10 17:08:21 —-A—- C:\Windows\SYSWOW64\iertutil.dll
2013-10-10 17:08:21 —-A—- C:\Windows\SYSWOW64\iernonce.dll
2013-10-10 17:08:21 —-A—- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 17:08:21 —-A—- C:\Windows\system32\iesysprep.dll
2013-10-10 17:08:21 —-A—- C:\Windows\system32\iesetup.dll
2013-10-10 17:08:21 —-A—- C:\Windows\system32\iertutil.dll
2013-10-10 17:08:21 —-A—- C:\Windows\system32\iernonce.dll
2013-10-10 17:08:21 —-A—- C:\Windows\system32\ie4uinit.exe
2013-10-10 17:08:20 —-A—- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-10 17:08:20 —-A—- C:\Windows\SYSWOW64\jscript.dll
2013-10-10 17:08:20 —-A—- C:\Windows\system32\msfeeds.dll
2013-10-10 17:08:20 —-A—- C:\Windows\system32\jscript.dll
2013-10-10 17:08:19 —-A—- C:\Windows\SYSWOW64\urlmon.dll
2013-10-10 17:08:19 —-A—- C:\Windows\SYSWOW64\jscript9.dll
2013-10-10 17:08:19 —-A—- C:\Windows\system32\urlmon.dll
2013-10-10 17:08:19 —-A—- C:\Windows\system32\jscript9.dll
2013-10-10 17:08:18 —-A—- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-10 17:08:18 —-A—- C:\Windows\system32\jsproxy.dll
2013-10-10 17:08:17 —-A—- C:\Windows\SYSWOW64\wininet.dll
2013-10-10 17:08:17 —-A—- C:\Windows\SYSWOW64\ieframe.dll
2013-10-10 17:08:17 —-A—- C:\Windows\system32\wininet.dll
2013-10-10 17:08:16 —-A—- C:\Windows\system32\ieframe.dll
2013-10-10 17:08:15 —-A—- C:\Windows\system32\mshtml.dll
2013-10-10 17:08:14 —-A—- C:\Windows\SYSWOW64\mshtml.dll
2013-10-10 16:56:02 —-A—- C:\Windows\system32\ntoskrnl.exe
2013-10-10 16:56:02 —-A—- C:\Windows\system32\advapi32.dll
2013-10-10 16:56:01 —-A—- C:\Windows\SYSWOW64\tdh.dll
2013-10-10 16:56:01 —-A—- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-10 16:56:01 —-A—- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-10 16:56:01 —-A—- C:\Windows\SYSWOW64\ntdll.dll
2013-10-10 16:56:01 —-A—- C:\Windows\SYSWOW64\advapi32.dll
2013-10-10 16:56:01 —-A—- C:\Windows\system32\wow64.dll
2013-10-10 16:56:01 —-A—- C:\Windows\system32\tdh.dll
2013-10-10 16:56:01 —-A—- C:\Windows\system32\ntdll.dll
2013-10-10 16:56:00 —-A—- C:\Windows\SYSWOW64\wow32.dll
2013-10-10 16:56:00 —-A—- C:\Windows\SYSWOW64\user.exe
2013-10-10 16:56:00 —-A—- C:\Windows\SYSWOW64\setup16.exe
2013-10-10 16:56:00 —-A—- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-10 16:56:00 —-A—- C:\Windows\SYSWOW64\instnm.exe
2013-10-10 16:55:59 —-A—- C:\Windows\system32\mswsock.dll
2013-10-10 16:55:59 —-A—- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-10 16:55:59 —-A—- C:\Windows\system32\drivers\usbscan.sys
2013-10-10 16:55:59 —-A—- C:\Windows\system32\drivers\usbcir.sys
2013-10-10 16:55:59 —-A—- C:\Windows\system32\drivers\USBAUDIO.sys
2013-10-10 16:55:59 —-A—- C:\Windows\system32\drivers\tcpip.sys
2013-10-10 16:55:59 —-A—- C:\Windows\system32\drivers\hidparse.sys
2013-10-10 16:55:59 —-A—- C:\Windows\system32\drivers\hidclass.sys
2013-10-10 16:55:59 —-A—- C:\Windows\system32\drivers\afd.sys
2013-10-10 16:55:58 —-A—- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 16:55:58 —-A—- C:\Windows\SYSWOW64\mswsock.dll
2013-10-10 16:55:58 —-A—- C:\Windows\SYSWOW64\comctl32.dll
2013-10-10 16:55:58 —-A—- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 16:55:58 —-A—- C:\Windows\system32\comctl32.dll
2013-10-10 16:55:56 —-A—- C:\Windows\system32\WebClnt.dll
2013-10-10 16:55:54 —-A—- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-10 16:55:53 —-A—- C:\Windows\system32\davclnt.dll
2013-10-10 16:55:51 —-A—- C:\Windows\SYSWOW64\davclnt.dll
2013-10-10 16:55:51 —-A—- C:\Windows\system32\drivers\mrxdav.sys
2013-10-10 16:55:50 —-A—- C:\Windows\SYSWOW64\lpk.dll
2013-10-10 16:55:50 —-A—- C:\Windows\SYSWOW64\fontsub.dll
2013-10-10 16:55:50 —-A—- C:\Windows\SYSWOW64\dciman32.dll
2013-10-10 16:55:50 —-A—- C:\Windows\SYSWOW64\atmlib.dll
2013-10-10 16:55:50 —-A—- C:\Windows\SYSWOW64\atmfd.dll
2013-10-10 16:55:50 —-A—- C:\Windows\system32\win32k.sys
2013-10-10 16:55:50 —-A—- C:\Windows\system32\lpk.dll
2013-10-10 16:55:50 —-A—- C:\Windows\system32\fontsub.dll
2013-10-10 16:55:50 —-A—- C:\Windows\system32\dciman32.dll
2013-10-10 16:55:50 —-A—- C:\Windows\system32\atmlib.dll
2013-10-10 16:55:50 —-A—- C:\Windows\system32\atmfd.dll
2013-10-10 16:55:49 —-A—- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-10 16:53:25 —-A—- C:\Windows\system32\scavengeui.dll
2013-10-08 19:55:48 —-A—- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2013-10-01 08:32:20 —-D—- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-10-30 22:00:14 —-D—- C:\Program Files\trend micro
2013-10-30 22:00:10 —-D—- C:\Windows\Temp
2013-10-30 21:55:34 —-D—- C:\ProgramData\NVIDIA
2013-10-30 21:54:25 —-D—- C:\Windows\system32\config
2013-10-30 21:53:11 —-D—- C:\ProgramData\MFAData
2013-10-30 10:10:07 —-D—- C:\Windows\inf
2013-10-30 10:10:07 —-AD—- C:\Windows\System32
2013-10-30 10:10:07 —-A—- C:\Windows\system32\PerfStringBackup.INI
2013-10-30 00:18:40 —-D—- C:\BorgIRC 2
2013-10-30 00:17:05 —-SHD—- C:\Windows\Installer
2013-10-30 00:16:42 —-SHD—- C:\System Volume Information
2013-10-30 00:16:05 —-D—- C:\Windows\SysWOW64
2013-10-29 22:41:41 —-D—- C:\Windows\system32\Tasks
2013-10-29 22:31:35 —-HD—- C:\ProgramData
2013-10-29 22:31:19 —-D—- C:\Windows
2013-10-29 22:19:44 —-D—- C:\Windows\system32\drivers
2013-10-29 22:19:34 —-D—- C:\Windows\system32\catroot
2013-10-29 22:19:32 —-D—- C:\Windows\system32\DriverStore
2013-10-29 22:18:37 —-RD—- C:\Program Files (x86)
2013-10-29 21:17:43 —-RD—- C:\Users
2013-10-29 21:01:19 —-D—- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2013-10-29 12:17:56 —-D—- C:\Program Files (x86)\Common Files
2013-10-29 12:17:21 —-D—- C:\Windows\SYSWOW64\drivers
2013-10-29 12:16:20 —-RD—- C:\Program Files
2013-10-29 12:16:14 —-D—- C:\Windows\winsxs
2013-10-29 12:16:05 —-D—- C:\Program Files\Common Files
2013-10-29 12:15:30 —-D—- C:\Windows\Prefetch
2013-10-18 22:26:05 —-A—- C:\Windows\SYSWOW64\javaws.exe
2013-10-18 22:26:05 —-A—- C:\Windows\SYSWOW64\javaw.exe
2013-10-18 22:26:05 —-A—- C:\Windows\SYSWOW64\java.exe
2013-10-18 12:05:11 —-D—- C:\Windows\system32\catroot2
2013-10-14 18:15:59 —-D—- C:\Users\Jaap\AppData\Roaming\Canon
2013-10-10 22:21:38 —-D—- C:\Program Files (x86)\PDFCreator
2013-10-10 22:20:48 —-D—- C:\Windows\Panther
2013-10-10 22:20:42 —-D—- C:\Windows\SoftwareDistribution
2013-10-10 22:20:40 —-D—- C:\Windows\debug
2013-10-10 22:20:00 —-D—- C:\Program Files\CCleaner
2013-10-10 19:19:26 —-D—- C:\Windows\Microsoft.NET
2013-10-10 19:18:50 —-RSD—- C:\Windows\assembly
2013-10-10 18:39:06 —-D—- C:\Program Files\Microsoft Silverlight
2013-10-10 18:39:05 —-D—- C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 18:36:40 —-D—- C:\Program Files (x86)\Internet Explorer
2013-10-10 18:36:39 —-D—- C:\Program Files\Internet Explorer
2013-10-10 18:36:38 —-D—- C:\Windows\AppPatch
2013-10-10 17:53:03 —-D—- C:\Windows\rescache
2013-10-10 17:11:04 —-A—- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-10 17:10:00 —-A—- C:\Windows\win.ini
2013-10-10 17:00:17 —-D—- C:\Windows\system32\MRT
2013-10-10 16:58:04 —-A—- C:\Windows\system32\MRT.exe
2013-10-10 16:57:02 —-D—- C:\Windows\system32\nl-NL
2013-10-08 21:53:21 —-A—- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-04 09:02:22 —-D—- C:\Program Files (x86)\NVIDIA Corporation
2013-10-04 09:02:08 —-D—- C:\Temp
2013-10-02 07:57:01 —-D—- C:\Program Files (x86)\Mozilla Maintenance Service
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys
R3 cmudaxp;ASUS Xonar DG Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys
S3 3wareDrv;3wareDrv; C:\Windows\system32\DRIVERS\3wareDrv.sys
S3 adp3132;adp3132; C:\Windows\system32\DRIVERS\adp3132.sys
S3 ahcix64s;ahcix64s; C:\Windows\system32\DRIVERS\ahcix64s.sys
S3 arcs_a64;arcs_a64; C:\Windows\system32\DRIVERS\arcs_a64.sys
S3 BthAvrcp;Bluetooth AVRCP-profiel; C:\Windows\system32\DRIVERS\BthAvrcp.sys
S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys
S3 E1G60;Stuurprogramma voor Intel(R) PRO/1000 NDIS 6-adapter; C:\Windows\system32\DRIVERS\E1G6032E.sys
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys
S3 FTOIIs;FTOIIs; C:\Windows\system32\DRIVERS\FTOIIs.sys
S3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys
S3 ioatdma1;ioatdma1; C:\Windows\System32\Drivers\qd162x64.sys
S3 ioatdma2;Intel(R) QuickData Technology device ver.2; C:\Windows\System32\Drivers\qd262x64.sys
S3 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys
S3 leaslayr;Reliable failure detection; C:\Windows\system32\DRIVERS\leaslayr.sys
S3 mv61xx;mv61xx; C:\Windows\system32\DRIVERS\mv61xx.sys
S3 mv64xx;mv64xx; C:\Windows\system32\DRIVERS\mv64xx.sys
S3 mv91xx;mv91xx; C:\Windows\system32\DRIVERS\mv91xx.sys
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys
S3 nvamacpi;nvamacpi; C:\Windows\system32\DRIVERS\NVAMACPI.sys
S3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys
S3 slabbus;CP210x USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\slabbus.sys
S3 slabser;CP210x USB to UART Bridge Controller Drivers; C:\Windows\system32\DRIVERS\slabser.sys
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys
S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\drivers\serscan.sys
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys
S3 ulsata2;ulsata2; C:\Windows\system32\DRIVERS\ulsata2.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys
S3 vNICdrv;Iomega Virtual Miniport; C:\Windows\system32\DRIVERS\vNICdrv.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
R2 PCloudd;PCloudd; C:\Program Files (x86)\Iomega Storage Manager\pCloudd.exe
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
—————–EOF—————–
fazantje

30-10-2013 22:52

Hoi Jaap Ton,
Ik denk dat het een valse positive is van AVG.
Verwijder AVG eens en download de gratis versie van avast, even registreren en kijk het eens aan.
Voor alle zekerheid kijken we gelijk ff verder.
Download zoek.zip naar het bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze in conflict komen met zoek.zip
Klik met de rechtermuisknop op Zoek.zip en klik op de optie “Alles uitpakken” of “hier uitpakken”.
Dubbelklik vervolgens op Zoek.exe om de tool te starten.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
firefoxlook;
emptyclsid;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
Klik nu op de knop “Run script”.
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als het nodig is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht.
En laat even weten met AVG/Avast.
Succes,
Huib;)
JaapTon

31-10-2013 09:26

Hierbij het logje.
Ik zal vandaag avast gaan proberen.
Zoek.exe Version 4.0.0.5 Updated 26-October-2013
Tool run by Jaap on do 31-10-2013 at 9:03:01.05.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jaap\Desktop\zoek\zoek.exe
==== Older Logs ======================
C:\zoek-results2013-10-30-221547.log 27361 bytes
C:\zoek-results2013-10-30-223553.log 32420 bytes
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files (x86)\Iomega Storage Manager\pCloudd.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\SysWOW64\HsMgr.exe
C:\Program Files\ASUS Xonar DG Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Jaap\Desktop\zoek\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== Deleting Services ======================
==== System Specs ======================
Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4088 MB
CPU Info: Intel(R) Core(TM) i7 CPU 870 @ 2.93GHz
CPU Speed: 2939.2 MHz
Sound Card: Luidsprekers (ASUS Xonar DG Aud |
S/PDIF Pass-through Device (ASU |
Luidsprekers (C-Media USB Headp |
Display Adapters: NVIDIA GeForce GTS 450 | NVIDIA GeForce GTS 450 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (D: | ) D: HL-DT-STBD-RE BH10LS30
Ports: COM1 | COM6 | COM7 | COM10 | COM11 | COM12 | COM13 | COM14 | COM20 | COM21 | COM22 | COM40 LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 1856.2GB
Hard Disks - Free: C: 1743.5GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 06/24/10 | 062410 - 20100624
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK Computer INC. P7P55-M
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: AVG Internet Security 2014 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG Internet Security 2014 disabled (Outdated)
Firewall: AVG Internet Security 2014 disabled
Default Browser: Firefox 24.0
Internet Explorer Version: 10.0.9200.16721
Mozilla Firefox version: 24.0 (x86 nl)
Adobe Reader version: 10.1.8.24
Sun Java version: 1.7.0_45 (32-bit)
Sun Java version: 1.6.0_30 (64-bit)
Flash Player version: 11.9.900.117
Shockwave Player version: 11.6.3r633
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Jaap\AppData\Local\Temp ====
2013-10-29 11:18:44 04349DB1919EDEE3DF40909776FD25AC 437512 —-a-w- C:\Users\Jaap\AppData\Local\Temp\lu\2_spp_10000a2.exe
2013-10-29 11:17:54 C3ED7A5A720E97D97D70BE0AE2FA395A 99096 —-a-w- C:\Users\Jaap\AppData\Local\Temp\LMkRstPt.exe
2013-10-29 11:16:03 B8A2E948D2F0850CB8CCC1AC04C66AC0 889344 —-a-w- C:\Users\Jaap\AppData\Local\Temp\lu\sp\50064\eReg.msi
====== Java Cache =====
2013-10-18 21:26:39 C1BBA7F1278F193AB584FFF460DB5E2A 17878 —-a-w- C:\Users\Jaap\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-45c844c2
2013-10-18 21:26:34 48E84363B3E715129C31E8FE2EE42C1B 100 —-a-w- C:\Users\Jaap\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap
2013-10-18 21:26:34 415FC9732A3F4D89A0E01251CD66E136 646 —-a-w- C:\Users\Jaap\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-76585ade
2013-10-18 21:26:34 415FC9732A3F4D89A0E01251CD66E136 646 —-a-w- C:\Users\Jaap\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-4c057621
2013-10-18 21:26:35 34FA8033B50A3F99D3AB8209C72C0ABA 6860 —-a-w- C:\Users\Jaap\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-29523fc1
====== C:\Windows\SysWOW64 =====
2013-10-18 21:26:07 9B0B14B405E0EDF76B5F5E31A49EB753 96168 —-a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-10-29 11:17:09 64AEB5790901EA8854884981F104CAA6 18960 —-a-w- C:\Windows\Sysnative\drivers\LNonPnP.sys
2013-10-10 17:47:54 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 —-a-w- C:\Windows\Sysnative\drivers\usbport.sys
2013-10-10 17:47:54 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 —-a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2013-10-10 17:47:54 A83D0EC9AE4C31704442099D40BA2471 30720 —-a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2013-10-10 17:47:54 9406D801042FAF859CF81B2C886413DC 25600 —-a-w- C:\Windows\Sysnative\drivers\usbohci.sys
2013-10-10 17:47:54 861C197502A5057E68F0AC75D9EFCDD7 7808 —-a-w- C:\Windows\Sysnative\drivers\usbd.sys
2013-10-10 17:47:54 311C1DD1088E55BEAE15954D17F50646 52736 —-a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2013-10-10 17:47:54 280E90CBF4B2DDD169F0728CB44D726F 343040 —-a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2013-10-10 15:55:59 E2C933EDBC389386EBE6D2BA953F43D8 785624 —-a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2013-10-10 15:55:59 B0435098C81D04CAFFF80DDB746CD3A2 109824 —-a-w- C:\Windows\Sysnative\drivers\USBAUDIO.sys
2013-10-10 15:55:59 9661DA76B4531B2DA272ECCE25A8AF24 42496 —-a-w- C:\Windows\Sysnative\drivers\usbscan.sys
2013-10-10 15:55:59 856E76B3641746ABBC2946BED1372098 32896 —-a-w- C:\Windows\Sysnative\drivers\hidparse.sys
2013-10-10 15:55:59 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 —-a-w- C:\Windows\Sysnative\drivers\usbcir.sys
2013-10-10 15:55:59 597C3699384E53CC59587ED50CCE5CA2 76800 —-a-w- C:\Windows\Sysnative\drivers\hidclass.sys
2013-10-10 15:55:59 40AF23633D197905F03AB5628C558C51 1903552 —-a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2013-10-10 15:55:59 314C17917AC8523EC77A710215012A65 497152 —-a-w- C:\Windows\Sysnative\drivers\afd.sys
2013-10-10 15:55:51 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 —-a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
2013-10-10 15:55:49 88612F1CE3BF42256913BF6E61C70D52 983488 —-a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
====== C:\Windows\Tasks ======
2013-10-29 21:41:41 997E4EE08F75AB3D2490882015030E0B 3704 —-a-w- C:\Windows\Sysnative\Tasks\Java Update Scheduler
2013-10-29 21:41:40 772096B1533565D97B73C65131B7AA23 3694 —-a-w- C:\Windows\Sysnative\Tasks\Adobe-online actualiseringsprogramma
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2013-10-29 21:18:37 ——– d—–w- C:\PROGRA~2\AVG
2013-10-18 21:26:23 ——– d—–w- C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Jaap\AppData\Roaming ======
2013-10-29 21:44:09 ——– d—–w- C:\Users\Joke\AppData\Roaming\AVG2014
2013-10-29 21:44:08 ——– d—–w- C:\Users\Joke\AppData\Local\Avg2014
2013-10-29 21:33:21 ——– d—–w- C:\Users\Jaap\AppData\Roaming\AVG
2013-10-29 21:20:21 ——– d—–w- C:\Users\Jaap\AppData\Roaming\AVG2014
2013-10-29 21:20:10 ——– d—–w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014
2013-10-29 21:19:48 ——– d—–w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014
2013-10-29 21:18:37 ——– d—–w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014
2013-10-29 21:13:03 ——– d—–w- C:\Users\Jaap\AppData\Local\Avg2014
2013-10-29 11:17:56 ——– d—–w- C:\Users\Jaap\AppData\Roaming\Leadertech
====== C:\Users\Jaap ======
2013-10-30 20:51:58 8C27D71B2F6719136407C525ECF18D51 1060070 —-a-w- C:\Users\Jaap\Downloads\adwcleaner.exe
2013-10-29 21:31:35 ——– d—–w- C:\ProgramData\AVG
2013-10-29 21:19:22 ——– d—–w- C:\ProgramData\AVG2014
2013-10-29 11:15:08 858D18E5AC8A678A3160B8ECBD6A76D8 3672832 —-a-w- C:\Users\Jaap\Downloads\setpoint6.61.15_smart.exe
2013-10-23 14:55:43 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2013-10-18 21:26:07 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
====== C: exe-files ==
2013-10-30 20:51:58 8C27D71B2F6719136407C525ECF18D51 1060070 —-a-w- C:\Users\Jaap\Downloads\adwcleaner.exe
2013-10-29 21:19:12 E70CDCC45794FC5D47EE6B4C0E36B061 319024 —-a-w- C:\Program Files (x86)\AVG\AVG2014\avgndisa.exe
2013-10-29 11:18:44 04349DB1919EDEE3DF40909776FD25AC 437512 —-a-w- C:\Users\Jaap\AppData\Local\Temp\lu\2_spp_10000a2.exe
2013-10-29 11:17:56 906F5592CD68267E58456B6260F07320 53248 —-a-r- C:\Users\Jaap\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-10-29 11:17:54 C3ED7A5A720E97D97D70BE0AE2FA395A 99096 —-a-w- C:\Users\Jaap\AppData\Local\Temp\LMkRstPt.exe
2013-10-29 11:15:08 858D18E5AC8A678A3160B8ECBD6A76D8 3672832 —-a-w- C:\Users\Jaap\Downloads\setpoint6.61.15_smart.exe
=== C: other files ==
2013-10-29 11:17:09 64AEB5790901EA8854884981F104CAA6 18960 —-a-w- C:\Windows\System32\drivers\LNonPnP.sys
==== Startup Registry Enabled ======================
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“IJNetworkScanUtility”=“C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE”
“APSDaemon”=“C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
“AVG_UI”=“C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY”
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
==== Startup Registry Enabled x64 ======================
“PtiuPbmd”=“Rundll32.exe ulutil2.dll,SetWriteBack”
“Cmaudio8788”=“C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd”
“Cmaudio8788GX”=“C:\Windows\syswow64\HsMgr.exe Envoke”
“Cmaudio8788GX64”=“C:\Windows\system\HsMgr64.exe Envoke”
“Logitech Download Assistant”=“C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch”
“EvtMgr6”=“C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming”
==== Startup Registry Disabled ======================
“Adobe ARM”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“QuickTime Task”=“\”C:\\Program Files (x86)\\QuickTime\\QTTask.exe\“ -atboottime”
“iTunesHelper”=“\”C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\“”
“SunJavaUpdateSched”=“\”C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\“”
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\Adobe Flash Player Updater”
“C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma”
“C:\Windows\SysNative\tasks\CCleanerSkipUAC”
“C:\Windows\SysNative\tasks\CreateChoiceProcessTask”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA”
“C:\Windows\SysNative\tasks\Java Update Scheduler”
“C:\Windows\SysNative\tasks\SidebarExecute”
“C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F5622106-AF85-4DC8-93C2-DB4726486D1B}”
“C:\Windows\SysNative\tasks\{1640F240-D922-4F1B-8B9A-6C907B144740}”
“C:\Windows\SysNative\tasks\{B313DC0A-64FE-426C-A2D2-9E76C8D3F215}”
“C:\Windows\SysNative\tasks\{FC76A72C-B76C-4D76-840B-96B2B4E8AB92}”
“C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate”
==== Firefox Extensions Registry ======================
“{F003DA68-8256-4b37-A6C4-350FA04494DF}”=“C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt”
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Jaap\AppData\Roaming\Mozilla\Firefox\Profiles\lgkhkjqz.default
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
9F8210675BD2ACC283959BB33F0307DF - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.google.nl/”
New Values:
“Start Page”=“http://www.google.nl/”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG\AVG2014\avgui.exe” /TRAYONLY
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-3906335905-361290431-4065351820-1006\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-3906335905-361290431-4065351820-1006\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://jat.axiscam.net/activex/AMC.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PCloudd - Iomega Corp - C:\Program Files (x86)\Iomega Storage Manager\pCloudd.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jaap\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Joke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Joke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Joke\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Joke\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\6wpvs9wu.default\Cache emptied successfully
C:\Users\Jaap\AppData\Local\Mozilla\Firefox\Profiles\lgkhkjqz.default\Cache emptied successfully
C:\Users\Joke\AppData\Local\Mozilla\Firefox\Profiles\cqkwg3qt.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Jaap\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Jaap\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on do 31-10-2013 at 9:21:46.94 ======================
fazantje

31-10-2013 09:40

Hoi Jaap Ton,
Dit logje ziet er ook prima uit(tu)
Laat nog even weten hoe het met Avast gaat.
Groetjes Huib;)
JaapTon

31-10-2013 12:38

Huib,
Ik draai nu met Avast en dat gaat goed!
Sluit deze topic maar, indien er nog wat is open ik wel een nieuw.
Tot zover enorm bedankt voor je moeite.
Groet,
Jaap
fazantje

07-11-2013 12:59

Omdat dit topic is opgelost word het gesloten.
Wilt U Uw topic als nog weer openen, stuur dan een privé bericht naar Ben of Huib (fazantje).
Zij zullen dan het “slotje” er van af halen en het topic is weer open.
Het AV team.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

E-mail wordt herkend als Spam

JaapTon

JaapTon

fazantje

JaapTon

fazantje

JaapTon

fazantje