Geen geluid meer en fout melding in WMP

Ton

31-12-2013 14:24

En…het vervolg:
14:15:48.0023 0x0d38 nfrd960 - ok
14:15:48.0084 0x0d38 NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:15:48.0103 0x0d38 NisDrv - ok
14:15:48.0160 0x0d38 NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
14:15:48.0185 0x0d38 NisSrv - ok
14:15:48.0221 0x0d38 NlaSvc C:\Windows\System32\nlasvc.dll
14:15:48.0277 0x0d38 NlaSvc - ok
14:15:48.0281 0x0d38 Norman NJeeves - ok
14:15:48.0324 0x0d38 Npfs C:\Windows\system32\drivers\Npfs.sys
14:15:48.0350 0x0d38 Npfs - ok
14:15:48.0359 0x0d38 nsi C:\Windows\system32\nsisvc.dll
14:15:48.0409 0x0d38 nsi - ok
14:15:48.0433 0x0d38 nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:15:48.0481 0x0d38 nsiproxy - ok
14:15:48.0559 0x0d38 Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:15:48.0622 0x0d38 Ntfs - ok
14:15:48.0659 0x0d38 ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
14:15:48.0705 0x0d38 ntrigdigi - ok
14:15:48.0722 0x0d38 Null C:\Windows\system32\drivers\Null.sys
14:15:48.0748 0x0d38 Null - ok
14:15:48.0822 0x0d38 NVHDA C:\Windows\system32\drivers\nvhda32v.sys
14:15:48.0838 0x0d38 NVHDA - ok
14:15:49.0268 0x0d38 nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:15:49.0736 0x0d38 nvlddmkm - ok
14:15:49.0779 0x0d38 nvraid C:\Windows\system32\drivers\nvraid.sys
14:15:49.0795 0x0d38 nvraid - ok
14:15:49.0809 0x0d38 nvstor C:\Windows\system32\drivers\nvstor.sys
14:15:49.0824 0x0d38 nvstor - ok
14:15:49.0861 0x0d38 nvsvc C:\Windows\system32\nvvsvc.exe
14:15:49.0879 0x0d38 nvsvc - ok
14:15:49.0905 0x0d38 nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:15:49.0921 0x0d38 nv_agp - ok
14:15:49.0926 0x0d38 NwlnkFlt - ok
14:15:49.0932 0x0d38 NwlnkFwd - ok
14:15:49.0986 0x0d38 ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:15:50.0009 0x0d38 ohci1394 - ok
14:15:50.0076 0x0d38 ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:15:50.0089 0x0d38 ose - ok
14:15:50.0146 0x0d38 p2pimsvc C:\Windows\system32\p2psvc.dll
14:15:50.0249 0x0d38 p2pimsvc - ok
14:15:50.0279 0x0d38 p2psvc C:\Windows\system32\p2psvc.dll
14:15:50.0327 0x0d38 p2psvc - ok
14:15:50.0395 0x0d38 Parport C:\Windows\system32\DRIVERS\parport.sys
14:15:50.0431 0x0d38 Parport - ok
14:15:50.0472 0x0d38 partmgr C:\Windows\system32\drivers\partmgr.sys
14:15:50.0487 0x0d38 partmgr - ok
14:15:50.0520 0x0d38 Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:15:50.0574 0x0d38 Parvdm - ok
14:15:50.0610 0x0d38 PcaSvc C:\Windows\System32\pcasvc.dll
14:15:50.0650 0x0d38 PcaSvc - ok
14:15:50.0695 0x0d38 pci C:\Windows\system32\drivers\pci.sys
14:15:50.0713 0x0d38 pci - ok
14:15:50.0728 0x0d38 pciide C:\Windows\system32\drivers\pciide.sys
14:15:50.0741 0x0d38 pciide - ok
14:15:50.0769 0x0d38 pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:15:50.0785 0x0d38 pcmcia - ok
14:15:50.0831 0x0d38 PEAUTH C:\Windows\system32\drivers\peauth.sys
14:15:50.0955 0x0d38 PEAUTH - ok
14:15:51.0057 0x0d38 pla C:\Windows\system32\pla.dll
14:15:51.0213 0x0d38 pla - ok
14:15:51.0263 0x0d38 PlugPlay C:\Windows\system32\umpnpmgr.dll
14:15:51.0310 0x0d38 PlugPlay - ok
14:15:51.0357 0x0d38 PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:15:51.0397 0x0d38 PNRPAutoReg - ok
14:15:51.0457 0x0d38 PNRPsvc C:\Windows\system32\p2psvc.dll
14:15:51.0497 0x0d38 PNRPsvc - ok
14:15:51.0554 0x0d38 PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:15:51.0643 0x0d38 PolicyAgent - ok
14:15:51.0685 0x0d38 PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:15:51.0770 0x0d38 PptpMiniport - ok
14:15:51.0802 0x0d38 Processor C:\Windows\system32\drivers\processr.sys
14:15:51.0854 0x0d38 Processor - ok
14:15:51.0887 0x0d38 ProfSvc C:\Windows\system32\profsvc.dll
14:15:51.0938 0x0d38 ProfSvc - ok
14:15:51.0960 0x0d38 ProtectedStorage C:\Windows\system32\lsass.exe
14:15:51.0976 0x0d38 ProtectedStorage - ok
14:15:52.0014 0x0d38 PSched C:\Windows\system32\DRIVERS\pacer.sys
14:15:52.0060 0x0d38 PSched - ok
14:15:52.0139 0x0d38 ql2300 C:\Windows\system32\drivers\ql2300.sys
14:15:52.0211 0x0d38 ql2300 - ok
14:15:52.0239 0x0d38 ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:15:52.0256 0x0d38 ql40xx - ok
14:15:52.0286 0x0d38 QWAVE C:\Windows\system32\qwave.dll
14:15:52.0351 0x0d38 QWAVE - ok
14:15:52.0376 0x0d38 QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:15:52.0416 0x0d38 QWAVEdrv - ok
14:15:52.0464 0x0d38 RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:15:52.0521 0x0d38 RasAcd - ok
14:15:52.0555 0x0d38 RasAuto C:\Windows\System32\rasauto.dll
14:15:52.0595 0x0d38 RasAuto - ok
14:15:52.0615 0x0d38 Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:15:52.0709 0x0d38 Rasl2tp - ok
14:15:52.0766 0x0d38 RasMan C:\Windows\System32\rasmans.dll
14:15:52.0837 0x0d38 RasMan - ok
14:15:52.0880 0x0d38 RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:15:52.0939 0x0d38 RasPppoe - ok
14:15:52.0967 0x0d38 RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:15:53.0034 0x0d38 RasSstp - ok
14:15:53.0062 0x0d38 rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:15:53.0156 0x0d38 rdbss - ok
14:15:53.0193 0x0d38 RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:15:53.0243 0x0d38 RDPCDD - ok
14:15:53.0293 0x0d38 rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:15:53.0326 0x0d38 rdpdr - ok
14:15:53.0333 0x0d38 RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:15:53.0376 0x0d38 RDPENCDD - ok
14:15:53.0418 0x0d38 RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:15:53.0481 0x0d38 RDPWD - ok
14:15:53.0536 0x0d38 Recovery Service for Windows C:\Program Files\SMINST\BLService.exe
14:15:53.0558 0x0d38 Recovery Service for Windows - ok
14:15:53.0598 0x0d38 RemoteAccess C:\Windows\System32\mprdim.dll
14:15:53.0628 0x0d38 RemoteAccess - ok
14:15:53.0672 0x0d38 RemoteRegistry C:\Windows\system32\regsvc.dll
14:15:53.0704 0x0d38 RemoteRegistry - ok
14:15:53.0742 0x0d38 RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:15:53.0792 0x0d38 RFCOMM - ok
14:15:53.0858 0x0d38 RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
14:15:53.0897 0x0d38 RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
14:15:54.0099 0x0d38 Detect skipped due to KSN trusted
14:15:54.0099 0x0d38 RichVideo - ok
14:15:54.0144 0x0d38 RpcLocator C:\Windows\system32\locator.exe
14:15:54.0167 0x0d38 RpcLocator - ok
14:15:54.0204 0x0d38 RpcSs C:\Windows\system32\rpcss.dll
14:15:54.0265 0x0d38 RpcSs - ok
14:15:54.0297 0x0d38 rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:15:54.0353 0x0d38 rspndr - ok
14:15:54.0390 0x0d38 RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
14:15:54.0458 0x0d38 RTL8169 - ok
14:15:54.0473 0x0d38 SamSs C:\Windows\system32\lsass.exe
14:15:54.0488 0x0d38 SamSs - ok
14:15:54.0505 0x0d38 sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:15:54.0520 0x0d38 sbp2port - ok
14:15:54.0564 0x0d38 SCardSvr C:\Windows\System32\SCardSvr.dll
14:15:54.0608 0x0d38 SCardSvr - ok
14:15:54.0658 0x0d38 Schedule C:\Windows\system32\schedsvc.dll
14:15:54.0697 0x0d38 Schedule - ok
14:15:54.0735 0x0d38 SCPolicySvc C:\Windows\System32\certprop.dll
14:15:54.0757 0x0d38 SCPolicySvc - ok
14:15:54.0774 0x0d38 sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:15:54.0816 0x0d38 sdbus - ok
14:15:54.0845 0x0d38 SDRSVC C:\Windows\System32\SDRSVC.dll
14:15:54.0882 0x0d38 SDRSVC - ok
14:15:54.0912 0x0d38 secdrv C:\Windows\system32\drivers\secdrv.sys
14:15:54.0959 0x0d38 secdrv - ok
14:15:54.0969 0x0d38 seclogon C:\Windows\system32\seclogon.dll
14:15:55.0014 0x0d38 seclogon - ok
14:15:55.0036 0x0d38 SENS C:\Windows\system32\sens.dll
14:15:55.0091 0x0d38 SENS - ok
14:15:55.0140 0x0d38 Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:15:55.0195 0x0d38 Serenum - ok
14:15:55.0237 0x0d38 Serial C:\Windows\system32\DRIVERS\serial.sys
14:15:55.0354 0x0d38 Serial - ok
14:15:55.0384 0x0d38 sermouse C:\Windows\system32\drivers\sermouse.sys
14:15:55.0411 0x0d38 sermouse - ok
14:15:55.0441 0x0d38 SessionEnv C:\Windows\system32\sessenv.dll
14:15:55.0497 0x0d38 SessionEnv - ok
14:15:55.0524 0x0d38 sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:15:55.0545 0x0d38 sffdisk - ok
14:15:55.0566 0x0d38 sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:15:55.0592 0x0d38 sffp_mmc - ok
14:15:55.0604 0x0d38 sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:15:55.0631 0x0d38 sffp_sd - ok
14:15:55.0642 0x0d38 sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:15:55.0690 0x0d38 sfloppy - ok
14:15:55.0729 0x0d38 SharedAccess C:\Windows\System32\ipnathlp.dll
14:15:55.0779 0x0d38 SharedAccess - ok
14:15:55.0811 0x0d38 ShellHWDetection C:\Windows\System32\shsvcs.dll
14:15:55.0834 0x0d38 ShellHWDetection - ok
14:15:55.0853 0x0d38 sisagp C:\Windows\system32\drivers\sisagp.sys
14:15:55.0868 0x0d38 sisagp - ok
14:15:55.0887 0x0d38 SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:15:55.0901 0x0d38 SiSRaid2 - ok
14:15:55.0916 0x0d38 SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:15:55.0931 0x0d38 SiSRaid4 - ok
14:15:56.0121 0x0d38 Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
14:15:56.0267 0x0d38 Skype C2C Service - ok
14:15:56.0354 0x0d38 SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:15:56.0375 0x0d38 SkypeUpdate - ok
14:15:56.0534 0x0d38 slsvc C:\Windows\system32\SLsvc.exe
14:15:56.0782 0x0d38 slsvc - ok
14:15:56.0839 0x0d38 SLUINotify C:\Windows\system32\SLUINotify.dll
14:15:56.0864 0x0d38 SLUINotify - ok
14:15:56.0903 0x0d38 Smb C:\Windows\system32\DRIVERS\smb.sys
14:15:56.0976 0x0d38 Smb - ok
14:15:57.0016 0x0d38 SNMPTRAP C:\Windows\System32\snmptrap.exe
14:15:57.0034 0x0d38 SNMPTRAP - ok
14:15:57.0056 0x0d38 spldr C:\Windows\system32\drivers\spldr.sys
14:15:57.0070 0x0d38 spldr - ok
14:15:57.0117 0x0d38 Spooler C:\Windows\System32\spoolsv.exe
14:15:57.0137 0x0d38 Spooler - ok
14:15:57.0184 0x0d38 srv C:\Windows\system32\DRIVERS\srv.sys
14:15:57.0221 0x0d38 srv - ok
14:15:57.0255 0x0d38 srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:15:57.0286 0x0d38 srv2 - ok
14:15:57.0320 0x0d38 srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:15:57.0337 0x0d38 srvnet - ok
14:15:57.0357 0x0d38 SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:15:57.0390 0x0d38 SSDPSRV - ok
14:15:57.0432 0x0d38 SstpSvc C:\Windows\system32\sstpsvc.dll
14:15:57.0491 0x0d38 SstpSvc - ok
14:15:57.0619 0x0d38 STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
14:15:57.0633 0x0d38 STacSV - detected UnsignedFile.Multi.Generic ( 1 )
14:15:57.0771 0x0d38 STacSV ( UnsignedFile.Multi.Generic ) - warning
14:15:58.0015 0x0d38 STHDA C:\Windows\system32\DRIVERS\stwrt.sys
14:15:58.0109 0x0d38 STHDA - ok
14:15:58.0178 0x0d38 stisvc C:\Windows\System32\wiaservc.dll
14:15:58.0219 0x0d38 stisvc - ok
14:15:58.0257 0x0d38 swenum C:\Windows\system32\DRIVERS\swenum.sys
14:15:58.0279 0x0d38 swenum - ok
14:15:58.0326 0x0d38 swprv C:\Windows\System32\swprv.dll
14:15:58.0386 0x0d38 swprv - ok
14:15:58.0402 0x0d38 Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:15:58.0418 0x0d38 Symc8xx - ok
14:15:58.0433 0x0d38 Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:15:58.0450 0x0d38 Sym_hi - ok
14:15:58.0457 0x0d38 Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:15:58.0470 0x0d38 Sym_u3 - ok
14:15:58.0538 0x0d38 SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:15:58.0556 0x0d38 SynTP - ok
14:15:58.0617 0x0d38 SysMain C:\Windows\system32\sysmain.dll
14:15:58.0718 0x0d38 SysMain - ok
14:15:58.0764 0x0d38 TabletInputService C:\Windows\System32\TabSvc.dll
14:15:58.0783 0x0d38 TabletInputService - ok
14:15:58.0831 0x0d38 TapiSrv C:\Windows\System32\tapisrv.dll
14:15:58.0864 0x0d38 TapiSrv - ok
14:15:58.0876 0x0d38 TBS C:\Windows\System32\tbssvc.dll
14:15:58.0914 0x0d38 TBS - ok
14:15:58.0988 0x0d38 Tcpip C:\Windows\system32\drivers\tcpip.sys
14:15:59.0061 0x0d38 Tcpip - ok
14:15:59.0117 0x0d38 Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:15:59.0172 0x0d38 Tcpip6 - ok
14:15:59.0197 0x0d38 tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:15:59.0225 0x0d38 tcpipreg - ok
14:15:59.0257 0x0d38 TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:15:59.0304 0x0d38 TDPIPE - ok
14:15:59.0346 0x0d38 TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:15:59.0399 0x0d38 TDTCP - ok
14:15:59.0435 0x0d38 tdx C:\Windows\system32\DRIVERS\tdx.sys
14:15:59.0462 0x0d38 tdx - ok
14:15:59.0488 0x0d38 TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:15:59.0511 0x0d38 TermDD - ok
14:15:59.0541 0x0d38 TermService C:\Windows\System32\termsrv.dll
14:15:59.0589 0x0d38 TermService - ok
14:15:59.0614 0x0d38 Themes C:\Windows\system32\shsvcs.dll
14:15:59.0643 0x0d38 Themes - ok
14:15:59.0659 0x0d38 THREADORDER C:\Windows\system32\mmcss.dll
14:15:59.0687 0x0d38 THREADORDER - ok
14:15:59.0713 0x0d38 TrkWks C:\Windows\System32\trkwks.dll
14:15:59.0769 0x0d38 TrkWks - ok
14:15:59.0827 0x0d38 TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:15:59.0849 0x0d38 TrustedInstaller - ok
14:15:59.0882 0x0d38 tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:15:59.0898 0x0d38 tssecsrv - ok
14:15:59.0949 0x0d38 tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:15:59.0964 0x0d38 tunmp - ok
14:16:00.0004 0x0d38 tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:16:00.0043 0x0d38 tunnel - ok
14:16:00.0069 0x0d38 uagp35 C:\Windows\system32\drivers\uagp35.sys
14:16:00.0087 0x0d38 uagp35 - ok
14:16:00.0121 0x0d38 udfs C:\Windows\system32\DRIVERS\udfs.sys
14:16:00.0172 0x0d38 udfs - ok
14:16:00.0205 0x0d38 UI0Detect C:\Windows\system32\UI0Detect.exe
14:16:00.0241 0x0d38 UI0Detect - ok
14:16:00.0264 0x0d38 uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:16:00.0282 0x0d38 uliagpkx - ok
14:16:00.0306 0x0d38 uliahci C:\Windows\system32\drivers\uliahci.sys
14:16:00.0330 0x0d38 uliahci - ok
14:16:00.0349 0x0d38 UlSata C:\Windows\system32\drivers\ulsata.sys
14:16:00.0367 0x0d38 UlSata - ok
14:16:00.0388 0x0d38 ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:16:00.0406 0x0d38 ulsata2 - ok
14:16:00.0424 0x0d38 umbus C:\Windows\system32\DRIVERS\umbus.sys
14:16:00.0477 0x0d38 umbus - ok
14:16:00.0512 0x0d38 upnphost C:\Windows\System32\upnphost.dll
14:16:00.0549 0x0d38 upnphost - ok
14:16:00.0579 0x0d38 USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
14:16:00.0620 0x0d38 USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
14:16:00.0745 0x0d38 Detect skipped due to KSN trusted
14:16:00.0745 0x0d38 USBAAPL - ok
14:16:00.0831 0x0d38 usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:16:00.0942 0x0d38 usbccgp - ok
14:16:00.0959 0x0d38 usbcir C:\Windows\system32\drivers\usbcir.sys
14:16:01.0074 0x0d38 usbcir - ok
14:16:01.0110 0x0d38 usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:16:01.0126 0x0d38 usbehci - ok
14:16:01.0163 0x0d38 usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:16:01.0199 0x0d38 usbhub - ok
14:16:01.0223 0x0d38 usbohci C:\Windows\system32\drivers\usbohci.sys
14:16:01.0270 0x0d38 usbohci - ok
14:16:01.0296 0x0d38 usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:16:01.0325 0x0d38 usbprint - ok
14:16:01.0383 0x0d38 usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:16:01.0398 0x0d38 usbscan - ok
14:16:01.0427 0x0d38 USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:16:01.0491 0x0d38 USBSTOR - ok
14:16:01.0521 0x0d38 usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:16:01.0536 0x0d38 usbuhci - ok
14:16:01.0608 0x0d38 usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:16:01.0724 0x0d38 usbvideo - ok
14:16:01.0748 0x0d38 UxSms C:\Windows\System32\uxsms.dll
14:16:01.0779 0x0d38 UxSms - ok
14:16:01.0829 0x0d38 vds C:\Windows\System32\vds.exe
14:16:01.0875 0x0d38 vds - ok
14:16:01.0906 0x0d38 vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:16:01.0956 0x0d38 vga - ok
14:16:01.0982 0x0d38 VgaSave C:\Windows\System32\drivers\vga.sys
14:16:02.0010 0x0d38 VgaSave - ok
14:16:02.0030 0x0d38 viaagp C:\Windows\system32\drivers\viaagp.sys
14:16:02.0045 0x0d38 viaagp - ok
14:16:02.0059 0x0d38 ViaC7 C:\Windows\system32\drivers\viac7.sys
14:16:02.0103 0x0d38 ViaC7 - ok
14:16:02.0119 0x0d38 viaide C:\Windows\system32\drivers\viaide.sys
14:16:02.0133 0x0d38 viaide - ok
14:16:02.0148 0x0d38 volmgr C:\Windows\system32\drivers\volmgr.sys
14:16:02.0162 0x0d38 volmgr - ok
14:16:02.0202 0x0d38 volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:16:02.0224 0x0d38 volmgrx - ok
14:16:02.0264 0x0d38 volsnap C:\Windows\system32\drivers\volsnap.sys
14:16:02.0284 0x0d38 volsnap - ok
14:16:02.0317 0x0d38 vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:16:02.0333 0x0d38 vsmraid - ok
14:16:02.0407 0x0d38 VSS C:\Windows\system32\vssvc.exe
14:16:02.0500 0x0d38 VSS - ok
14:16:02.0539 0x0d38 W32Time C:\Windows\system32\w32time.dll
14:16:02.0579 0x0d38 W32Time - ok
14:16:02.0605 0x0d38 WacomPen C:\Windows\system32\drivers\wacompen.sys
14:16:02.0681 0x0d38 WacomPen - ok
14:16:02.0711 0x0d38 Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:16:02.0765 0x0d38 Wanarp - ok
14:16:02.0771 0x0d38 Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:16:02.0796 0x0d38 Wanarpv6 - ok
14:16:02.0828 0x0d38 wcncsvc C:\Windows\System32\wcncsvc.dll
14:16:02.0913 0x0d38 wcncsvc - ok
14:16:02.0952 0x0d38 WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:16:02.0978 0x0d38 WcsPlugInService - ok
14:16:02.0989 0x0d38 Wd C:\Windows\system32\drivers\wd.sys
14:16:03.0002 0x0d38 Wd - ok
14:16:03.0062 0x0d38 Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:16:03.0094 0x0d38 Wdf01000 - ok
14:16:03.0140 0x0d38 WdiServiceHost C:\Windows\system32\wdi.dll
14:16:03.0201 0x0d38 WdiServiceHost - ok
14:16:03.0206 0x0d38 WdiSystemHost C:\Windows\system32\wdi.dll
14:16:03.0237 0x0d38 WdiSystemHost - ok
14:16:03.0317 0x0d38 WebClient C:\Windows\System32\webclnt.dll
14:16:03.0377 0x0d38 WebClient - ok
14:16:03.0421 0x0d38 Wecsvc C:\Windows\system32\wecsvc.dll
14:16:03.0485 0x0d38 Wecsvc - ok
14:16:03.0511 0x0d38 wercplsupport C:\Windows\System32\wercplsupport.dll
14:16:03.0542 0x0d38 wercplsupport - ok
14:16:03.0573 0x0d38 WerSvc C:\Windows\System32\WerSvc.dll
14:16:03.0608 0x0d38 WerSvc - ok
14:16:03.0665 0x0d38 WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:16:03.0693 0x0d38 WinDefend - ok
14:16:03.0722 0x0d38 WinHttpAutoProxySvc - ok
14:16:03.0806 0x0d38 Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:16:03.0838 0x0d38 Winmgmt - ok
14:16:03.0930 0x0d38 WinRM C:\Windows\system32\WsmSvc.dll
14:16:04.0057 0x0d38 WinRM - ok
14:16:04.0121 0x0d38 Wlansvc C:\Windows\System32\wlansvc.dll
14:16:04.0165 0x0d38 Wlansvc - ok
14:16:04.0294 0x0d38 wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:16:04.0391 0x0d38 wlidsvc - ok
14:16:04.0436 0x0d38 WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:16:04.0486 0x0d38 WmiAcpi - ok
14:16:04.0533 0x0d38 wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:16:04.0560 0x0d38 wmiApSrv - ok
14:16:04.0649 0x0d38 WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:16:04.0799 0x0d38 WMPNetworkSvc - ok
14:16:04.0830 0x0d38 WPCSvc C:\Windows\System32\wpcsvc.dll
14:16:04.0858 0x0d38 WPCSvc - ok
14:16:04.0886 0x0d38 WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:16:04.0911 0x0d38 WPDBusEnum - ok
14:16:04.0935 0x0d38 WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
14:16:04.0972 0x0d38 WpdUsb - ok
14:16:05.0752 0x0d38 WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:16:05.0800 0x0d38 WPFFontCache_v0400 - ok
14:16:05.0839 0x0d38 ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:16:05.0898 0x0d38 ws2ifsl - ok
14:16:05.0933 0x0d38 wscsvc C:\Windows\system32\wscsvc.dll
14:16:05.0976 0x0d38 wscsvc - ok
14:16:05.0981 0x0d38 WSearch - ok
14:16:06.0100 0x0d38 wuauserv C:\Windows\system32\wuaueng.dll
14:16:06.0281 0x0d38 wuauserv - ok
14:16:06.0322 0x0d38 WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:16:06.0388 0x0d38 WudfPf - ok
14:16:06.0416 0x0d38 WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:16:06.0448 0x0d38 WUDFRd - ok
14:16:06.0484 0x0d38 wudfsvc C:\Windows\System32\WUDFSvc.dll
14:16:06.0510 0x0d38 wudfsvc - ok
14:16:06.0578 0x0d38 yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
14:16:06.0672 0x0d38 yukonwlh - ok
14:16:06.0731 0x0d38 {55662437-DA8C-40c0-AADA-2C816A897A49} C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
14:16:06.0743 0x0d38 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
14:16:06.0775 0x0d38 ================ Scan global ===============================
14:16:06.0805 0x0d38 C:\Windows\system32\basesrv.dll
14:16:06.0854 0x0d38 C:\Windows\system32\winsrv.dll
14:16:06.0892 0x0d38 C:\Windows\system32\winsrv.dll
14:16:06.0945 0x0d38 C:\Windows\system32\services.exe
14:16:06.0955 0x0d38 - ok
14:16:06.0955 0x0d38 ================ Scan MBR ==================================
14:16:06.0968 0x0d38 \Device\Harddisk0\DR0
14:16:07.0494 0x0d38 \Device\Harddisk0\DR0 - ok
14:16:07.0495 0x0d38 ================ Scan VBR ==================================
14:16:07.0498 0x0d38 \Device\Harddisk0\DR0\Partition1
14:16:07.0501 0x0d38 \Device\Harddisk0\DR0\Partition1 - ok
14:16:07.0514 0x0d38 \Device\Harddisk0\DR0\Partition2
14:16:07.0516 0x0d38 \Device\Harddisk0\DR0\Partition2 - ok
14:16:07.0516 0x0d38 Waiting for KSN requests completion. In queue: 50
14:16:08.0533 0x0d38 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
14:16:08.0540 0x0d38 Win FW state via NFP2: enabled
14:16:08.0674 0x0d38 ============================================================
14:16:08.0674 0x0d38 Scan finished
14:16:08.0674 0x0d38 ============================================================
14:16:08.0687 0x0ef4 Detected object count: 4
14:16:08.0687 0x0ef4 Actual detected object count: 4
14:16:51.0789 0x0ef4 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:51.0789 0x0ef4 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:51.0792 0x0ef4 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:51.0792 0x0ef4 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:51.0793 0x0ef4 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:51.0793 0x0ef4 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:51.0795 0x0ef4 STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:51.0795 0x0ef4 STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
Gr. Ton
Ben

31-12-2013 15:13

Hallo,
TDSSKiller ziet er goeduit:
Download de
Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links
Farbar Recovery Scan Tool 32 bit (x86)
Farbar Recovery Scan Tool 64 bit (x64)
Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.
Farbar Recovery Scan Tool uitvoeren
Dubbelklik op FRST.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Als het programma is geopend klik Yes (Ja) bij de disclaimer.
Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de ‘tool’ is gestart.
Voeg dit logbestand als bijlage toe aan het volgende bericht.
Ton

31-12-2013 15:40

En logje 1.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-12-2013
Ran by Verkleij (administrator) on PC_VAN_CINOR8 on 31-12-2013 15:32:42
Running from C:\Users\Verkleij\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Dutch Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\…\Run: - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\…\Run: - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
HKLM\…\Run: - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
HKLM\…\Run: - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
HKLM\…\Run: - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
HKLM\…\Run: - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
HKLM\…\Run: - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
HKLM\…\Run: - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
HKLM\…\Run: - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
HKLM\…\Run: - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
HKCU\…\Run: - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
HKCU\…\Run: - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
HKCU\…\Run: - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
HKU\Gast\…\Run: - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
HKU\Gast\…\Run: - “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
HKU\Gast\…\Run: - C:\Users\Gast\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
AppInit_DLLs: C:\Windows\System32\acaptuser32.dll (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {02F8690D-295D-4E2B-86A1-1569F5141758} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1172&query={searchTerms}&invocationType=tb50hpcnnbie7-nl-nl
SearchScopes: HKLM - {289DC876-D4B7-4DD6-B3FB-F1B437AFFC58} URL = http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM - {A8AF9C26-7517-496B-8884-E2182F0B1036} URL = http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935
SearchScopes: HKCU - DefaultScope {A614BA29-A315-4D85-96AB-DC065A1E4E40} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {02F8690D-295D-4E2B-86A1-1569F5141758} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {289DC876-D4B7-4DD6-B3FB-F1B437AFFC58} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {A614BA29-A315-4D85-96AB-DC065A1E4E40} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {A8AF9C26-7517-496B-8884-E2182F0B1036} URL =
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll (Microsoft Corporation) ATTENTION: The LibraryPath should be “%SystemRoot%\system32\NLAapi.dll”
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
Tcpip\Parameters: 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Verkleij\AppData\Roaming\Mozilla\Firefox\Profiles\fpz3hy76.default-1384266771836
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\bolcom-nl.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\marktplaats-nl.xml
FF HKLM\…\Firefox\Extensions: - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
========================== Services (Whitelisted) =================
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe (WildTangent)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (Hewlett-Packard)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
S4 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe ()
S4 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe (IDT, Inc.)
S3 Norman NJeeves; “C:\Program Files\Norman\Npm\Bin\Njeeves.exe”
==================== Drivers (Whitelisted) ====================
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys (Microsoft Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl (Cyberlink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe (Microsoft Corporation)
R3 catchme; \??\C:\ComboFix\catchme.sys
S3 IpInIp; system32\DRIVERS\ipinip.sys
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-31 15:32 - 2013-12-31 15:32 - 00012866 _____ C:\Users\Verkleij\Desktop\FRST.txt
2013-12-31 15:30 - 2013-12-31 15:30 - 00000000 ____D C:\FRST
2013-12-31 15:24 - 2013-12-31 15:24 - 01064333 _____ (Farbar) C:\Users\Verkleij\Desktop\FRST.exe
2013-12-31 14:11 - 2013-12-31 14:11 - 04101441 _____ C:\Users\Verkleij\Downloads\tdsskiller.zip
2013-12-31 12:51 - 2013-12-31 12:51 - 00015899 _____ C:\ComboFix.txt
2013-12-31 12:31 - 2013-12-31 12:44 - 00001116 _____ C:\Windows\PFRO.log
2013-12-31 12:22 - 2013-12-31 12:51 - 00000000 ____D C:\ComboFix
2013-12-31 12:22 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-31 12:22 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-31 12:22 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-31 12:22 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-31 12:22 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-31 12:22 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-31 12:22 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-31 12:22 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-31 12:20 - 2013-12-31 12:20 - 05160176 ____R (Swearware) C:\Users\Verkleij\Desktop\ComboFix.exe
2013-12-31 11:05 - 2013-12-31 12:51 - 00000000 ____D C:\Qoobox
2013-12-31 11:05 - 2013-12-31 12:49 - 00000000 ____D C:\Windows\erdnt
2013-12-30 21:29 - 2013-12-30 21:29 - 00000197 _____ C:\Users\Verkleij\Desktop\antivirus.startpagina.nl Prikbord - Alle antivirus berichten.url
2013-12-30 20:22 - 2013-12-30 20:22 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-30 20:22 - 2013-12-30 20:22 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-30 19:22 - 2013-12-30 19:22 - 00028909 _____ C:\Users\Verkleij\Desktop\info.txt
2013-12-30 19:17 - 2013-12-30 19:17 - 00000000 ____D C:\rsit
2013-12-30 19:17 - 2013-12-30 19:17 - 00000000 ____D C:\Program Files\trend micro
2013-12-30 19:16 - 2013-12-30 19:16 - 00781383 _____ C:\Users\Verkleij\Desktop\RSIT.exe
2013-12-30 19:14 - 2013-12-30 19:14 - 00935175 _____ C:\Users\Verkleij\Downloads\RSITx64.exe
2013-12-30 14:49 - 2013-12-30 14:49 - 00000000 ____D C:\Program Files\ESET
2013-12-30 14:33 - 2013-12-30 14:33 - 00000000 ____D C:\Users\Verkleij\AppData\Roaming\Malwarebytes
2013-12-30 14:32 - 2013-12-30 14:32 - 00000906 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-30 14:32 - 2013-12-30 14:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-30 14:32 - 2013-12-30 14:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-30 14:32 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-30 14:29 - 2013-12-30 14:29 - 00008077 _____ C:\Users\Verkleij\Desktop\AdwCleaner.txt
2013-12-30 14:24 - 2013-12-30 14:26 - 00000000 ____D C:\AdwCleaner
2013-12-30 14:23 - 2013-12-30 14:23 - 01233962 _____ C:\Users\Verkleij\Desktop\adwcleaner.exe
2013-12-30 14:18 - 2013-12-30 14:18 - 01233962 _____ C:\Users\Verkleij\Downloads\adwcleaner.exe
2013-12-29 00:03 - 2013-11-15 00:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-29 00:03 - 2013-11-14 23:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-29 00:03 - 2013-11-14 23:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-29 00:03 - 2013-11-14 23:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-29 00:03 - 2013-11-14 23:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-29 00:03 - 2013-11-14 23:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-29 00:03 - 2013-11-14 23:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-29 00:03 - 2013-11-14 23:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-29 00:03 - 2013-11-14 23:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-29 00:03 - 2013-11-14 23:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-29 00:03 - 2013-11-14 23:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-29 00:03 - 2013-11-14 23:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-29 00:03 - 2013-11-14 23:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-29 00:03 - 2013-11-14 23:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-29 00:03 - 2013-11-14 23:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-29 00:03 - 2013-11-14 23:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-28 18:53 - 2013-10-30 03:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-28 18:53 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-28 18:53 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-28 18:53 - 2013-10-30 01:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-28 18:52 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-28 18:52 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-28 18:52 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-28 18:52 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-28 18:52 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-28 18:52 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-28 16:43 - 2013-12-28 16:43 - 00000000 ____D C:\ProgramData\LightScribe
2013-12-10 16:54 - 2013-12-10 16:55 - 00000000 ____D C:\Program Files\Mozilla Firefox(114)
2013-12-01 14:55 - 2013-12-01 14:55 - 05617232 _____ (Systweak Inc ) C:\Users\Verkleij\Downloads\rcpsetupmarm_marm452568637nl.exe
==================== One Month Modified Files and Folders =======
2013-12-31 15:32 - 2013-12-31 15:32 - 00012866 _____ C:\Users\Verkleij\Desktop\FRST.txt
2013-12-31 15:30 - 2013-12-31 15:30 - 00000000 ____D C:\FRST
2013-12-31 15:30 - 2012-06-24 15:50 - 00000000 ____D C:\Users\Verkleij\AppData\Roaming\Skype
2013-12-31 15:24 - 2013-12-31 15:24 - 01064333 _____ (Farbar) C:\Users\Verkleij\Desktop\FRST.exe
2013-12-31 15:22 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-31 15:22 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-31 14:37 - 2012-04-15 13:45 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-31 14:18 - 2009-01-18 06:31 - 01805242 _____ C:\Windows\WindowsUpdate.log
2013-12-31 14:11 - 2013-12-31 14:11 - 04101441 _____ C:\Users\Verkleij\Downloads\tdsskiller.zip
2013-12-31 14:07 - 2008-11-20 13:15 - 00721654 _____ C:\Windows\system32\perfh013.dat
2013-12-31 14:07 - 2008-11-20 13:15 - 00150572 _____ C:\Windows\system32\perfc013.dat
2013-12-31 14:07 - 2006-11-02 11:33 - 01619028 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-31 12:51 - 2013-12-31 12:51 - 00015899 _____ C:\ComboFix.txt
2013-12-31 12:51 - 2013-12-31 12:22 - 00000000 ____D C:\ComboFix
2013-12-31 12:51 - 2013-12-31 11:05 - 00000000 ____D C:\Qoobox
2013-12-31 12:51 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2013-12-31 12:51 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2013-12-31 12:49 - 2013-12-31 11:05 - 00000000 ____D C:\Windows\erdnt
2013-12-31 12:46 - 2009-03-23 21:06 - 00102249 _____ C:\ProgramData\nvModes.001
2013-12-31 12:45 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2013-12-31 12:44 - 2013-12-31 12:31 - 00001116 _____ C:\Windows\PFRO.log
2013-12-31 12:44 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-31 12:43 - 2008-11-20 04:42 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-12-31 12:43 - 2006-11-02 14:01 - 00032556 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-31 12:43 - 2006-11-02 11:22 - 57671680 _____ C:\Windows\system32\config\software.bak
2013-12-31 12:43 - 2006-11-02 11:22 - 45613056 _____ C:\Windows\system32\config\COMPON~3.bak
2013-12-31 12:43 - 2006-11-02 11:22 - 27000832 _____ C:\Windows\system32\config\system.bak
2013-12-31 12:43 - 2006-11-02 11:22 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-12-31 12:43 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-12-31 12:43 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-12-31 12:20 - 2013-12-31 12:20 - 05160176 ____R (Swearware) C:\Users\Verkleij\Desktop\ComboFix.exe
2013-12-30 21:29 - 2013-12-30 21:29 - 00000197 _____ C:\Users\Verkleij\Desktop\antivirus.startpagina.nl Prikbord - Alle antivirus berichten.url
2013-12-30 21:26 - 2013-11-12 16:20 - 00000332 _____ C:\Users\Verkleij\AppData\Roaming\wklnhst.dat
2013-12-30 20:22 - 2013-12-30 20:22 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-30 20:22 - 2013-12-30 20:22 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-30 20:22 - 2013-11-15 21:35 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-30 19:22 - 2013-12-30 19:22 - 00028909 _____ C:\Users\Verkleij\Desktop\info.txt
2013-12-30 19:17 - 2013-12-30 19:17 - 00000000 ____D C:\rsit
2013-12-30 19:17 - 2013-12-30 19:17 - 00000000 ____D C:\Program Files\trend micro
2013-12-30 19:16 - 2013-12-30 19:16 - 00781383 _____ C:\Users\Verkleij\Desktop\RSIT.exe
2013-12-30 19:14 - 2013-12-30 19:14 - 00935175 _____ C:\Users\Verkleij\Downloads\RSITx64.exe
2013-12-30 18:59 - 2009-09-29 17:54 - 00000052 _____ C:\Windows\system32\DOErrors.log
2013-12-30 14:49 - 2013-12-30 14:49 - 00000000 ____D C:\Program Files\ESET
2013-12-30 14:33 - 2013-12-30 14:33 - 00000000 ____D C:\Users\Verkleij\AppData\Roaming\Malwarebytes
2013-12-30 14:32 - 2013-12-30 14:32 - 00000906 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-30 14:32 - 2013-12-30 14:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-30 14:32 - 2013-12-30 14:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-30 14:29 - 2013-12-30 14:29 - 00008077 _____ C:\Users\Verkleij\Desktop\AdwCleaner.txt
2013-12-30 14:26 - 2013-12-30 14:24 - 00000000 ____D C:\AdwCleaner
2013-12-30 14:25 - 2012-12-02 16:58 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-12-30 14:23 - 2013-12-30 14:23 - 01233962 _____ C:\Users\Verkleij\Desktop\adwcleaner.exe
2013-12-30 14:18 - 2013-12-30 14:18 - 01233962 _____ C:\Users\Verkleij\Downloads\adwcleaner.exe
2013-12-30 13:30 - 2010-02-09 20:24 - 00000000 ____D C:\Program Files\Google
2013-12-29 00:15 - 2006-11-02 13:47 - 00397664 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-29 00:08 - 2006-11-02 11:23 - 00000240 _____ C:\Windows\win.ini
2013-12-29 00:07 - 2013-07-14 19:51 - 00000000 ____D C:\Windows\system32\MRT
2013-12-29 00:04 - 2006-11-02 11:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-28 20:38 - 2012-04-15 13:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-28 20:38 - 2012-04-15 13:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-28 19:18 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-28 18:37 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\Msdtc
2013-12-28 18:37 - 2006-11-02 11:22 - 57409536 _____ C:\Windows\system32\config\software_previous
2013-12-28 18:37 - 2006-11-02 11:22 - 45613056 _____ C:\Windows\system32\config\components_previous
2013-12-28 18:37 - 2006-11-02 11:22 - 27000832 _____ C:\Windows\system32\config\system_previous
2013-12-28 18:37 - 2006-11-02 11:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2013-12-28 18:37 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2013-12-28 18:37 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2013-12-28 18:36 - 2012-06-13 19:01 - 00000000 ____D C:\Users\Verkleij
2013-12-28 18:36 - 2012-01-06 10:14 - 00000000 ____D C:\Users\Gast
2013-12-28 18:36 - 2006-11-02 12:18 - 00000000 __RSD C:\Windows\Media
2013-12-28 18:35 - 2013-11-12 17:56 - 00000000 ____D C:\Program Files\iTunes
2013-12-28 18:35 - 2013-04-25 14:37 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-12-28 18:35 - 2012-06-14 10:11 - 00000000 ____D C:\Users\Verkleij\AppData\Local\Google
2013-12-28 18:35 - 2012-04-08 20:12 - 00000000 ___RD C:\Program Files\Skype
2013-12-28 18:35 - 2008-11-20 05:37 - 00000000 ____D C:\ProgramData\WildTangent
2013-12-28 18:35 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2013-12-28 18:34 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration
2013-12-28 16:43 - 2013-12-28 16:43 - 00000000 ____D C:\ProgramData\LightScribe
2013-12-27 15:09 - 2013-11-05 16:05 - 00000063 _____ C:\Users\Verkleij\intlname.ols
2013-12-27 14:42 - 2012-06-26 19:31 - 00000000 ____D C:\Users\Verkleij\AppData\Roaming\CyberLink
2013-12-24 14:19 - 2012-03-30 16:13 - 00000000 ____D C:\ProgramData\Skype
2013-12-19 22:44 - 2012-06-24 19:33 - 00000000 ____D C:\Users\Verkleij\AppData\Local\Adobe
2013-12-10 16:55 - 2013-12-10 16:54 - 00000000 ____D C:\Program Files\Mozilla Firefox(114)
2013-12-08 16:14 - 2012-01-06 11:51 - 00062976 _____ C:\Users\Verkleij\Documents\Etiketten Plonie v2.wps
2013-12-01 21:17 - 2011-10-31 21:07 - 00000000 ____D C:\Program Files\WildTangent Games
2013-12-01 14:55 - 2013-12-01 14:55 - 05617232 _____ (Systweak Inc ) C:\Users\Verkleij\Downloads\rcpsetupmarm_marm452568637nl.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-31 12:51
==================== End Of Log ============================
Ton

31-12-2013 15:41

En logje 2
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-12-2013
Ran by Verkleij at 2013-12-31 15:33:30
Running from C:\Users\Verkleij\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard)
Adobe Acrobat 9 Pro Extended - Italiano, Español, Nederlands, Português (Version: 9.4.7 - Adobe Systems)
Adobe Acrobat 9.4.7 - CPSID_83708 (Version: - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) - Nederlands (Version: 10.1.3 - Adobe Systems Incorporated)
Adobe Shockwave Player (Version: 11.0 - Adobe Systems, Inc.)
Apple Application Support (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (Version: 7.2.241.0 - Microsoft Corporation)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.10.38.14 - Broadcom Corporation)
Canon MP Navigator EX 3.0 (Version: - )
Canon MP250 series MP Drivers (Version: - )
Canon Utilities Solution Menu (Version: - )
CCleaner (Version: 3.25 - Piriform)
Compatibiliteitspakket voor het 2007 Microsoft Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (Version: 6.0.2126 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft)
ESET Online Scanner v3 (Version: - )
ESU for Microsoft Vista (Version: 1.0.0 - Hewlett-Packard)
Free YouTube to MP3 Converter version 3.11.36.1130 (Version: 3.11.36.1130 - DVDVideoSoft Ltd.)
Gebruikersregistratie voor Canon MP250 series (Version: - )
GOM Player (Version: 2.1.21.4846 - Gretech Crop.)
Hema Fotoalbum (Version: - Hema)
HP Active Support Library (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (Version: 5.7.0.2664 - Hewlett-Packard)
HP Doc Viewer (Version: 1.03.0001 - Hewlett-Packard)
HP Help and Support (Version: 2.1.0.0 - Hewlett-Packard Company)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (Version: 6.0.1.6204 - HP)
HP MediaSmart DVD (Version: 2.0.2126 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (Version: 2.0.2125 - Hewlett-Packard)
HP MediaSmart SmartMenu (Version: 2.0.8 - Hewlett-Packard)
HP MediaSmart Webcam (Version: 2.0.0926 - Hewlett-Packard)
HP Quick Launch Buttons 6.40 H2 (Version: 6.40 H2 - Hewlett-Packard)
HP Update (Version: 5.002.000.013 - Hewlett-Packard)
HP User Guides 0129 (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (Version: 3.00 K2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard)
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.)
HPTCSSetup (Version: 1.1.1963.2799 - Hewlett-Packard Company)
iCloud (Version: 2.1.2.8 - Apple Inc.)
IDT Audio (Version: 1.0.6087.0 - IDT)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java Auto Updater (Version: 2.0.3.1 - Sun Microsystems, Inc.)
Java(TM) 6 Update 24 (Version: 6.0.240 - Sun Microsystems, Inc.)
Java(TM) 6 Update 7 (Version: 1.6.0.70 - Sun Microsystems, Inc.)
JMicron JMB38X Flash Media Controller (Version: 1.00.17.07 - JMicron Technology Corp.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation)
LabelPrint (Version: 2.5.0919 - CyberLink Corp.)
LightScribe System Software 1.14.17.1 (Version: 1.14.17.1 - LightScribe)
Malwarebytes Anti-Malware versie 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - nld (Version: 3.5.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile NLD Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Antimalware Service NL-NL Language Pack (Version: 3.0.8402.2 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Dutch) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Editie 2003 (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation)
Microsoft Security Client NL-NL Language Pack (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 nl) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
My HP Games (Version: 1.0.0.62 - WildTangent)
NVIDIA Drivers (Version: 1.10 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation)
Power2Go (Version: 6.0.2119 - CyberLink Corp.)
PowerDirector (Version: 7.0.2119 - CyberLink Corp.)
ProtectSmart Hard Drive Protection (Version: 3.10 A7 - Hewlett-Packard)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation)
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000 - Realtek)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp)
Skype Click to Call (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.10 (Version: 6.10.104 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)
SPORE Creature Creator Trial Edition (Version: 1.00.0000 - Electronic Arts)
Synaptics Pointing Device Driver (Version: 15.3.29.0 - Synaptics Incorporated)
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL (Version: - Microsoft Corporation)
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (Version: 4.0.30319 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (Version: - WildTangent)
Vista Codec Package (Version: 5.4.9 - Shark007)
WildTangent Games App (HP Games) (Version: 4.0.10.5 - WildTangent)
Windows Driver Package - ENE (enecir) HIDClass (04/29/2008 2.5.0.0) (Version: 04/29/2008 2.5.0.0 - ENE)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation)
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation)
==================== Restore Points =========================
25-11-2013 19:12:04 Windows Update
25-11-2013 19:36:16 Windows Update
29-11-2013 11:28:59 Gepland herstelpunt
29-11-2013 15:32:40 Windows Update
29-11-2013 19:18:47 Removed Bing Bar
01-12-2013 14:56:04 Windows Update
07-12-2013 12:22:39 Windows Update
08-12-2013 17:08:30 Windows Update
11-12-2013 18:57:18 Windows Update
11-12-2013 19:32:21 Windows Update
12-12-2013 14:19:54 Herstelbewerking
12-12-2013 14:42:42 Windows Update
13-12-2013 16:16:36 Herstelbewerking
13-12-2013 18:05:43 Windows Update
16-12-2013 21:43:31 Windows Update
20-12-2013 18:37:22 Windows Update
20-12-2013 18:37:30 Herstelbewerking
20-12-2013 18:54:19 Windows Update
21-12-2013 08:58:20 Gepland herstelpunt
24-12-2013 13:24:49 Windows Update
28-12-2013 14:38:58 Windows Update
28-12-2013 15:57:28 Herstelbewerking
28-12-2013 16:28:31 Windows Update
28-12-2013 16:34:56 Windows Update
28-12-2013 17:21:34 Herstelbewerking
28-12-2013 17:47:05 Windows Update
28-12-2013 23:01:16 Windows Update
28-12-2013 23:20:01 Uniblue SpeedUpMyPC installation
==================== Hosts content: ==========================
2006-11-02 11:23 - 2013-12-31 12:45 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {05C354F4-1C9E-44A1-8CDD-CB39B1A62B8E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe (Apple Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {23BEE5DA-1B65-41FD-9218-13F84416E21F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe (Microsoft Corporation)
Task: {4C424349-4D62-4EC5-8B25-E2BAB1BBC0DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
Task: {60F08069-EB33-4676-AA88-163CAE6B0100} - System32\Tasks\HPCeeScheduleForcinor 8 oud => C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe (Hewlett-Packard)
Task: {62E53C12-198E-4F89-983E-471E8926D1A7} - System32\Tasks\{46F75399-43A3-453C-BFE5-9AE55DE9AC97} => Iexplore.exe http://ui.skype.com/ui/0/5.8.0.158.259/nl/abandoninstall?source=lightinstaller&page=tsBing
Task: {C7C19980-D077-4C60-AA71-AFCCA01FFF2F} - System32\Tasks\HP Health Check => C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForcinor 8 oud.job => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-07-12 13:55 - 2007-07-12 13:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 13:59 - 2007-08-14 13:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 13:55 - 2007-07-12 13:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-11-15 21:35 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/31/2013 00:56:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1404
Error: (12/31/2013 00:56:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1404
Error: (12/31/2013 00:56:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/31/2013 00:46:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/31/2013 00:44:54 PM) (Source: Application Error) (User: )
Description: Toepassing met fout AUDIODG.EXE, versie 6.0.6002.18005, tijdstempel 0x49e02218, module met fout slcsii32.dll, versie 1.0.1.0, tijdstempel 0x489b9beb, uitzonderingscode 0xc0000005, foutmarge 0x00001430,
proces-id 0x54c, starttijd van toepassing 0xAUDIODG.EXE0.
Error: (12/31/2013 00:33:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/31/2013 00:31:38 PM) (Source: Application Error) (User: )
Description: Toepassing met fout AUDIODG.EXE, versie 6.0.6002.18005, tijdstempel 0x49e02218, module met fout slcsii32.dll, versie 1.0.1.0, tijdstempel 0x489b9beb, uitzonderingscode 0xc0000005, foutmarge 0x00001430,
proces-id 0x530, starttijd van toepassing 0xAUDIODG.EXE0.
Error: (12/31/2013 11:48:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 276512
Error: (12/31/2013 11:48:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 276512
Error: (12/31/2013 11:48:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (12/31/2013 00:50:57 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: 0x80070032
Error: (12/31/2013 00:49:34 PM) (Source: PlugPlayManager) (User: )
Description: Het apparaat JMB38X xD Host Controller (PCI\VEN_197B&DEV_2384&SUBSYS_30F4103C&REV_00\4&120488ab&0&04E4) is uit het systeem verdwenen zonder dat de verwijdering is voorbereid.
Error: (12/31/2013 00:49:34 PM) (Source: PlugPlayManager) (User: )
Description: Het apparaat JMB38X MS Host Controller (PCI\VEN_197B&DEV_2383&SUBSYS_30F4103C&REV_00\4&120488ab&0&03E4) is uit het systeem verdwenen zonder dat de verwijdering is voorbereid.
Error: (12/31/2013 00:49:33 PM) (Source: PlugPlayManager) (User: )
Description: Het apparaat JMB38X SD Host Controller (PCI\VEN_197B&DEV_2381&SUBSYS_30F4103C&REV_00\4&120488ab&0&02E4) is uit het systeem verdwenen zonder dat de verwijdering is voorbereid.
Error: (12/31/2013 00:49:33 PM) (Source: PlugPlayManager) (User: )
Description: Het apparaat JMB38X SD/MMC Host Controller (PCI\VEN_197B&DEV_2382&SUBSYS_30F4103C&REV_00\4&120488ab&0&01E4) is uit het systeem verdwenen zonder dat de verwijdering is voorbereid.
Error: (12/31/2013 00:46:23 PM) (Source: Service Control Manager) (User: )
Description: Stuurprogramma voor parallelle poort%%1058
Error: (12/31/2013 00:43:20 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart
Error: (12/31/2013 00:43:11 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart
Error: (12/31/2013 00:39:23 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: 0x80070032
Error: (12/31/2013 00:39:14 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart
Microsoft Office Sessions:
=========================
Error: (12/31/2013 00:56:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1404
Error: (12/31/2013 00:56:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1404
Error: (12/31/2013 00:56:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/31/2013 00:46:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/31/2013 00:44:54 PM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.0.6002.1800549e02218slcsii32.dll1.0.1.0489b9bebc00000050000143054c01cf061db5964b52
Error: (12/31/2013 00:33:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/31/2013 00:31:38 PM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.0.6002.1800549e02218slcsii32.dll1.0.1.0489b9bebc00000050000143053001cf061bd9a4bdf2
Error: (12/31/2013 11:48:19 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 276512
Error: (12/31/2013 11:48:19 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 276512
Error: (12/31/2013 11:48:19 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
CodeIntegrity Errors:
===================================
Date: 2013-12-31 12:45:39.215
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\verifier.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-12-31 12:33:00.321
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\verifier.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-12-31 11:41:19.819
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\verifier.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-12-31 10:24:47.561
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\verifier.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-12-30 19:59:51.196
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\verifier.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-12-30 19:26:38.344
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\verifier.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-12-30 14:28:58.925
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\verifier.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-12-30 13:22:49.015
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\verifier.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-12-29 00:15:23.169
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\verifier.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-12-28 17:58:48.173
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\verifier.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
==================== Memory info ===========================
Percentage of memory in use: 46%
Total physical RAM: 3069.02 MB
Available physical RAM: 1627.09 MB
Total Pagefile: 6364.3 MB
Available Pagefile: 5053.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1914.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:286.94 GB) (Free:189.2 GB) NTFS ==>
Drive d: (RECOVERY) (Fixed) (Total:11.15 GB) (Free:1.84 GB) NTFS ==>
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 2AD08B76)
Partition 1: (Active) - (Size=287 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ben

31-12-2013 15:55

Hallo,
Download
Zoek.zip naar het bureaublad.
Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Antivirussoftware uitschakelen
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Antivirus software uitschakelen
Antispy & malware software uitschakelen
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
Dubbelklik vervolgens op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande dik gedrukte code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
firefoxlook;
{A614BA29-A315-4D85-96AB-DC065A1E4E40};c
emptyclsid;
{2318C2B1-4965-11D4-9B18-009027A5CD4F};c
Norman NJeeves;s
C:\Program Files\Norman;fs
torpigcheck;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.
Ton

31-12-2013 19:38

Hierbij het logje:
Zoek.exe v5.0.0.0 Updated 28-December-2013
Tool run by Verkleij on di 31-12-2013 at 19:12:17,75.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Verkleij\Desktop\zoek.exe
==== System Restore Info ======================
31-12-2013 19:13:20 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Monitor {7842554E-6BED-11D2-8CDB-B05550C10000} C:\Windows\system32\btncopy.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} ntshrui.dll
==== Empty Folders Check ======================
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Unlocker deleted successfully
C:\Program Files\Xenocode deleted successfully
C:\Users\Gast\AppData\Roaming\Google deleted successfully
C:\Users\Verkleij\AppData\Roaming\Identities deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3022698584-3638288616-1049742233-1006\Software\Microsoft\Internet Explorer\SearchScopes\{A614BA29-A315-4D85-96AB-DC065A1E4E40} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3022698584-3638288616-1049742233-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
==== Running Processes ======================
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\Explorer.exe
C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Users\Verkleij\Desktop\zoek.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Norman NJeeves deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Norman NJeeves deleted successfully
==== Deleting Files \ Folders ======================
C:\Program Files\Norman not found
C:\Windows\system32\appdata deleted
C:\Program Files\Common Files\DVDVideoSoft\bin deleted
C:\Users\Verkleij\Downloads\rcpsetupmapp3_mapp31466921 (1).exe deleted
C:\Users\Verkleij\Downloads\rcpsetupmapp3_mapp31466921 (2).exe deleted
C:\Users\Verkleij\Downloads\rcpsetupmapp3_mapp31466921 (3).exe deleted
C:\Users\Verkleij\Downloads\rcpsetupmapp3_mapp31466921 (4).exe deleted
C:\Users\Verkleij\Downloads\rcpsetupmapp3_mapp31466921.exe deleted
C:\Users\Verkleij\Downloads\rcpsetupmarm_marm452568637nl.exe deleted
C:\Users\Verkleij\Downloads\FreeYouTubeToMP3Converter(1).exe deleted
C:\Users\Verkleij\Downloads\FreeYouTubeToMP3Converter(2).exe deleted
C:\Users\Verkleij\Downloads\FreeYouTubeToMP3Converter(3).exe deleted
C:\Users\Verkleij\Downloads\FreeYouTubeToMP3Converter.exe deleted
“C:\ProgramData\fv6uu53xcj54548wo7q28r6b405n4v184880s2u4q6xek” deleted
==== System Specs ======================
Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002)
Memory (RAM): 3070 MB
CPU Info: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
CPU Speed: 879,4 MHz
Sound Card: Luidsprekers en Dual koptelefoo |
Display Adapters: NVIDIA GeForce 9200M GS | NVIDIA GeForce 9200M GS | RDPDD Chained DD | RDP Encoder Mirror Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: Broadcom 802.11g-netwerkadapter | Bluetooth-apparaat (Personal Area Network) | Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GSA-T50L
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C: 286,9GB | D: 11,1GB
Hard Disks - Free: C: 191,4GB | D: 1,8GB
Manufacturer *: Hewlett-Packard
BIOS Info: AT/AT COMPATIBLE | 12/23/08 | HPQOEM - 1
Time Zone: West-Europa (standaardtijd)
Motherboard *: Compal 30F4
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Internet Explorer Version: 9.0.8112.16421
Mozilla Firefox version: 26.0 (x86 nl)
Adobe Reader version: 10.1.3.23
Sun Java version: 1.6.0_24 (32-bit)
Flash Player version: 11.9.900.170
Shockwave Player version: 11.0r465
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2013-12-31 11:22:45 F042EE4C8D66248D9B86DCF52ABAE416 256000 —-a-w- C:\Windows\PEV.exe
2013-12-31 11:22:45 9E05A9C264C8A908A8E79450FCBFF047 80412 —-a-w- C:\Windows\grep.exe
2013-12-31 11:22:45 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 —-a-w- C:\Windows\zip.exe
2013-12-31 11:22:45 0297C72529807322B152F517FDB0A9FC 406528 —-a-w- C:\Windows\SWSC.exe
2013-12-31 11:22:45 0277C027A26428DB64EF4F64F52BB4FD 208896 —-a-w- C:\Windows\MBR.exe
====== C:\Users\Verkleij\AppData\Local\Temp ====
====== C:\Windows\system32 =====
2013-12-28 23:03:32 C2E35F6FCBD5B4DB2B52B32D1153EC04 2382848 —-a-w- C:\Windows\System32\mshtml.tlb
2013-12-28 23:03:31 ADB9477A9C95C79FDF5DC214225603B0 420864 —-a-w- C:\Windows\System32\vbscript.dll
2013-12-28 23:03:31 2429485305BCCFB1014B19BFB512E8F9 73216 —-a-w- C:\Windows\System32\mshtmled.dll
2013-12-28 23:03:28 E8F37AF4D09972684D9EE1786901F540 176640 —-a-w- C:\Windows\System32\ieui.dll
2013-12-28 23:03:28 822E4743E61687933629AE3A8DECABC2 65024 —-a-w- C:\Windows\System32\jsproxy.dll
2013-12-28 23:03:27 A0C6AFE2C9C74573F5C0776CDE1128B1 142848 —-a-w- C:\Windows\System32\ieUnatt.exe
2013-12-28 23:03:27 4CC9DF09C3D915BA0A101A11DB684F26 1129472 —-a-w- C:\Windows\System32\wininet.dll
2013-12-28 23:03:27 36E4D129029784EE37A2C14393B6A4E8 607744 —-a-w- C:\Windows\System32\msfeeds.dll
2013-12-28 23:03:26 C05A60DB2ED385E9BB5CF7AE773A3D9B 717824 —-a-w- C:\Windows\System32\jscript.dll
2013-12-28 23:03:26 BDA52464C16707EAA513C8A2920ACE1F 231936 —-a-w- C:\Windows\System32\url.dll
2013-12-28 23:03:26 795202EFA9ED73F99C96235C1DC6A1AC 1806848 —-a-w- C:\Windows\System32\jscript9.dll
2013-12-28 23:03:25 B787EE3F327ABAC1EC47313B3A673598 1796096 —-a-w- C:\Windows\System32\iertutil.dll
2013-12-28 23:03:24 5AAFA41F2A09D68F43741EF13937650A 1105408 —-a-w- C:\Windows\System32\urlmon.dll
2013-12-28 23:03:23 C89906FA43A58FD4CFC7EA06D885A597 12344320 —-a-w- C:\Windows\System32\mshtml.dll
2013-12-28 23:03:23 06FDA396980A0157469A334E1BFEAF17 1427968 —-a-w- C:\Windows\System32\inetcpl.cpl
2013-12-28 23:03:21 B231416DD7569B5C16F2DD2D2D64BB5A 9739264 —-a-w- C:\Windows\System32\ieframe.dll
2013-12-28 17:53:39 A6E18756EA7B6E971184B57B86251FC5 2050560 —-a-w- C:\Windows\System32\win32k.sys
2013-12-28 17:53:37 57390AF2F8939AB038FC4A5D10B50D52 335360 —-a-w- C:\Windows\System32\SysFxUI.dll
2013-12-28 17:52:53 2497FD012104DFF64BF01DA98ECF6F75 131072 —-a-w- C:\Windows\System32\wshom.ocx
2013-12-28 17:52:53 1D0A82B11235D68CF55A54B2ADECB9F1 155648 —-a-w- C:\Windows\System32\wscript.exe
2013-12-28 17:52:52 F9D5C623E913CDAA198ECF0E6D2AA54A 36864 —-a-w- C:\Windows\System32\wshcon.dll
2013-12-28 17:52:52 DDEA43CDF00D6987F633F80AE4B7F2CE 172032 —-a-w- C:\Windows\System32\scrrun.dll
2013-12-28 17:52:52 B44B59C85DC2C2D39542F97BF545A308 135168 —-a-w- C:\Windows\System32\cscript.exe
2013-12-28 17:52:15 09EA40F4DAD2EDB3587E5E0BAA9C3E15 158208 —-a-w- C:\Windows\System32\imagehlp.dll
====== C:\Windows\system32\drivers =====
2013-12-30 13:32:37 4470E3C1E0C3378E4CAB137893C12C3A 22856 —-a-w- C:\Windows\System32\drivers\mbam.sys
2013-12-28 17:53:37 6DBA75306DD9B242B6F1C343179AD201 167936 —-a-w- C:\Windows\System32\drivers\portcls.sys
2013-12-28 17:53:37 2A63675F6FA8EF0FF9F5C72695584CAA 130048 —-a-w- C:\Windows\System32\drivers\drmk.sys
====== C:\Windows\Tasks ======
2013-12-31 18:05:41 E3EA3C825B6D5BEEB3BF3351A44041C3 334 —-a-w- C:\Windows\Tasks\HPCeeScheduleForVerkleij.job
2013-12-31 18:05:41 5547916CFB6824B8C1DFA127D576C0DD 3104 —-a-w- C:\Windows\system32\Tasks\HPCeeScheduleForVerkleij
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-12-30 19:22:42 ——– d—–w- C:\Program Files\Mozilla Maintenance Service
2013-12-30 18:17:02 ——– d—–w- C:\Program Files\trend micro
2013-12-30 13:49:42 ——– d—–w- C:\Program Files\ESET
======= C: =====
====== C:\Users\Verkleij\AppData\Roaming ======
2013-12-31 11:51:05 ——– d—–w- C:\Users\Public\AppData\Local\temp
2013-12-31 11:51:05 ——– d—–w- C:\Users\Gast\AppData\Local\temp
2013-12-31 11:51:05 ——– d—–w- C:\Users\Default\AppData\Local\temp
2013-12-31 11:51:05 ——– d—–w- C:\Users\Default User\AppData\Local\temp
2013-12-31 11:51:05 ——– d—–w- C:\Users\cinor 8\AppData\Local\temp
2013-12-31 11:51:05 ——– d—–w- C:\Users\cinor 8 oud\AppData\Local\temp
2013-12-31 11:43:04 ——– d—–w- C:\Users\Verkleij\AppData\Local\temp
====== C:\Users\Verkleij ======
2013-12-31 14:24:07 611A21E60A973A95CCA7F0B2E7AEDCFC 1064333 —-a-w- C:\Users\Verkleij\Desktop\FRST.exe
2013-12-31 11:51:05 ——– d—–w- C:\Users\Public\AppData
2013-12-30 18:16:36 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Users\Verkleij\Desktop\RSIT.exe
2013-12-30 18:14:13 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\Verkleij\Downloads\RSITx64.exe
2013-12-30 13:23:34 AF5C84446657B48C9B9B870C46438261 1233962 —-a-w- C:\Users\Verkleij\Desktop\adwcleaner.exe
2013-12-30 13:18:16 AF5C84446657B48C9B9B870C46438261 1233962 —-a-w- C:\Users\Verkleij\Downloads\adwcleaner.exe
2013-12-28 15:43:23 ——– d—–w- C:\ProgramData\LightScribe
====== C: exe-files ==
2013-12-31 18:09:19 794F17EB3C6D38FBFC3CECC74E7E04DA 544 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-3022698584-3638288616-1049742233-1006\$I4ZK9AI.exe
2013-12-31 18:07:51 F3DCAA964FDBF9372EFC09022DA72A17 1281024 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-3022698584-3638288616-1049742233-1006\$R4ZK9AI.exe
2013-12-31 14:24:07 611A21E60A973A95CCA7F0B2E7AEDCFC 1064333 —-a-w- C:\Users\Verkleij\Desktop\FRST.exe
2013-12-31 11:22:45 F042EE4C8D66248D9B86DCF52ABAE416 256000 —-a-w- C:\Windows\PEV.exe
2013-12-31 11:22:45 9E05A9C264C8A908A8E79450FCBFF047 80412 —-a-w- C:\Windows\grep.exe
2013-12-31 11:22:45 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 —-a-w- C:\Windows\zip.exe
2013-12-31 11:22:45 0297C72529807322B152F517FDB0A9FC 406528 —-a-w- C:\Windows\SWSC.exe
2013-12-31 11:22:45 0277C027A26428DB64EF4F64F52BB4FD 208896 —-a-w- C:\Windows\MBR.exe
2013-12-30 19:22:43 99F20CB58E61DAAD19935122AEE8B376 106212 —-a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe
2013-12-30 19:22:42 3B9398E0146855B1DC0E3D9769C80F01 119408 —-a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
2013-12-30 18:17:03 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\Verkleij.exe
2013-12-30 18:16:36 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Users\Verkleij\Desktop\RSIT.exe
2013-12-30 18:14:13 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\Verkleij\Downloads\RSITx64.exe
2013-12-30 13:49:42 CE0D0B11986FD2C0247AE88A59B36A6E 579904 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2013-12-30 13:49:42 BDB7D97012F9B3102DB72AA76A24942A 546944 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
2013-12-30 13:49:42 7C9EEC809FB9CDA26EFC245C001EA980 2347384 —-a-w- C:\Program Files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2013-12-30 13:49:42 7ABF8849E76732C357F419B1AF5668F2 546944 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2013-12-30 13:49:42 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2013-12-30 13:23:34 AF5C84446657B48C9B9B870C46438261 1233962 —-a-w- C:\Users\Verkleij\Desktop\adwcleaner.exe
2013-12-30 13:18:16 AF5C84446657B48C9B9B870C46438261 1233962 —-a-w- C:\Users\Verkleij\Downloads\adwcleaner.exe
2013-12-28 23:11:24 869EB4AF9C510FEB3445BCAB3D578E08 404768 —-a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{63086E66-FEAB-4705-8977-7BFD975F2003}\setup.exe
2013-12-28 23:03:28 3348D1B1D702E333CE99F7E0FD313460 468480 —-a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2013-12-28 23:03:27 A0C6AFE2C9C74573F5C0776CDE1128B1 142848 —-a-w- C:\Windows\System32\ieUnatt.exe
2013-12-28 23:03:25 43E6F2A7FB182F2D7CB0CE5B8F1005CF 757488 —-a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-12-28 17:52:53 1D0A82B11235D68CF55A54B2ADECB9F1 155648 —-a-w- C:\Windows\System32\wscript.exe
2013-12-28 17:52:52 B44B59C85DC2C2D39542F97BF545A308 135168 —-a-w- C:\Windows\System32\cscript.exe
2013-12-27 19:42:17 58ACDB201E58BC6AB176802CDC4DCA81 11468448 —-a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VM1H920W\BingBarSetup-Partner.EXE
=== C: other files ==
2013-12-31 18:09:37 F56D14F267A811B7392B7317DC24CC5E 544 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-3022698584-3638288616-1049742233-1006\$I4W61BW.zip
2013-12-31 18:09:31 3B6D79D450E27171B16CFA6E69A42CFD 544 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-3022698584-3638288616-1049742233-1006\$IJZKGKS.com
2013-12-31 18:05:40 3E02820FF89462348EF711F79FB726D9 4079821 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-3022698584-3638288616-1049742233-1006\$R4W61BW.zip
2013-12-31 13:13:38 D8526F4B2475FD26558F7D61BEFC33C4 544 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-3022698584-3638288616-1049742233-1006\$IHVTR8G.zip
2013-12-31 13:13:12 EB7310B5CFDD5656C192C7096BD586C7 4101441 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-3022698584-3638288616-1049742233-1006\$RHVTR8G.zip
2013-12-31 13:11:02 EB7310B5CFDD5656C192C7096BD586C7 4101441 —-a-w- C:\Users\Verkleij\Downloads\tdsskiller.zip
2013-12-30 13:32:37 4470E3C1E0C3378E4CAB137893C12C3A 22856 —-a-w- C:\Windows\System32\drivers\mbam.sys
2013-12-28 17:53:39 A6E18756EA7B6E971184B57B86251FC5 2050560 —-a-w- C:\Windows\System32\win32k.sys
2013-12-28 17:53:37 6DBA75306DD9B242B6F1C343179AD201 167936 —-a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\portcls.sys
2013-12-28 17:53:37 6DBA75306DD9B242B6F1C343179AD201 167936 —-a-w- C:\Windows\System32\drivers\portcls.sys
2013-12-28 17:53:37 2A63675F6FA8EF0FF9F5C72695584CAA 130048 —-a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\drmk.sys
2013-12-28 17:53:37 2A63675F6FA8EF0FF9F5C72695584CAA 130048 —-a-w- C:\Windows\System32\drivers\drmk.sys
2013-12-25 17:40:00 B91204079A3E9D4C3B7A9E5E2C6F76E2 1409177 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-3022698584-3638288616-1049742233-1006\$RJZKGKS.com
==== Startup Registry Enabled ======================
“LightScribe Control Panel”=“C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden”
“Skype”=“C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun”
“ehTray.exe”=“C:\Windows\ehome\ehTray.exe”
“NvCplDaemon”=“RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup”
“HP Health Check Scheduler”=“c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe”
“Adobe ARM”=“C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“APSDaemon”=“C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
“MSC”=“c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey”
“QuickTime Task”=“C:\Program Files\QuickTime\QTTask.exe -atboottime”
“iTunesHelper”=“C:\Program Files\iTunes\iTunesHelper.exe”
“SynTPEnh”=“%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe ”
“SmartMenu”=“%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe”
“SysTrayApp”=“C:\Program Files\IDT\WDM\sttray.exe”
“LightScribe Control Panel”=“C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden”
“Skype”=“C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun”
“ehTray.exe”=“C:\Windows\ehome\ehTray.exe”
“AppInit_DLLs”=“C:\\Windows\\System32\\acaptuser32.dll”
==== Startup Registry Disabled ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Acrobat Assistant 8.0”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\Acrotray.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe Acrobat Speed Launcher”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\Acrobat_sl.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe ARM”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“CanonMyPrinter”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Canon\\MyPrinter\\BJMyPrt.exe /logon”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“CanonSolutionMenu”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Canon\\SolutionMenu\\CNSLMAIN.exe /logon”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“CLMLServer for HP TouchSmart”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Hewlett-Packard\\TouchSmart\\Media\\Kernel\\CLML\\CLMLSvc.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“DVDAgent”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Hewlett-Packard\\Media\\DVD\\DVDAgent.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“ehTray.exe”
“hkey”=“HKCU”
“command”=“C:\\Windows\\ehome\\ehTray.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“HP Health Check Scheduler”
“hkey”=“HKLM”
“command”=“c:\\Program Files\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“HP Software Update”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“hpWirelessAssistant”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Hewlett-Packard\\HP Wireless Assistant\\HPWAMain.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“LightScribe Control Panel”
“hkey”=“HKCU”
“command”=“C:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“NvCplDaemon”
“hkey”=“HKLM”
“command”=“RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“QlbCtrl.exe”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe /Start”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SmartMenu”
“hkey”=“HKLM”
“command”=“%ProgramFiles%\\Hewlett-Packard\\HP MediaSmart\\SmartMenu.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SunJavaUpdateSched”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SynTPEnh”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SysTrayApp”
“hkey”=“HKLM”
“command”=“%ProgramFiles%\\IDT\\WDM\\sttray.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“TSMAgent”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Hewlett-Packard\\TouchSmart\\Media\\TSMAgent.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Windows Defender”
“hkey”=“HKLM”
“command”=“%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“WMPNSCFG”
“hkey”=“HKCU”
“command”=“C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe”
“path”=“C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\BTTray.lnk”
“backup”=“C:\\Windows\\pss\\BTTray.lnk.CommonStartup”
“backupExtension”=“.CommonStartup”
“command”=“C:\\PROGRA~1\\WIDCOMM\\BLUETO~1\\BTTray.exe ”
“item”=“BTTray”
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\HPCeeScheduleForcinor 8 oud.job –a—— C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe
C:\Windows\tasks\HPCeeScheduleForVerkleij.job –a—— C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe
==== Other Scheduled Tasks ======================
“C:\Windows\system32\tasks\Adobe Flash Player Updater”
“C:\Windows\system32\tasks\CCleanerSkipUAC”
“C:\Windows\system32\tasks\CreateChoiceProcessTask”
“C:\Windows\system32\tasks\HP Health Check”
“C:\Windows\system32\tasks\HPCeeScheduleForcinor 8 oud”
“C:\Windows\system32\tasks\HPCeeScheduleForVerkleij”
“C:\Windows\system32\tasks\User_Feed_Synchronization-{0A25AB60-DFE4-40EB-B916-7B9F537630C1}”
“C:\Windows\system32\tasks\{46F75399-43A3-453C-BFE5-9AE55DE9AC97}”
“C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate”
==== Folders in C:\ProgramData 0-6 Months Old ======================
2013-11-12 16:56:16 ——– d—–w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-12-28 15:43:23 ——– d—–w- C:\ProgramData\LightScribe
2013-12-30 13:32:41 ——– d—–w- C:\ProgramData\Malwarebytes
==== Firefox Extensions Registry ======================
“{20a82645-c095-46ed-80e3-08825760534b}”=“c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension”
==== Firefox Extensions ======================
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Verkleij\AppData\Roaming\Mozilla\Firefox\Profiles\640riom4.default-1387229407798
F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
9D4A0B314CB9CF134CA27E1E0217E51E - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4
9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4
5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4
3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4
A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4
7D894ED61EF0505277D8A476D7DF43F1 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
7EC56424E3E77EBF4BF5E0798175E4E5 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
4393DCB856A2A109E266E6F59E2EF31A - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat
9D35E12B661581B83DD74EB910EA9E6D - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.240.7
4EBB5B4DCABEC18B29D01F9F607B0114 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U24
AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
E7838D22B19B9C121AAF93E282256586 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll - RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)
01F0264937036BD962563F1ADF35CE72 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
0843C70733E8CA876475123A6601630D - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - CANON iMAGE GATEWAY Album Plugin Utility
E2318E8514ABF50E3ECEDAB9465A90A1 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight
Profilepath: C:\Users\Verkleij\AppData\Roaming\Mozilla\Firefox\Profiles\fpz3hy76.default-1384266771836
F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
6BF74B455691665771F87E39027D3E0E - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll - WildTangent Games App V2 Presence Detector
9D4A0B314CB9CF134CA27E1E0217E51E - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4
9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4
5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4
3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4
A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4
7D894ED61EF0505277D8A476D7DF43F1 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
7EC56424E3E77EBF4BF5E0798175E4E5 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
4393DCB856A2A109E266E6F59E2EF31A - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat
9D35E12B661581B83DD74EB910EA9E6D - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.240.7
4EBB5B4DCABEC18B29D01F9F607B0114 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U24
AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
E7838D22B19B9C121AAF93E282256586 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll - RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)
01F0264937036BD962563F1ADF35CE72 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
0843C70733E8CA876475123A6601630D - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - CANON iMAGE GATEWAY Album Plugin Utility
E2318E8514ABF50E3ECEDAB9465A90A1 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx
YouTube - Gast - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gast - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Gast - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb”
“DefaultScope”=“{A614BA29-A315-4D85-96AB-DC065A1E4E40}”
not found
New Values:
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{02F8690D-295D-4E2B-86A1-1569F5141758} Unknown Url=“Not_Found”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{289DC876-D4B7-4DD6-B3FB-F1B437AFFC58} Unknown Url=“Not_Found”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
{A8AF9C26-7517-496B-8884-E2182F0B1036} Unknown Url=“Not_Found”
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3022698584-3638288616-1049742233-1006\Software\Microsoft\Internet Explorer\SearchScopes\{02F8690D-295D-4E2B-86A1-1569F5141758} deleted successfully
HKEY_USERS\S-1-5-21-3022698584-3638288616-1049742233-1006\Software\Microsoft\Internet Explorer\SearchScopes\{289DC876-D4B7-4DD6-B3FB-F1B437AFFC58} deleted successfully
HKEY_USERS\S-1-5-21-3022698584-3638288616-1049742233-1006\Software\Microsoft\Internet Explorer\SearchScopes\{A8AF9C26-7517-496B-8884-E2182F0B1036} deleted successfully
==== Deleting CLSID Registry Values ======================
==== HijackThis Entries ======================
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll
O4 - HKLM\..\Run: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: “c:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM\..\Run: C:\Program Files\IDT\WDM\sttray.exe
O4 - HKCU\..\Run: C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: “C:\Program Files\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\System32\acaptuser32.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
==== Empty IE Cache ======================
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Verkleij\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Verkleij\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Verkleij\AppData\Local\Mozilla\Firefox\Profiles\640riom4.default-1387229407798\Cache emptied successfully
C:\Users\Verkleij\AppData\Local\Mozilla\Firefox\Profiles\fpz3hy76.default-1384266771836\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=109 folders=32 156928276 bytes)
==== Empty Temp Folders ======================
C:\Users\cinor 8\AppData\Local\Temp emptied successfully
C:\Users\cinor 8 oud\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gast\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Verkleij\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Verkleij\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Verkleij\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not found
==== EOF on di 31-12-2013 at 19:34:52,62 ======================
Ben

31-12-2013 22:26

Hallo,
Voer zoek.exe nogmaals uit met de volgende dik gedrukte code;
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1;f
Vertel hoe het hierna gaat.
Ton

01-01-2014 09:59

Hallo,
Nog de beste wensen.
Hierbij de log-file:
Zoek.exe v5.0.0.0 Updated 28-December-2013
Tool run by Verkleij on wo 01-01-2014 at 9:55:42,81.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Verkleij\Desktop\zoek.exe
==== Older Logs ======================
C:\zoek-results2013-12-31-183452.log 46809 bytes
==== Deleting Files \ Folders ======================
“C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\GEARDIFx.exe” deleted
“C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxAPI.dll” deleted
“C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DifXInst32.exe” deleted
“C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxInstallLog.txt” deleted
“C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspi.dll” deleted
“C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspiWDM.inf” deleted
“C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\gearaspiwdmx86.cat” deleted
“C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\x86\GEARAspiWDM.sys” deleted
“C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1” deleted
“C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86” deleted
“C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\x86” deleted
==== C:\zoek_backup content ======================
C:\zoek_backup (files=117 folders=35 159493382 bytes)
==== EOF on wo 01-01-2014 at 9:56:23,07 ======================
Ton

01-01-2014 10:24

Hallo,
Heb nog even wat dingen geprobeerd. PC werkt op zich weer goed.
De muziek bestanden kan ik nog niet afspelen met zowel i-tunes als wmp. Als ik op Youtube een filmpje wil kijken dan gaat het streamschermpje binnen een paar seconde op zwart.
Gr..
Ben

01-01-2014 11:05

Hallo,
Voer nog eens een scan met Combofix uit en plaats hier weer het logje.
Download
SecurityCheck naar het bureaublad.
Dubbelklik op "SecurityCheck.exe" om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Indien je van de virusscanner of ander beveiligingspakket melding krijgt dat "DIG.EXE" verbinding met het internet wilt maken sta dit dan toe.
Als de scan gereed is plaats dan het logbestand als bijlage in het volgende bericht.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Geen geluid meer en fout melding in WMP

Ton

Ben

Ton

Ton

Ben

Ton

Ben

Ton

Ton

Ben