voor de zekerheid

 • marianne40

  Zouden jullie voor de zekerheid mijn logjes na willen kijken.

  Er schijnt een michael schumacher virus te zijn. Ik heb op de link geklikt om de video te bekijken maar dit is niet gelukt.

  Nu ben ik bang dat ik een virus op mijn pc heb waardoor ze mijn bankgegevens kunnen achterhalen.

  Hieronder mijn logjes

  Logfile of random's system information tool 1.09 (written by random/random)

  Run by Marianne at 2014-01-06 21:12:59

  Microsoft Windows 7 Professional Service Pack 1

  System drive C: has 155 GB (65%) free of 238 GB

  Total RAM: 4095 MB (47% free)

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 21:13:04, on 6-1-2014

  Platform: Windows 7 SP1 (WinNT 6.00.3505)

  MSIE: Internet Explorer v11.0 (11.00.9600.16428)

  Boot mode: Normal

  Running processes:

  C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

  C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe

  C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe

  C:\Users\Marianne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

  C:\Program Files (x86)\Skype\Phone\Skype.exe

  C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe

  C:\Users\Marianne\AppData\Roaming\Spotify\spotify.exe

  C:\Users\Marianne\AppData\Local\DM\TinyDM.exe

  C:\Program Files (x86)\Samsung\Kies\Kies.exe

  C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

  C:\Program Files (x86)\MagicDisc\MagicDisc.exe

  C:\Program Files (x86)\CyberLink\Shared Files\brs.exe

  C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe

  C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

  C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

  C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

  C:\Program Files (x86)\iTunes\iTunesHelper.exe

  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

  C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe

  C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe

  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

  C:\Program Files\trend micro\Marianne.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

  F2 - REG:system.ini: UserInit=userinit.exe,

  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

  O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

  O4 - HKLM\..\Run: C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe”

  O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

  O4 - HKLM\..\Run: C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\iTunes\iTunesHelper.exe”

  O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

  O4 - HKCU\..\Run: C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c

  O4 - HKCU\..\Run: C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT “EPLTarget\P0000000000000000” /M “Epson Stylus Office BX535WD”

  O4 - HKCU\..\Run: C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe

  O4 - HKCU\..\Run: “C:\Users\Marianne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”

  O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun

  O4 - HKCU\..\Run: “C:\Users\Marianne\AppData\Roaming\Spotify\Spotify.exe” /uri spotify:autostart

  O4 - HKCU\..\Run: “C:\Users\Marianne\AppData\Local\DM\TinyDM.exe” /M

  O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

  O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

  O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)

  O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)

  O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe

  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

  O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

  O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

  O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

  O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O11 - Options group: Accelerated graphics

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

  O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

  O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

  O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

  O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

  O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

  O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

  O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

  O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

  O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

  O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

  End of file - 12734 bytes

  ======Listing Processes======

  \SystemRoot\System32\smss.exe

  %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

  wininit.exe

  %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

  C:\Windows\system32\services.exe

  C:\Windows\system32\lsass.exe

  C:\Windows\system32\lsm.exe

  winlogon.exe

  C:\Windows\system32\svchost.exe -k DcomLaunch

  “C:\Windows\system32\nvvsvc.exe”

  “C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe”

  C:\Windows\system32\svchost.exe -k RPCSS

  “c:\Program Files\Microsoft Security Client\MsMpEng.exe”

  C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

  C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

  C:\Windows\system32\svchost.exe -k LocalService

  C:\Windows\system32\svchost.exe -k netsvcs

  C:\Windows\system32\svchost.exe -k GPSvcGroup

  C:\Windows\system32\svchost.exe -k NetworkService

  “C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe”

  C:\Windows\system32\nvvsvc.exe -session -first

  C:\Windows\System32\spoolsv.exe

  C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

  “C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe”

  “C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe”

  “C:\Program Files\Bonjour\mDNSResponder.exe”

  C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

  “C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe”

  “taskhost.exe”

  C:\Windows\system32\svchost.exe -k imgsvc

  “C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”

  taskeng.exe {CAE9A3FF-3B18-4EC4-8EEA-B3A9889DE348}

  “C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe” /STARTUP

  WLIDSvcM.exe 1704

  C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

  “C:\Windows\System32\WUDFHost.exe” -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d78aebfa-113b-4971-8759-ea6ada9c8a4b -SystemEventPortName:HostProcess-2fa2ad67-936e-4d74-93b7-670c55dc33f2 -IoCancelEventPortName:HostProcess-e48b3e0e-63d0-4a2b-bc5f-ded4dac1c061 -NonStateChangingEventPortName:HostProcess-66554f64-7d28-439d-b441-1487609b8319 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8a3f54ab-7f84-4cb8-9328-457bac32ec58 -DeviceGroupId:WpdFsGroup

  “C:\Windows\system32\Dwm.exe”

  C:\Windows\Explorer.EXE

  “c:\Program Files\Microsoft Security Client\NisSrv.exe”

  “C:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey

  “C:\Program Files\Logitech\SetPointP\SetPoint.exe” /launchGaming

  “C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe” -s

  KHALMNPR.EXE /API

  “C:\Program Files\Windows Sidebar\sidebar.exe” /autoRun

  “C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe” /c

  “C:/Program Files/NVIDIA Corporation/Display/nvtray.exe” -user_has_logged_in 1

  “C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE” /EPT “EPLTarget\P0000000000000000” /M “Epson Stylus Office BX535WD”

  “C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe”

  “C:\Users\Marianne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”

  “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun

  “C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe” -Embedding

  C:\Windows\system32\SearchIndexer.exe /Embedding

  “C:\Users\Marianne\AppData\Roaming\Spotify\spotify.exe” /uri spotify:autostart

  “C:\Program Files\Windows Media Player\wmpnetwk.exe”

  “C:\Users\Marianne\AppData\Local\DM\TinyDM.exe” /M

  “C:\Program Files (x86)\Samsung\Kies\Kies.exe” /preload

  “C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe”

  “C:\Program Files (x86)\MagicDisc\MagicDisc.exe”

  “C:\Program Files (x86)\CyberLink\Shared Files\brs.exe”

  “C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe”

  “C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe”

  “C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe”

  “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”

  ArcCon.ac 66464 0

  “C:\Program Files (x86)\iTunes\iTunesHelper.exe”

  “C:\Program Files\iPod\bin\iPodService.exe”

  “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”

  “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –type=gpu-process –channel=“5084.0.1110726689\2045425666” –supports-dual-gpus=false –gpu-driver-bug-workarounds=0,3,12,22,26 –gpu-vendor-id=0x10de –gpu-device-id=0x0611 –gpu-driver-vendor=NVIDIA –gpu-driver-version=9.18.13.1106 –ignored=“ –type=renderer ” /prefetch:822062411

  “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –type=renderer –lang=nl –force-fieldtrials=“AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group4 pct:10c stable:r7 use_cacheable_ntp:1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/” –enable-threaded-compositing –extension-process –renderer-print-preview –disable-html-notifications –channel=“5084.2.1198138230\420210353” /prefetch:673131151

  C:\Windows\System32\svchost.exe -k LocalServicePeerNet

  “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –type=renderer –lang=nl –force-fieldtrials=“AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group4 pct:10c stable:r7 use_cacheable_ntp:1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/” –enable-threaded-compositing –renderer-print-preview –disable-html-notifications –channel=“5084.3.1915616708\1291179470” /prefetch:673131151

  C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

  “C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe” lng=1033

  “C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe” “/base-dir=C:\Program Files (x86)\ESET\ESET Online Scanner” /lang=1033 /as

  \??\C:\Windows\system32\conhost.exe "4645806697964736102090689661-2077228528502151677-544755907-643095973-185302924

  “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –type=renderer –lang=nl –force-fieldtrials=“AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group4 pct:10c stable:r7 use_cacheable_ntp:1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/” –enable-threaded-compositing –renderer-print-preview –disable-html-notifications –channel=“5084.9.417253924\1517800311” /prefetch:673131151

  “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –type=renderer –lang=nl –force-fieldtrials=“AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group4 pct:10c stable:r7 use_cacheable_ntp:1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/” –enable-threaded-compositing –renderer-print-preview –disable-html-notifications –channel=“5084.11.445469108\1727144607” /prefetch:673131151

  C:\Windows\system32\wbem\wmiprvse.exe

  C:\Windows\system32\wbem\wmiprvse.exe

  C:\Windows\system32\sppsvc.exe

  “C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon”

  “C:\Windows\system32\SearchFilterHost.exe” 0 516 520 528 65536 524

  “C:\Users\Marianne\Desktop\RSITx64.exe”

  ======Scheduled tasks folder======

  C:\Windows\tasks\Adobe Flash Player Updater.job

  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

  ======Registry dump======

  Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

  Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

  Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

  Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll

  Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

  {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

  “MSC”=c:\Program Files\Microsoft Security Client\msseces.exe

  “EvtMgr6”=C:\Program Files\Logitech\SetPointP\SetPoint.exe

  “RTHDVCPL”=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

  “Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe

  “IncrediMail”=C:\Program Files (x86)\IncrediMail\bin\IncMail.exe

  “EPLTarget\P0000000000000000”=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE

  “AnyDVD”=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe

  “Spotify Web Helper”=C:\Users\Marianne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

  “Skype”=C:\Program Files (x86)\Skype\Phone\Skype.exe

  “Spotify”=C:\Users\Marianne\AppData\Roaming\Spotify\Spotify.exe

  “Tiny download manager”=C:\Users\Marianne\AppData\Local\DM\TinyDM.exe

  “KiesPreload”=C:\Program Files (x86)\Samsung\Kies\Kies.exe

  “”=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

  “BDRegion”=C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

  “GrooveMonitor”=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe

  “EEventManager”=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

  “ArcSoft Connection Service”=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

  “KiesTrayAgent”=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

  “SunJavaUpdateSched”=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

  “APSDaemon”=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

  “iTunesHelper”=C:\Program Files (x86)\iTunes\iTunesHelper.exe

  C:\Users\Marianne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

  MagicDisc.lnk - C:\Program Files (x86)\MagicDisc\MagicDisc.exe

  c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

  WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

  “{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

  “SecurityProviders”=credssp.dll

  “ConsentPromptBehaviorAdmin”=0

  “ConsentPromptBehaviorUser”=3

  “EnableLUA”=0

  “EnableUIADesktopToggle”=0

  “PromptOnSecureDesktop”=0

  “dontdisplaylastusername”=0

  “legalnoticecaption”=

  “legalnoticetext”=

  “shutdownwithoutlogon”=1

  “undockwithoutlogon”=1

  “NoDriveTypeAutoRun”=145

  “NoActiveDesktop”=1

  “NoActiveDesktopChanges”=1

  “ForceActiveDesktopOn”=0

  “vidc.mrle”=msrle32.dll

  “vidc.msvc”=msvidc32.dll

  “msacm.imaadpcm”=imaadp32.acm

  “msacm.msg711”=msg711.acm

  “msacm.msgsm610”=msgsm32.acm

  “msacm.msadpcm”=msadp32.acm

  “midimapper”=midimap.dll

  “wavemapper”=msacm32.drv

  “VIDC.UYVY”=msyuv.dll

  “VIDC.YUY2”=msyuv.dll

  “VIDC.YVYU”=msyuv.dll

  “VIDC.IYUV”=iyuv_32.dll

  “vidc.i420”=lvcod64.dll

  “VIDC.YVU9”=tsbyuv.dll

  “msacm.l3acm”=l3codecp.acm

  “VIDC.LAGS”=lagarith.dll

  “VIDC.FFDS”=ff_vfw.dll

  “wave”=wdmaud.drv

  “midi”=wdmaud.drv

  “mixer”=wdmaud.drv

  “aux”=wdmaud.drv

  “wave1”=wdmaud.drv

  “midi1”=wdmaud.drv

  “mixer1”=wdmaud.drv

  “aux1”=wdmaud.drv

  “MSVideo”=vfwwdm32.dll

  “MSVideo8”=VfWWDM32.dll

  “wave2”=wdmaud.drv

  “midi2”=wdmaud.drv

  “mixer2”=wdmaud.drv

  “aux2”=wdmaud.drv

  ======File associations======

  .js - edit - C:\Windows\System32\Notepad.exe %1

  .js - open - C:\Windows\System32\WScript.exe “%1” %*

  ======List of files/folders created in the last 1 month======

  2013-12-17 11:18:36 —-D—- C:\ProgramData\IObit

  2013-12-15 16:16:45 —-D—- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

  2013-12-15 16:16:45 —-D—- C:\Program Files\iTunes

  2013-12-15 16:16:45 —-D—- C:\Program Files\iPod

  2013-12-15 16:16:45 —-D—- C:\Program Files (x86)\iTunes

  2013-12-12 23:30:48 —-A—- C:\Windows\system32\wmploc.DLL

  2013-12-12 23:30:47 —-A—- C:\Windows\SYSWOW64\wmploc.DLL

  2013-12-12 23:30:47 —-A—- C:\Windows\SYSWOW64\wmp.dll

  2013-12-12 23:30:46 —-A—- C:\Windows\system32\wmp.dll

  2013-12-12 23:29:01 —-A—- C:\Windows\system32\ieetwcollectorres.dll

  2013-12-12 23:29:00 —-A—- C:\Windows\SYSWOW64\jsproxy.dll

  2013-12-12 23:29:00 —-A—- C:\Windows\SYSWOW64\ieui.dll

  2013-12-12 23:29:00 —-A—- C:\Windows\system32\jsproxy.dll

  2013-12-12 23:29:00 —-A—- C:\Windows\system32\ieUnatt.exe

  2013-12-12 23:29:00 —-A—- C:\Windows\system32\ieui.dll

  2013-12-12 23:28:59 —-A—- C:\Windows\system32\iesetup.dll

  2013-12-12 23:28:59 —-A—- C:\Windows\system32\iernonce.dll

  2013-12-12 23:28:59 —-A—- C:\Windows\system32\ieetwproxystub.dll

  2013-12-12 23:28:59 —-A—- C:\Windows\system32\ieetwcollector.exe

  2013-12-12 23:28:59 —-A—- C:\Windows\system32\ie4uinit.exe

  2013-12-12 23:28:58 —-A—- C:\Windows\SYSWOW64\jscript9diag.dll

  2013-12-12 23:28:58 —-A—- C:\Windows\SYSWOW64\ieapfltr.dll

  2013-12-12 23:28:58 —-A—- C:\Windows\system32\mshtml.dll

  2013-12-12 23:28:58 —-A—- C:\Windows\system32\jscript9diag.dll

  2013-12-12 23:28:58 —-A—- C:\Windows\system32\ieapfltr.dll

  2013-12-12 23:28:57 —-A—- C:\Windows\SYSWOW64\wininet.dll

  2013-12-12 23:28:57 —-A—- C:\Windows\SYSWOW64\urlmon.dll

  2013-12-12 23:28:57 —-A—- C:\Windows\SYSWOW64\iertutil.dll

  2013-12-12 23:28:57 —-A—- C:\Windows\system32\wininet.dll

  2013-12-12 23:28:57 —-A—- C:\Windows\system32\urlmon.dll

  2013-12-12 23:28:57 —-A—- C:\Windows\system32\iertutil.dll

  2013-12-12 23:28:56 —-A—- C:\Windows\system32\ieframe.dll

  2013-12-12 23:28:55 —-A—- C:\Windows\SYSWOW64\ieframe.dll

  2013-12-12 23:28:54 —-A—- C:\Windows\SYSWOW64\mshtml.dll

  2013-12-12 23:28:54 —-A—- C:\Windows\SYSWOW64\jscript9.dll

  2013-12-12 23:28:53 —-A—- C:\Windows\system32\jscript9.dll

  2013-12-12 11:54:02 —-A—- C:\Windows\system32\msieftp.dll

  2013-12-12 11:54:01 —-A—- C:\Windows\SYSWOW64\msieftp.dll

  2013-12-12 11:54:01 —-A—- C:\Windows\system32\win32k.sys

  2013-12-12 11:54:00 —-A—- C:\Windows\SYSWOW64\WMPhoto.dll

  2013-12-12 11:54:00 —-A—- C:\Windows\system32\WMPhoto.dll

  2013-12-12 11:53:59 —-A—- C:\Windows\SYSWOW64\imagehlp.dll

  2013-12-12 11:53:59 —-A—- C:\Windows\system32\imagehlp.dll

  2013-12-12 11:53:57 —-A—- C:\Windows\system32\tzres.dll

  2013-12-12 11:53:56 —-A—- C:\Windows\SYSWOW64\tzres.dll

  2013-12-12 11:53:52 —-A—- C:\Windows\system32\drivers\portcls.sys

  2013-12-12 11:53:52 —-A—- C:\Windows\system32\drivers\drmk.sys

  2013-12-12 11:53:51 —-A—- C:\Windows\SYSWOW64\wscript.exe

  2013-12-12 11:53:51 —-A—- C:\Windows\SYSWOW64\scrrun.dll

  2013-12-12 11:53:51 —-A—- C:\Windows\SYSWOW64\cscript.exe

  2013-12-12 11:53:51 —-A—- C:\Windows\system32\wscript.exe

  2013-12-12 11:53:51 —-A—- C:\Windows\system32\scrrun.dll

  2013-12-12 11:53:51 —-A—- C:\Windows\system32\cscript.exe

  ======List of files/folders modified in the last 1 month======

  2014-01-06 21:13:01 —-D—- C:\Program Files\trend micro

  2014-01-06 21:12:39 —-D—- C:\Windows\Temp

  2014-01-06 20:36:25 —-D—- C:\Windows\system32\config

  2014-01-06 20:12:05 —-D—- C:\Users\Marianne\AppData\Roaming\Spotify

  2014-01-06 20:06:27 —-D—- C:\ProgramData\NVIDIA

  2014-01-06 19:55:34 —-D—- C:\Program Files (x86)\Malwarebytes' Anti-Malware

  2014-01-06 19:55:28 —-D—- C:\Windows\system32\drivers

  2014-01-06 19:49:27 —-D—- C:\AdwCleaner

  2014-01-06 19:47:50 —-D—- C:\Windows\Prefetch

  2014-01-06 19:47:40 —-SHD—- C:\Windows\Installer

  2014-01-06 19:44:40 —-RD—- C:\Program Files (x86)

  2014-01-06 10:38:58 —-SHD—- C:\System Volume Information

  2014-01-06 10:30:47 —-D—- C:\Windows\system32\FxsTmp

  2014-01-03 22:37:23 —-D—- C:\Users\Marianne\AppData\Roaming\uTorrent

  2014-01-02 16:09:38 —-A—- C:\Windows\NeroDigital.ini

  2013-12-30 14:30:57 —-D—- C:\Users\Marianne\AppData\Roaming\Skype

  2013-12-28 20:47:36 —-D—- C:\Windows\System32

  2013-12-28 20:47:36 —-D—- C:\Windows\inf

  2013-12-28 20:47:36 —-A—- C:\Windows\system32\PerfStringBackup.INI

  2013-12-27 23:59:58 —-D—- C:\Users\Marianne\AppData\Roaming\Vso

  2013-12-24 19:45:34 —-D—- C:\Windows\Minidump

  2013-12-24 19:45:30 —-D—- C:\Windows

  2013-12-18 22:07:36 —-D—- C:\Windows\system32\catroot2

  2013-12-17 11:18:36 —-HD—- C:\ProgramData

  2013-12-15 19:56:41 —-D—- C:\Windows\system32\MRT

  2013-12-15 19:54:34 —-A—- C:\Windows\system32\MRT.exe

  2013-12-15 16:17:46 —-D—- C:\Windows\SysWOW64

  2013-12-15 16:16:45 —-RD—- C:\Program Files

  2013-12-15 13:33:52 —-D—- C:\Program Files (x86)\Google

  2013-12-13 18:32:56 —-D—- C:\Windows\rescache

  2013-12-13 14:59:10 —-D—- C:\Windows\winsxs

  2013-12-13 14:56:32 —-D—- C:\Program Files (x86)\Windows Media Player

  2013-12-13 14:56:31 —-D—- C:\Program Files\Windows Media Player

  2013-12-13 14:56:30 —-D—- C:\Program Files\Internet Explorer

  2013-12-13 14:56:30 —-D—- C:\Program Files (x86)\Internet Explorer

  2013-12-13 14:56:28 —-D—- C:\Windows\SYSWOW64\nl-NL

  2013-12-13 14:56:28 —-D—- C:\Windows\system32\nl-NL

  2013-12-13 14:56:26 —-D—- C:\Windows\system32\DriverStore

  2013-12-12 23:30:59 —-D—- C:\Windows\system32\catroot

  2013-12-12 23:30:24 —-D—- C:\ProgramData\Microsoft Help

  2013-12-10 21:02:47 —-A—- C:\Windows\SYSWOW64\FlashPlayerApp.exe

  ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys

  R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys

  R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys

  R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys

  R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys

  R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys

  R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys

  R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys

  R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl

  R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys

  R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys

  R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys

  R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys

  R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

  R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys

  R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys

  R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys

  R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys

  R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys

  R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys

  S3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0); C:\Windows\system32\DRIVERS\CamDrL64.sys

  S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys

  S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys

  S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys

  S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys

  S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys

  S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys

  S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys

  S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys

  S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys

  S3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys

  S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys

  S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys

  S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys

  S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys

  S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys

  S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys

  S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys

  S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys

  S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys

  S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys

  S3 WinUsb;Sony sa0107 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys

  ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

  R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe

  R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe

  R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe

  R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe

  R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

  R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

  R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe

  R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe

  S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

  S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

  S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

  S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe

  S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

  S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe

  S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

  S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe

  S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

  S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

  S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

  S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

  S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe

  S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

  S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe

  S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe

  S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe

  —————–EOF—————–

  # AdwCleaner v3.000 - Report created 24/08/2013 at 17:38:35

  # Updated 20/08/2013 by Xplode

  # Operating System : Windows 7 Professional Service Pack 1 (64 bits)

  # Username : Marianne - MARIANNE-PC

  # Running from : C:\Users\Marianne\Desktop\adwcleaner.exe

  # Option : Clean

  ***** *****

  ***** *****

  ***** *****

  ***** *****

  Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_tweetdeck_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_tweetdeck_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_farming-simulator-2013_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_farming-simulator-2013_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2012_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2012_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

  Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

  Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

  Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  ***** *****

  -\\ Internet Explorer v10.0.9200.16660

  -\\ Google Chrome v29.0.1547.57

  *************************

  AdwCleaner.txt - -

  AdwCleaner.txt - -

  ########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########

  # AdwCleaner v3.016 - Report created 06/01/2014 at 19:44:40

  # Updated 23/12/2013 by Xplode

  # Operating System : Windows 7 Professional Service Pack 1 (64 bits)

  # Username : Marianne - MARIANNE-PC

  # Running from : C:\Users\Marianne\Desktop\adwcleaner.exe

  # Option : Clean

  ***** *****

  ***** *****

  Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec

  Folder Deleted : C:\Program Files (x86)\myfree codec

  ***** *****

  ***** *****

  Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL

  Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager

  Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_tweetdeck_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_tweetdeck_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_farming-simulator-2013_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_farming-simulator-2013_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2012_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2012_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

  Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}

  Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

  Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

  Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

  Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

  Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

  Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Deleted : HKCU\Software\Myfree Codec

  Key Deleted : HKCU\Software\Softonic

  Key Deleted : HKLM\Software\Myfree Codec

  Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

  ***** *****

  -\\ Internet Explorer v11.0.9600.16428

  -\\ Google Chrome v31.0.1650.63

  *************************

  AdwCleaner.txt - -

  AdwCleaner.txt - -

  AdwCleaner.txt - -

  ########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########

  # AdwCleaner v3.016 - Report created 06/01/2014 at 19:42:54

  # Updated 23/12/2013 by Xplode

  # Operating System : Windows 7 Professional Service Pack 1 (64 bits)

  # Username : Marianne - MARIANNE-PC

  # Running from : C:\Users\Marianne\Desktop\adwcleaner.exe

  # Option : Scan

  ***** *****

  ***** *****

  Folder Found C:\Program Files (x86)\myfree codec

  Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec

  ***** *****

  ***** *****

  Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

  Key Found : HKCU\Software\Myfree Codec

  Key Found : HKCU\Software\Softonic

  Key Found : HKCU\Software\Myfree Codec

  Key Found : HKCU\Software\Softonic

  Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

  Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

  Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL

  Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}

  Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

  Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}

  Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}

  Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

  Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

  Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}

  Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

  Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

  Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager

  Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1

  Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

  Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

  Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

  Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

  Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

  Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_tweetdeck_RASAPI32

  Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_tweetdeck_RASMANCS

  Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_farming-simulator-2013_RASAPI32

  Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_farming-simulator-2013_RASMANCS

  Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2012_RASAPI32

  Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2012_RASMANCS

  Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Found : HKLM\Software\Myfree Codec

  Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

  Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

  Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

  ***** *****

  -\\ Internet Explorer v11.0.9600.16428

  -\\ Google Chrome v31.0.1650.63

  *************************

  AdwCleaner.txt - -

  AdwCleaner.txt - -

  AdwCleaner.txt - -

  ########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########

  Malwarebytes Anti-Malware 1.75.0.1300

  www.malwarebytes.org

  Databaseversie: v2014.01.06.06

  Windows 7 Service Pack 1 x64 NTFS

  Internet Explorer 11.0.9600.16476

  Marianne :: MARIANNE-PC

  6-1-2014 19:56:07

  mbam-log-2014-01-06 (19-56-07).txt

  Scan type: Snelle scan

  Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

  Uitgeschakelde scan opties: P2P

  Objecten gescand: 243828

  Verstreken tijd: 8 minuut/minuten, 2 seconde(n)

  Geheugenprocessen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registerwaarden gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Mappen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden gedetecteerd: 2

  C:\Users\Marianne\AppData\Local\Temp\FreemakeVideoConverter_4.1.0.1.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.

  C:\Users\Marianne\AppData\Local\DM\tinyoffers.exe (PUP.Optional.InstallMonetizer.A) -> Succesvol in quarantaine geplaatst en verwijderd.

  (einde)

 • Ben

  Hallo,

  Dit ziet er allemaal weer netjes uit (tu)

  Je mag RSIT en Adwcleaner weer verwijderen, mbam kan je behouden en één maal in de week (na te hebben geupdate) je pc mee scannen.

 • marianne40

  Bedankt voor de snelle reactie. Ik ben blij dat alles er goed uitziet.Ik zag wel iets van softonic ertussen staan moet dit niet verwijderd worden? Want daardoor krijg je toch ook veel troep op je pc?

 • Ben

  Hallo,

  Als het goed is is die verwijderd maar ik wil wel even voor de zekerheid kijken.

  Download

  Zoek.zip naar het bureaublad.

  Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.

  Antivirussoftware uitschakelen

  Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

  Antivirus software uitschakelen

  Antispy & malware software uitschakelen

  Zoek.exe uitvoeren

  Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

  Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".

  Dubbelklik vervolgens op Zoek.exe om de tool te starten.

  Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

  Kopieer nu onderstaande code en plak die in het grote invulvenster:

  Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

  firefoxlook;

  emptyclsid;

  torpigcheck;

  emptyfolderscheck;delete

  chromelook;

  standardsearch;

  filesrcm;

  autoclean;

  startupall;

  Klik nu op de knop "Run script".

  Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  Post het geopende logje in het volgende bericht.

 • marianne40

  Hier het logje van zoek.exe

  Zoek.exe v5.0.0.0 Updated 05-Januari-2014

  Tool run by Marianne on di 07-01-2014 at 18:33:35,25.

  Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64

  Running in: Normal Mode Internet Access Detected

  Launched: C:\Users\Marianne\Desktop\zoek.exe

  ==== System Restore Info ======================

  7-1-2014 18:35:49 Zoek.exe System Restore Point Created Succesfully.

  ==== Torpig Check ======================

  HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll

  HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll

  ==== Empty Folders Check ======================

  C:\ProgramData\Oracle deleted successfully

  C:\Users\Marianne\AppData\Local\Adobe deleted successfully

  C:\Users\Marianne\AppData\Local\VirtualStore deleted successfully

  ==== Deleting CLSID Registry Keys ======================

  HKEY_USERS\S-1-5-21-1574775380-1247856254-1461627734-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully

  HKEY_USERS\S-1-5-21-1574775380-1247856254-1461627734-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully

  HKEY_CLASSES_ROOT\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully

  ==== Deleting CLSID Registry Values ======================

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully

  ==== Running Processes ======================

  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

  C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

  C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe

  C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe

  C:\Users\Marianne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

  C:\Program Files (x86)\Skype\Phone\Skype.exe

  C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe

  C:\Users\Marianne\AppData\Local\DM\TinyDM.exe

  C:\Program Files (x86)\Samsung\Kies\Kies.exe

  C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

  C:\Program Files (x86)\MagicDisc\MagicDisc.exe

  C:\Program Files (x86)\CyberLink\Shared Files\brs.exe

  C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe

  C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

  C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

  C:\Program Files (x86)\iTunes\iTunesHelper.exe

  C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

  C:\Users\Marianne\Desktop\zoek.exe

  C:\Windows\SysWOW64\cmd.exe

  C:\Windows\SysWOW64\cmd.exe

  C:\Windows\SysWOW64\cmd.exe

  ==== Deleting Services ======================

  ==== Deleting Files \ Folders ======================

  C:\Windows\SysWow64\AI_RecycleBin deleted

  “C:\Windows\SCC87048B.tmp” not deleted

  ==== System Specs ======================

  Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)

  Memory (RAM): 4096 MB

  CPU Info: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz

  CPU Speed: 2376,3 MHz

  Sound Card: Luidsprekers (Realtek High Defi |

  Realtek Digital Output (Realtek |

  Display Adapters: NVIDIA GeForce 8800 GT | NVIDIA GeForce 8800 GT | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

  Monitors: 1x; SyncMaster 226BW(Digital) |

  Screen Resolution: 1680 X 1050 - 32 bit

  Network: Network Present

  Network Adapters: Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller

  CD / DVD Drives: 3x (F: | G: | J: | ) F: LITE-ON DVDRW LH-20A1S | G: ASUS DVD-E818AT | J: MagicISOVirtual DVD-ROM

  Ports: COM1 LPT Port NOT Present.

  Mouse: 8 Button Wheel Mouse Present

  Hard Disks: C: 232,8GB | D: 135,2GB | E: 97,7GB

  Hard Disks - Free: C: 152,6GB | D: 33,6GB | E: 42,3GB

  Manufacturer *: American Megatrends Inc.

  BIOS Info: AT/AT COMPATIBLE | 10/14/08 | _ASUS_ - 10000814

  Time Zone: West-Europa (standaardtijd)

  Motherboard *: ASUSTeK Computer INC. P5K

  Country: Nederland

  Language: NLD

  ==== System Specs (Software) ======================

  Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)

  Anti-Spyware: Windows Defender disabled (Outdated)

  Anti-Spyware: Microsoft Security Essentials disabled (Outdated)

  Default Browser: Google Chrome 31.0.1650.63

  Internet Explorer Version: 11.0.9600.16476

  Google Chrome version: 31.0.1650.63

  Sun Java version: 1.7.0_45 (32-bit)

  Shockwave Player version: 12.0r112

  ==== Files Recently Created / Modified ======================

  ====== C:\Windows ====

  ====== C:\Users\Marianne\AppData\Local\Temp ====

  ====== Java Cache =====

  ====== C:\Windows\SysWOW64 =====

  ====== C:\Windows\SysWOW64\drivers =====

  ====== C:\Windows\Sysnative =====

  ====== C:\Windows\Sysnative\drivers =====

  2013-12-12 10:53:52 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 —-a-w- C:\Windows\Sysnative\drivers\drmk.sys

  2013-12-12 10:53:52 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 —-a-w- C:\Windows\Sysnative\drivers\portcls.sys

  ====== C:\Windows\Tasks ======

  ====== C:\Windows\Temp ======

  ======= C:\Program Files =====

  2013-12-15 15:16:45 ——– d—–w- C:\Program Files\iTunes

  2013-12-15 15:16:45 ——– d—–w- C:\Program Files\iPod

  ======= C:\PROGRA~2 =====

  2013-12-15 15:16:45 ——– d—–w- C:\PROGRA~2\iTunes

  ======= C: =====

  ====== C:\Users\Marianne\AppData\Roaming ======

  ====== C:\Users\Marianne ======

  2014-01-06 20:12:33 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\Marianne\Desktop\RSITx64.exe

  2014-01-06 19:10:07 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 —-a-w- C:\Users\Marianne\Desktop\esetsmartinstaller_enu.exe

  2014-01-06 18:54:56 683FDD3D773C58B262DC07CD0C6CE938 10285040 —-a-w- C:\Users\Marianne\Desktop\mbam-setup-1.75.0.1300.exe

  2014-01-06 18:42:04 AF5C84446657B48C9B9B870C46438261 1233962 —-a-w- C:\Users\Marianne\Desktop\adwcleaner.exe

  2013-12-17 10:18:36 ——– d—–w- C:\ProgramData\IObit

  2013-12-15 15:17:47 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

  2013-12-15 15:16:45 ——– d—–w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

  2013-12-15 12:33:57 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

  ====== C: exe-files ==

  2014-01-06 20:12:33 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\Marianne\Desktop\RSITx64.exe

  2014-01-06 19:10:07 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 —-a-w- C:\Users\Marianne\Desktop\esetsmartinstaller_enu.exe

  2014-01-06 18:54:56 683FDD3D773C58B262DC07CD0C6CE938 10285040 —-a-w- C:\Users\Marianne\Desktop\mbam-setup-1.75.0.1300.exe

  2014-01-06 18:42:04 AF5C84446657B48C9B9B870C46438261 1233962 —-a-w- C:\Users\Marianne\Desktop\adwcleaner.exe

  2013-12-31 19:18:24 61350395623EE95ADB3EEDB4E60F2601 610304 —-a-w- C:\Users\Marianne\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

  === C: other files ==

  ==== Startup Registry Enabled ======================

  “Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”

  “Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”

  “Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”

  “IncrediMail”=“C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c”

  “EPLTarget\P0000000000000000”=“C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus Office BX535WD”

  “AnyDVD”=“C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe”

  “Spotify Web Helper”=“C:\Users\Marianne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”

  “Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”

  “Spotify”=“C:\Users\Marianne\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart”

  “Tiny download manager”=“C:\Users\Marianne\AppData\Local\DM\TinyDM.exe /M”

  “KiesPreload”=“C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload”

  @=“C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe”

  “mctadmin”=“C:\Windows\System32\mctadmin.exe”

  “mctadmin”=“C:\Windows\System32\mctadmin.exe”

  “BDRegion”=“C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe”

  “GrooveMonitor”=“C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe”

  “EEventManager”=“C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe”

  “ArcSoft Connection Service”=“C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe”

  “KiesTrayAgent”=“C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe”

  “SunJavaUpdateSched”=“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”

  “APSDaemon”=“C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”

  “iTunesHelper”=“C:\Program Files (x86)\iTunes\iTunesHelper.exe”

  “Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”

  “IncrediMail”=“C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c”

  “EPLTarget\P0000000000000000”=“C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus Office BX535WD”

  “AnyDVD”=“C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe”

  “Spotify Web Helper”=“C:\Users\Marianne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”

  “Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”

  “Spotify”=“C:\Users\Marianne\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart”

  “Tiny download manager”=“C:\Users\Marianne\AppData\Local\DM\TinyDM.exe /M”

  “KiesPreload”=“C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload”

  @=“C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe”

  ==== Startup Registry Enabled x64 ======================

  “MSC”=“c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey”

  “EvtMgr6”=“C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming”

  “RTHDVCPL”=“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s”

  ==== Startup Folders ======================

  2013-09-16 16:55:53 993 —-a-w- C:\Users\Marianne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk

  ==== Task Scheduler Jobs ======================

  C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  ==== Other Scheduled Tasks ======================

  “C:\Windows\SysNative\tasks\Adobe Flash Player Updater”

  “C:\Windows\SysNative\tasks\CCleanerSkipUAC”

  “C:\Windows\SysNative\tasks\CreateChoiceProcessTask”

  “C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore”

  “C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA”

  “C:\Windows\SysNative\tasks\Maxthon Update”

  “C:\Windows\SysNative\tasks\SmartDefragUpdate”

  “C:\Windows\SysNative\tasks\SmartDefrag_Startup”

  “C:\Windows\SysNative\tasks\{5412B841-3A55-46BF-AB02-478F5942BC62}”

  “C:\Windows\SysNative\tasks\{C9E0F9E2-102C-495A-9244-CD3B82A7AB13}”

  “C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate”

  ==== Folders in C:\ProgramData 0-6 Months Old ======================

  2013-07-19 20:05:36 ——– d—–w- C:\ProgramData\Sony

  2013-07-19 20:09:35 ——– d—–w- C:\ProgramData\Sony Ericsson

  2013-08-06 12:24:43 ——– d–h–w- C:\ProgramData\ArcSoft

  2013-08-18 15:48:23 ——– d—–w- C:\ProgramData\Samsung

  2013-09-30 18:38:03 ——– d—–w- C:\ProgramData\PMB Files

  2013-11-03 11:49:54 ——– d—–w- C:\ProgramData\Apple

  2013-11-03 11:52:07 ——– d—–w- C:\ProgramData\Apple Computer

  2013-11-04 11:43:54 ——– d—–w- C:\ProgramData\Freemake

  2013-12-15 15:16:45 ——– d—–w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

  2013-12-17 10:18:36 ——– d—–w- C:\ProgramData\IObit

  ==== Firefox Extensions Registry ======================

  “fmconverter@gmail.com”=“C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox”

  ==== Chrome Look ======================

  HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

  edaibbiobngpbmeonadpbfafbkimjbdd - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx

  jbolfgndggfhhpbnkgnpjkfhinclbigj - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx

  lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

  Google Docs - Marianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

  Google Drive - Marianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

  YouTube - Marianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

  Last updated at time on date - Marianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

  Google Search - Marianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

  Logitech SetPoint - Marianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd

  Freemake Video Converter - Marianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj

  Skype Click to Call - Marianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

  Google Wallet - Marianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

  Gmail - Marianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

  ==== Set IE to Default ======================

  Old Values:

  “Start Page”=“http://www.google.nl/”

  No DefaultScope Set For HKCU

  New Values:

  “Start Page”=“http://www.google.nl/”

  “DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”

  ==== All HKCU SearchScopes ======================

  HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

  {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&r=”

  {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”

  ==== HijackThis Entries ======================

  F2 - REG:system.ini: UserInit=userinit.exe,

  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

  O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

  O4 - HKLM\..\Run: C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe”

  O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

  O4 - HKLM\..\Run: C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\iTunes\iTunesHelper.exe”

  O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

  O4 - HKCU\..\Run: C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c

  O4 - HKCU\..\Run: C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT “EPLTarget\P0000000000000000” /M “Epson Stylus Office BX535WD”

  O4 - HKCU\..\Run: C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe

  O4 - HKCU\..\Run: “C:\Users\Marianne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”

  O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun

  O4 - HKCU\..\Run: “C:\Users\Marianne\AppData\Roaming\Spotify\Spotify.exe” /uri spotify:autostart

  O4 - HKCU\..\Run: “C:\Users\Marianne\AppData\Local\DM\TinyDM.exe” /M

  O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

  O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

  O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)

  O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)

  O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe

  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

  O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

  O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

  O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

  O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O11 - Options group: Accelerated graphics

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

  O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

  O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

  O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

  O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

  O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

  O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

  O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

  O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

  O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

  O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

  ==== Empty IE Cache ======================

  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Users\Marianne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Users\Marianne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

  C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  ==== Empty FireFox Cache ======================

  No FireFox Profiles found

  ==== Empty Chrome Cache ======================

  C:\Users\Marianne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

  ==== Empty All Flash Cache ======================

  Flash Cache Emptied Successfully

  ==== Empty All Java Cache ======================

  Java Cache cleared successfully

  ==== C:\zoek_backup content ======================

  C:\zoek_backup (files=1 folders=10 140 bytes)

  ==== Empty Temp Folders ======================

  C:\Users\Default\AppData\Local\Temp emptied successfully

  C:\Users\Default User\AppData\Local\Temp emptied successfully

  C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

  C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

  C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

  C:\Users\Marianne\AppData\Local\Temp will be emptied at reboot

  C:\Windows\Temp will be emptied at reboot

  ==== After Reboot ======================

  ==== Empty Temp Folders ======================

  C:\Windows\Temp successfully emptied

  C:\Users\Marianne\AppData\Local\Temp successfully emptied

  ==== Empty Recycle Bin ======================

  C:\$RECYCLE.BIN successfully emptied

  ==== Deleting Files / Folders ======================

  “C:\Windows\SCC87048B.tmp” not deleted

  ==== EOF on di 07-01-2014 at 18:50:02,55 ======================

 • Ben

  Hallo,

  Dat ziet er netjes uit (tu)

  Malwarebytes kan je laten staan en één maal in de week (na te hebben geupdate) je pc mee scannen.

  Met het onderstaande tooltje ruim je o.a. alle gebruikte tools op:

  Download

  Delfix by Xplode naar het bureaublad.

  Dubbelklik op Delfix.exe om de tool te starten.

  Zet nu een vinkje voor het volgende item:

  * Remove disinfection tools

  Klik nu op "Run" en wacht geduldig tot de tool gereed is.

  Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.

  Mochten er nog tools of mappen overgebleven zijn dan kan je die zelf verwijderen.

 • marianne40

  Super. Bedankt weer voor de hulp.

  Groetjes Marianne

 • Ben

  Hallo,

  Bedankt en graag gedaan :)

 • fazantje

  Omdat dit topic is opgelost word het gesloten.

  Wilt U Uw topic als nog weer openen, stuur dan een privé bericht naar Ben of Huib (fazantje).

  Zij zullen dan het “slotje” er van af halen en het topic is weer open.

  Het AV team.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.