hallo allemaal,
ik heb mijn oude ccleaner verwijderd en de nieuwe versie erin gezet,
sinds dien krijg ik als ik internet open sweet pagina ipv mijn vertrouwde startpagina.nl
ik heb bij internetpties al een paar keer veranderd en opgeslagen maar die sweet shit komt steeds als startpagina.
wat moet ik doen om wel startpagina te krijgen als ik mijn internet open?
alvast bedankt voor jullie hulp
groetjes isabel
hallo ben ik heb alles gedaan wat je zei…hierbij mijn logjes
Logfile of random's system information tool 1.09 (written by random/random)
Run by Isabel at 2014-01-19 15:24:46
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 127 GB (83%) free of 153 GB
Total RAM: 1013 MB (13% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:25:03, on 19-1-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
C:\Windows\Explorer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CapsLKNotify\CapsLKNotify.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Isabel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ULW5GHJA\RSIT.exe
C:\Program Files\trend micro\Isabel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1390134736&from=cor&uid=WDCXWD1600BEVT-75ZCT2_WD-WXD0AC9W8949W8949&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1390134736&from=cor&uid=WDCXWD1600BEVT-75ZCT2_WD-WXD0AC9W8949W8949&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1390134736&from=cor&uid=WDCXWD1600BEVT-75ZCT2_WD-WXD0AC9W8949W8949&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {296aa17d-c89e-4242-a5a4-44bfe76914a2} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: “C:\Program Files\LogMeIn\x86\LogMeInSystray.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: C:\Program Files\CapsLKNotify\CapsLKNotify.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: “c:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe”
O4 - HKCU\..\Run: “C:\Users\Isabel\AppData\Local\Facebook\Update\FacebookUpdate.exe” /c /nocrashserver
O4 - HKCU\..\Run: “C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe” /autoclean
O4 - HKCU\..\Run: “C:\Program Files\CCleaner\CCleaner.exe” /AUTO
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (file missing)
O11 - Options group: Accelerated graphics
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} (DellSystem.Scanner) - http://xserv.dell.com/DellDriverScanner/DellSystem.CAB
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
–
End of file - 7642 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-670820757-871311736-3026841884-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-670820757-871311736-3026841884-1000UA.job
======Registry dump======
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll
Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Windows 7 Starter Helper - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll
“LogMeIn GUI”=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
“Adobe ARM”=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“SynTPEnh”=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
“CapsLKNotify”=C:\Program Files\CapsLKNotify\CapsLKNotify.exe
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“Persistence”=C:\Windows\system32\igfxpers.exe
“RtHDVCpl”=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
“MSC”=c:\Program Files\Microsoft Security Client\msseces.exe
“APSDaemon”=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
“SunJavaUpdateSched”=C:\Program Files\Common Files\Java\Java Update\jusched.exe
“SDTray”=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
“Facebook Update”=C:\Users\Isabel\AppData\Local\Facebook\Update\FacebookUpdate.exe
“Spybot-S&D Cleaning”=C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
“CCleaner”=C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
C:\Windows\system32\igfxdev.dll
SDWinLogon.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoDriveTypeAutoRun”=145
“C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe”=“C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon”
“C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe”=“C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service”
“C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe”=“C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater”
“C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe”=“C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service”
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“vidc.cvid”=iccvid.dll
“MSVideo8”=VfWWDM32.dll
“vidc.ffds”=ff_vfw.dll
“vidc.xvid”=xvidvfw.dll
“vidc.lags”=lagarith.dll
“msacm.divxa32”=DivXa32.acm
“msacm.lameacm”=LameACM.acm
“wave1”=wdmaud.drv
“mixer1”=wdmaud.drv
“wave2”=wdmaud.drv
“mixer2”=wdmaud.drv
“wave3”=wdmaud.drv
“mixer3”=wdmaud.drv
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“wave4”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer4”=wdmaud.drv
“aux1”=wdmaud.drv
“msacm.siren”=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2014-01-19 15:24:47 —-D—- C:\Program Files\trend micro
2014-01-19 15:24:46 —-D—- C:\rsit
2014-01-19 14:50:03 —-D—- C:\Users\Isabel\AppData\Roaming\Malwarebytes
2014-01-19 14:49:36 —-D—- C:\ProgramData\Malwarebytes
2014-01-19 14:49:29 —-D—- C:\Program Files\Malwarebytes' Anti-Malware
2014-01-19 14:49:29 —-A—- C:\Windows\system32\drivers\mbam.sys
2014-01-19 13:34:06 —-D—- C:\Program Files\CCleaner
2014-01-19 13:32:40 —-D—- C:\Users\Isabel\AppData\Roaming\0V1L2Z2Z1T1I1L1T
2014-01-19 13:32:33 —-D—- C:\ProgramData\WPM
2014-01-19 13:21:08 —-SHD—- C:\Config.Msi
2014-01-19 13:18:14 —-D—- C:\ProgramData\APN
2014-01-19 13:15:57 —-A—- C:\Windows\system32\javaws.exe
2014-01-19 13:15:31 —-A—- C:\Windows\system32\WindowsAccessBridge.dll
2014-01-19 13:15:31 —-A—- C:\Windows\system32\javaw.exe
2014-01-19 13:15:31 —-A—- C:\Windows\system32\java.exe
2014-01-15 18:17:38 —-A—- C:\Windows\system32\win32k.sys
2014-01-15 18:17:24 —-A—- C:\Windows\system32\drivers\netio.sys
2014-01-15 18:17:14 —-A—- C:\Windows\system32\drivers\usbehci.sys
2014-01-15 18:17:13 —-A—- C:\Windows\system32\drivers\usbport.sys
2014-01-15 18:17:13 —-A—- C:\Windows\system32\drivers\usbhub.sys
2014-01-15 18:17:12 —-A—- C:\Windows\system32\drivers\usbccgp.sys
2014-01-15 18:17:11 —-A—- C:\Windows\system32\drivers\usbuhci.sys
2014-01-15 18:17:10 —-A—- C:\Windows\system32\drivers\usbohci.sys
2014-01-15 18:17:09 —-A—- C:\Windows\system32\drivers\usbd.sys
2013-12-22 16:16:50 —-D—- C:\Users\Isabel\AppData\Roaming\QuickScan
======List of files/folders modified in the last 1 month======
2014-01-19 15:24:47 —-RD—- C:\Program Files
2014-01-19 15:24:44 —-D—- C:\Windows\Temp
2014-01-19 15:23:43 —-D—- C:\Windows
2014-01-19 15:20:45 —-D—- C:\Windows\system32\config
2014-01-19 15:19:00 —-D—- C:\Windows\system32\drivers
2014-01-19 15:16:21 —-D—- C:\Windows\Branding
2014-01-19 15:16:19 —-HD—- C:\ProgramData
2014-01-19 14:50:42 —-D—- C:\Windows\Prefetch
2014-01-19 14:15:22 —-SD—- C:\Users\Isabel\AppData\Roaming\Microsoft
2014-01-19 14:05:04 —-D—- C:\Windows\system32\Tasks
2014-01-19 14:05:02 —-D—- C:\Windows\Tasks
2014-01-19 13:51:13 —-D—- C:\Windows\inf
2014-01-19 13:37:18 —-SHD—- C:\Windows\Installer
2014-01-19 13:25:29 —-D—- C:\ProgramData\LogMeIn
2014-01-19 13:25:03 —-D—- C:\Windows\debug
2014-01-19 13:17:02 —-D—- C:\ProgramData\Oracle
2014-01-19 13:15:57 —-D—- C:\Windows\System32
2014-01-19 13:15:31 —-D—- C:\Program Files\Java
2014-01-19 13:14:31 —-SHD—- C:\System Volume Information
2014-01-15 19:31:59 —-D—- C:\Windows\winsxs
2014-01-15 19:28:52 —-D—- C:\Windows\system32\DriverStore
2014-01-15 19:03:10 —-D—- C:\Windows\system32\MRT
2014-01-15 19:02:51 —-A—- C:\Windows\system32\MRT.exe
2014-01-15 18:16:35 —-D—- C:\Windows\system32\catroot
2014-01-15 18:13:32 —-D—- C:\Windows\system32\catroot2
2014-01-02 18:02:08 —-A—- C:\Windows\system32\PerfStringBackup.INI
2013-12-25 01:33:55 —-D—- C:\ProgramData\Spybot - Search & Destroy
2013-12-22 16:08:22 —-D—- C:\Windows\Panther
2013-12-22 16:08:21 —-D—- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 EMSC;COMPAL Embedded System Control; C:\Windows\system32\DRIVERS\EMSC.SYS
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys
S1 MpKsl8c0cb4ca;MpKsl8c0cb4ca; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{82BD3CEC-A3A9-4033-BCCF-92787C984A90}\MpKsl8c0cb4ca.sys
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
S3 phaudlwr;Philips Audio Filter; C:\Windows\system32\DRIVERS\phaudlwr.sys
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys
S3 SPC520;Philips SPC520NC PC Camera; C:\Windows\system32\drivers\SPC520.sys
S3 SPC520m;Philips SPC520NC PC Cameram; C:\Windows\system32\drivers\SPC520m.sys
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe
—————–EOF—————–
Logfile of random's system information tool 1.09 (written by random/random)
Run by Isabel at 2014-01-19 15:24:46
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 127 GB (83%) free of 153 GB
Total RAM: 1013 MB (13% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:25:03, on 19-1-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
C:\Windows\Explorer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CapsLKNotify\CapsLKNotify.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Isabel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ULW5GHJA\RSIT.exe
C:\Program Files\trend micro\Isabel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1390134736&from=cor&uid=WDCXWD1600BEVT-75ZCT2_WD-WXD0AC9W8949W8949&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1390134736&from=cor&uid=WDCXWD1600BEVT-75ZCT2_WD-WXD0AC9W8949W8949&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1390134736&from=cor&uid=WDCXWD1600BEVT-75ZCT2_WD-WXD0AC9W8949W8949&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {296aa17d-c89e-4242-a5a4-44bfe76914a2} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: “C:\Program Files\LogMeIn\x86\LogMeInSystray.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: C:\Program Files\CapsLKNotify\CapsLKNotify.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: “c:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe”
O4 - HKCU\..\Run: “C:\Users\Isabel\AppData\Local\Facebook\Update\FacebookUpdate.exe” /c /nocrashserver
O4 - HKCU\..\Run: “C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe” /autoclean
O4 - HKCU\..\Run: “C:\Program Files\CCleaner\CCleaner.exe” /AUTO
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (file missing)
O11 - Options group: Accelerated graphics
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} (DellSystem.Scanner) - http://xserv.dell.com/DellDriverScanner/DellSystem.CAB
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
–
End of file - 7642 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-670820757-871311736-3026841884-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-670820757-871311736-3026841884-1000UA.job
======Registry dump======
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll
Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Windows 7 Starter Helper - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll
“LogMeIn GUI”=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
“Adobe ARM”=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“SynTPEnh”=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
“CapsLKNotify”=C:\Program Files\CapsLKNotify\CapsLKNotify.exe
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“Persistence”=C:\Windows\system32\igfxpers.exe
“RtHDVCpl”=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
“MSC”=c:\Program Files\Microsoft Security Client\msseces.exe
“APSDaemon”=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
“SunJavaUpdateSched”=C:\Program Files\Common Files\Java\Java Update\jusched.exe
“SDTray”=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
“Facebook Update”=C:\Users\Isabel\AppData\Local\Facebook\Update\FacebookUpdate.exe
“Spybot-S&D Cleaning”=C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
“CCleaner”=C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
C:\Windows\system32\igfxdev.dll
SDWinLogon.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoDriveTypeAutoRun”=145
“C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe”=“C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon”
“C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe”=“C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service”
“C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe”=“C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater”
“C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe”=“C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service”
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“vidc.cvid”=iccvid.dll
“MSVideo8”=VfWWDM32.dll
“vidc.ffds”=ff_vfw.dll
“vidc.xvid”=xvidvfw.dll
“vidc.lags”=lagarith.dll
“msacm.divxa32”=DivXa32.acm
“msacm.lameacm”=LameACM.acm
“wave1”=wdmaud.drv
“mixer1”=wdmaud.drv
“wave2”=wdmaud.drv
“mixer2”=wdmaud.drv
“wave3”=wdmaud.drv
“mixer3”=wdmaud.drv
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“wave4”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer4”=wdmaud.drv
“aux1”=wdmaud.drv
“msacm.siren”=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2014-01-19 15:24:47 —-D—- C:\Program Files\trend micro
2014-01-19 15:24:46 —-D—- C:\rsit
2014-01-19 14:50:03 —-D—- C:\Users\Isabel\AppData\Roaming\Malwarebytes
2014-01-19 14:49:36 —-D—- C:\ProgramData\Malwarebytes
2014-01-19 14:49:29 —-D—- C:\Program Files\Malwarebytes' Anti-Malware
2014-01-19 14:49:29 —-A—- C:\Windows\system32\drivers\mbam.sys
2014-01-19 13:34:06 —-D—- C:\Program Files\CCleaner
2014-01-19 13:32:40 —-D—- C:\Users\Isabel\AppData\Roaming\0V1L2Z2Z1T1I1L1T
2014-01-19 13:32:33 —-D—- C:\ProgramData\WPM
2014-01-19 13:21:08 —-SHD—- C:\Config.Msi
2014-01-19 13:18:14 —-D—- C:\ProgramData\APN
2014-01-19 13:15:57 —-A—- C:\Windows\system32\javaws.exe
2014-01-19 13:15:31 —-A—- C:\Windows\system32\WindowsAccessBridge.dll
2014-01-19 13:15:31 —-A—- C:\Windows\system32\javaw.exe
2014-01-19 13:15:31 —-A—- C:\Windows\system32\java.exe
2014-01-15 18:17:38 —-A—- C:\Windows\system32\win32k.sys
2014-01-15 18:17:24 —-A—- C:\Windows\system32\drivers\netio.sys
2014-01-15 18:17:14 —-A—- C:\Windows\system32\drivers\usbehci.sys
2014-01-15 18:17:13 —-A—- C:\Windows\system32\drivers\usbport.sys
2014-01-15 18:17:13 —-A—- C:\Windows\system32\drivers\usbhub.sys
2014-01-15 18:17:12 —-A—- C:\Windows\system32\drivers\usbccgp.sys
2014-01-15 18:17:11 —-A—- C:\Windows\system32\drivers\usbuhci.sys
2014-01-15 18:17:10 —-A—- C:\Windows\system32\drivers\usbohci.sys
2014-01-15 18:17:09 —-A—- C:\Windows\system32\drivers\usbd.sys
2013-12-22 16:16:50 —-D—- C:\Users\Isabel\AppData\Roaming\QuickScan
======List of files/folders modified in the last 1 month======
2014-01-19 15:24:47 —-RD—- C:\Program Files
2014-01-19 15:24:44 —-D—- C:\Windows\Temp
2014-01-19 15:23:43 —-D—- C:\Windows
2014-01-19 15:20:45 —-D—- C:\Windows\system32\config
2014-01-19 15:19:00 —-D—- C:\Windows\system32\drivers
2014-01-19 15:16:21 —-D—- C:\Windows\Branding
2014-01-19 15:16:19 —-HD—- C:\ProgramData
2014-01-19 14:50:42 —-D—- C:\Windows\Prefetch
2014-01-19 14:15:22 —-SD—- C:\Users\Isabel\AppData\Roaming\Microsoft
2014-01-19 14:05:04 —-D—- C:\Windows\system32\Tasks
2014-01-19 14:05:02 —-D—- C:\Windows\Tasks
2014-01-19 13:51:13 —-D—- C:\Windows\inf
2014-01-19 13:37:18 —-SHD—- C:\Windows\Installer
2014-01-19 13:25:29 —-D—- C:\ProgramData\LogMeIn
2014-01-19 13:25:03 —-D—- C:\Windows\debug
2014-01-19 13:17:02 —-D—- C:\ProgramData\Oracle
2014-01-19 13:15:57 —-D—- C:\Windows\System32
2014-01-19 13:15:31 —-D—- C:\Program Files\Java
2014-01-19 13:14:31 —-SHD—- C:\System Volume Information
2014-01-15 19:31:59 —-D—- C:\Windows\winsxs
2014-01-15 19:28:52 —-D—- C:\Windows\system32\DriverStore
2014-01-15 19:03:10 —-D—- C:\Windows\system32\MRT
2014-01-15 19:02:51 —-A—- C:\Windows\system32\MRT.exe
2014-01-15 18:16:35 —-D—- C:\Windows\system32\catroot
2014-01-15 18:13:32 —-D—- C:\Windows\system32\catroot2
2014-01-02 18:02:08 —-A—- C:\Windows\system32\PerfStringBackup.INI
2013-12-25 01:33:55 —-D—- C:\ProgramData\Spybot - Search & Destroy
2013-12-22 16:08:22 —-D—- C:\Windows\Panther
2013-12-22 16:08:21 —-D—- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 EMSC;COMPAL Embedded System Control; C:\Windows\system32\DRIVERS\EMSC.SYS
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys
S1 MpKsl8c0cb4ca;MpKsl8c0cb4ca; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{82BD3CEC-A3A9-4033-BCCF-92787C984A90}\MpKsl8c0cb4ca.sys
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
S3 phaudlwr;Philips Audio Filter; C:\Windows\system32\DRIVERS\phaudlwr.sys
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys
S3 SPC520;Philips SPC520NC PC Camera; C:\Windows\system32\drivers\SPC520.sys
S3 SPC520m;Philips SPC520NC PC Cameram; C:\Windows\system32\drivers\SPC520m.sys
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe
—————–EOF—————–
Hallo,
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Download Zoek.exe naar het bureaublad.
* Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
* Dubbelklik vervolgens op Zoek.exe om de tool te starten.
* Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
* Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
* Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
firefoxlook;
emptyclsid;
torpigcheck;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
autoclean;
{296aa17d-c89e-4242-a5a4-44bfe76914a2};c
C:\ProgramData\WPM;fs
{5C255C8A-E604-49b4-9D64-90988571CECB};c
startupall;
* Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
* Post het geopende logje in het volgende bericht.
Hallo,
Als je op de volgende link drukt: Zoek.exe
Krijg je en pagina met boven in drie groene knoppen druk op de linkse zoek.exe, die word dan op je bureaublad geplaatst.
Op je bureaublad staat dan dit symbool
Voer dan verder de stappen uit die ik heb aan gegeven
Ps.de scan kan wel 45 min duren dus wacht rustig af.
Hallo,
Als je op zoek.exe drukt krijg je dan niet onderin een popup met uitvoeren of opslaan?
Druk anders op zoek.zip en doe het volgende;
Klik met de rechtermuisknop op Zoek.zip en klik op de optie “Alles uitpakken”.
◾ Dubbelklik vervolgens op Zoek.exe om de tool te starten.
◾ Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Voer hierna wat ik al had beschreven.
Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
