Lappie is wat trager

rudi

18-06-2014 14:36

Ik vind mijn lappie wat aan de trage kant. Kan het me verbeelden, maar ik plaats toch even 2 logjes.
Misschien willen jullie ff meekijken?
Bedankt
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2014.06.18.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17126
R. Adelerhof :: RADELERHOF-PC
18-6-2014 14:26:44
mbam-log-2014-06-18 (14-26-44).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 284970
Verstreken tijd: 3 minuut/minuten, 14 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Logfile of random's system information tool 1.10 (written by random/random)
Run by R. Adelerhof at 2014-06-18 14:31:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 117 GB (58%) free of 203 GB
Total RAM: 8078 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:31:13, on 18-6-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\R. Adelerhof.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.vinden.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://antivirus.startpagina.nl/prikbord/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\ASUS\APRP\APRP.EXE”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe” “C:\Program Files (x86)\Cyberlink\DVD Suite” UpdateWithCreateOnce “Software\CyberLink\PowerStarter”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKLM\..\Run: “C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe” -osboot
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OnlineBackupService - CloudBackup - C:\Program Files\ArgewebBackup\OnlineBackupService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
–
End of file - 16483 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
“C:\Windows\system32\nvvsvc.exe”
“C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe”
C:\Windows\system32\svchost.exe -k RPCSS
“C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe”
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
“C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe”
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:000000000000032C;0000000000000330; /AddRef;
“C:\Windows\system32\FBAgent.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe”
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
“taskhost.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe”
“C:\Windows\system32\Dwm.exe”
taskeng.exe {ACAC2134-3313-40D3-B849-E327E6018F5B}
/QuitInfo:00000000000004F8;00000000000004FC; /AddRef;
/QuitInfo:0000000000000198;00000000000004B8;
ATKOSD.exe
C:\Windows\Explorer.EXE
/loadhooks /Parent:00000000000008B4
taskeng.exe {2C416AD2-4D29-4721-A9F0-4A899413B18B}
“C:\Program Files\ASUS\P4G\BatteryLife.exe”
“C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe”
“C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe”
“C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe”
“C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe”
KBFiltr.exe
“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”
“C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe”
“C:\Program Files (x86)\ASUS\Splendid\ACMON.exe”
WDC.exe
“C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe”
“C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe”
C:\Windows\system32\svchost.exe -k bthsvcs
“C:\Program Files\Intel\WiFi\bin\EvtEng.exe”
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
“C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe” /service
“C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE”
“C:\Program Files\Intel\iCLS Client\HeciServer.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe”
“C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe” -sMSSQLSERVER
“C:\Windows\System32\igfxtray.exe”
“C:\Windows\System32\hkcmd.exe”
“C:\Windows\AsScrPro.exe”
“C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe” -servicelaunch=true
“C:\Program Files\Elantech\ETDCtrl.exe”
“C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe” /MAXX3
“C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe”
“C:\Windows\System32\rundll32.exe” “C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll”,TrayApp
C:\Windows\System32\svchost.exe -k HPZ12
“C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe” /s “NIS” /m “C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\diMaster.dll” /prefetch:1
“C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe”
“C:\Program Files\ArgewebBackup\OnlineBackupService.exe”
“C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe” /c /a /s UserSession2
“C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
“C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe”
C:\Windows\System32\svchost.exe -k HPZ12
“C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe”
“C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe”
“C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe”
“C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe”
“C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe”
C:\Windows\system32\svchost.exe -k imgsvc
“C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”
“C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe”
“C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe”
C:\Windows\system32\wbem\unsecapp.exe -Embedding
“C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe” -osboot
WLIDSvcM.exe 5012
“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe” -s
C:\Windows\system32\wbem\wmiprvse.exe
“C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE” /logon
“C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe”
“C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe”
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
“C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe” -Embedding
“C:\Program Files\Elantech\ETDCtrlHelper.exe”
“C:\Program Files\Elantech\ETDGesture.exe”
“C:/Program Files/NVIDIA Corporation/Display/nvtray.exe” -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
“C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe”
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
“C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe”
“C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe”
“C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe”
“C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe” /DisableUI
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe”
“C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe”
“C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe”
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
“C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe”
“C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE”
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe -Embedding
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe”
C:\Windows\system32\WLANExt.exe 46703984
\??\C:\Windows\system32\conhost.exe "1787261419-14820227561289744616-438782890-221494103-21522991914342461611713413319
“C:\Program Files\Internet Explorer\IEXPLORE.EXE”
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3085899422-3526582053-2542983109-100151_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3085899422-3526582053-2542983109-100151 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon” “1”
“C:\Windows\system32\SearchFilterHost.exe” 0 528 532 540 65536 536
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:7044 CREDAT:267521 /prefetch:2
“C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe” /bgrecordhelpersvc
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:7044 CREDAT:726297 /prefetch:2
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe52_ Global\UsGthrCtrlFltPipeMssGthrPipe52 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon”
“C:\Users\R. Adelerhof\Desktop\RSITx64.exe”
C:\Windows\system32\wbem\wmiprvse.exe
rudi

18-06-2014 14:37

======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe –domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d –caller winlogon-impersonate
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe –domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d –caller scheduler-impersonate
=========Mozilla firefox=========
ProfilePath - C:\Users\R. Adelerhof\AppData\Roaming\Mozilla\Firefox\Profiles\dusbzwjy.default
prefs.js - “browser.search.useDBForOrder” - true
prefs.js - “browser.startup.homepage” - “about:home”
“Description”=Adobe® Flash® Player 13.0.0.214 Plugin
“Path”=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
“Description”=Intel IPT WebApi plugin
“Path”=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
“Description”=This plugin updates Intel WebAPI component
“Path”=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
“Description”=Office Authorization plug-in for NPAPI browsers
“Path”=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
“Description”=Microsoft SharePoint Plug-in for Firefox
“Path”=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=NVIDIA stereo images plugin for Mozilla browsers
“Path”=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
“Description”=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
“Path”=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
“Description”=RealPlayer™ LiveConnect-Enabled Plug-In
“Path”=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
“Description”=RealNetworks™ RealDownloader Chrome Background Extension Plug-In
“Path”=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
“Description”=RealNetworks™ RealDownloader HTML5VideoShim Plug-In
“Path”=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
“Description”=RealNetworks™ RealDownloader Peppe rFlash Video Shim Plug-In
“Path”=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
“Description”=RealPlayer Download Plugin
“Path”=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
“Description”=RealDownloader Plugin
“Path”=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
“Description”=Adobe® Flash® Player 13.0.0.214 Plugin
“Path”=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
“Description”=Office Authorization plug-in for NPAPI browsers
“Path”=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“ETDCtrl”=C:\Program Files\Elantech\ETDCtrl.exe
“RtHDVBg”=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
“BLEServicesCtrl”=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
“BTMTrayAgent”=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
“AmIcoSinglun64”=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\RF0C2~1.ADE\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\PROGRA~2\MICROS~1\Office14\ONENOTEM.EXE
“ASUSPRP”=C:\Program Files (x86)\ASUS\APRP\APRP.EXE
“ASUSWebStorage”=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
“USB3MON”=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
“ATKOSD2”=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
“ATKMEDIA”=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
“HControlUser”=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
“ASUS InstantKey”=C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
“Wireless Console 3”=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
“RemoteControl10”=C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
“UpdatePSTShortCut”=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe
“BCSSync”=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
“TkBellExe”=C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
“Adobe ARM”=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“CanonSolutionMenuEx”=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
“AppInit_DLLs”=“ C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll,C:\Windows\system32\nvinitx.dll”
C:\Windows\system32\igfxdev.dll
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“MSVideo8”=VfWWDM32.dll
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“wave2”=wdmaud.drv
“midi2”=wdmaud.drv
“mixer2”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
rudi

18-06-2014 14:38

======List of files/folders created in the last 1 month======
2014-06-18 14:31:05 —-D—- C:\rsit
2014-06-12 08:22:50 —-A—- C:\Windows\system32\drivers\tcpip.sys
2014-06-12 08:22:50 —-A—- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-12 08:22:47 —-A—- C:\Windows\system32\msxml6.dll
2014-06-12 08:22:46 —-A—- C:\Windows\SYSWOW64\msxml6.dll
2014-06-12 08:22:46 —-A—- C:\Windows\SYSWOW64\msxml3.dll
2014-06-12 08:22:46 —-A—- C:\Windows\system32\msxml3.dll
2014-06-12 08:22:45 —-A—- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-12 08:22:45 —-A—- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-12 08:22:45 —-A—- C:\Windows\system32\msxml6r.dll
2014-06-12 08:22:44 —-A—- C:\Windows\system32\msxml3r.dll
2014-06-12 08:22:41 —-A—- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 08:22:41 —-A—- C:\Windows\system32\rdpcorets.dll
2014-06-12 08:22:25 —-A—- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-12 08:22:25 —-A—- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-12 08:22:25 —-A—- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-12 08:22:24 —-A—- C:\Windows\SYSWOW64\urlmon.dll
2014-06-12 08:22:23 —-A—- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-12 08:22:23 —-A—- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 08:22:23 —-A—- C:\Windows\system32\ieetwproxystub.dll
2014-06-12 08:22:22 —-A—- C:\Windows\SYSWOW64\mshtml.dll
2014-06-12 08:22:22 —-A—- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-12 08:22:22 —-A—- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-12 08:22:21 —-A—- C:\Windows\SYSWOW64\iesetup.dll
2014-06-12 08:22:20 —-A—- C:\Windows\SYSWOW64\iertutil.dll
2014-06-12 08:22:20 —-A—- C:\Windows\system32\urlmon.dll
2014-06-12 08:22:20 —-A—- C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 08:22:19 —-A—- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-12 08:22:19 —-A—- C:\Windows\SYSWOW64\iernonce.dll
2014-06-12 08:22:18 —-A—- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-12 08:22:18 —-A—- C:\Windows\system32\ieetwcollector.exe
2014-06-12 08:22:18 —-A—- C:\Windows\system32\dxtmsft.dll
2014-06-12 08:22:17 —-A—- C:\Windows\SYSWOW64\ieui.dll
2014-06-12 08:22:17 —-A—- C:\Windows\SYSWOW64\ieframe.dll
2014-06-12 08:22:17 —-A—- C:\Windows\system32\msfeeds.dll
2014-06-12 08:22:16 —-A—- C:\Windows\system32\iesetup.dll
2014-06-12 08:22:16 —-A—- C:\Windows\system32\ie4uinit.exe
2014-06-12 08:22:15 —-A—- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-12 08:22:15 —-A—- C:\Windows\SYSWOW64\jscript9.dll
2014-06-12 08:22:15 —-A—- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-12 08:22:15 —-A—- C:\Windows\system32\iertutil.dll
2014-06-12 08:22:14 —-A—- C:\Windows\SYSWOW64\wininet.dll
2014-06-12 08:22:14 —-A—- C:\Windows\SYSWOW64\vbscript.dll
2014-06-12 08:22:14 —-A—- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-12 08:22:14 —-A—- C:\Windows\system32\jsproxy.dll
2014-06-12 08:22:13 —-A—- C:\Windows\SYSWOW64\msrating.dll
2014-06-12 08:22:13 —-A—- C:\Windows\system32\iernonce.dll
2014-06-12 08:22:11 —-A—- C:\Windows\system32\ieui.dll
2014-06-12 08:22:11 —-A—- C:\Windows\system32\ieframe.dll
2014-06-12 08:22:11 —-A—- C:\Windows\system32\dxtrans.dll
2014-06-12 08:22:10 —-A—- C:\Windows\system32\mshtmlmedia.dll
2014-06-12 08:22:10 —-A—- C:\Windows\system32\mshtmled.dll
2014-06-12 08:22:10 —-A—- C:\Windows\system32\jscript9diag.dll
2014-06-12 08:22:10 —-A—- C:\Windows\system32\ieUnatt.exe
2014-06-12 08:22:09 —-A—- C:\Windows\system32\vbscript.dll
2014-06-12 08:22:09 —-A—- C:\Windows\system32\jscript9.dll
2014-06-12 08:22:09 —-A—- C:\Windows\system32\ieapfltr.dll
2014-06-12 08:22:08 —-A—- C:\Windows\system32\wininet.dll
2014-06-12 08:22:07 —-A—- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 08:22:07 —-A—- C:\Windows\system32\msrating.dll
2014-06-12 08:22:06 —-A—- C:\Windows\system32\mshtml.dll
2014-06-12 08:21:23 —-A—- C:\Windows\system32\aepdu.dll
2014-06-12 08:21:20 —-A—- C:\Windows\system32\aeinv.dll
2014-06-12 08:21:16 —-A—- C:\Windows\system32\usp10.dll
2014-06-12 08:21:15 —-A—- C:\Windows\SYSWOW64\usp10.dll
2014-06-05 16:53:48 —-D—- C:\Program Files (x86)\HitmanPro.Alert
2014-06-05 16:53:48 —-A—- C:\Windows\SYSWOW64\hmpalert.dll
2014-06-05 16:53:48 —-A—- C:\Windows\system32\hmpalert.dll
2014-06-05 16:53:48 —-A—- C:\Windows\system32\drivers\hmpalert.sys
2014-06-04 21:11:49 —-A—- C:\Windows\system32\drivers\RapportKE64.sys
2014-06-04 21:11:34 —-D—- C:\Program Files (x86)\Trusteer
2014-06-04 21:10:54 —-D—- C:\ProgramData\Trusteer
2014-06-01 13:15:21 —-D—- C:\Windows\CryptoGuard
2014-05-23 21:11:24 —-D—- C:\AdwCleaner
======List of files/folders modified in the last 1 month======
2014-06-18 14:31:12 —-D—- C:\Program Files\trend micro
2014-06-18 14:28:16 —-D—- C:\Windows\system32\NDF
2014-06-18 14:24:54 —-D—- C:\Windows\Temp
2014-06-18 14:15:40 —-D—- C:\Users\R. Adelerhof\AppData\Roaming\GoodSync
2014-06-18 13:49:31 —-D—- C:\Windows\System32
2014-06-18 13:49:31 —-D—- C:\Windows\inf
2014-06-18 13:49:31 —-A—- C:\Windows\system32\PerfStringBackup.INI
2014-06-18 12:50:20 —-D—- C:\Windows\system32\config
2014-06-18 12:45:42 —-SHD—- C:\Windows\Installer
2014-06-18 12:45:22 —-SHD—- C:\System Volume Information
2014-06-18 12:41:02 —-A—- C:\Windows\SYSWOW64\log.txt
2014-06-18 12:39:11 —-D—- C:\Windows\system32\Tasks
2014-06-18 12:38:49 —-D—- C:\ProgramData\NVIDIA
2014-06-17 18:03:53 —-D—- C:\Program Files (x86)\Internet Explorer
2014-06-14 23:50:10 —-D—- C:\Windows\SysWOW64
2014-06-13 17:36:15 —-D—- C:\Windows\Log
2014-06-13 12:25:43 —-D—- C:\ProgramData\OnlineBackupClient
2014-06-13 12:25:42 —-D—- C:\Windows
2014-06-13 12:25:42 —-D—- C:\Program Files\ArgewebBackup
2014-06-13 11:22:40 —-AD—- C:\ProgramData\Temp
2014-06-13 11:22:35 —-D—- C:\Program Files (x86)\SpywareBlaster
2014-06-13 11:18:35 —-D—- C:\Windows\debug
2014-06-13 08:44:55 —-D—- C:\Windows\winsxs
2014-06-13 08:43:35 —-D—- C:\Windows\system32\drivers
2014-06-13 08:43:34 —-D—- C:\Windows\SYSWOW64\en-US
2014-06-13 08:43:34 —-D—- C:\Program Files\Internet Explorer
2014-06-13 08:43:33 —-D—- C:\Windows\system32\en-US
2014-06-13 08:43:31 —-D—- C:\Windows\system32\DriverStore
2014-06-13 08:43:31 —-D—- C:\Windows\system32\drivers\UMDF
2014-06-12 08:24:25 —-D—- C:\ProgramData\Davilex Business
2014-06-12 08:21:56 —-SD—- C:\Windows\system32\CompatTel
2014-06-12 08:20:26 —-D—- C:\Windows\system32\catroot2
2014-06-12 00:00:01 —-D—- C:\Windows\system32\MRT
2014-06-11 23:57:25 —-A—- C:\Windows\system32\MRT.exe
2014-06-11 19:38:49 —-D—- C:\Windows\system32\catroot
2014-06-11 16:14:08 —-HD—- C:\Config.Msi
2014-06-11 16:14:07 —-D—- C:\ProgramData\Microsoft Help
2014-06-11 14:31:21 —-A—- C:\Windows\Elsevier.ini
2014-06-05 16:53:48 —-RD—- C:\Program Files (x86)
2014-06-05 16:47:23 —-D—- C:\ProgramData\CanonIJPLM
2014-06-05 07:55:30 —-A—- C:\Windows\system32\ServiceFilter.ini
2014-06-04 21:10:54 —-HD—- C:\ProgramData
2014-06-04 17:20:09 —-D—- C:\Users\R. Adelerhof\AppData\Roaming\Belastingdienst
2014-05-23 21:17:06 —-D—- C:\Windows\system32\drivers\NISx64
2014-05-23 21:06:59 —-D—- C:\Program Files\CCleaner
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
R0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMDS64.SYS
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMEFA64.SYS
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140606.001\BHDrvx64.sys
R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140617.001\IDSvia64.sys
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys
R1 RapportCerberus_68261;RapportCerberus_68261; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_68261.sys
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys
R3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys
R3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys
R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys
R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140617.024\ENG64.SYS
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140617.024\EX64.SYS
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys
S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
R2 GsServer;GoodSync Server; C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
R2 OnlineBackupService;OnlineBackupService; C:\Program Files\ArgewebBackup\OnlineBackupService.exe
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
S4 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
—————–EOF—————–
Ben

18-06-2014 14:44

Hallo,
Er is een nieuwe Mbam verwijder de oude, herstart je pc en installeer de nieuwe: http://antivirus.startpagina.nl/prikbord/4625317/voer-dit-eerst-uit-voordat-je-de-logjes-plaatst-(aangepaste-versie-dd-25-03-2014)#msg-4625317
Doe daarna:
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Download Zoek.exe naar het bureaublad.
* Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
* Dubbelklik vervolgens op Zoek.exe om de tool te starten.
* Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
* Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
* Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
firefoxlook;
torpigcheck;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
* Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
* Post het geopende logje in het volgende bericht.
rudi

18-06-2014 16:59

Zoek.exe v5.0.0.0 Updated 16-June-2014
Tool run by R. Adelerhof on wo 18-06-2014 at 16:02:52,16.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\R. Adelerhof\Desktop\zoek.exe
==== Older Logs ======================
C:\zoek-results2014-06-18-134126.log 4595 bytes
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Users\R. Adelerhof\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
==== Deleting Services ======================
==== System Specs ======================
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8078 MB
CPU Info: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
CPU Speed: 2492,7 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce GT 630M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel(R) Centrino(R) Wireless-N 2230 | Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) | Bluetooth Device (Personal Area Network)
CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A DS8A8SH
Ports: COM5 | COM7 | COM4 | COM6 | COM3 LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 198,2GB | D: 906,2GB
Hard Disks - Free: C: 113,7GB | D: 489,1GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 05/23/12 | _ASUS_ - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK COMPUTER INC. N76VM
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated)
Anti-Spyware: Norton Internet Security disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: Norton Internet Security disabled
Internet Explorer Version: 11.0.9600.17126
Mozilla Firefox version: 28.0 (x86 nl)
Adobe Reader version: 11.0.07.79
Flash Player version: 13.0.0.214
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\RF0C2~1.ADE\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-06-12 06:22:46 E227B810296AA27E6C69307A7B6456E5 1389056 —-a-w- C:\Windows\SysWOW64\msxml6.dll
2014-06-12 06:22:46 8B8D1CEF498678CAB9DF17145D34BC64 1237504 —-a-w- C:\Windows\SysWOW64\msxml3.dll
2014-06-12 06:22:45 2E673E776136354ECFB57BFD62E7EC3D 2048 —-a-w- C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 06:22:45 0789F82BAE171323F74B8F175D406AB8 2048 —-a-w- C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 06:22:25 BB9BADED14F0963498855AC28446CED5 51200 —-a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 06:22:25 7E27FB6AB8976897A530FB30F5FF7691 69632 —-a-w- C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 06:22:25 6D8E6A9A524FFAAFA4D2F6C8EF38D0BB 592896 —-a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 06:22:24 0AFCE8EEF3751810FE2101FD608FB8B3 1143296 —-a-w- C:\Windows\SysWOW64\urlmon.dll
2014-06-12 06:22:23 C1F5812F355D0C9495C1B2E7165DA2AF 32256 —-a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 06:22:22 D5ECBB3BFDC73A59440D9CA79AB3A342 17271296 —-a-w- C:\Windows\SysWOW64\mshtml.dll
2014-06-12 06:22:22 8DF06ACA017949D37C38B6A0EF747D4E 526336 —-a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 06:22:22 017B99D09904DCA35D5F66AD79084B5F 368128 —-a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 06:22:21 D9F5B424C307B195E16A9B0A21E53BCC 61952 —-a-w- C:\Windows\SysWOW64\iesetup.dll
2014-06-12 06:22:21 C69FDD49AB9E8BCF2BAAC469CE0CC756 1964544 —-a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 06:22:20 9EAAB4305536829D6B7D9C3A47E92861 2179072 —-a-w- C:\Windows\SysWOW64\iertutil.dll
2014-06-12 06:22:19 E0EA58834CD19FDFCD1BC37B22E1D3D8 43008 —-a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 06:22:19 D36574C287D0764C95AC777DFF367715 32768 —-a-w- C:\Windows\SysWOW64\iernonce.dll
2014-06-12 06:22:18 5B5815477A53ED92B89955FFE7EDCB2E 242688 —-a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 06:22:17 814E0D53EF020BD93097F26B53B573F0 440832 —-a-w- C:\Windows\SysWOW64\ieui.dll
2014-06-12 06:22:17 688227D38A6FF6403B293D0C50B454B9 11725312 —-a-w- C:\Windows\SysWOW64\ieframe.dll
2014-06-12 06:22:17 4D3074AA172DCFD5D56BE764B671085A 2724864 —-a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 06:22:15 CC0077F9C7ACD7E97707DFC763A4EA99 112128 —-a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 06:22:15 C58E97EEB1CB80CE91D5E7FD5E78794F 4244992 —-a-w- C:\Windows\SysWOW64\jscript9.dll
2014-06-12 06:22:15 0AC4E3C93D49E37D5B008ED99092115C 1068032 —-a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 06:22:14 771CDBC3D62437D6DB070820BB1EDCCF 1790976 —-a-w- C:\Windows\SysWOW64\wininet.dll
2014-06-12 06:22:14 22D7FFA4B94916F18EB1F1D107B86839 704512 —-a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 06:22:14 09771ABC896D2A88370F3AB8BADC242E 455168 —-a-w- C:\Windows\SysWOW64\vbscript.dll
2014-06-12 06:22:13 EB960643DC62832C88272573204B6DBA 164864 —-a-w- C:\Windows\SysWOW64\msrating.dll
2014-06-12 06:21:15 A5F833506BF6A1B5D693E1499DEE2444 626688 —-a-w- C:\Windows\SysWOW64\usp10.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-06-12 06:22:47 0E3A7EC2B9590EA7767BBB1823630DEA 2002432 —-a-w- C:\Windows\Sysnative\msxml6.dll
2014-06-12 06:22:46 ECA6AC33BD9E441F7B47D173D715D268 1882112 —-a-w- C:\Windows\Sysnative\msxml3.dll
2014-06-12 06:22:45 3408DD8081DC22858AE2E6ABD2594C02 2048 —-a-w- C:\Windows\Sysnative\msxml6r.dll
2014-06-12 06:22:44 0465A8CFDDB4FFDB569802A70B9443D5 2048 —-a-w- C:\Windows\Sysnative\msxml3r.dll
2014-06-12 06:22:41 EF2D8BBA6E077559B675513BC0EE5FC2 3178496 —-a-w- C:\Windows\Sysnative\rdpcorets.dll
2014-06-12 06:22:41 2147C5330F983D76A36B73F4A804F778 16384 —-a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll
2014-06-12 06:22:23 DA7AAB5D4E5F7160E906C0D2EB9A2B9F 38400 —-a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-06-12 06:22:23 3ED5C9055F7A635399FC12892F565287 48640 —-a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-06-12 06:22:21 D5C446B14DC667B7B9FBB30EA1701D92 2724864 —-a-w- C:\Windows\Sysnative\mshtml.tlb
2014-06-12 06:22:20 DFD834E89B819B5ECE8E251C56B5A3CE 4096 —-a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2014-06-12 06:22:20 3A1AB9DE852F2BC1ECE6403BDD01B9F0 1398272 —-a-w- C:\Windows\Sysnative\urlmon.dll
2014-06-12 06:22:18 BFD3178735D97C858FFA467F8199700C 111616 —-a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-06-12 06:22:18 12BA419E27DBC5DBF9262C8A885FA361 452096 —-a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-06-12 06:22:17 867DD52B23D3B0390B88F3D7AD1E600C 631808 —-a-w- C:\Windows\Sysnative\msfeeds.dll
2014-06-12 06:22:16 EAAA62F272858695814A1F42D5E59BD3 608768 —-a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-06-12 06:22:16 B34D3F303769E65CE7EFBD4E6FB62B25 66048 —-a-w- C:\Windows\Sysnative\iesetup.dll
2014-06-12 06:22:16 3FC3828E8820D1C93DBFBAD4BE456D85 2040832 —-a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-06-12 06:22:15 063EF4239479F52DAF9F4849B0B304F1 2768384 —-a-w- C:\Windows\Sysnative\iertutil.dll
2014-06-12 06:22:14 790FD40601502C5FE8213D4F335DA0BD 51200 —-a-w- C:\Windows\Sysnative\jsproxy.dll
2014-06-12 06:22:13 CE6109C73C3A04CC2B8C6110B0F0FEF9 33792 —-a-w- C:\Windows\Sysnative\iernonce.dll
2014-06-12 06:22:11 CB8A91074AE1B5051E240B50A328DCF5 295424 —-a-w- C:\Windows\Sysnative\dxtrans.dll
2014-06-12 06:22:11 B2C037F50A02D6C057B1E0791BBF41A5 574976 —-a-w- C:\Windows\Sysnative\ieui.dll
2014-06-12 06:22:11 2DBB9127794BC30BC31D26FA088F8BAB 13522944 —-a-w- C:\Windows\Sysnative\ieframe.dll
2014-06-12 06:22:10 CC603EF96BA456D4BCD9FF849ED07A2A 85504 —-a-w- C:\Windows\Sysnative\mshtmled.dll
2014-06-12 06:22:10 A4A58E3171C03A1145D1C3EC488D1B4F 1249280 —-a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2014-06-12 06:22:10 770F067D833DC017CEB8A36A2A1EC942 139264 —-a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-06-12 06:22:10 6B9925F498D4E91FB57576CC3776D428 752640 —-a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-06-12 06:22:09 AB3FA3D9B1F1D0571CBC43D1487CCD6F 5782528 —-a-w- C:\Windows\Sysnative\jscript9.dll
2014-06-12 06:22:09 9013D5BBE1B6D3A060F54B4B5BB2C3A3 846336 —-a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-06-12 06:22:09 2F474D40626B0C694400589F3FBB9AA9 548352 —-a-w- C:\Windows\Sysnative\vbscript.dll
2014-06-12 06:22:08 40BFD9D6EC8E174145F012246CA73CCD 2266112 —-a-w- C:\Windows\Sysnative\wininet.dll
2014-06-12 06:22:07 F343ECB3C683EBD7E3990C03AD680855 940032 —-a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-06-12 06:22:07 8E3C6008250A904C06943BCEA585E344 195584 —-a-w- C:\Windows\Sysnative\msrating.dll
2014-06-12 06:22:06 56803B20D168C1B740D12CE0BE4588F5 23414784 —-a-w- C:\Windows\Sysnative\mshtml.dll
2014-06-12 06:21:23 2C053C9B2A8249F1F9B38ED1AE455771 506368 —-a-w- C:\Windows\Sysnative\aepdu.dll
2014-06-12 06:21:20 84A13AB118F433898B5ABA36E8D7CA91 424448 —-a-w- C:\Windows\Sysnative\aeinv.dll
2014-06-12 06:21:16 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 801280 —-a-w- C:\Windows\Sysnative\usp10.dll
====== C:\Windows\Sysnative\drivers =====
2014-06-18 12:48:28 8A50D5304E6AE48664CF5838EC32F647 122584 —-a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-06-18 12:48:12 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 —-a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-06-18 12:48:12 15E8ABC06843672955CE26A009533BAD 63704 —-a-w- C:\Windows\Sysnative\drivers\mwac.sys
2014-06-12 06:22:50 17F685B67C74B8F7BFED4308790B71DE 288192 —-a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2014-06-12 06:22:50 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 —-a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2014-06-04 19:11:49 70191BDDFE486FA3C9F588CDCE3C408C 358552 —-a-w- C:\Windows\Sysnative\drivers\RapportKE64.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-06-04 19:11:34 ——– d—–w- C:\PROGRA~2\Trusteer
======= C: =====
====== C:\Users\R. Adelerhof\AppData\Roaming ======
2014-06-10 06:31:16 ——– d—–w- C:\Users\Default\AppData\Local\Trusteer
2014-06-10 06:31:16 ——– d—–w- C:\Users\Default User\AppData\Local\Trusteer
2014-06-05 07:04:03 ——– d—–w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Trusteer
2014-06-04 19:12:02 ——– d—–w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Trusteer
2014-06-04 19:11:37 ——– d—–w- C:\Users\RF0C2~1.ADE\AppData\Local\Trusteer
2014-06-04 19:11:37 ——– d—–w- C:\Users\R. Adelerhof\AppData\Local\Trusteer
====== C:\Users\R. Adelerhof ======
2014-06-04 19:11:35 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging
2014-06-04 19:10:54 ——– d—–w- C:\ProgramData\Trusteer
2014-05-23 16:23:16 ——– d—–r- C:\Windows\SysNative\config\systemprofile\Searches
====== C: exe-files ==
2014-06-18 12:47:18 E90BF9E1562F40140161573B79CD5720 17292760 —-a-w- C:\Users\R. Adelerhof\Desktop\Virusscanners e.d\mbam-setup-2.0.2.1012.exe
2014-06-18 12:30:39 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 —-a-w- C:\Users\R. Adelerhof\Desktop\Virusscanners e.d\RSITx64.exe
2014-06-13 10:24:56 D1707C1B919EF0D5B5C87D807CA4A2BE 27680 —-a-w- C:\Program Files\ArgewebBackup\ServiceStopper.exe
2014-06-13 10:24:55 6D667866AFC77D28833AC5D71DEFCDFE 93216 —-a-w- C:\Program Files\ArgewebBackup\DotNetChecker.exe
2014-06-13 10:24:55 53109CFF7C2CB2967E675982B90E8B70 64544 —-a-w- C:\Program Files\ArgewebBackup\OnlineBackupService.exe
2014-06-13 10:24:55 1F153AC2AC3E14C7EBADA20841FB1A76 1408032 —-a-w- C:\Program Files\ArgewebBackup\OnlineBackupClient.exe
2014-06-13 10:24:51 D7370A883CE1403C1350D23CDCDE8EFA 285728 —-a-w- C:\Program Files\ArgewebBackup\CloudBackup.Console.exe
2014-06-13 10:19:49 42F24559E8C472F6FF745BB7C5465FB2 1333465 —-a-w- C:\Users\R. Adelerhof\Desktop\Virusscanners e.d\AdwCleaner.exe
2014-06-12 06:22:24 4F2AA3E7BD7257E4937E071E3700819E 810200 —-a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-06-12 06:22:24 4AFAE8BAF6E85311AD78395C47351A1D 222720 —-a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-06-12 06:22:21 60F88F6CA6303E8273AF7AAA9AAFECAC 812248 —-a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-06-12 06:22:21 50989AAF09CDCEBC0FD8EB0FE79C2A98 470016 —-a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-06-12 06:22:21 4076E62E061769E42186AE860007FA08 222720 —-a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2014-06-12 06:22:18 BFD3178735D97C858FFA467F8199700C 111616 —-a-w- C:\Windows\System32\ieetwcollector.exe
2014-06-12 06:22:16 EAAA62F272858695814A1F42D5E59BD3 608768 —-a-w- C:\Windows\System32\ie4uinit.exe
2014-06-12 06:22:16 159C5979C61F51EEFC84D9AB17C4E0E7 482816 —-a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-06-12 06:22:15 CC0077F9C7ACD7E97707DFC763A4EA99 112128 —-a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 06:22:10 770F067D833DC017CEB8A36A2A1EC942 139264 —-a-w- C:\Windows\System32\ieUnatt.exe
2014-06-12 06:22:07 F343ECB3C683EBD7E3990C03AD680855 940032 —-a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-12 06:21:23 EF15B0554634BD981BB718E9BF6EE891 46784 —-a-w- C:\Windows\System32\CompatTel\wicainventory.exe
2014-06-12 06:21:23 511E0519B437C263E95EA46330312B7F 172224 —-a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe
=== C: other files ==
2014-06-18 12:48:28 8A50D5304E6AE48664CF5838EC32F647 122584 —-a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-18 12:48:12 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 —-a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-18 12:48:12 15E8ABC06843672955CE26A009533BAD 63704 —-a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-16 06:50:11 34DEF0785C6EB8BB10772C84521CFF47 77408 —-a-w- C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S3XZ5OFM\nos.zip
2014-06-16 06:50:11 046F694DD648721D3322596ACA050EE0 77406 —-a-w- C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S3XZ5OFM\nos.zip
2014-06-16 06:49:31 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LBRFX27C\nos.zip
2014-06-16 06:49:30 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LBRFX27C\nos.zip
2014-06-16 06:49:30 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LBRFX27C\nos.zip
2014-06-16 06:49:30 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LBRFX27C\nos.zip
2014-06-16 06:49:30 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LBRFX27C\nos.zip
2014-06-16 06:49:30 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LBRFX27C\nos.zip
2014-06-16 06:49:30 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LBRFX27C\nos.zip
2014-06-13 10:24:56 D13CB38C1DB93FC72033768D04B94814 85 —-a-w- C:\Program Files\ArgewebBackup\WinService_Install.bat
2014-06-13 10:24:56 C79AFBAC3F1D8C2C17EE795423B0A566 496 —-a-w- C:\Program Files\ArgewebBackup\WinService_Uninstall.bat
2014-06-12 06:22:50 17F685B67C74B8F7BFED4308790B71DE 288192 —-a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-06-12 06:22:50 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 —-a-w- C:\Windows\System32\drivers\tcpip.sys
==== Startup Registry Enabled ======================
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“ASUSPRP”=“C:\Program Files (x86)\ASUS\APRP\APRP.EXE”
“ASUSWebStorage”=“C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S”
“USB3MON”=“C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
“ATKOSD2”=“C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe”
“ATKMEDIA”=“C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe”
“HControlUser”=“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe”
“ASUS InstantKey”=“C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe”
“Wireless Console 3”=“C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe”
“RemoteControl10”=“C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe”
“UpdatePSTShortCut”=“C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Cyberlink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter”
“BCSSync”=“C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices”
“TkBellExe”=“C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe -osboot”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“CanonSolutionMenuEx”=“C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon”
“AppInit_DLLs”=“ C:\\Windows\\SysWOW64\\nvinit.dll”
==== Startup Registry Enabled x64 ======================
“IgfxTray”=“C:\Windows\system32\igfxtray.exe”
“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe”
“RtHDVBg”=“C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 ”
“BLEServicesCtrl”=“C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe”
“BTMTrayAgent”=“rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp”
“AmIcoSinglun64”=“C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe”
“ETDCtrl”=“%ProgramFiles%\Elantech\ETDCtrl.exe ”
“AppInit_DLLs”=“ C:\\Windows\\SysWOW64\\nvinit.dll C:\\Windows\\SysWOW64\\nvinit.dll,C:\\Windows\\system32\\nvinitx.dll”
==== Startup Registry Disabled x64 ======================
“command”=“C:\\Program Files (x86)\\ASUS\\Splendid\\ACMON.exe”
“hkey”=“HKLM”
“item”=“ACMON”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“C:\\Windows\\AsScrPro.exe”
“hkey”=“HKLM”
“item”=“ASUS Screen Saver Protector”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“\”C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\“”
“hkey”=“HKLM”
“item”=“CLMLServer”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s”
“hkey”=“HKLM”
“item”=“RTHDVCPL”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Dropbox”
“path”=“C:\\Users\\R. Adelerhof\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk”
“backup”=“C:\\Windows\\pss\\Dropbox.lnk.Startup”
“backupExtension”=“.Startup”
“command”=“C:\\Users\\RF0C2~1.ADE\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe”
“item”=“OneNote 2010 Schermopname en Snel starten”
“path”=“C:\\Users\\R. Adelerhof\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2010 Schermopname en Snel starten.lnk”
“backup”=“C:\\Windows\\pss\\OneNote 2010 Schermopname en Snel starten.lnk.Startup”
“backupExtension”=“.Startup”
“command”=“C:\\PROGRA~2\\MICROS~1\\Office14\\ONENOTEM.EXE”
==== Startup Folders ======================
2012-02-24 02:50:52 2062 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job –a——
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job –a—— C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\4Team updater”
“C:\Windows\SysNative\tasks\Adobe Flash Player Updater”
“C:\Windows\SysNative\tasks\ASUS Live Update”
“C:\Windows\SysNative\tasks\ASUS P4G”
“C:\Windows\SysNative\tasks\ASUS Quick Gesture”
“C:\Windows\SysNative\tasks\ASUS Quick Gesture (x64)”
“C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor”
“C:\Windows\SysNative\tasks\ASUS USB Charger Plus”
“C:\Windows\SysNative\tasks\ATKOSD2”
“C:\Windows\SysNative\tasks\CCleanerSkipUAC”
“C:\Windows\SysNative\tasks\CreateChoiceProcessTask”
“C:\Windows\SysNative\tasks\DeviceDetector”
“C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d”
“C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon”
“C:\Windows\SysNative\tasks\Norton WSC Integration”
“C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\SidebarExecute”
“C:\Windows\SysNative\tasks\User_Feed_Synchronization-{72EEAF20-EAE3-4992-80A1-48B0BFD70261}”
“C:\Windows\SysNative\tasks\{182146CF-EA83-4BE9-A6F9-02722294562C}”
“C:\Windows\SysNative\tasks\{233FF460-1F07-4BAE-B6F9-C0EA14035AB6}”
“C:\Windows\SysNative\tasks\{23D0B590-D599-4077-97AB-E3921214939C}”
“C:\Windows\SysNative\tasks\{2E84014D-1418-4507-8ED4-B00C19C43379}”
“C:\Windows\SysNative\tasks\{410854BA-2A3A-420B-9C71-570E72DA0784}”
“C:\Windows\SysNative\tasks\{4912F5E4-A75B-4275-B5F7-1E84E7B84933}”
“C:\Windows\SysNative\tasks\{6F9CAABE-D315-4AA3-A1EC-A80F66B4DFE3}”
“C:\Windows\SysNative\tasks\{8882AB83-EAB3-4F23-895B-FA0093EC1C3B}”
“C:\Windows\SysNative\tasks\{8A95D8A6-EE2D-4F79-8F84-809D98805F0D}”
“C:\Windows\SysNative\tasks\{8D7E82B6-9724-4709-A885-98FC41112896}”
“C:\Windows\SysNative\tasks\{93B7C62F-685C-4375-9427-0C6FD30687CC}”
“C:\Windows\SysNative\tasks\{98AE72B5-C153-4250-9A46-01480FC781C9}”
“C:\Windows\SysNative\tasks\{B2CE391C-84BA-4D7A-A473-B0384DA80445}”
“C:\Windows\SysNative\tasks\{D9534966-C615-40FF-B1C9-765E72F1F810}”
“C:\Windows\SysNative\tasks\{DA9A8E03-F444-49E6-8C32-7346EEBF67CF}”
“C:\Windows\SysNative\tasks\{DB88E81A-6052-4A11-AC51-2FD31D74953D}”
“C:\Windows\SysNative\tasks\{DE2524CA-8994-44C1-8E6C-2B5DA65E3856}”
“C:\Windows\SysNative\tasks\{EDFC3F20-46CA-4EA3-9176-B31AD7695127}”
“C:\Windows\SysNative\tasks\{F8567E27-5B33-4149-A257-DBB06025E3FD}”
“C:\Windows\SysNative\tasks\{FDAC3EEE-02E5-43DC-A0DA-882CAC7ABF25}”
“C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer”
“C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor”
“C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask”
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2013-12-30 13:14:18 ——– dc-h–w- C:\PROGRA~3\{34CB5522-9D78-4A04-AFBF-49AECC57C33E}
2014-03-12 06:54:19 ——– d—–w- C:\PROGRA~3\CanonIJWSpt
2014-03-12 06:56:34 ——– d–h–w- C:\PROGRA~3\CanonIJSolutionMenuEX
2014-03-12 06:57:03 ——– d–h–w- C:\PROGRA~3\CanonIJEGV
2014-03-12 07:08:28 ——– d—–w- C:\PROGRA~3\CanonIJPLM
2014-03-12 07:10:41 ——– d–h–w- C:\PROGRA~3\CanonIJScan
2014-03-12 07:11:19 ——– d—–w- C:\PROGRA~3\CanonIJ
2014-06-04 19:10:54 ——– d—–w- C:\PROGRA~3\Trusteer
==== Firefox Extensions Registry ======================
“{BBDA0591-3099-440a-AA10-41764D9DB4DB}”=“C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF”
==== Firefox Extensions ======================
ProfilePath: C:\Users\RF0C2~1.ADE\AppData\Roaming\Mozilla\Firefox\Profiles\dusbzwjy.default
- Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
- Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
- Fastest Facebook - %ProfilePath%\extensions\{288479BE-1B9E-11E2-80EA-F3246188709B}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\R. Adelerhof\AppData\Roaming\Mozilla\Firefox\Profiles\dusbzwjy.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit)
0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit)
06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit)
558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://antivirus.startpagina.nl/prikbord/”
No DefaultScope Set For HKCU
New Values:
“Start Page”=“http://antivirus.startpagina.nl/prikbord/”
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{4013E288-A676-4E64-84AC-BD02F8907908} Vinden.nl Url=“http://www.vinden.nl/?refer=opensearch&q={searchTerms}”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
{9F1E6B77-8689-4784-A4FB-FDFA0DB933C9} Bing Url=“http://www.bing.com/search?q={searchTerms}&r=893”
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\ASUS\APRP\APRP.EXE”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe” “C:\Program Files (x86)\Cyberlink\DVD Suite” UpdateWithCreateOnce “Software\CyberLink\PowerStarter”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKLM\..\Run: “C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe” -osboot
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OnlineBackupService - CloudBackup - C:\Program Files\ArgewebBackup\OnlineBackupService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\RF0C2~1.ADE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\RF0C2~1.ADE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\R. Adelerhof\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\RF0C2~1.ADE\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\RF0C2~1.ADE\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on wo 18-06-2014 at 16:56:52,90 ======================
Ben

18-06-2014 17:10

Hallo,
Dat ziet er netjes uit, hoe gaat het hierna?
rudi

18-06-2014 17:15

Hij is net dat tikkie weer sneller dan dat ik miste
Ouderwets goed dus
Bedankt Ben(tu)
Ben

18-06-2014 17:19

Halo Rudi,
Je mag Zoek.exe met bijbehorende logjes weer verwijderen.
Bedankt en graag gedaan.
rudi

18-06-2014 17:30

Dank je!!
fazantje

25-06-2014 20:22

Omdat dit topic is opgelost word het gesloten.
Wilt U Uw topic als nog weer openen, stuur dan een privé bericht naar Ben of Huib (fazantje).
Zij zullen dan het “slotje” er van af halen en het topic is weer geopend
Het AV team.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Lappie is wat trager

rudi

rudi

rudi

Ben

rudi

Ben

rudi

Ben

rudi

fazantje