Vanmiddag systeemherstel moeten doen

rudi

08-08-2014 19:36

Lappie sloeg volkomen vast, was niet meer op te starten behalve in veilige mudus. Eset-online heeft inmiddels e.e.a. gevonden en verwijderd: Hierbij wat logjes. Bedankt alvast
Logfile of random's system information tool 1.10 (written by random/random)
Run by R. Adelerhof at 2014-08-08 19:33:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 110 GB (54%) free of 203 GB
Total RAM: 8078 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:25, on 8-8-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\R. Adelerhof.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.vinden.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://antivirus.startpagina.nl/prikbord/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\ASUS\APRP\APRP.EXE”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe” “C:\Program Files (x86)\Cyberlink\DVD Suite” UpdateWithCreateOnce “Software\CyberLink\PowerStarter”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: “c:\program files (x86)\real\realplayer\Update\realsched.exe” -osboot
O4 - HKCU\..\Run: C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE /EPT “EPLTarget\P0000000000000000” /M “XP-412 413 415 Series”
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = ?
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:/Program Files/Siber Systems/GoodSync/gs-server.exe
O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OnlineBackupService - CloudBackup - C:\Program Files\ArgewebBackup\OnlineBackupService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
–
End of file - 16993 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
“C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe” /service
“C:\Windows\system32\nvvsvc.exe”
“C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe”
C:\Windows\system32\svchost.exe -k RPCSS
“C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe”
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
“C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe”
/QuitInfo:0000000000000244;0000000000000248; /AddRef;
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
“C:\Windows\system32\FBAgent.exe”
C:\Windows\system32\WLANExt.exe 27121184
\??\C:\Windows\system32\conhost.exe "-423456236924657418237843755-12849566461022651714911728-13315428711067491225
“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe”
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
“taskhost.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe”
taskeng.exe {608ED8C0-C43C-46E7-9938-C92BEF0F462E}
/QuitInfo:00000000000004B4;00000000000004D8; /AddRef;
/QuitInfo:00000000000001D0;00000000000004E0;
“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”
“C:\Windows\system32\Dwm.exe”
ATKOSD.exe
“C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe”
taskeng.exe {8D860AEF-9B7F-4A06-809E-2E56C0C7FB2A}
C:\Windows\Explorer.EXE
“C:\Program Files\ASUS\P4G\BatteryLife.exe”
/loadhooks /Parent:00000000000008A4
“C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe”
“C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe”
“C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe”
“C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe”
“C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe”
“C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe”
C:\Windows\system32\svchost.exe -k bthsvcs
KBFiltr.exe
“C:\Program Files\Intel\WiFi\bin\EvtEng.exe”
“C:/Program Files/Siber Systems/GoodSync/gs-server.exe” /service
“C:\Program Files (x86)\ASUS\Splendid\ACMON.exe”
WDC.exe
“C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE”
“C:\Program Files\Intel\iCLS Client\HeciServer.exe”
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe”
“C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe” -sMSSQLSERVER
C:\Windows\System32\svchost.exe -k HPZ12
“C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe” /s “NIS” /m “C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\diMaster.dll” /prefetch:1
“C:\Program Files\ArgewebBackup\OnlineBackupService.exe”
“C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe” /c /a /s UserSession2
“C:\Windows\AsScrPro.exe”
C:\Windows\System32\svchost.exe -k HPZ12
“C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe”
“c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe”
“C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe”
“C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe”
“C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe”
C:\Windows\system32\svchost.exe -k imgsvc
“C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”
“C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe” -servicelaunch=true
“C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe”
“C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe”
WLIDSvcM.exe 1396
“C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe”
“C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe”
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe” -s
“C:\Windows\System32\igfxtray.exe”
“C:\Windows\System32\hkcmd.exe”
“C:\Program Files\Elantech\ETDCtrl.exe”
C:\Windows\system32\SearchIndexer.exe /Embedding
“C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe” /MAXX3
“C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe”
“C:\Windows\System32\rundll32.exe” “C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll”,TrayApp
“C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe”
“C:\Windows\System32\spool\drivers\x64\3\E_IATILEE.EXE” /EPT “EPLTarget\P0000000000000000” /M “XP-412 413 415 Series”
“C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe”
“C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe”
“C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
“C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe”
C:\Windows\system32\wbem\unsecapp.exe -Embedding
“C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe” -Embedding
“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe”
C:\Windows\system32\wbem\wmiprvse.exe
“C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe”
“C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe”
“C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE” /logon
“C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe” -osboot
“C:\Program Files\Elantech\ETDCtrlHelper.exe”
“C:\Program Files\Elantech\ETDGesture.exe”
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
“C:/Program Files/NVIDIA Corporation/Display/nvtray.exe” -user_has_logged_in 1
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
“C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe”
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
“C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe”
“C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe”
“C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe”
“C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe” /DisableUI
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe”
“C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe”
“C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe”
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
“C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe”
“C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE”
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe128_ Global\UsGthrCtrlFltPipeMssGthrPipe128 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon”
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3085899422-3526582053-2542983109-1001129_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3085899422-3526582053-2542983109-1001129 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon” “1”
“C:\Windows\system32\SearchFilterHost.exe” 0 528 532 540 65536 536
“C:\Users\R. Adelerhof\Desktop\Virusscanners e.d\RSITx64.exe”
“C:\Users\R. Adelerhof\Desktop\Virusscanners e.d\RSITx64.exe”
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
“C:\Program Files\Internet Explorer\IEXPLORE.EXE”
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:4024 CREDAT:267521 /prefetch:2
“C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe” /bgrecordhelpersvc
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\EPSON XP-412 413 415 Series Invitation {B0278138-7A80-429B-B4BD-E9BC2666F53C}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:“{B0278138-7A80-429B-B4BD-E9BC2666F53C}” /F:“Invitation”
C:\Windows\tasks\EPSON XP-412 413 415 Series Update {B0278138-7A80-429B-B4BD-E9BC2666F53C}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:“{B0278138-7A80-429B-B4BD-E9BC2666F53C}” /F:“Update”
=========Mozilla firefox=========
ProfilePath - C:\Users\R. Adelerhof\AppData\Roaming\Mozilla\Firefox\Profiles\dusbzwjy.default
prefs.js - “browser.search.useDBForOrder” - true
prefs.js - “browser.startup.homepage” - “about:home”
“Description”=Adobe® Flash® Player 14.0.0.145 Plugin
“Path”=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
“Description”=Intel IPT WebApi plugin
“Path”=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
“Description”=This plugin updates Intel WebAPI component
“Path”=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
“Description”=Office Authorization plug-in for NPAPI browsers
“Path”=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
“Description”=Microsoft SharePoint Plug-in for Firefox
“Path”=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=NVIDIA stereo images plugin for Mozilla browsers
“Path”=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
“Description”=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
“Path”=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
“Description”=RealPlayer™ LiveConnect-Enabled Plug-In
“Path”=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
“Description”=RealPlayer Video Downloader (32-bit)
“Path”=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
“Description”=RealPlayer Video Downloader for HTML5 (32-bit)
“Path”=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
“Description”=RealPlayer Video Downloader for PepperFlash (32-bit)
“Path”=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
“Description”=RealPlayer Download Plugin
“Path”=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
“Description”=Adobe® Flash® Player 14.0.0.145 Plugin
“Path”=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
“Description”=Office Authorization plug-in for NPAPI browsers
“Path”=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
rudi

08-08-2014 19:37

“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“MSVideo8”=VfWWDM32.dll
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“wave2”=wdmaud.drv
“midi2”=wdmaud.drv
“mixer2”=wdmaud.drv
“wave3”=wdmaud.drv
“midi3”=wdmaud.drv
“mixer3”=wdmaud.drv
“wave4”=wdmaud.drv
“midi4”=wdmaud.drv
“mixer4”=wdmaud.drv
“wave5”=wdmaud.drv
“midi5”=wdmaud.drv
“mixer5”=wdmaud.drv
“wave6”=wdmaud.drv
“midi6”=wdmaud.drv
“mixer6”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2014-07-09 11:21:24 —-D—- C:\Program Files\Common Files\EPSON
2014-07-09 11:21:21 —-D—- C:\ProgramData\EPSON
2014-07-09 11:21:07 —-A—- C:\Windows\system32\E_GCINST.DLL
2014-07-09 11:21:06 —-A—- C:\Windows\system32\E_ILMBLEE.DLL
2014-07-09 11:21:05 —-A—- C:\Windows\system32\E_ID4BLEE.DLL
2014-07-09 08:39:29 —-A—- C:\Windows\system32\aepdu.dll
2014-07-09 08:39:27 —-A—- C:\Windows\system32\aeinv.dll
2014-07-09 08:39:02 —-A—- C:\Windows\system32\win32k.sys
2014-07-09 08:39:01 —-A—- C:\Windows\SYSWOW64\osk.exe
2014-07-09 08:39:01 —-A—- C:\Windows\system32\osk.exe
2014-07-09 08:38:59 —-A—- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 08:38:59 —-A—- C:\Windows\system32\qedit.dll
2014-07-09 08:38:58 —-A—- C:\Windows\system32\drivers\afd.sys
2014-07-09 08:38:47 —-A—- C:\Windows\SYSWOW64\kerberos.dll
2014-07-09 08:38:47 —-A—- C:\Windows\system32\schannel.dll
2014-07-09 08:38:46 —-A—- C:\Windows\SYSWOW64\schannel.dll
2014-07-09 08:38:46 —-A—- C:\Windows\system32\kerberos.dll
2014-07-09 08:38:45 —-A—- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-09 08:38:45 —-A—- C:\Windows\system32\wdigest.dll
2014-07-09 08:38:45 —-A—- C:\Windows\system32\ncrypt.dll
2014-07-09 08:38:45 —-A—- C:\Windows\system32\msv1_0.dll
2014-07-09 08:38:44 —-A—- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-09 08:38:44 —-A—- C:\Windows\system32\TSpkg.dll
2014-07-09 08:38:43 —-A—- C:\Windows\SYSWOW64\wdigest.dll
2014-07-09 08:38:43 —-A—- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-09 08:38:42 —-A—- C:\Windows\SYSWOW64\credssp.dll
2014-07-09 08:38:42 —-A—- C:\Windows\system32\credssp.dll
2014-07-09 08:38:14 —-A—- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-09 08:38:14 —-A—- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 08:38:14 —-A—- C:\Windows\system32\iernonce.dll
2014-07-09 08:38:13 —-A—- C:\Windows\SYSWOW64\urlmon.dll
2014-07-09 08:38:13 —-A—- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-09 08:38:12 —-A—- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 08:38:12 —-A—- C:\Windows\SYSWOW64\iernonce.dll
2014-07-09 08:38:12 —-A—- C:\Windows\system32\ieetwproxystub.dll
2014-07-09 08:38:12 —-A—- C:\Windows\system32\iedkcs32.dll
2014-07-09 08:38:11 —-A—- C:\Windows\SYSWOW64\mshtml.dll
2014-07-09 08:38:11 —-A—- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-09 08:38:11 —-A—- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-09 08:38:11 —-A—- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 08:38:09 —-A—- C:\Windows\SYSWOW64\iesetup.dll
2014-07-09 08:38:09 —-A—- C:\Windows\SYSWOW64\iertutil.dll
2014-07-09 08:38:09 —-A—- C:\Windows\system32\urlmon.dll
2014-07-09 08:38:08 —-A—- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-09 08:38:08 —-A—- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-09 08:38:08 —-A—- C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 08:38:07 —-A—- C:\Windows\SYSWOW64\ieui.dll
2014-07-09 08:38:07 —-A—- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-09 08:38:07 —-A—- C:\Windows\system32\ieetwcollector.exe
2014-07-09 08:38:07 —-A—- C:\Windows\system32\dxtmsft.dll
2014-07-09 08:38:06 —-A—- C:\Windows\SYSWOW64\ieframe.dll
2014-07-09 08:38:06 —-A—- C:\Windows\system32\msfeeds.dll
2014-07-09 08:38:06 —-A—- C:\Windows\system32\ie4uinit.exe
2014-07-09 08:38:05 —-A—- C:\Windows\system32\iesetup.dll
2014-07-09 08:38:05 —-A—- C:\Windows\system32\iertutil.dll
2014-07-09 08:38:04 —-A—- C:\Windows\SYSWOW64\vbscript.dll
2014-07-09 08:38:04 —-A—- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 08:38:04 —-A—- C:\Windows\SYSWOW64\jscript9.dll
2014-07-09 08:38:04 —-A—- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-09 08:38:03 —-A—- C:\Windows\SYSWOW64\wininet.dll
2014-07-09 08:38:03 —-A—- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-09 08:38:03 —-A—- C:\Windows\system32\jsproxy.dll
2014-07-09 08:38:02 —-A—- C:\Windows\SYSWOW64\msrating.dll
2014-07-09 08:38:02 —-A—- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-09 08:38:01 —-A—- C:\Windows\system32\ieui.dll
2014-07-09 08:38:01 —-A—- C:\Windows\system32\ieframe.dll
2014-07-09 08:38:01 —-A—- C:\Windows\system32\dxtrans.dll
2014-07-09 08:38:00 —-A—- C:\Windows\system32\mshtmlmedia.dll
2014-07-09 08:38:00 —-A—- C:\Windows\system32\mshtmled.dll
2014-07-09 08:38:00 —-A—- C:\Windows\system32\jscript9diag.dll
2014-07-09 08:38:00 —-A—- C:\Windows\system32\ieUnatt.exe
2014-07-09 08:37:59 —-A—- C:\Windows\system32\vbscript.dll
2014-07-09 08:37:59 —-A—- C:\Windows\system32\jscript9.dll
2014-07-09 08:37:59 —-A—- C:\Windows\system32\ieapfltr.dll
2014-07-09 08:37:58 —-A—- C:\Windows\system32\wininet.dll
2014-07-09 08:37:58 —-A—- C:\Windows\system32\msrating.dll
2014-07-09 08:37:58 —-A—- C:\Windows\system32\MshtmlDac.dll
2014-07-09 08:37:57 —-A—- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 08:37:57 —-A—- C:\Windows\system32\mshtml.dll
2014-07-09 08:37:49 —-A—- C:\Windows\system32\lsasrv.dll
2014-07-09 08:37:48 —-A—- C:\Windows\SYSWOW64\sspicli.dll
2014-07-09 08:37:48 —-A—- C:\Windows\SYSWOW64\secur32.dll
======List of files/folders modified in the last 1 month======
2014-08-08 19:33:22 —-D—- C:\Program Files\trend micro
2014-08-08 19:28:13 —-D—- C:\Windows\Temp
2014-08-08 19:27:49 —-D—- C:\Windows\system32\NDF
2014-08-08 19:21:01 —-D—- C:\Windows\system32\FxsTmp
2014-08-08 17:39:03 —-D—- C:\Windows\CryptoGuard
2014-08-08 17:22:31 —-D—- C:\Windows\system32\config
2014-08-08 17:11:58 —-SHD—- C:\System Volume Information
2014-08-08 16:49:03 —-D—- C:\Users\R. Adelerhof\AppData\Roaming\GoodSync
2014-08-08 16:26:12 —-D—- C:\Windows
2014-08-08 16:02:48 —-D—- C:\AdwCleaner
2014-08-08 16:00:46 —-AD—- C:\ProgramData\Temp
2014-08-08 16:00:43 —-D—- C:\Program Files (x86)\SpywareBlaster
2014-08-08 15:52:13 —-D—- C:\Windows\System32
2014-08-08 15:52:13 —-D—- C:\Windows\inf
2014-08-08 15:52:13 —-A—- C:\Windows\system32\PerfStringBackup.INI
2014-08-08 15:49:00 —-D—- C:\Windows\system32\drivers\NISx64
2014-08-08 15:47:06 —-A—- C:\Windows\SYSWOW64\log.txt
2014-08-08 15:45:22 —-D—- C:\Windows\system32\Tasks
2014-08-08 15:44:55 —-D—- C:\ProgramData\NVIDIA
2014-08-08 15:44:51 —-D—- C:\Windows\system32\wbem
2014-08-08 15:44:27 —-HD—- C:\Windows\system32\WLANProfiles
2014-08-08 15:44:27 —-D—- C:\Windows\winsxs
2014-08-08 15:44:27 —-D—- C:\Windows\Tasks
2014-08-08 15:44:27 —-D—- C:\Windows\SYSWOW64\nl-NL
2014-08-08 15:44:27 —-D—- C:\Windows\SysWOW64
2014-08-08 15:44:27 —-D—- C:\Windows\system32\wfp
2014-08-08 15:44:27 —-D—- C:\Windows\system32\nl-NL
2014-08-08 15:44:27 —-D—- C:\Windows\system32\DriverStore
2014-08-08 15:44:27 —-D—- C:\Windows\system32\drivers\UMDF
2014-08-08 15:44:27 —-D—- C:\Windows\system32\drivers
2014-08-08 15:44:27 —-D—- C:\Windows\system32\CodeIntegrity
2014-08-08 15:44:27 —-D—- C:\Windows\system32\catroot2
2014-08-08 15:44:23 —-D—- C:\ProgramData\P4G
2014-08-08 15:44:23 —-D—- C:\ProgramData\Norton
2014-08-08 15:44:19 —-D—- C:\Windows\system32\catroot
2014-08-08 15:44:19 —-D—- C:\Windows\registration
2014-08-08 15:44:13 —-RD—- C:\Program Files (x86)
2014-08-08 15:44:13 —-D—- C:\ProgramData\Real
2014-08-08 15:44:12 —-RHD—- C:\MSOCache
2014-08-08 15:44:12 —-D—- C:\Elsevier
2014-08-07 09:43:43 —-D—- C:\Users\R. Adelerhof\AppData\Roaming\Belastingdienst
2014-08-01 22:08:34 —-D—- C:\ProgramData\CanonIJPLM
2014-07-31 15:08:24 —-D—- C:\ProgramData\Davilex Business
2014-07-29 13:29:58 —-D—- C:\Program Files (x86)\Internet Explorer
2014-07-26 11:02:58 —-D—- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-26 11:02:58 —-D—- C:\Program Files (x86)\Mozilla Firefox
2014-07-25 13:25:20 —-D—- C:\Windows\zh-TW
2014-07-25 12:30:58 —-D—- C:\Program Files\CCleaner
2014-07-25 07:43:47 —-D—- C:\Program Files\Microsoft Silverlight
2014-07-25 07:43:47 —-D—- C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 22:01:15 —-SHD—- C:\Windows\Installer
2014-07-24 22:01:14 —-HD—- C:\Config.Msi
2014-07-11 11:32:42 —-D—- C:\Windows\debug
2014-07-10 08:33:22 —-A—- C:\Windows\system32\AutoRunFilter.ini
2014-07-09 17:18:25 —-A—- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-09 11:21:24 —-D—- C:\Program Files\Common Files
2014-07-09 11:21:21 —-HD—- C:\ProgramData
2014-07-09 09:01:06 —-SD—- C:\Windows\system32\CompatTel
2014-07-09 09:01:06 —-D—- C:\Windows\SYSWOW64\Dism
2014-07-09 09:01:06 —-D—- C:\Windows\system32\Dism
2014-07-09 09:01:06 —-D—- C:\Program Files\Windows Journal
2014-07-09 09:01:05 —-D—- C:\Windows\SYSWOW64\en-US
2014-07-09 09:01:05 —-D—- C:\Windows\system32\en-US
2014-07-09 09:01:05 —-D—- C:\Windows\ehome
2014-07-09 09:01:05 —-D—- C:\Program Files\Internet Explorer
2014-07-09 08:46:08 —-D—- C:\ProgramData\Microsoft Help
2014-07-09 08:44:26 —-D—- C:\Windows\system32\MRT
2014-07-09 08:41:46 —-A—- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
R0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1504000.00D\SYMDS64.SYS
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1504000.00D\SYMEFA64.SYS
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001_ddf\BHDrvx64.sys
R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140808.001_e86\IDSvia64.sys
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys
R1 RapportCerberus_69875;RapportCerberus_69875; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_69875.sys
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
R2 hmpalert;HitmanPro.Alert Support Driver; C:\Windows\System32\drivers\hmpalert.sys
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys
R3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys
R3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys
R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys
R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140807.025_e0a\ENG64.SYS
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140807.025_e0a\EX64.SYS
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys
S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys
S3 EraserUtilDrv11313;EraserUtilDrv11313; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
R2 GsServer;GoodSync Server; C:/Program Files/Siber Systems/GoodSync/gs-server.exe /service
R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
R2 OnlineBackupService;OnlineBackupService; C:\Program Files\ArgewebBackup\OnlineBackupService.exe
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
R2 RealPlayer Cloud Service;RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
R2 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
S4 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
—————–EOF—————–
rudi

08-08-2014 19:43

Malwarebytes Anti-Malware
www.malwarebytes.org
Scandatum: 8-8-2014
Scantijd: 19:15:04
Logbestand: MB.txt
Beheerder: Ja
Versie: 2.00.2.1012
Malwaredatabase: v2014.08.08.05
Rootkitdatabase: v2014.08.04.01
Licentie: Gratis
Malwarebescherming: Uitgeschakeld
Kwaadaardige Website Bescherming: Uitgeschakeld
Self-protection: Uitgeschakeld
Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: R. Adelerhof
Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten Gescand: 352682
Verstreken Tijd: 7 m, 17 s
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Uitgeschakeld
Heuristics: Ingeschakeld
POP: Waarschuwen
POA: Ingeschakeld
Processen: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registersleutels: 0
(No malicious items detected)
Registerwaardes: 0
(No malicious items detected)
Registerdata: 0
(No malicious items detected)
Mappen: 0
(No malicious items detected)
Bestanden: 0
(No malicious items detected)
Fysieke Sectoren: 0
(No malicious items detected)
(end)
Ben

08-08-2014 19:50

Hallo,
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Download Zoek.exe naar het bureaublad.
* Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
* Dubbelklik vervolgens op Zoek.exe om de tool te starten.
* Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
* Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
* Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
firefoxlook;
torpigcheck;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
* Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
* Post het geopende logje in het volgende bericht.
fazantje

08-08-2014 20:58

Hey Ben,
Ben je alweer terug van vakantie?
Je zou morgen toch thuis komen?
Groetjes Huib;)
rudi

08-08-2014 21:00

Dit is hem heren! Bedankt alvast
Zoek.exe v5.0.0.0 Updated 07-August-2014
Tool run by R. Adelerhof on vr 08-08-2014 at 19:53:20,77.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\R. Adelerhof\Desktop\zoek.exe
==== System Restore Info ======================
8-8-2014 19:54:01 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\Users\R. Adelerhof\AppData\Local\CrashDumps deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Users\R. Adelerhof\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\R. Adelerhof\Searches deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
==== System Specs ======================
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8078 MB
CPU Info: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
CPU Speed: 2491,6 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce GT 630M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel(R) Centrino(R) Wireless-N 2230 | Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) | Bluetooth Device (Personal Area Network)
CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A DS8A8SH
Ports: COM5 | COM7 | COM4 | COM6 | COM3 LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 198,2GB | D: 906,2GB
Hard Disks - Free: C: 115,9GB | D: 464,0GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 05/23/12 | _ASUS_ - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK COMPUTER INC. N76VM
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated)
Anti-Spyware: Norton Internet Security disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: Norton Internet Security disabled
Internet Explorer Version: 11.0.9600.17207
Mozilla Firefox version: 30.0 (x86 nl)
Adobe Reader version: 11.0.07.79
Flash Player version: 14.0.0.145
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\RF0C2~1.ADE\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
======= C: =====
2014-08-08 14:18:21 BAA94BC68AED28C41E5D5F77ABEEFEE2 590 —-a-w- C:\cc_20140808_161819.reg
2014-08-01 07:07:12 7F0324B036D4517545125F292320F79D 1646 —-a-w- C:\cc_20140801_090658.reg
====== C:\Users\R. Adelerhof\AppData\Roaming ======
2014-08-02 11:12:52 ——– d—–w- C:\Users\RF0C2~1.ADE\AppData\Local\Windows Live
2014-08-02 11:12:52 ——– d—–w- C:\Users\R. Adelerhof\AppData\Local\Windows Live
====== C:\Users\R. Adelerhof ======
====== C: exe-files ==
2014-08-08 17:24:11 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 —-a-w- C:\Users\R. Adelerhof\Desktop\Virusscanners e.d\RSITx64.exe
2014-08-08 14:00:08 54606E9A6FE402749179C767A6A1FDA8 1475072 —-a-w- C:\Users\R. Adelerhof\Desktop\Virusscanners e.d\adwcleaner_3.303.exe
=== C: other files ==
2014-08-08 13:49:16 F718A57D946EAC76EFCB351D74E269F4 875736 —-a-w- C:\Windows\System32\drivers\NISx64\1505000.013\srtsp64.sys
2014-08-08 13:49:16 B18CE01B9C09C59422BA7C7064248B35 36952 —-a-r- C:\Windows\System32\drivers\NISx64\1505000.013\srtspx64.sys
2014-08-08 13:49:16 9F31630D7FC2DD9D5DA1CE359AAD1F46 1148120 —-a-w- C:\Windows\System32\drivers\NISx64\1505000.013\symefa64.sys
2014-08-08 13:49:16 5C9EE2303CA7F267665D75237862B39C 493656 —-a-r- C:\Windows\System32\drivers\NISx64\1505000.013\symds64.sys
2014-08-08 13:49:16 5570A74FF9B1EFBC5154DD1E2F05C517 593112 —-a-w- C:\Windows\System32\drivers\NISx64\1505000.013\symnets.sys
2014-08-08 13:49:16 48C2934683CBD06F662B088EEF49EF6A 264280 —-a-r- C:\Windows\System32\drivers\NISx64\1505000.013\ironx64.sys
2014-08-08 13:49:16 20F758E6339A16F97DD83389D582E09A 23568 —-a-r- C:\Windows\System32\drivers\NISx64\1505000.013\symelam.sys
2014-08-08 13:49:15 0510396A957E9FD7205BA62D3CAE4528 162392 —-a-r- C:\Windows\System32\drivers\NISx64\1505000.013\ccsetx64.sys
==== Startup Registry Enabled ======================
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“EPLTarget\P0000000000000000”=“C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE /EPT EPLTarget\P0000000000000000 /M XP-412 413 415 Series”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“ASUSPRP”=“C:\Program Files (x86)\ASUS\APRP\APRP.EXE”
“ASUSWebStorage”=“C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S”
“USB3MON”=“C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
“ATKOSD2”=“C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe”
“ATKMEDIA”=“C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe”
“HControlUser”=“C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe”
“ASUS InstantKey”=“C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe”
“Wireless Console 3”=“C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe”
“RemoteControl10”=“C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe”
“UpdatePSTShortCut”=“C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Cyberlink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter”
“BCSSync”=“C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“CanonSolutionMenuEx”=“C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon”
“TkBellExe”=“c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot”
“EPLTarget\P0000000000000000”=“C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE /EPT EPLTarget\P0000000000000000 /M XP-412 413 415 Series”
“AppInit_DLLs”=“C:\\Windows\\SysWOW64\\nvinit.dll”
==== Startup Registry Enabled x64 ======================
“IgfxTray”=“C:\Windows\system32\igfxtray.exe”
“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe”
“RtHDVBg”=“C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 ”
“BLEServicesCtrl”=“C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe”
“BTMTrayAgent”=“rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp”
“AmIcoSinglun64”=“C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe”
“ETDCtrl”=“%ProgramFiles%\Elantech\ETDCtrl.exe ”
“AppInit_DLLs”=“C:\\Windows\\SysWOW64\\nvinit.dll C:\\Windows\\SysWOW64\\nvinit.dll, C:\\Windows\\system32\\nvinitx.dll”
==== Startup Registry Disabled x64 ======================
“command”=“C:\\Program Files (x86)\\ASUS\\Splendid\\ACMON.exe”
“hkey”=“HKLM”
“item”=“ACMON”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“C:\\Windows\\AsScrPro.exe”
“hkey”=“HKLM”
“item”=“ASUS Screen Saver Protector”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“\”C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\“”
“hkey”=“HKLM”
“item”=“CLMLServer”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s”
“hkey”=“HKLM”
“item”=“RTHDVCPL”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Dropbox”
“path”=“C:\\Users\\R. Adelerhof\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk”
“backup”=“C:\\Windows\\pss\\Dropbox.lnk.Startup”
“backupExtension”=“.Startup”
“command”=“C:\\Users\\RF0C2~1.ADE\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe”
“item”=“OneNote 2010 Schermopname en Snel starten”
“path”=“C:\\Users\\R. Adelerhof\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2010 Schermopname en Snel starten.lnk”
“backup”=“C:\\Windows\\pss\\OneNote 2010 Schermopname en Snel starten.lnk.Startup”
“backupExtension”=“.Startup”
“command”=“C:\\PROGRA~2\\MICROS~1\\Office14\\ONENOTEM.EXE”
==== Startup Folders ======================
2012-02-24 02:50:52 2062 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
2014-07-02 13:23:26 1142 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\EPSON XP-412 413 415 Series Invitation {B0278138-7A80-429B-B4BD-E9BC2666F53C}.job –a—— C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.exe
C:\Windows\tasks\EPSON XP-412 413 415 Series Update {B0278138-7A80-429B-B4BD-E9BC2666F53C}.job –a—— C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\4Team updater”
“C:\Windows\SysNative\tasks\Adobe Flash Player Updater”
“C:\Windows\SysNative\tasks\ASUS Live Update”
“C:\Windows\SysNative\tasks\ASUS P4G”
“C:\Windows\SysNative\tasks\ASUS Quick Gesture”
“C:\Windows\SysNative\tasks\ASUS Quick Gesture (x64)”
“C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor”
“C:\Windows\SysNative\tasks\ASUS USB Charger Plus”
“C:\Windows\SysNative\tasks\ATKOSD2”
“C:\Windows\SysNative\tasks\CCleanerSkipUAC”
“C:\Windows\SysNative\tasks\CreateChoiceProcessTask”
“C:\Windows\SysNative\tasks\DeviceDetector”
“C:\Windows\SysNative\tasks\EPSON XP-412 413 415 Series Invitation {B0278138-7A80-429B-B4BD-E9BC2666F53C}”
“C:\Windows\SysNative\tasks\EPSON XP-412 413 415 Series Update {B0278138-7A80-429B-B4BD-E9BC2666F53C}”
“C:\Windows\SysNative\tasks\Norton WSC Integration”
“C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3085899422-3526582053-2542983109-1001”
“C:\Windows\SysNative\tasks\SidebarExecute”
“C:\Windows\SysNative\tasks\User_Feed_Synchronization-{72EEAF20-EAE3-4992-80A1-48B0BFD70261}”
“C:\Windows\SysNative\tasks\{182146CF-EA83-4BE9-A6F9-02722294562C}”
“C:\Windows\SysNative\tasks\{233FF460-1F07-4BAE-B6F9-C0EA14035AB6}”
“C:\Windows\SysNative\tasks\{23D0B590-D599-4077-97AB-E3921214939C}”
“C:\Windows\SysNative\tasks\{2E84014D-1418-4507-8ED4-B00C19C43379}”
“C:\Windows\SysNative\tasks\{410854BA-2A3A-420B-9C71-570E72DA0784}”
“C:\Windows\SysNative\tasks\{4912F5E4-A75B-4275-B5F7-1E84E7B84933}”
“C:\Windows\SysNative\tasks\{6F9CAABE-D315-4AA3-A1EC-A80F66B4DFE3}”
“C:\Windows\SysNative\tasks\{8882AB83-EAB3-4F23-895B-FA0093EC1C3B}”
“C:\Windows\SysNative\tasks\{8A95D8A6-EE2D-4F79-8F84-809D98805F0D}”
“C:\Windows\SysNative\tasks\{8D7E82B6-9724-4709-A885-98FC41112896}”
“C:\Windows\SysNative\tasks\{93B7C62F-685C-4375-9427-0C6FD30687CC}”
“C:\Windows\SysNative\tasks\{98AE72B5-C153-4250-9A46-01480FC781C9}”
“C:\Windows\SysNative\tasks\{B2CE391C-84BA-4D7A-A473-B0384DA80445}”
“C:\Windows\SysNative\tasks\{D9534966-C615-40FF-B1C9-765E72F1F810}”
“C:\Windows\SysNative\tasks\{DA9A8E03-F444-49E6-8C32-7346EEBF67CF}”
“C:\Windows\SysNative\tasks\{DB88E81A-6052-4A11-AC51-2FD31D74953D}”
“C:\Windows\SysNative\tasks\{DE2524CA-8994-44C1-8E6C-2B5DA65E3856}”
“C:\Windows\SysNative\tasks\{EDFC3F20-46CA-4EA3-9176-B31AD7695127}”
“C:\Windows\SysNative\tasks\{F8567E27-5B33-4149-A257-DBB06025E3FD}”
“C:\Windows\SysNative\tasks\{FDAC3EEE-02E5-43DC-A0DA-882CAC7ABF25}”
“C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer”
“C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor”
“C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask”
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2014-03-12 06:54:19 ——– d—–w- C:\PROGRA~3\CanonIJWSpt
2014-03-12 06:56:34 ——– d–h–w- C:\PROGRA~3\CanonIJSolutionMenuEX
2014-03-12 06:57:03 ——– d–h–w- C:\PROGRA~3\CanonIJEGV
2014-03-12 07:08:28 ——– d—–w- C:\PROGRA~3\CanonIJPLM
2014-03-12 07:10:41 ——– d–h–w- C:\PROGRA~3\CanonIJScan
2014-03-12 07:11:19 ——– d—–w- C:\PROGRA~3\CanonIJ
2014-06-04 19:10:54 ——– d—–w- C:\PROGRA~3\Trusteer
2014-07-02 13:24:15 ——– d—–w- C:\PROGRA~3\RealNetworks
2014-07-09 09:21:21 ——– d—–w- C:\PROGRA~3\EPSON
==== Firefox Extensions Registry ======================
“{1DD9AC48-0855-4AE7-9934-159B4377FFA2}”=“C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext”
==== Firefox Extensions ======================
ProfilePath: C:\Users\RF0C2~1.ADE\AppData\Roaming\Mozilla\Firefox\Profiles\dusbzwjy.default
- Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
- Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
- Fastest Facebook - %ProfilePath%\extensions\{288479BE-1B9E-11E2-80EA-F3246188709B}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\R. Adelerhof\AppData\Roaming\Mozilla\Firefox\Profiles\dusbzwjy.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
06C0E62DE26FBC4F174A91F4B70C45F7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5 (32-bit)
D1041C1505FEDBBA27529AB1B57450B8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealPlayer Video Downloader for PepperFlash (32-bit)
D0D8A5784C6260EE1C1EA58A9576F652 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealPlayer Video Downloader (32-bit)
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\Exts\Chrome.crx
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://antivirus.startpagina.nl/prikbord/”
No DefaultScope Set For HKCU
New Values:
“Start Page”=“http://antivirus.startpagina.nl/prikbord/”
“DefaultScope”=“{012E1000-F331-11DB-8314-0800200C9A66}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url=“http://www.google.com/search?q={searchTerms}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{4013E288-A676-4E64-84AC-BD02F8907908} Vinden.nl Url=“http://www.vinden.nl/?refer=opensearch&q={searchTerms}”
{9F1E6B77-8689-4784-A4FB-FDFA0DB933C9} Bing Url=“http://www.bing.com/search?q={searchTerms}&r=893”
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\ASUS\APRP\APRP.EXE”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe” “C:\Program Files (x86)\Cyberlink\DVD Suite” UpdateWithCreateOnce “Software\CyberLink\PowerStarter”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: “c:\program files (x86)\real\realplayer\Update\realsched.exe” -osboot
O4 - HKCU\..\Run: C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE /EPT “EPLTarget\P0000000000000000” /M “XP-412 413 415 Series”
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-3085899422-3526582053-2542983109-1000\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = ?
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:/Program Files/Siber Systems/GoodSync/gs-server.exe
O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OnlineBackupService - CloudBackup - C:\Program Files\ArgewebBackup\OnlineBackupService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\R. Adelerhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\RF0C2~1.ADE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\RF0C2~1.ADE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=8 folders=2 4419 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\R. Adelerhof\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\RF0C2~1.ADE\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\RF0C2~1.ADE\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on vr 08-08-2014 at 20:57:40,45 ======================
Ben

08-08-2014 21:07

Hoi Huib,
Ik kom altijd vrijdags weer naar huis.
Ben

08-08-2014 21:10

Hallo,
Dit ziet er netjes uit, wat heeft Eset-online verwijderd?
(Dit logbestand kan je tevens terug vinden in de map "C:\Program Files\EsetOnlineScanner\log.txt")
rudi

08-08-2014 21:19

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=17367
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-08 05:40:47
# local_time=2014-03-08 06:40:47 (+0100, West-Europa (standaardtijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 2851134 156897032 0 0
# compatibility_mode=5893 16776574 100 94 18513867 145930297 0 0
# scanned=258067
# found=0
# cleaned=0
# scan_time=2738
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=17452
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-14 06:21:27
# local_time=2014-03-14 07:21:27 (+0100, West-Europa (standaardtijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 199871 157417872 0 0
# compatibility_mode=5893 16776574 100 94 19034707 146451137 0 0
# scanned=308891
# found=0
# cleaned=0
# scan_time=5775
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=17543
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-21 01:06:15
# local_time=2014-03-21 02:06:15 (+0100, West-Europa (standaardtijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 789359 158003760 0 0
# compatibility_mode=5893 16776574 100 94 19620595 147037025 0 0
# scanned=403325
# found=0
# cleaned=0
# scan_time=4677
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=17654
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-28 10:21:44
# local_time=2014-03-28 11:21:44 (+0100, West-Europa (standaardtijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 1380688 158598689 0 0
# compatibility_mode=5893 16776574 100 94 20215524 147631954 0 0
# scanned=511121
# found=0
# cleaned=0
# scan_time=9348
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=17709
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-01 05:48:54
# local_time=2014-04-01 07:48:54 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 24690 158971119 0 0
# compatibility_mode=5893 16776574 100 94 20587954 148004384 0 0
# scanned=494010
# found=0
# cleaned=0
# scan_time=5847
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=17850
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-11 04:52:18
# local_time=2014-04-11 06:52:18 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 885294 159831723 0 0
# compatibility_mode=5893 16776574 100 94 21448558 148864988 0 0
# scanned=256739
# found=0
# cleaned=0
# scan_time=3709
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=17940
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-18 01:03:06
# local_time=2014-04-18 03:03:06 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 1476342 160422771 0 0
# compatibility_mode=5893 16776574 100 94 22039606 149456036 0 0
# scanned=358381
# found=0
# cleaned=0
# scan_time=6127
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18030
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-25 01:39:51
# local_time=2014-04-25 03:39:51 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 2083347 161029776 0 0
# compatibility_mode=5893 16776574 100 94 22646611 150063041 0 0
# scanned=25416
# found=0
# cleaned=0
# scan_time=304
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18033
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-25 07:01:40
# local_time=2014-04-25 09:01:40 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 2102656 161049085 0 0
# compatibility_mode=5893 16776574 100 94 22665920 150082350 0 0
# scanned=462346
# found=0
# cleaned=0
# scan_time=6241
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18048
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-27 03:05:04
# local_time=2014-04-27 05:05:04 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 2261260 161207689 0 0
# compatibility_mode=5893 16776574 100 94 22824524 150240954 0 0
# scanned=243415
# found=0
# cleaned=0
# scan_time=2041
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18102
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-01 07:31:54
# local_time=2014-05-01 09:31:54 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 275443 161569299 0 0
# compatibility_mode=5893 16776574 100 94 23186134 150602564 0 0
# scanned=321225
# found=0
# cleaned=0
# scan_time=3947
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18135
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-05 11:24:36
# local_time=2014-05-05 01:24:36 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 591805 161885661 0 0
# compatibility_mode=5893 16776574 100 94 23502496 150918926 0 0
# scanned=248504
# found=0
# cleaned=0
# scan_time=1995
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18195
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-09 01:19:14
# local_time=2014-05-09 03:19:14 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 944283 162238139 0 0
# compatibility_mode=5893 16776574 100 94 23854974 151271404 0 0
# scanned=249992
# found=0
# cleaned=0
# scan_time=2524
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18261
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-14 03:46:35
# local_time=2014-05-14 05:46:35 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 1385124 162678980 0 0
# compatibility_mode=5893 16776574 100 94 24295815 151712245 0 0
# scanned=233877
# found=0
# cleaned=0
# scan_time=1922
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18396
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-24 02:08:01
# local_time=2014-05-24 04:08:01 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 67844 163537066 0 0
# compatibility_mode=5893 16776574 100 94 25153901 152570331 0 0
# scanned=236424
# found=0
# cleaned=0
# scan_time=3797
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18591
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-06 01:56:12
# local_time=2014-06-06 03:56:12 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 1190335 164659557 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 26276392 153692822 0 0
# scanned=271219
# found=0
# cleaned=0
# scan_time=3461
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18699
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-13 10:23:07
# local_time=2014-06-13 12:23:07 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 273147 165251572 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 26868407 154284837 0 0
# scanned=353578
# found=0
# cleaned=0
# scan_time=4140
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18699
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-13 01:43:41
# local_time=2014-06-13 03:43:41 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 285181 165263606 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 26880441 154296871 0 0
# scanned=649743
# found=0
# cleaned=0
# scan_time=11222
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18699
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-18 11:30:49
# local_time=2014-06-18 01:30:49 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 709209 165687634 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 27304469 154720899 0 0
# scanned=257393
# found=0
# cleaned=0
# scan_time=2383
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18798
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-20 11:01:19
# local_time=2014-06-20 01:01:19 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 880239 165858664 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 27475499 154891929 0 0
# scanned=257978
# found=0
# cleaned=0
# scan_time=2292
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=18917
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-27 03:26:06
# local_time=2014-06-27 05:26:06 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 1500926 166479351 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 28096186 155512616 0 0
# scanned=258902
# found=0
# cleaned=0
# scan_time=3032
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=19004
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-03 12:52:07
# local_time=2014-07-03 02:52:07 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 247393 166988512 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 28605347 156021777 0 0
# scanned=354696
# found=0
# cleaned=0
# scan_time=3489
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=19127
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-11 10:12:40
# local_time=2014-07-11 12:12:40 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 929026 167670145 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 29286980 156703410 0 0
# scanned=263766
# found=0
# cleaned=0
# scan_time=3093
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=19238
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-18 02:12:25
# local_time=2014-07-18 04:12:25 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 164981 168289330 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 29906165 157322595 0 0
# scanned=540299
# found=0
# cleaned=0
# scan_time=8718
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=19343
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-25 11:12:36
# local_time=2014-07-25 01:12:36 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 276681 168883341 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 30500176 157916606 0 0
# scanned=260972
# found=0
# cleaned=0
# scan_time=2408
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=19449
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-01 07:35:52
# local_time=2014-08-01 09:35:52 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 245154 169475137 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 31091972 158508402 0 0
# scanned=262075
# found=0
# cleaned=0
# scan_time=2732
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=cfb60ae5701e114bbe202820b33852a6
# engine=19566
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-08 05:03:53
# local_time=2014-08-08 07:03:53 (+0100, West-Europa (zomertijd))
# country=“Netherlands”
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 884035 170114018 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 31730853 159147283 0 0
# scanned=269922
# found=41
# cleaned=41
# scan_time=11615
sh=08EEA8C5839D81CF4FE8C4D7C304F84757C4B99B ft=1 fh=41dc015150d2b8d9 vn=“a variant of Win32/Toolbar.MyWebSearch.AE potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hauxstb.dll.vir”
sh=8872824DA370A893AF27EDA5914C81B016FDE10D ft=1 fh=7df6b6eaf73c436e vn=“a variant of Win64/Toolbar.MyWebSearch.B potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hauxstb64.dll.vir”
sh=352E15324D870431C6A80AEFA1B3826AF5F8AD7B ft=1 fh=d498158229edd61d vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll.vir”
sh=2DB76E64C44398F284BB9607477FFAB286C822A5 ft=1 fh=a15fd42821542f57 vn=“a variant of Win32/Toolbar.MyWebSearch.AE potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbarsvc.exe.vir”
sh=3E702CCA69804CDADE4A916C4666099B252CEC46 ft=1 fh=3ff9f90724b61074 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbprtct.dll.vir”
sh=242016E4DB00A6326CB726E517BD8C44C0D9AF4F ft=1 fh=5585cde8f9518639 vn=“a variant of Win32/Toolbar.MyWebSearch.AE potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe.vir”
sh=BD3BA77A76482B8432E852B6C12718DFD8A805E8 ft=1 fh=d0f2a63db6645c6c vn=“a variant of Win64/Toolbar.MyWebSearch.B potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon64.exe.vir”
sh=43057F202484834CAED5265AF9ADBD5C1C00C47C ft=1 fh=cbe7b8075d97fef6 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrstub.dll.vir”
sh=E22F1101BCDB847DDA207076C20847EE7BA14783 ft=1 fh=6dacd07894aac7d3 vn=“a variant of Win64/Toolbar.MyWebSearch.B potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrstub64.dll.vir”
sh=6F8E675C0259BDB7CEEADA861381E8655E3882FD ft=1 fh=0c2cde178f5cb3ea vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hdatact.dll.vir”
sh=D14FF0D978C0818F3219AB303258B61961E24B5B ft=1 fh=95d16e31093cddf4 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hdlghk.dll.vir”
sh=BFF74D4CF269E36527CE43A484298A7797D85DDB ft=1 fh=e0568f6273d6b1f6 vn=“a variant of Win64/Toolbar.MyWebSearch.B potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hdlghk64.dll.vir”
sh=4B8694F7BFF75DDF2A99D67136B9FCAA8BCBF818 ft=1 fh=54e43688a7d5acff vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hfeedmg.dll.vir”
sh=8000F7F069170BA3962B6D1DE97641CB8E8795E6 ft=1 fh=41956871b2c6a631 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hhtmlmu.dll.vir”
sh=56E4F2B4EC1A6E8836C2541D66E710DABCA48FB3 ft=1 fh=bc873fb5e0ff5b6a vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hhttpct.dll.vir”
sh=7318474377B8A97C09E8B4E76BC84CD967F41425 ft=1 fh=2cc6ec5e6a8fb481 vn=“a variant of Win32/Toolbar.MyWebSearch.AE potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hidle.dll.vir”
sh=B17E3F03EDE4F7710DD0678C170FEFC0457ACF7D ft=1 fh=03d8ea72626c5942 vn=“Win32/Toolbar.MyWebSearch.AG potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hieovr.dll.vir”
sh=0BFBBF33F74B6E9187D80CDD84DD49997DE10DBC ft=1 fh=7e5ba4990ad2843d vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hmlbtn.dll.vir”
sh=AD9FAD90CC49091BBEA91AA9829BA7C7DE57A080 ft=1 fh=333fc276c8268012 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hPlugin.dll.vir”
sh=E591A3DBC8B508F86149B610BDD39DF799C101FA ft=1 fh=e63430e62a50e4d1 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hradio.dll.vir”
sh=08B86C2A2D83758DC2A2737519E99B6409BFCE4A ft=1 fh=aae2e643a8115a99 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hregfft.dll.vir”
sh=5A7521CEEC575EF85C8E191C4331DF8888B3A22B ft=1 fh=890daf73d694e35c vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hregiet.dll.vir”
sh=80650AAB853B1ACEBE666EC834BE9AE519116254 ft=1 fh=88f6e6dcc31aacd1 vn=“a variant of Win32/Toolbar.MyWebSearch.AE potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hscript.dll.vir”
sh=1A401BBE5BA7C679A6B56A2F335D8AF67A063C4A ft=1 fh=22f921539bef2c08 vn=“probably a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hskin.dll.vir”
sh=C2989D1054DEF8375543745EB246AC09139DBB99 ft=1 fh=9502a7177dbba1c1 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll.vir”
sh=DF8005C51D4EE75E9C3CEE21A96FDCA75EF2E71B ft=1 fh=24159591b5465636 vn=“a variant of Win32/Toolbar.MyWebSearch.AE potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hsrchmr.dll.vir”
sh=72489280930F183E34FE5AF817F207A5EB65F8D4 ft=1 fh=033eb58713fd33d4 vn=“a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8htpinst.dll.vir”
sh=F76EBFB49A14135188A858A9A19ADE33D841FAD9 ft=1 fh=fd6523e46258979f vn=“a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe.vir”
sh=385877E899E02E0F9C551D5B3293270C5FEB9D6B ft=1 fh=fc49323ed3498cd9 vn=“a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegratorStub64.dll.vir”
sh=3C2251BC6DBC556B960D82FC7211B6005A613A8A ft=1 fh=e2babb33b836a3b5 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\ASSISTMONITOR.DLL.vir”
sh=E9C0F7642BFDCA4F304679F44A2351765D25D7E3 ft=1 fh=df272951a00ae964 vn=“a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\ASSISTMONITOR64.DLL.vir”
sh=5B52C97808B05C61C42C660EF788C6E30E9956D1 ft=1 fh=3bd8668ff345b3ba vn=“a variant of Win32/Toolbar.MyWebSearch.Z potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\CREXT.DLL.vir”
sh=C0F1C1AD7E3E71F00D10961BF88368998314C8B5 ft=1 fh=1104306037fac477 vn=“a variant of Win32/Toolbar.MyWebSearch.Z potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\CrExtP8h.exe.vir”
sh=2C88C56E84FB90C27DA50DF87011A98C77362B19 ft=1 fh=054dd36e0a8ce909 vn=“a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\Hpg64.dll.vir”
sh=AFDF3F69BEB1CDE4A5AA1D9EE5BEFD8A5DE808D7 ft=1 fh=6f20f9ce0b4866ad vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8EPMSUP.DLL.vir”
sh=ACBBE4D6CB48DD5CF142D79FDFEECBD7F9E9854E ft=1 fh=c0c375ff197f91b8 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8EXTEX.DLL.vir”
sh=BB1DF373EBE307C63271B72B7905E86FBF58D2CB ft=1 fh=16b6d8b2476550db vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8EXTPEX.DLL.vir”
sh=0C27996F6F6194AA4EE5DA4031A78B9E304B05E3 ft=1 fh=44a79e41ea9fa8ee vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8HTML.DLL.vir”
sh=88A01244271EF4EE3E78DDCEAF4287D4B053ED9A ft=1 fh=6b89c95ed44a94f1 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8TICKER.DLL.vir”
sh=AB85089131865A0535CD21A15D60C00AA7C425A2 ft=1 fh=13b78041014ac185 vn=“a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\VERIFY.DLL.vir”
sh=AC297627AB9AB7AD194EC4E3CDE50D2A42F9A4FA ft=1 fh=609aefa527ec4346 vn=“Win32/Toolbar.MyWebSearch.AF potentially unwanted application (deleted - quarantined)” ac=C fn=“C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\assists\ie_default_search_provider\ASSIST.EXE.vir”
Ben

08-08-2014 21:34

Hallo,
Download de Junkware Removal Tool naar het bureaublad.
Antivirussoftware uitschakelen
Schakel uw antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Junkware Removal Tool (JRT.exe).
Antivirus software uitschakelen
Antispy & malware software uitschakelen
Junkware Removal Tool uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
Dubbelklik op JRT.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Druk bij het commandprompt venster op een willekeurig toets om door te gaan, vervolgens zal er een back-up van het register gemaakt worden.
De tool zal vervolgens het systeem scannen.
De scan kan afhankelijk van je systeemspecificaties soms vrij lang duren, wacht geduldig af.
Als de scan gereed is zal er een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch worden geopend.
Plaats dit logje.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Vanmiddag systeemherstel moeten doen

rudi

rudi

rudi

Ben

fazantje

rudi

Ben

Ben

rudi

Ben