Status
Niet open voor verdere reacties.

filiep

Steunend lid
Vip Lid
men ma heeft per ongeluk op het Youtube filmpje van de 777 geklikt ..wat ze best niet gedaan had !

heb een volledige virusscan gedaan niets gevonden
heb een opstartscan gedaan niets gevonden
mbam heb ik ook laten scannen niets gevonden

hopelijk kan je hier al iets me RSIT
Bekijk bijlage info.txt

info.txt logfile of random's system information tool 1.09 2014-03-18 12:53:16

======Uninstall list======

ACE-HIGH MP3 WAV WMA OGG Converter-->C:\PROGRA~2\ACE-HI~1\UNWISE.EXE C:\PROGRA~2\ACE-HI~1\INSTALL.LOG
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe Flash Player 12 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe -maintain activex
Adobe Flash Player 12 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe -maintain plugin
Adobe Reader X (10.1.9) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\Windows\SysWOW64\Adobe\Shockwave 11\uninstaller.exe"
Apple Application Support-->MsiExec.exe /I{CCE825DB-347A-4004-A186-5F4A6FDD8547}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
avast! Internet Security-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
BurnAware Free 5.3-->"C:\Program Files (x86)\BurnAware Free\unins000.exe"
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DVD Menu Pack for HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\setup.exe" /z-uninstall
DVD Menu Pack for HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\setup.exe" /z-uninstall /zMS
eReg-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
FreeOnlineRadioPlayerRecorder Toolbar-->C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\uninstall.exe toolbar
Google Drive-->MsiExec.exe /X{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}
Google Talk Plugin-->MsiExec.exe /I{C4A3849D-1971-3640-AB97-93398BC91A23}
Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\Setup.exe" /z-uninstall
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\Setup.exe" /z-uninstall
HP MULTIPLE MODEM INSTALLER for VISTA-->MsiExec.exe /I{45A136EC-88BF-4B95-99F5-C45D3930E1CC}
HP Quick Launch Buttons-->"C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -runfromtemp -l0x0013 -removeonly uninst
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Support Solutions Framework-->MsiExec.exe /I{23CCE784-A812-4647-AEFF-1DCCD4E57478}
HP Wireless Assistant-->MsiExec.exe /X{1061DF04-CF33-40B0-8360-D07C9BBEB122}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
IDT Audio-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x13 -remove -removeonly
Java 7 Update 51-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF}
JMicron JMB38X Flash Media Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
K-Lite Codec Pack 8.4.0 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
LightScribe System Software-->MsiExec.exe /X{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}
Lyrics Plugin for Windows Media Player-->MsiExec.exe /I{43002AE2-4093-49E0-A03D-990EE184C568}
MAGIX Speed burnR (MSI)-->"C:\Program Files (x86)\Common Files\MAGIX Services\Uninstall\{D182F051-5A5C-4FE8-865E-421AFE91A62E}\Speed3_burnR_mxcdr_nl-NL_setup.exe"
Malwarebytes Anti-Malware versie 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Messenger Companion-->MsiExec.exe /I{8142D25E-028A-4563-86ED-5755783C8029}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0413-1000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {4B4DF6E2-5E40-422B-82DD-205FD7E79226}
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0017-0413-0000-0000000FF1CE} /uninstall {4CF3DDE3-7CC3-46C5-989F-A72422CB5DCB}
Microsoft Office SharePoint Designer 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall SHAREPOINTDESIGNER /dll OSETUP.DLL
Microsoft Office SharePoint Designer 2007-->MsiExec.exe /X{90120000-0017-0000-0000-0000000FF1CE}
Microsoft Office SharePoint Designer MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0017-0413-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual Basic PowerPacks 10.0-->MsiExec.exe /I{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft_VC100_CRT_SP1_x86-->MsiExec.exe /I{E3B64CC5-C011-40C0-92BC-7316CD5E5688}
Mozilla Firefox 27.0 (x86 nl)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MP3 Toolkit 1.0.2-->"c:\MP3Toolkit\unins000.exe"
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}
MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{A57025CC-5F2E-4D01-B387-06DB10500D43}
OpenOffice 4.0.1-->MsiExec.exe /I{EA9BAE1A-2D68-4160-81E6-14B712435D66}
PC Connectivity Solution-->MsiExec.exe /I{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
PokerStars.be-->"C:\Program Files (x86)\PokerStars.BE\PokerStarsUninstall.exe" /u:pokerStars.be
QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A}
QuickTime-->MsiExec.exe /I{B67BAFBA-4C9F-48FA-9496-933E3B255044}
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0013 -removeonly
Realtek USB 2.0 Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0013 -removeonly
Samsung Kies-->"C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung Kies-->MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A}
Samsung Kies3-->"C:\Program Files (x86)\InstallShield Installation Information\{88547073-C566-4895-9005-EBE98EA3F7C7}\setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung Kies3-->MsiExec.exe /I{88547073-C566-4895-9005-EBE98EA3F7C7}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {480E8A87-3B8C-3ECE-8CEA-6B2349AE1C1F} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {2B41E73E-C850-36E1-8BF6-D286EF80688D} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {FFE8F365-8990-3681-9EE7-B63910299230} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {0CEBE8C9-8AF6-3DD8-B0F7-A7C99DF0DB8C} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5}
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-0017-0413-0000-0000000FF1CE} /uninstall {02AF2AA9-6FFA-47D7-BDBB-42B3A8AD8616}
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {02AF2AA9-6FFA-47D7-BDBB-42B3A8AD8616}
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {B7112510-2575-4BA4-A576-78BF8A6307BC}
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {1A0CA3FF-2BB8-4CF8-A5A9-9B314260C327}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
SlimDX Runtime .NET 2.0 (January 2012)-->MsiExec.exe /X{014A2868-BE56-4888-A16C-693989B8F153}
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
VLC media player 2.1.2-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen-->MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F}
Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
Windows Live Messenger-->MsiExec.exe /X{48294D95-EE9A-4377-8213-44FC4265FB27}
Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
WinRAR 5.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: Laptop_Michael
Event Code: 4374
Message: Pakket KB2813430(Security Update) is niet geschikt voor dit systeem
Record Number: 237427
Source Name: Microsoft-Windows-Servicing
Time Written: 20130624135917.000000-000
Event Type: Waarschuwing
User: NT AUTHORITY\SYSTEEM

Computer Name: Laptop_Michael
Event Code: 4374
Message: Pakket KB2813430(Security Update) is niet geschikt voor dit systeem
Record Number: 237426
Source Name: Microsoft-Windows-Servicing
Time Written: 20130624135916.000000-000
Event Type: Waarschuwing
User: NT AUTHORITY\SYSTEEM

Computer Name: Laptop_Michael
Event Code: 4374
Message: Pakket KB2813430(Security Update) is niet geschikt voor dit systeem
Record Number: 237425
Source Name: Microsoft-Windows-Servicing
Time Written: 20130624135916.000000-000
Event Type: Waarschuwing
User: NT AUTHORITY\SYSTEEM

Computer Name: Laptop_Michael
Event Code: 4374
Message: Pakket KB2813430(Security Update) is niet geschikt voor dit systeem
Record Number: 237424
Source Name: Microsoft-Windows-Servicing
Time Written: 20130624135916.000000-000
Event Type: Waarschuwing
User: NT AUTHORITY\SYSTEEM

Computer Name: Laptop_Michael
Event Code: 4374
Message: Pakket KB2813430(Security Update) is niet geschikt voor dit systeem
Record Number: 237423
Source Name: Microsoft-Windows-Servicing
Time Written: 20130624135916.000000-000
Event Type: Waarschuwing
User: NT AUTHORITY\SYSTEEM

=====Application event log=====

Computer Name: Laptop_Michael
Event Code: 1
Message:
Record Number: 2357309
Source Name: Nokia Suite
Time Written: 20120722010640.000000-000
Event Type: Informatie
User:

Computer Name: Laptop_Michael
Event Code: 1
Message:
Record Number: 2357308
Source Name: Nokia Suite
Time Written: 20120722010640.000000-000
Event Type: Informatie
User:

Computer Name: Laptop_Michael
Event Code: 1
Message:
Record Number: 2357307
Source Name: Nokia Suite
Time Written: 20120722010640.000000-000
Event Type: Informatie
User:

Computer Name: Laptop_Michael
Event Code: 1
Message:
Record Number: 2357306
Source Name: Nokia Suite
Time Written: 20120722010640.000000-000
Event Type: Informatie
User:

Computer Name: Laptop_Michael
Event Code: 1
Message:
Record Number: 2357305
Source Name: Nokia Suite
Time Written: 20120722010640.000000-000
Event Type: Informatie
User:

=====Security event log=====

Computer Name: Laptop_Michael
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 68561
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121024151112.394572-000
Event Type: Controle geslaagd
User:

Computer Name: Laptop_Michael
Event Code: 4624
Message: Er is een account aangemeld.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: LAPTOP_MICHAEL$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:
Proces-id: 0x2f0
Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -

Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 68560
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121024151112.394572-000
Event Type: Controle geslaagd
User:

Computer Name: Laptop_Michael
Event Code: 4648
Message: Poging tot aanmelden met expliciete referenties.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: LAPTOP_MICHAEL$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Account waarvan de referenties zijn gebruikt:
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Doelserver:
Naam van doelserver: localhost
Aanvullende gegevens: localhost

Procesgegevens:
Proces-id: 0x2f0
Procesnaam: C:\Windows\System32\services.exe

Netwerkgegevens:
Netwerkadres: -
Poort: -

Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.
Record Number: 68559
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121024151112.394572-000
Event Type: Controle geslaagd
User:

Computer Name: Laptop_Michael
Event Code: 5056
Message: Er is een cryptografische zelftest uitgevoerd.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: LAPTOP_MICHAEL$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7

Module: ncrypt.dll

Retourcode: 0x0
Record Number: 68558
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121024151112.176171-000
Event Type: Controle geslaagd
User:

Computer Name: Laptop_Michael
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 68557
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121024151110.538160-000
Event Type: Controle geslaagd
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Broadcom\Broadcom 802.11\Driver;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\winseqfe\release\Windows6.0\lh_sp2rtm\6002.18005.090410-1830\amd64fre\symbols.pri\TraceFormat
"DFSTRACINGON"=FALSE
"asl.log"=Destination=file
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip

-----------------EOF-----------------
malewarebytes anti root

Bekijk bijlage system-log.txt

Bekijk bijlage mbar-log-2014-03-18 (15-15-50).txt




windows vista
64 bits systeem
 
Laatst bewerkt:
effe geduld tot onze Medewerker " Zer0Day " zich hier over ontfermt ...


de binnengekregen besmetting via het filmpje heeft geen rechtstreekse invloed op de werking van de pc zelf ...
deze heeft wel als doel om persoonlijke info door te spelen met betrekking van bank gegevens om zodoende je rekening leeg te halen .
best dus geen pc banking meer doen via deze (besmette ) pc .
verander via een andere pc (indien mogelijk) ook je w8woorden die je gebruik om ergens in te loggen .

*mijn advies nu is om ook de malewarebijtes Anti rootkit scan te gebruiken...
 
logje is toegevoegd

Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 4258119680, free: 1698562048

Downloaded database version: v2014.03.18.05
Downloaded database version: v2014.02.20.01
Initializing...
======================
------------ Kernel report ------------
03/18/2014 15:15:40
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\aswNdis2.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\aswNdis.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\Rtlh64.sys
\SystemRoot\system32\DRIVERS\ohci1394.sys
\SystemRoot\system32\DRIVERS\1394BUS.SYS
\SystemRoot\system32\DRIVERS\jmcr.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
\??\C:\Windows\system32\drivers\aswKbd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\enecir.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\circlass.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\DRIVERS\hidir.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\??\C:\Windows\system32\drivers\aswSnx.sys
\??\C:\Windows\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\??\C:\Windows\system32\drivers\aswTdi.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\??\C:\Windows\system32\drivers\aswRdr.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8005acc260
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xfffffa8004bd9060
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005acc260, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005bd1b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005acc260, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8005accb10, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xfffffa8004bd76e0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 4DDC604F

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 126038016
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 126040064 Numsec = 499099648

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
<<<2>>>
<<<3>>>
Volume: D:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scan finished
 
Laatst bewerkt door een moderator:
Dag filiep,

Je hebt het verkeerde log (info.txt) van RSIT gepost.
Plaats het log genaamd log.txt hieronder. Je vindt het terug in C:\rsit\log.txt
 
rsit
hier is het juiste
Bekijk bijlage log.txt

Logfile of random's system information tool 1.09 (written by random/random)
Run by Michael Sterk at 2014-03-18 12:52:48
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 12 GB (19%) free of 62 GB
Total RAM: 4061 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:53:11, on 18/03/2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16540)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Users\Michael Sterk\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Michael Sterk\AppData\Roaming\Spotify\spotify.exe
C:\Users\Michael Sterk\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Users\Michael Sterk\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Michael Sterk\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Michael Sterk\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Michael Sterk\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Michael Sterk\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Michael Sterk\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
D:\DATA Michael Sterk\Downloads\HijackThis.exe
C:\Users\Michael Sterk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael Sterk\AppData\Local\Google\Chrome\Application\chrome.exe
D:\DATA Michael Sterk\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Michael Sterk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Object moved
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Object moved
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Object moved
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Object moved
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Object moved
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {f999a48b-1950-4d81-9971-79018f807b4b} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: FreeOnlineRadioPlayerRecorder - {f999a48b-1950-4d81-9971-79018f807b4b} - (no file)
O3 - Toolbar: (no name) - {f999a48b-1950-4d81-9971-79018f807b4b} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Michael Sterk\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [F.lux] "C:\Users\Michael Sterk\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [Spotify] "C:\Users\Michael Sterk\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Michael Sterk\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16463 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-715885976-79302763-1823809542-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-715885976-79302763-1823809542-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{FAD367E8-6B06-459F-879D-347243E769FE}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Michael Sterk\AppData\Roaming\Mozilla\Firefox\Profiles\uylyp54s.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.be"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, FFToolbar@bitdefender.com:2.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files (x86)\Mozilla Firefox\components\
FFComm.dll
IBDFirefox.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Users\Michael Sterk\AppData\Roaming\Mozilla\Firefox\Profiles\uylyp54s.default\extensions\
real@debrid
{20a82645-c095-46ed-80e3-08825760534b}
{ab91efd4-6975-4081-8552-1b3922ed79e2}

C:\Users\Michael Sterk\AppData\Roaming\Mozilla\Firefox\Profiles\uylyp54s.default\searchplugins\
duckduckgo-1.xml
duckduckgo.xml
search-the-web.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-12 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f999a48b-1950-4d81-9971-79018f807b4b}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{f999a48b-1950-4d81-9971-79018f807b4b}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-12 194128]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 321080]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-09-01 499768]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
"DVDAgent"=C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-03-11 1148200]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-12-11 311152]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-07 3767096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-06-20 2736128]
"MobileDocuments"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe []
"Google Update"=C:\Users\Michael Sterk\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 116648]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-12-11 845168]
"F.lux"=C:\Users\Michael Sterk\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-16 1016712]
"KiesAirMessage"=C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [2013-03-20 578560]
"Spotify"=C:\Users\Michael Sterk\AppData\Roaming\Spotify\Spotify.exe [2014-01-29 6118400]
"Spotify Web Helper"=C:\Users\Michael Sterk\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-29 1171968]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"=C:\Windows\system32\cmd.exe [2008-01-21 318976]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727"=C:\Windows\system32\cmd.exe [2008-01-21 318976]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"=C:\Windows\system32\cmd.exe [2008-01-21 318976]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"=C:\Windows\system32\cmd.exe [2008-01-21 318976]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"=C:\Windows\system32\cmd.exe [2008-01-21 318976]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112"=C:\Windows\system32\cmd.exe [2008-01-21 318976]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"=C:\Windows\system32\cmd.exe [2008-01-21 318976]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"=C:\Windows\system32\cmd.exe [2008-01-21 318976]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"=C:\Windows\system32\cmd.exe [2008-01-21 318976]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530"=C:\Windows\system32\cmd.exe [2008-01-21 318976]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"=C:\Windows\system32\cmd.exe [2008-01-21 318976]
"Uninstall C:\Users\Michael Sterk\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627"=C:\Windows\system32\cmd.exe [2008-01-21 318976]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-03-18 12:52:49 ----D---- C:\Program Files (x86)\trend micro
2014-03-18 12:52:48 ----D---- C:\rsit
2014-03-13 09:42:37 ----SHD---- C:\found.000
2014-03-13 09:21:21 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2014-03-13 09:21:20 ----A---- C:\Windows\SysWOW64\vbscript.dll
2014-03-13 09:21:18 ----A---- C:\Windows\SysWOW64\ieui.dll
2014-03-13 09:21:17 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 09:21:16 ----A---- C:\Windows\SysWOW64\url.dll
2014-03-13 09:21:16 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 09:21:14 ----A---- C:\Windows\SysWOW64\wininet.dll
2014-03-13 09:21:13 ----A---- C:\Windows\SysWOW64\urlmon.dll
2014-03-13 09:21:11 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 09:21:09 ----A---- C:\Windows\SysWOW64\jscript9.dll
2014-03-13 09:21:09 ----A---- C:\Windows\SysWOW64\jscript.dll
2014-03-13 09:21:07 ----A---- C:\Windows\SysWOW64\iertutil.dll
2014-03-13 09:21:02 ----A---- C:\Windows\SysWOW64\mshtml.dll
2014-03-13 09:20:57 ----A---- C:\Windows\SysWOW64\ieframe.dll
2014-03-12 06:35:24 ----A---- C:\Windows\SysWOW64\wer.dll
2014-03-12 06:35:13 ----A---- C:\Windows\SysWOW64\tzres.dll
2014-03-12 06:35:03 ----A---- C:\Windows\SysWOW64\qedit.dll
2014-02-17 09:06:02 ----D---- C:\Program Files (x86)\GUM1D86.tmp
2014-02-17 09:06:02 ----A---- C:\Program Files (x86)\GUT1D97.tmp
2014-02-14 05:38:52 ----A---- C:\Windows\SysWOW64\msxml3.dll
2014-02-10 14:35:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-01-22 15:33:59 ----A---- C:\Windows\SysWOW64\javaws.exe
2014-01-22 15:33:44 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-22 15:33:44 ----A---- C:\Windows\SysWOW64\javaw.exe
2014-01-22 15:33:44 ----A---- C:\Windows\SysWOW64\java.exe
2014-01-09 09:44:03 ----D---- C:\Program Files (x86)\PokerStars.BE
2013-12-26 16:36:58 ----D---- C:\Users\Michael Sterk\AppData\Roaming\Software Informer
2013-12-22 15:37:35 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-22 15:33:16 ----D---- C:\Windows\Migration

======List of files/folders modified in the last 3 months======

2014-03-18 12:53:00 ----D---- C:\Windows\Prefetch
2014-03-18 12:52:49 ----RD---- C:\Program Files (x86)
2014-03-18 12:52:20 ----D---- C:\Windows\Temp
2014-03-18 11:58:39 ----D---- C:\Users\Michael Sterk\AppData\Roaming\Spotify
2014-03-18 11:57:58 ----HD---- C:\ProgramData
2014-03-18 11:57:58 ----A---- C:\ProgramData\HPWALog.txt
2014-03-18 09:52:13 ----SHD---- C:\System Volume Information
2014-03-18 06:45:08 ----D---- C:\Windows\inf
2014-03-17 20:58:12 ----D---- C:\Windows\Debug
2014-03-13 17:23:15 ----SHD---- C:\Windows\Installer
2014-03-13 17:23:15 ----HD---- C:\Config.Msi
2014-03-13 17:23:13 ----D---- C:\Users\Michael Sterk\AppData\Roaming\Mozilla
2014-03-13 10:50:18 ----D---- C:\Windows\SysWOW64
2014-03-13 10:50:16 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 10:04:10 ----D---- C:\Windows\rescache
2014-03-13 09:45:44 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 09:38:55 ----D---- C:\Windows\SysWOW64\nl-NL
2014-03-13 09:38:55 ----D---- C:\Windows\System32
2014-03-13 09:38:54 ----D---- C:\Windows\SysWOW64\migration
2014-03-13 09:38:54 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-13 09:25:58 ----D---- C:\Windows\winsxs
2014-02-14 14:16:51 ----D---- C:\Windows\Microsoft.NET
2014-02-14 14:10:58 ----RSD---- C:\Windows\assembly
2014-02-11 04:32:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-10 14:25:27 ----D---- C:\Windows
2014-01-28 13:04:06 ----D---- C:\Users\Michael Sterk\AppData\Roaming\Samsung
2014-01-28 13:04:00 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-01-28 13:03:13 ----D---- C:\Program Files (x86)\Samsung
2014-01-22 15:38:16 ----D---- C:\Program Files (x86)\WinRAR
2014-01-22 15:35:08 ----D---- C:\ProgramData\Oracle
2014-01-22 15:33:44 ----D---- C:\Program Files (x86)\Java
2014-01-16 19:19:37 ----D---- C:\ProgramData\Microsoft Help
2014-01-05 22:05:24 ----SD---- C:\Users\Michael Sterk\AppData\Roaming\Microsoft
2014-01-05 21:09:54 ----D---- C:\Users\Michael Sterk\AppData\Roaming\vlc
2013-12-26 16:36:56 ----RD---- C:\Program Files
2013-12-24 15:45:27 ----D---- C:\Program Files (x86)\HP
2013-12-22 15:33:55 ----D---- C:\Windows\SysWOW64\en-US
2013-12-22 15:33:16 ----SD---- C:\ProgramData\Microsoft
2013-12-22 15:11:55 ----D---- C:\Program Files (x86)\VS Revo Group

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys []
R0 aswNdis2;avast! Firewall NDIS Driver; C:\Windows\SysWOW64\drivers\aswNdis2.sys []
R0 aswRvrt;avast! Revert; C:\Windows\SysWOW64\drivers\aswRvrt.sys []
R0 aswVmm;avast! VM Monitor; C:\Windows\SysWOW64\drivers\aswVmm.sys []
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R1 aswKbd;aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys []
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys []
R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys []
S2 npf;npf; \??\C:\Windows\system32\drivers\npf.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys []
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2012-12-18 20032]
S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-02-05 37344]
S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys []
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys []
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys []
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys []
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\DRIVERS\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys []
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-07 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-02-07 113704]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2013-12-17 46904]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe []
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2011-01-25 791608]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13 257928]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-05-05 194032]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 359192]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-10 118896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 1012344]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------
 
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

Download
51a612a8b27e2-Zoek.png
Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie).
  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
Code:
{f999a48b-1950-4d81-9971-79018f807b4b};c
{f999a48b-1950-4d81-9971-79018f807b4b};c
emptyfolderscheck;delete
autoclean;
emptyclsid;
startupall; 
filesrcm;
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.
 
Download
adwcleaner.png
AdwCleaner by Xplode naar het bureaublad.
  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht.
 
beste Zer0Day

de gescande objecten mag ik die zomaar verwijderen?
hier is de lijst ik heb nog niets weggedaan
grz;)

# AdwCleaner v3.022 - Report created 19/03/2014 at 13:29:24
# Updated 13/03/2014 by Xplode
# Operating System : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Username : Michael Sterk - LAPTOP_MICHAEL
# Running from : D:\DATA Michael Sterk\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\FreeOnlineRadioPlayerRecorder
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FreeOnlineRadioPlayerRecorder Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\FreeOnlineRadioPlayerRecorder
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DDF3F6B-FDC0-4475-A3D3-77FA6F538976}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0335920-EB00-4ACD-9BD0-C1B2AD9999A0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeOnlineRadioPlayerRecorder Toolbar
Key Found : HKLM\Software\Myfree Codec
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16540


-\\ Mozilla Firefox v27.0 (nl)

[ File : C:\Users\Michael Sterk\AppData\Roaming\Mozilla\Firefox\Profiles\uylyp54s.default\prefs.js ]

Line Found : user_pref("extensions.bootstrappedAddons", "{\"tl_r@jetpack\":{\"version\":\"1.5.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Michael Sterk\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\[...]
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.AutoSearchEventData", "auto%20search");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.homepage", "about%3Ahome");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.search", "Google");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeInstallSaved", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ClearCacheDate", 20);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.customNewTab", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DisplayEULA", false);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DnsCatchEventData", "dns%20catch");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.FirstLaunchShown", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.helpUsImprove", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.hideOthers", false);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.LoadLayoutDate.62781", 20);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.NewTabSearchEventData", "tab%20search");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.processAddrBar", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.restoreSearch", false);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.searchHistory", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.session", "2D59B4347B9BFDBD872AF2C6544B3D64004845671AFE66BB535E84180965C2076DDA2C45629ABF697807A8F6D2A758BC8104320523F9EBC390AAD06D8CE4BBDD");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.showFirstLaunchOptions", false);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ShowRecommendedOptions", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.StateReportDate", "1337457069219");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tb_lang", "en");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tool_id", "62781");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.TopRightSearchEventData", "top%20right%20search");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.Uninstall", false);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_id", "78261435");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_key", "bbe46623f0b784423392b0e60aa49a44c8e7e702");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_layouts", "62781");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_lnames", "Gamers%20Unite%21%20Snag%20Bar");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.yahooSearch", true);

-\\ Google Chrome v

[ File : C:\Users\Michael Sterk\AppData\Local\Google\Chrome\User Data\Default\preferences ]



*************************

AdwCleaner[R0].txt - [7920 octets] - [19/03/2014 13:29:24]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7980 octets] ##########
 
Zer0Day
hier is het juiste ,sorry voor het wachten he

# AdwCleaner v3.022 - Report created 19/03/2014 at 15:15:01
# Updated 13/03/2014 by Xplode
# Operating System : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Username : Michael Sterk - LAPTOP_MICHAEL
# Running from : D:\DATA Michael Sterk\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DDF3F6B-FDC0-4475-A3D3-77FA6F538976}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0335920-EB00-4ACD-9BD0-C1B2AD9999A0}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\FreeOnlineRadioPlayerRecorder
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\FreeOnlineRadioPlayerRecorder
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeOnlineRadioPlayerRecorder Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FreeOnlineRadioPlayerRecorder Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16540


-\\ Mozilla Firefox v27.0 (nl)

[ File : C:\Users\Michael Sterk\AppData\Roaming\Mozilla\Firefox\Profiles\uylyp54s.default\prefs.js ]

Line Deleted : user_pref("extensions.bootstrappedAddons", "{\"tl_r@jetpack\":{\"version\":\"1.5.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Michael Sterk\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\[...]
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.AutoSearchEventData", "auto%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.homepage", "about%3Ahome");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.search", "Google");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeInstallSaved", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ClearCacheDate", 20);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.customNewTab", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DisplayEULA", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DnsCatchEventData", "dns%20catch");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.FirstLaunchShown", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.helpUsImprove", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.hideOthers", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.LoadLayoutDate.62781", 20);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.NewTabSearchEventData", "tab%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.processAddrBar", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.restoreSearch", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.searchHistory", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.session", "2D59B4347B9BFDBD872AF2C6544B3D64004845671AFE66BB535E84180965C2076DDA2C45629ABF697807A8F6D2A758BC8104320523F9EBC390AAD06D8CE4BBDD");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.showFirstLaunchOptions", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ShowRecommendedOptions", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.StateReportDate", "1337457069219");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tb_lang", "en");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tool_id", "62781");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.TopRightSearchEventData", "top%20right%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.Uninstall", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_id", "78261435");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_key", "bbe46623f0b784423392b0e60aa49a44c8e7e702");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_layouts", "62781");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_lnames", "Gamers%20Unite%21%20Snag%20Bar");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.yahooSearch", true);

-\\ Google Chrome v

[ File : C:\Users\Michael Sterk\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8088 octets] - [19/03/2014 13:29:24]
AdwCleaner[S0].txt - [7762 octets] - [19/03/2014 15:15:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7822 octets] ##########
 
Ziet er netjes uit nu.

Om af te sluiten, mag je het volgende nog uitvoeren:

Download
51a5ce45263de-delfix.png
Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:
  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings
Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoef je echter niet te plaatsen.
 
Zer0Day

nogmaals bedankt voor je hulp
anders had ik het nooit gevonden hoor !

vriendelijke groeten filiep;)
 
Status
Niet open voor verdere reacties.
Terug
Bovenaan Onderaan