Het is nu wo nov 26, 2014 3:14 am

Alle tijden zijn GMT + 1 uur [ Zomertijd ]




Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 11 berichten ] 
Auteur Bericht
 Berichttitel: Trage Computer
BerichtGeplaatst: zo jun 02, 2013 7:42 pm 
Offline
Lid

Geregistreerd: do jul 07, 2011 11:27 pm
Berichten: 14
Besturingssysteem: Windows 7
Bescherming: AVG
Ik heb sinds een paar dagen last van een hele trage computer, ook wanneer ik op firefox zit komt het regelmatig voor dat deze totaal niet reageert.

Ik heb CCleaner al gedraaid, Iobit malware fighter en Malwarebytes Anti Malware. In een nieuw berichtje volgt mijn logfile.

Mvg,

Rogier


Omhoog
 Profiel  
 
 Berichttitel: Re: Trage Computer
BerichtGeplaatst: zo jun 02, 2013 7:49 pm 
Offline
Lid

Geregistreerd: do jul 07, 2011 11:27 pm
Berichten: 14
Besturingssysteem: Windows 7
Bescherming: AVG
Hierbij mijn log, excuses dat ik hem niet direct onder mijn eerste berichtje heb geplaatst.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Sophia at 2013-06-02 19:40:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 86 GB (48%) free of 177 GB
Total RAM: 3071 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:49, on 2-6-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\system32\taskhost.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Users\Sophia\Contacts\Downloads\RSIT.exe
C:\Program Files\trend micro\Sophia.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-result.info/?pid=72 ... g=EN&cc=NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-result.info/?pid=72 ... g=EN&cc=NL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll
R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: contInuettoosaovei - {31F21400-4906-438A-041C-ABEEEEEB728E} - C:\ProgramData\contInuettoosaovei\51a5e22eb4cb9.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~4\BROWER~1\ASCPLU~1.DLL
O2 - BHO: (no name) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - (no file)
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: (no name) - {f34c9277-6577-4dff-b2d7-7d58092f272f} - (no file)
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: Download met MiPony - file://C:\Program Files\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} (IlosoftImageUploadCtl Class) - http://webc.maddierose.nl/auth/controls ... Upload.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll c:\progra~1\contin~1\sprote~1.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files\System Control Manager\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: OnecomCloudDrive (OnecomService) - Unknown owner - C:\Program Files\OnecomCloudDrive\Dlls\OnecomService.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 9183 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\yffo6o8y.default-1369917697236

prefs.js - "browser.startup.homepage" - "www.google.com"
prefs.js - "keyword.URL" - ""

"{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
"m3ffxtbr@mywebsearch.com"=C:\Program Files\MyWebSearch\bar\2.bin
"fbphotozoom@installdaddy.com"=C:\Program Files\fbphotozoom\fbphotozoom15.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ei.OurBabyMaker_27.com/Plugin]
"Description"=OurBabymaker Plugin
"Path"=C:\Program Files\OurBabyMaker_27EI\Installr\2.bin\NP27EISB.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32]
"Description"=
"Path"=C:\windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npqtplugin8.dll
npqtplugin9.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
bolcom-nl.xml
marktplaats-nl.xml
Search_Results.xml
vandale-nl.xml
wikipedia-nl.xml
yahoo-nl.xml
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
IObit Apps Toolbar - C:\Program Files\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll [2013-02-23 1352512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31F21400-4906-438A-041C-ABEEEEEB728E}]
contInuettoosaovei - C:\ProgramData\contInuettoosaovei\51a5e22eb4cb9.dll [2013-05-29 112128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-05-05 329504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\ADVANC~4\BROWER~1\ASCPLU~1.DLL [2013-01-15 656704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-05-05 59168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f34c9277-6577-4dff-b2d7-7d58092f272f}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files\Yontoo\YontooIEClient.dll [2012-01-19 194848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{f34c9277-6577-4dff-b2d7-7d58092f272f}
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll [2013-02-23 1352512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2013-02-23 1297728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"=C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [2013-01-15 491840]
"iCloudServices"=C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2013-04-05 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-04-05 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2013-04-05 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2009-07-22 83336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileDocuments]
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\One.com]
C:\Program Files\OnecomCloudDrive\Dlls\AppLauncher.exe [2012-02-29 23200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [2010-06-01 600928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2013-02-23 1297728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
C:\windows\vsnp2uvc.exe [2009-06-22 662016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2uvc]
C:\windows\tsnp2uvc.exe [2009-06-26 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2009-08-01 2680160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
C:\PROGRA~1\LimeWire\LimeWire.exe [2010-09-30 503808]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll c:\progra~1\contin~1\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2013-03-16 204800]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-06-02 19:40:38 ----D---- C:\Program Files\trend micro
2013-06-02 19:40:23 ----D---- C:\rsit
2013-05-30 11:19:38 ----D---- C:\Users\Sophia\AppData\Roaming\NCdownloader
2013-05-29 13:14:59 ----D---- C:\ProgramData\Seaerach--NewwTaby
2013-05-29 13:14:58 ----D---- C:\ProgramData\StarApp
2013-05-29 13:14:52 ----D---- C:\Program Files\WebSearch
2013-05-29 13:14:41 ----D---- C:\Program Files\ContinueToSave
2013-05-29 13:14:34 ----D---- C:\ProgramData\contInuettoosaovei
2013-05-29 13:13:52 ----D---- C:\ProgramData\InstallMate
2013-05-29 12:34:48 ----A---- C:\windows\system32\rdpcorets.dll
2013-05-29 12:34:47 ----A---- C:\windows\system32\wksprtPS.dll
2013-05-29 12:34:47 ----A---- C:\windows\system32\wksprt.exe
2013-05-29 12:34:47 ----A---- C:\windows\system32\TSWbPrxy.exe
2013-05-29 12:34:47 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-05-29 12:34:47 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-05-29 12:34:47 ----A---- C:\windows\system32\TsUsbGDCoInstaller.dll
2013-05-29 12:34:47 ----A---- C:\windows\system32\tsgqec.dll
2013-05-29 12:34:47 ----A---- C:\windows\system32\rdpudd.dll
2013-05-29 12:34:47 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2013-05-29 12:34:47 ----A---- C:\windows\system32\rdpendp_winip.dll
2013-05-29 12:34:47 ----A---- C:\windows\system32\mstscax.dll
2013-05-29 12:34:47 ----A---- C:\windows\system32\mstsc.exe
2013-05-29 12:34:47 ----A---- C:\windows\system32\MsRdpWebAccess.dll
2013-05-29 12:34:47 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys
2013-05-29 12:34:47 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys
2013-05-29 12:34:47 ----A---- C:\windows\system32\aaclient.dll
2013-05-29 12:33:53 ----A---- C:\windows\system32\schannel.dll
2013-05-29 12:33:53 ----A---- C:\windows\system32\lsasrv.dll
2013-05-29 12:33:53 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2013-05-29 12:33:53 ----A---- C:\windows\system32\drivers\cng.sys
2013-05-29 12:32:54 ----A---- C:\windows\system32\qdvd.dll
2013-05-29 12:32:06 ----A---- C:\windows\system32\RegistryDefragBootTime.exe
2013-05-16 21:07:56 ----A---- C:\windows\system32\jscript.dll
2013-05-16 21:07:55 ----A---- C:\windows\system32\jscript9.dll
2013-05-16 21:07:54 ----A---- C:\windows\system32\jsproxy.dll
2013-05-16 21:07:54 ----A---- C:\windows\system32\iesetup.dll
2013-05-16 21:07:53 ----A---- C:\windows\system32\ieui.dll
2013-05-16 21:07:52 ----A---- C:\windows\system32\msfeeds.dll
2013-05-16 21:07:51 ----A---- C:\windows\system32\urlmon.dll
2013-05-16 21:07:51 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-05-16 21:07:51 ----A---- C:\windows\system32\iesysprep.dll
2013-05-16 21:07:51 ----A---- C:\windows\system32\iernonce.dll
2013-05-16 21:07:51 ----A---- C:\windows\system32\ie4uinit.exe
2013-05-16 21:07:50 ----A---- C:\windows\system32\iertutil.dll
2013-05-16 21:07:47 ----A---- C:\windows\system32\wininet.dll
2013-05-16 21:07:46 ----A---- C:\windows\system32\ieframe.dll
2013-05-16 21:07:42 ----A---- C:\windows\system32\mshtml.dll
2013-05-16 18:24:32 ----A---- C:\windows\system32\wwansvc.dll
2013-05-16 18:24:32 ----A---- C:\windows\system32\wwanprotdim.dll
2013-05-16 18:24:30 ----A---- C:\windows\system32\win32k.sys
2013-05-16 18:24:13 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2013-05-16 18:24:12 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2013-05-16 18:23:51 ----A---- C:\windows\system32\shell32.dll
2013-05-16 18:23:49 ----A---- C:\windows\system32\consent.exe
2013-05-16 18:23:48 ----A---- C:\windows\system32\authui.dll
2013-05-16 18:23:47 ----A---- C:\windows\system32\shdocvw.dll
2013-05-16 18:23:47 ----A---- C:\windows\system32\appinfo.dll
2013-05-16 18:10:54 ----A---- C:\windows\system32\RaCoInst.dll
2013-05-16 18:10:54 ----A---- C:\windows\system32\drivers\netr28u.sys
2013-05-16 18:10:53 ----D---- C:\ProgramData\Ralink Driver

======List of files/folders modified in the last 1 month======

2013-06-02 19:40:51 ----D---- C:\windows\Prefetch
2013-06-02 19:40:38 ----D---- C:\Program Files
2013-06-02 19:36:20 ----D---- C:\windows\temp
2013-06-02 19:30:43 ----D---- C:\windows\system32\drivers
2013-06-02 19:22:48 ----D---- C:\windows\system32\NDF
2013-06-02 17:45:48 ----D---- C:\windows\system32\config
2013-06-02 17:34:50 ----D---- C:\windows\system32\Tasks
2013-06-01 17:01:07 ----SHD---- C:\System Volume Information
2013-05-30 17:19:05 ----D---- C:\windows\rescache
2013-05-30 13:16:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-05-30 11:21:17 ----D---- C:\windows\System32
2013-05-30 11:19:22 ----D---- C:\windows\winsxs
2013-05-30 11:18:44 ----D---- C:\Windows
2013-05-30 11:17:50 ----D---- C:\Boot
2013-05-30 10:02:26 ----D---- C:\windows\system32\wbem
2013-05-30 10:02:26 ----D---- C:\windows\system32\nl-NL
2013-05-30 10:02:26 ----D---- C:\windows\system32\drivers\nl-NL
2013-05-30 10:02:26 ----D---- C:\windows\PolicyDefinitions
2013-05-30 10:02:24 ----D---- C:\windows\system32\DriverStore
2013-05-30 10:02:23 ----D---- C:\windows\inf
2013-05-29 14:16:27 ----D---- C:\Users\Sophia\AppData\Roaming\Belastingdienst
2013-05-29 13:14:59 ----D---- C:\ProgramData
2013-05-29 12:34:46 ----D---- C:\windows\system32\catroot
2013-05-29 12:34:43 ----D---- C:\windows\system32\catroot2
2013-05-29 11:30:53 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-05-24 14:55:00 ----D---- C:\Program Files\Mozilla Firefox
2013-05-23 22:04:29 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-05-23 22:02:40 ----D---- C:\Program Files\Mozilla Thunderbird
2013-05-22 14:16:03 ----D---- C:\windows\debug
2013-05-20 16:30:45 ----RSD---- C:\windows\assembly
2013-05-20 16:30:45 ----D---- C:\windows\Microsoft.NET
2013-05-16 21:25:22 ----D---- C:\windows\AppPatch
2013-05-16 21:25:22 ----D---- C:\Program Files\Internet Explorer
2013-05-16 21:09:37 ----SHD---- C:\windows\Installer
2013-05-16 21:09:36 ----D---- C:\ProgramData\Microsoft Help
2013-05-16 20:59:05 ----A---- C:\windows\system32\MRT.exe
2013-05-16 20:56:59 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-05-16 18:10:52 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SmartDefragDriver;SmartDefragDriver; C:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
R1 MpKsldb44430c;MpKsldb44430c; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6C801E3C-2B6B-46D8-8CA1-E771EA6A210F}\MpKsldb44430c.sys [2013-06-02 29904]
R1 MpKslf554b360;MpKslf554b360; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6C801E3C-2B6B-46D8-8CA1-E771EA6A210F}\MpKslf554b360.sys [2013-06-02 29904]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2009-07-29 69480]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R3 Afc;PPdus ASPI Shell; C:\windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-13 4993536]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-07-14 2662624]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28.sys [2009-08-04 616960]
R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver; C:\windows\system32\DRIVERS\netr28u.sys [2011-09-09 1265216]
R3 PSI;PSI; C:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-25 17920]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\Sophia\AppData\Local\Temp\catchme.sys []
S3 cpuz132;cpuz132; \??\C:\Users\Sophia\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []
S3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2011-07-11 18768]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2013-05-29 14848]
S3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2011-03-23 30600]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RimUsb;BlackBerry Smartphone; C:\windows\System32\Drivers\RimUsb.sys [2008-05-20 22784]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-06-04 166912]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 RTL8187B;Realtek RTL8187B 802.11b/g 54 Mbps draadloze USB 2.0-netwerkadapter; C:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 smserial;smserial; C:\windows\system32\DRIVERS\smserial.sys [2009-07-13 1068032]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-06-23 3486336]
S3 toshidpt;Bluetooth HID Port; C:\windows\system32\drivers\Toshidpt.sys [2009-06-19 9608]
S3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2009-07-08 168936]
S3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2009-07-28 55680]
S3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2009-07-29 49016]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-05-29 49664]
S3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2011-03-23 19280]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2013-02-25 528192]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-07-13 176128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2013-02-23 805752]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2012-12-25 2547816]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files\System Control Manager\MSIService.exe [2009-07-09 160768]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 OnecomService;OnecomCloudDrive; C:\Program Files\OnecomCloudDrive\Dlls\OnecomService.exe [2012-02-29 32416]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [2011-04-19 993848]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [2011-04-19 399416]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-20 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-16 256904]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-20 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-24 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-07-31 144752]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1343400]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------


Omhoog
 Profiel  
 
 Berichttitel: Re: Trage Computer
BerichtGeplaatst: ma jun 03, 2013 12:42 am 
Offline
Opleider
Avatar gebruiker

Geregistreerd: zo apr 10, 2005 9:10 am
Berichten: 4504
Woonplaats: Menheerse (G-O)
Besturingssysteem: Windows 7 Home Premium
Bescherming: Avast Free
Hoi Rogier,

Ik zal uw logs gaan bekijken.
Ik ben echter begeleid helper. Dit betekent dat ik mijn advies eerst moet laten keuren door een gekwalificeerd helper, waardoor het iets langer kan duren voordat ik u antwoord geef.

Alvast bedankt voor uw begrip.

Met vriendelijke groet,
jahewi

_________________
Proud member of UNITE (Unite Against Malware)
Beveiligings-tips - Pas op voor PUPs!

"If you think you are too small to be effective, you have never been in the dark with a mosquito"


Omhoog
 Profiel  
 
 Berichttitel: Re: Trage Computer
BerichtGeplaatst: ma jun 03, 2013 8:16 am 
Offline
Opleider
Avatar gebruiker

Geregistreerd: zo apr 10, 2005 9:10 am
Berichten: 4504
Woonplaats: Menheerse (G-O)
Besturingssysteem: Windows 7 Home Premium
Bescherming: Avast Free
Hoi Rogier,

Deel 1:
Download Afbeelding AdwCleaner by Xplode naar het bureaublad.
  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht als bijlage.

Deel 2:
Download Afbeelding zoek.exe naar het bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met Zoek.exe
(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
    Code:
    autoclean;
    standardsearch;
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.


sukses,
jahewi

_________________
Proud member of UNITE (Unite Against Malware)
Beveiligings-tips - Pas op voor PUPs!

"If you think you are too small to be effective, you have never been in the dark with a mosquito"


Omhoog
 Profiel  
 
 Berichttitel: Re: Trage Computer
BerichtGeplaatst: ma jun 03, 2013 9:05 am 
Offline
Lid

Geregistreerd: do jul 07, 2011 11:27 pm
Berichten: 14
Besturingssysteem: Windows 7
Bescherming: AVG
Hoi Jahewi,

Als bijlage de 2 logfiles van zowel Adwcleaner als zoek.exe

Mvg,

Rogier


Je hebt geen permissies om de bijlage(n)) in dit bericht te zien.


Omhoog
 Profiel  
 
 Berichttitel: Re: Trage Computer
BerichtGeplaatst: ma jun 03, 2013 7:32 pm 
Offline
Opleider
Avatar gebruiker

Geregistreerd: zo apr 10, 2005 9:10 am
Berichten: 4504
Woonplaats: Menheerse (G-O)
Besturingssysteem: Windows 7 Home Premium
Bescherming: Avast Free
Hoi Rogier,

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
    Code:
    emptyclsid;
    C:\Program Files\OurBabyMaker_27EI;f
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];ra
    "AppInit_DLLs"=-;r
    startupall;
    process;
    firefoxlook;
    chromelook;
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

sukses,
jahewi

_________________
Proud member of UNITE (Unite Against Malware)
Beveiligings-tips - Pas op voor PUPs!

"If you think you are too small to be effective, you have never been in the dark with a mosquito"


Omhoog
 Profiel  
 
 Berichttitel: Re: Trage Computer
BerichtGeplaatst: ma jun 03, 2013 8:08 pm 
Offline
Lid

Geregistreerd: do jul 07, 2011 11:27 pm
Berichten: 14
Besturingssysteem: Windows 7
Bescherming: AVG
Hoi Jahewi,

Hierbij de nieuwe logfile van zoek.exe


Zoek.exe Version 4.0.0.2 Updated 03-June-2013
Tool run by Sophia on ma 03-06-2013 at 20:07:59,82.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected

==== Older Logs ======================

C:\zoek-results03-06-2013-0903.log 38300 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_USERS\S-1-5-21-4155564862-1562026535-1424038144-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully
HKEY_USERS\S-1-5-21-4155564862-1562026535-1424038144-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775FDB-6972-41F9-AE51-8326E38CB206} deleted successfully
HKEY_USERS\S-1-5-21-4155564862-1562026535-1424038144-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775FDB-6972-41F9-AE51-8326E38CB206} deleted successfully

==== Running Processes ======================

C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\wininit.exe
C:\windows\system32\csrss.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\winlogon.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\system32\atiesrxx.exe
C:\windows\system32\atieclxx.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\taskeng.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\System Control Manager\MSIService.exe
C:\Program Files\OnecomCloudDrive\Dlls\OnecomService.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Users\Sophia\Contacts\Downloads\zoek.exe
C:\windows\system32\conhost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

==== Registry Lines To Reset ACL ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows Reset Succesfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

"C:\Program Files\OurBabyMaker_27EI\Installr\2.bin\27EIPlug.dll" deleted
"C:\Program Files\OurBabyMaker_27EI\Installr\2.bin\27EZSETP.dll" deleted
"C:\Program Files\OurBabyMaker_27EI\Installr\2.bin\NP27EISb.dll" deleted
"C:\Program Files\OurBabyMaker_27EI" deleted
"C:\Program Files\OurBabyMaker_27EI\Installr" deleted
"C:\Program Files\OurBabyMaker_27EI\Installr\1.bin" deleted
"C:\Program Files\OurBabyMaker_27EI\Installr\2.bin" deleted
"C:\Program Files\OurBabyMaker_27EI\Installr\1.bin\chrome" deleted
"C:\Program Files\OurBabyMaker_27EI\Installr\2.bin\chrome" deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-4155564862-1562026535-1424038144-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart"
"iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart"
"iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ApplePhotoStreams"
"hkey"="HKCU"
"command"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ArcSoft Connection Service"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iCloudServices"
"hkey"="HKCU"
"command"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ITSecMng]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ITSecMng"
"hkey"="HKLM"
"command"="%ProgramFiles%\\TOSHIBA\\Bluetooth Toshiba Stack\\ItSecMng.exe /START"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MobileDocuments]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MobileDocuments"
"hkey"="HKCU"
"command"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\ubd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\One.com]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="One.com"
"hkey"="HKCU"
"command"="C:\\Program Files\\OnecomCloudDrive\\Dlls\\AppLauncher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PMBVolumeWatcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PMBVolumeWatcher"
"hkey"="HKLM"
"command"="C:\\Program Files\\Sony\\PMB\\PMBVolumeWatcher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\snp2uvc]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="snp2uvc"
"hkey"="HKLM"
"command"="C:\\windows\\vsnp2uvc.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\tsnp2uvc]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="tsnp2uvc"
"hkey"="HKLM"
"command"="C:\\windows\\tsnp2uvc.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Bluetooth Manager.lnk"
"backup"="C:\\windows\\pss\\Bluetooth Manager.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Toshiba\\BLUETO~1\\TosBtMng.exe "
"item"="Bluetooth Manager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
"path"="C:\\Users\\Sophia\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\LimeWire On Startup.lnk"
"backup"="C:\\windows\\pss\\LimeWire On Startup.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\LimeWire\\LimeWire.exe -startup"
"item"="LimeWire On Startup"


==== Startup Folders ======================

2011-07-09 12:13:54 1038 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [16-05-2013 20:56]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [20-06-2010 22:30]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undertermined Task]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\2c6wai2q.default
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

AppDir: C:\Program Files\Mozilla Firefox
- Skype extension for Firefox - %AppDir%\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

==== Firefox Plugins ======================

Profilepath: C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\2c6wai2q.default
7ABE33792F2787D599B6963E71B9E8CD - C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll - Shockwave Flash
3D928B3FE97C403A33F803B3D1A260C9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll - Google Update
E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
F00A0EF5835E1B96F783D617F1948704 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
ECD88CDFC178E6A84DB1346EABF9F03F - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
ECD88CDFC178E6A84DB1346EABF9F03F - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In
D7B73E576A7654FC5705C650F39594F9 - C:\Program Files\QuickTime\Plugins\npqtplugin9.dll - QuickTime Plug-in 7.7.3
35E9E47DE26F29B5096CC59D5FD85299 - C:\Program Files\QuickTime\Plugins\npqtplugin8.dll - QuickTime Plug-in 7.7.3
8F9BFACB3BF01F49C970D9457B505A22 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3
B3566EECDF9875BFCCF4972A065C6F47 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3
F45411F2A2E024D05E411C065F255B45 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3
2ADC7E9A41108CD32DE9D61BD4CBC721 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3
B7B50BADFCA5BFAFB318ECD42DA8E206 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3
3038CB801E55F10DBDCF457382A8A65D - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3
DAC1E3C13A6D73701D4DD79562E86608 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3
036CA317C20DF6A8FE39CA31882290AD - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll - Java(TM) Platform SE 6 U32
1C27D3E29218B6EADDB87A6B335637E3 - C:\windows\system32\npdeployJava1.dll - Java Deployment Toolkit 6.0.320.5
F556A64AB2DB1BD834E7C89CE211516B - C:\windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
0A1FF0B674E2F268799442A434A63BB3 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
D94C362E750F8C283BF52537D3DF28B5 - C:\Users\Sophia\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll - Facebook Plugin
99F97C9FE748C37528C338A423577FCB - C:\Users\Sophia\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin
2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight
15E298B5EC5B89C5994A59863969D9FF - C:\windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

Profilepath: C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\yffo6o8y.default-1369917697236
7ABE33792F2787D599B6963E71B9E8CD - C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll - Shockwave Flash
3D928B3FE97C403A33F803B3D1A260C9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll - Google Update
E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
F00A0EF5835E1B96F783D617F1948704 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
ECD88CDFC178E6A84DB1346EABF9F03F - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
ECD88CDFC178E6A84DB1346EABF9F03F - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In
D7B73E576A7654FC5705C650F39594F9 - C:\Program Files\QuickTime\Plugins\npqtplugin9.dll - QuickTime Plug-in 7.7.3
35E9E47DE26F29B5096CC59D5FD85299 - C:\Program Files\QuickTime\Plugins\npqtplugin8.dll - QuickTime Plug-in 7.7.3
8F9BFACB3BF01F49C970D9457B505A22 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3
B3566EECDF9875BFCCF4972A065C6F47 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3
F45411F2A2E024D05E411C065F255B45 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3
2ADC7E9A41108CD32DE9D61BD4CBC721 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3
B7B50BADFCA5BFAFB318ECD42DA8E206 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3
3038CB801E55F10DBDCF457382A8A65D - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3
DAC1E3C13A6D73701D4DD79562E86608 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3
036CA317C20DF6A8FE39CA31882290AD - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll - Java(TM) Platform SE 6 U32
1C27D3E29218B6EADDB87A6B335637E3 - C:\windows\system32\npdeployJava1.dll - Java Deployment Toolkit 6.0.320.5
F556A64AB2DB1BD834E7C89CE211516B - C:\windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
0A1FF0B674E2F268799442A434A63BB3 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
D94C362E750F8C283BF52537D3DF28B5 - C:\Users\Sophia\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll - Facebook Plugin
99F97C9FE748C37528C338A423577FCB - C:\Users\Sophia\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin
2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight
15E298B5EC5B89C5994A59863969D9FF - C:\windows\system32\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx[11-08-2012 11:46]

Advanced SystemCare Surfing Protection - Sophia - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

==== EOF on ma 03-06-2013 at 20:10:41,66 ======================

Mvg,

Rogier


Omhoog
 Profiel  
 
 Berichttitel: Re: Trage Computer
BerichtGeplaatst: wo jun 05, 2013 9:53 am 
Offline
Opleider
Avatar gebruiker

Geregistreerd: zo apr 10, 2005 9:10 am
Berichten: 4504
Woonplaats: Menheerse (G-O)
Besturingssysteem: Windows 7 Home Premium
Bescherming: Avast Free
Hoi Rogier,

Het log ziet er netjes uit. :)
Volgens mij is je computer weer malware-vrij.

Hoe is het nu gesteld met de problemen?

Groet,
jahewi

_________________
Proud member of UNITE (Unite Against Malware)
Beveiligings-tips - Pas op voor PUPs!

"If you think you are too small to be effective, you have never been in the dark with a mosquito"


Omhoog
 Profiel  
 
 Berichttitel: Re: Trage Computer
BerichtGeplaatst: wo jun 05, 2013 3:29 pm 
Offline
Lid

Geregistreerd: do jul 07, 2011 11:27 pm
Berichten: 14
Besturingssysteem: Windows 7
Bescherming: AVG
Hoi Jahewi,

Hij werkt weer naar behoren, firefox werkt nu ook weer zonder problemen. Zal weer regelmatig mijn malware programma's draaien, zodat ik verschoond blijf van malware.

Thnx voor je tijd en hulp.

Mvg,

Rogier


Omhoog
 Profiel  
 
 Berichttitel: Re: Trage Computer
BerichtGeplaatst: do jun 06, 2013 7:35 am 
Offline
Opleider
Avatar gebruiker

Geregistreerd: zo apr 10, 2005 9:10 am
Berichten: 4504
Woonplaats: Menheerse (G-O)
Besturingssysteem: Windows 7 Home Premium
Bescherming: Avast Free
Hoi Rogier,

Heel graag gedaan. :D

We moeten nu nog wel even de gebruikte tools verwijderen van je computers:
1. Zoek.exe: Deze kun je verwijderen door rechts te klikken op het programma en dan Verwijderen te kiezen.
2. AdwCleaner: Start het programma en kiez vervolgens Uninstall.

Nu dat de computer weer goed werkt, wil je dat natuurlijk zo houden.
Neem daarom de tijd om volgende tips goed door:

1. De basis-beveiliging van uw computer.
De basis-beveiliging van uw computer bestaat uit 3 even belangrijke programma's:
  • Het Anti-virus: Deze zorgt ervoor dat malware geen kans krijgt zich in uw computer te nestelen.
  • De firewall: Deze zorgt ervoor dat malware en kwaadwillenden niet de kans hebben om vanaf het internet uw computer te benaderen.
    Ook zorgt de firewall ervoor dat programma's op uw computer niet ongeoorloofd contact kunnen maken met internet
    (dit is heel belangrijk als uw computer onverhoopt is besmet met bv. een trojan-virus).
  • Een losse virus- of malware-scanner: Deze kan regelmatig worden gebruikt om de computer extra te scannen op malware, welke (nog) niet wordt herkend door uw anti-virus.
    Goede malware-scanners zijn onder andere Malwarebytes' Anti-Malware of Emsisoft Anti-Malware.

Belangrijk!
  • Het is uitermate belangrijk uw anti-virus en firewall ten aller tijde te laten updaten! Het is aan te bevelen om de programma's dit zelf te laten doen, door de optie voor automatische updates aan te zetten.
  • Het is onverstandig om meerdere anti-virus programma's of firewalls te installeren. Deze zullen namelijk met elkaar in conflict komen en zodoende zorgen voor een onstabiele en onveilige computer!

2. Updates van Windows en andere programma's.
Malware-makers en -verspreiders zijn altijd op zoek naar nieuwe manieren om hun schadelijke programma's te verspreiden.
Regelmatig proberen ze dit via een gevonden lek in de Windows-programmatuur of andere legitieme programma's. We noemen zo'n lek een vulnerability.
Deze vulnerabilities moeten, zodra ze worden gevonden, zo snel mogelijk worden gedicht om de kans op besmetting met malware, dat gebruikt maakt van de betreffende vulnerability, te voorkomen. Deze afdichtingen noemen we patches.
Deze patches worden op hun beurt ter download aangeboden op internet als updates.
U begrijpt dus nu waarom het installeren van updates enorm belangrijk is.
Tegenwoordig hebben veel programma's de mogelijkheid om zelfstandig op updates te controleren op updates. Ik raad u aan van deze mogelijkheid gebruik te maken voor een optimaal beveiligde computer. U doet dit door ervoor te zorgen dat, in het betreffende programma, de automatische updates aan staat.

3. Maak gebruik van uw gezonde verstand.
U zou het misschien niet denken, maar ook uzelf bent een belangrijk onderdeel van de beveiliging van uw computer.
Ga zelf maar na:
  • Als u op internet surft, en u komt op een pagina waar u leest dat u 'de honderdduizend' hebt gewonnen, alleen maar omdat u toevallig op die pagina komt ... gelooft u dat dan?
  • En als u een email-bericht krijgt van zogenaamd 'uw bank', die u vraagt uw gegevens achter te laten op 'hun site' (voor welke reden dan ook) ... doet u dat dan?
Gewoon maar 2 voorbeelden van manieren waarmee malware-verspreiders u proberen te lokken om zodoende uw computer te infecteren met malware of om te proberen u gevoelige gegevens afhandig te maken.
Gebruik uw gezond verzond en vertrouw op uw intuitie!
Enkele tips:
  • Surf niet naar websites waarvan u weet, of waarvan algemeen bekend is, dat ze onbetrouwbaar zijn.
  • Vermijd download-sites die torrents aanbieden en wees op uw hoede bij overige download-sites. Download alleen datgene waarvoor u naar de download-site bent gekomen.
  • Klik niets aan op websites, zonder zeker te weten wat daarvan het gevolg is.
  • Ga niet in op onwerkelijke aanbiedingen of bangmakerij, zowel op internet of in emails. Als iets te mooi lijkt om waar te zijn, dan zal dat het ook wel niet zijn!
  • Open nooit zomaar bijlages in email-berichten, ook al lijkt het bericht van een bekende te komen.
    • Controleer, als u een email ontvangt met een bijlage, altijd eerst nauwkeurig de afzender van de email.
    • Neem, als u niet 100% zeker bent van de echtheid van het bericht of als u het bericht niet had verwacht, contact op met de afzender, voor u de bijlage opent.

4. Houd uw computer nauwlettend in de gaten.
Er is malware waar je, als gebruiker, niets van merkt. Dat is één van de redenen om regelmatig uw computer te scannen met uw anti-virus en aanvullende malware-scanner.
Feit is echter dat het merendeel van de huidige malware is op één of andere manier manifesteert.
Op deze pagina vind u informatie hoe u de mogelijke aanwezigheid van malware op uw computer kunt herkennen.

met vriendelijke groet,
jahewi :)

_________________
Proud member of UNITE (Unite Against Malware)
Beveiligings-tips - Pas op voor PUPs!

"If you think you are too small to be effective, you have never been in the dark with a mosquito"


Omhoog
 Profiel  
 
 Berichttitel: Re: Trage Computer
BerichtGeplaatst: do jun 06, 2013 3:53 pm 
Offline
Lid

Geregistreerd: do jul 07, 2011 11:27 pm
Berichten: 14
Besturingssysteem: Windows 7
Bescherming: AVG
Beste Jahewi,

Heb de progs verwijders zoals je aangaf. Ga weer regelmatig het progje malware draaien om mijn comp schoon te houden.
Nogmaals thnx voor je tijd en advies.

Mvg,

Rogier


Omhoog
 Profiel  
 
Geef de vorige berichten weer:  Sorteer op  
Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 11 berichten ] 

Alle tijden zijn GMT + 1 uur [ Zomertijd ]


Wie is er online

Gebruikers op dit forum: Bing [Bot] en 4 gasten


Je mag geen nieuwe onderwerpen in dit forum plaatsen
Je mag niet antwoorden op een onderwerp in dit forum
Je mag je berichten in dit forum niet wijzigen
Je mag je berichten niet uit dit forum verwijderen
Je mag geen bijlagen toevoegen in dit forum

Ga naar:  
cron
Powered by phpBB® Forum Software © phpBB Group
phpBB.nl Vertaling