inlog probleem epact software

minorthief · 1 maart 2014

Hey

ik heb al een tijdje problemen om in te loggen op de online epact databank van het vlaams energie agentschap. De eerste keer dient men een citrix client te installeren en maken dat uw java upgedate is. Tot daar toe allemaal goed, alles werkt gedurende een paar weken en na een tijdje kan ik niet meer inloggen op de site. Ik log in en er gebeurt nix. Soms werkt het terug na een systeemherstel uit te voeren en in het slechtste geval moet ik formatteren. Dan ben ik weer goed voor een paar weken. Ik vind het heel bizar, alle instellingen staan zoals ze moeten denk ik. Ik heb dus geen idee waarom dit gebeurt. O ja ik gebruik Internet Explorer als browser enkel voor deze toepassing, op firefox doet hij al helemaal nix.

Graag had ik dit opgelost met wat hulp, bedankt alvast !

gr minorthief

heb deze al link al helemaal doorlopen en uitgevoerd, geen succes.

Software | energiesparen.be - rationeel energiegebruik

kape · 2 maart 2014

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

RSIT 32 bit (RSIT.exe)
RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

minorthief · 2 maart 2014

Logfile of random's system information tool 1.09 (written by random/random)

Run by sim at 2014-03-02 18:31:39

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 519 GB (89%) free of 582 GB

Total RAM: 6092 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:31:46, on 2/03/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16518)

Boot mode: Normal

Running processes:

C:\Users\sim\AppData\Roaming\Spotify\spotify.exe

C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Windows\SysWOW64\RunDll32.exe

C:\Users\sim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\NST.exe

C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\NAV.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe

C:\Program Files\trend micro\sim.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&q={searchTerms}&installDate=23/02/2014

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&q={searchTerms}&installDate=23/02/2014

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&q={searchTerms}&installDate=23/02/2014

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&q={searchTerms}&installDate=23/02/2014

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll (file missing)

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\IPS\IPSBHO.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\coIEPlg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll (file missing)

O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\coIEPlg.dll

O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

O4 - HKCU\..\Run: [spotify] "C:\Users\sim\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\sim\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://vea.vlaanderen.be/dana-cached/sc/JuniperSetupClient.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs:

O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files (x86)\Mobogenie\MgAssist.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\NAV.exe

O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\NST.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 15617 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

winlogon.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\Windows\system32\Hpservice.exe

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0677f93a-e07d-492c-a1a4-df5bbd8c7681 -SystemEventPortName:HostProcess-f08f062a-832b-4c8e-93d0-616dbb960bc1 -IoCancelEventPortName:HostProcess-c9a509d2-f491-41e3-99a0-9eb224d252a9 -NonStateChangingEventPortName:HostProcess-5a982044-02e4-4332-b8a7-38ac8d10ff54 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a0cac072-7781-4389-acaf-05a98f989f4c -DeviceGroupId:

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe 3093824

\??\C:\Windows\system32\conhost.exe "-1790354341-2110406608-945775395-20687362231386795595-19180609371511504046983298211

C:\Windows\System32\spoolsv.exe

"taskhost.exe"

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe"

"C:\Windows\system32\Dwm.exe"

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

C:\Windows\Explorer.EXE

"C:\Program Files\IDT\WDM\AESTSr64.exe"

"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"

"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"

"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"

"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"

"C:\Program Files (x86)\Mobogenie\MgAssist.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

WLIDSvcM.exe 2384

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

"C:\Program Files\IDT\WDM\sttray64.exe"

"C:\Program Files\Apoint2K\Apoint.exe"

"C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe"

"C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe"

"C:\Users\sim\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart

"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"

"C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"

"C:\Program Files\Apoint2K\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}

"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"Apntex.exe"

\??\C:\Windows\system32\conhost.exe "-299850739-4276150031581624622-1989534252-1263473202-109683138-1782806901530296341

"C:\Program Files (x86)\Mobogenie\DaemonProcess.exe"

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

taskeng.exe {E574E23B-BA22-4779-90C5-A94B36DDF258}

"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook

"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Users\sim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="3772.0.500508598\1333599103" /prefetch:673131151

"C:\Users\sim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="3772.1.1850844874\34027938" /prefetch:673131151

"C:\Users\sim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="3772.2.104047055\975964044" /prefetch:673131151

"C:\Users\sim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="3772.3.911672208\1978406021" /prefetch:673131151

"C:\Users\sim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="3772.4.636764248\393957300" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2372 --lang=en-US --log-severity=disable /prefetch:822062411

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\diMaster.dll" /prefetch:1

"C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\NST.exe" /c /a /s UserSession

"C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\NAV.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\diMaster.dll" /prefetch:1

"C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\NAV.exe" /c /a /s UserSession

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

C:\Windows\system32\svchost.exe -k SDRSVC

"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding

C:\Windows\system32\AUDIODG.EXE 0x1d0

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6864.18562c00.828109381 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 6864 "\\.\pipe\gecko-crash-server-pipe.6864" plugin

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe" --proxy-stub-channel=Flash7028.5F70C768.13340 --host-broker-channel=Flash7028.5F70C768.31358 --host-pid=7028 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll"

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe" --channel=3168.0050F524.1985241683 --proxy-stub-channel=Flash7028.5F70C768.13340 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll" --host-npapi-version=27 --type=renderer

taskeng.exe {C4F0EA8C-3195-4AAA-92C8-D51AA1062C6F}

C:\Windows\system32\sppsvc.exe

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

"C:\Users\sim\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\sim\AppData\Roaming\Mozilla\Firefox\Profiles\xf7f1gkq.default

prefs.js - "browser.startup.homepage" - "https://www.google.be/"

prefs.js - "keyword.URL" - "http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&installDate=23/02/2014&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 12.0.0.70 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]

"Description"=McAfee Mss Plugin

"Path"=C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]

"Description"=WildTangent Games App Presence Detector Plugin

"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 12.0.0.70 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

C:\Users\sim\AppData\Roaming\Mozilla\Firefox\Profiles\xf7f1gkq.default\searchplugins\

Web Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]

TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-05-06 1746760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]

Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine64\2014.6.6.3\coIEPlg.dll [2014-02-07 770400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\IPS\IPSBHO.DLL [2013-09-29 388504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-23 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]

TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-05-06 1598280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]

Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\coIEPlg.dll [2014-02-07 527712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-23 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{ae07101b-46d4-4a98-af68-0333ea26e113}

{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine64\2014.6.6.3\coIEPlg.dll [2014-02-07 770400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll []

{ae07101b-46d4-4a98-af68-0333ea26e113}

{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\coIEPlg.dll [2014-02-07 527712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-05-09 168216]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-05-09 392472]

"Persistence"=C:\Windows\system32\igfxpers.exe [2011-05-09 416024]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-05-27 1128448]

"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2011-02-19 569200]

"SetDefault"=C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-06-27 42808]

"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Spotify"=C:\Users\sim\AppData\Roaming\Spotify\Spotify.exe [2014-01-23 6118400]

"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

""= []

"HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-06-28 168504]

"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2011-04-08 586808]

"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-12-18 40312]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-06-13 336440]

"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2011-05-31 1342008]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [2014-02-23 775872]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2011-04-15 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"notification packages"=scecli

C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-02 18:31:39 ----D---- C:\rsit

2014-03-02 18:31:39 ----D---- C:\Program Files\trend micro

2014-03-01 19:18:14 ----D---- C:\ProgramData\NCOTEMP

2014-03-01 19:18:02 ----D---- C:\Windows\system32\drivers\NSTx64

2014-03-01 19:15:15 ----D---- C:\Windows\system32\drivers\NAVx64

2014-03-01 18:02:17 ----SHD---- C:\Config.Msi

2014-03-01 12:52:45 ----A---- C:\Windows\system32\MRT.exe

2014-02-28 12:25:32 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2014-02-28 12:22:59 ----D---- C:\Windows\Migration

2014-02-28 12:21:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-02-28 12:21:38 ----A---- C:\Windows\system32\vbscript.dll

2014-02-28 12:20:33 ----A---- C:\Windows\SYSWOW64\msrating.dll

2014-02-28 12:20:32 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-02-28 12:20:32 ----A---- C:\Windows\system32\msrating.dll

2014-02-28 12:20:32 ----A---- C:\Windows\system32\ieui.dll

2014-02-28 12:20:30 ----A---- C:\Windows\system32\iernonce.dll

2014-02-28 12:20:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-02-28 12:20:30 ----A---- C:\Windows\system32\ie4uinit.exe

2014-02-28 12:20:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-02-28 12:20:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-02-28 12:20:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-02-28 12:20:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2014-02-28 12:20:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2014-02-28 12:20:29 ----A---- C:\Windows\system32\msfeeds.dll

2014-02-28 12:20:29 ----A---- C:\Windows\system32\jsproxy.dll

2014-02-28 12:20:29 ----A---- C:\Windows\system32\ieUnatt.exe

2014-02-28 12:20:29 ----A---- C:\Windows\system32\iesetup.dll

2014-02-28 12:20:28 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2014-02-28 12:20:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2014-02-28 12:20:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2014-02-28 12:20:28 ----A---- C:\Windows\system32\mshtml.dll

2014-02-28 12:20:28 ----A---- C:\Windows\system32\jscript9diag.dll

2014-02-28 12:20:28 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-02-28 12:20:28 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-02-28 12:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-02-28 12:20:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-02-28 12:20:27 ----A---- C:\Windows\system32\iertutil.dll

2014-02-28 12:20:27 ----A---- C:\Windows\system32\ieapfltr.dll

2014-02-28 12:20:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-02-28 12:20:26 ----A---- C:\Windows\system32\wininet.dll

2014-02-28 12:20:26 ----A---- C:\Windows\system32\urlmon.dll

2014-02-28 12:20:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-02-28 12:20:25 ----A---- C:\Windows\system32\ieframe.dll

2014-02-28 12:20:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-02-28 12:20:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-02-28 12:20:23 ----A---- C:\Windows\system32\jscript9.dll

2014-02-28 11:21:26 ----D---- C:\Program Files (x86)\Norton Identity Safe

2014-02-28 11:20:29 ----D---- C:\Program Files (x86)\Norton AntiVirus

2014-02-28 11:18:50 ----D---- C:\ProgramData\PCSettings

2014-02-26 21:14:30 ----D---- C:\Windows\system32\MRT

2014-02-23 22:50:11 ----D---- C:\Windows\Sun

2014-02-23 22:44:22 ----D---- C:\Program Files\CCleaner

2014-02-23 22:43:55 ----D---- C:\Users\sim\AppData\Roaming\newnext.me

2014-02-23 22:43:37 ----D---- C:\Program Files (x86)\Mobogenie

2014-02-23 22:43:18 ----D---- C:\Program Files (x86)\Optimizer Pro

2014-02-23 11:55:39 ----D---- C:\Users\sim\AppData\Roaming\Apple Computer

2014-02-23 11:46:31 ----D---- C:\ProgramData\Apple Computer

2014-02-23 11:46:31 ----D---- C:\Program Files (x86)\QuickTime

2014-02-23 11:45:38 ----D---- C:\ProgramData\Apple

2014-02-23 11:45:38 ----D---- C:\Program Files (x86)\Apple Software Update

2014-02-23 03:13:29 ----A---- C:\Windows\system32\IEUDINIT.EXE

2014-02-23 03:01:23 ----A---- C:\Windows\SYSWOW64\elshyph.dll

2014-02-23 03:01:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\wextract.exe

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\webcheck.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\url.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\pngfilt.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\occache.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\msls31.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\mshtmler.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\mshta.exe

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\licmgr10.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\jsIntl.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\jscript.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\inseng.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\imgutil.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\iexpress.exe

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\iepeers.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\icardie.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2014-02-23 03:01:13 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\wextract.exe

2014-02-23 03:01:13 ----A---- C:\Windows\system32\webcheck.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\url.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2014-02-23 03:01:13 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2014-02-23 03:01:13 ----A---- C:\Windows\system32\pngfilt.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\occache.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\msls31.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\mshtmlmedia.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\mshtmler.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\mshtmled.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\MshtmlDac.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\mshta.exe

2014-02-23 03:01:13 ----A---- C:\Windows\system32\msfeedssync.exe

2014-02-23 03:01:13 ----A---- C:\Windows\system32\msfeedsbs.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\licmgr10.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\jsIntl.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\jscript.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\inseng.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\imgutil.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\iexpress.exe

2014-02-23 03:01:13 ----A---- C:\Windows\system32\iesysprep.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\iepeers.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\iedkcs32.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\ieapfltr.dat

2014-02-23 03:01:13 ----A---- C:\Windows\system32\IEAdvpack.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\icardie.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\elshyph.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\dxtrans.dll

2014-02-23 03:01:13 ----A---- C:\Windows\system32\dxtmsft.dll

2014-02-17 20:17:58 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-02-13 20:43:16 ----A---- C:\Windows\system32\spoolsv.exe

2014-02-13 20:43:16 ----A---- C:\Windows\splwow64.exe

2014-02-13 20:43:08 ----A---- C:\Windows\SYSWOW64\msxml3r.dll

2014-02-13 20:43:08 ----A---- C:\Windows\SYSWOW64\msxml3.dll

2014-02-13 20:43:08 ----A---- C:\Windows\system32\msxml3r.dll

2014-02-13 20:43:08 ----A---- C:\Windows\system32\msxml3.dll

2014-02-13 20:43:07 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll

2014-02-13 20:43:07 ----A---- C:\Windows\system32\d3d10warp.dll

2014-02-13 20:43:07 ----A---- C:\Windows\system32\d2d1.dll

2014-02-13 20:43:06 ----A---- C:\Windows\SYSWOW64\d2d1.dll

2014-02-13 20:43:05 ----A---- C:\Windows\system32\RMActivate_isv.exe

2014-02-13 20:43:04 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll

2014-02-13 20:43:04 ----A---- C:\Windows\SYSWOW64\secproc.dll

2014-02-13 20:43:04 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe

2014-02-13 20:43:04 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe

2014-02-13 20:43:04 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe

2014-02-13 20:43:04 ----A---- C:\Windows\SYSWOW64\RMActivate.exe

2014-02-13 20:43:04 ----A---- C:\Windows\SYSWOW64\msdrm.dll

2014-02-13 20:43:04 ----A---- C:\Windows\system32\secproc_isv.dll

2014-02-13 20:43:04 ----A---- C:\Windows\system32\secproc.dll

2014-02-13 20:43:04 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe

2014-02-13 20:43:04 ----A---- C:\Windows\system32\RMActivate_ssp.exe

2014-02-13 20:43:04 ----A---- C:\Windows\system32\RMActivate.exe

2014-02-13 20:43:04 ----A---- C:\Windows\system32\msdrm.dll

2014-02-13 20:43:03 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll

2014-02-13 20:43:03 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll

2014-02-13 20:43:03 ----A---- C:\Windows\system32\secproc_ssp_isv.dll

2014-02-13 20:43:03 ----A---- C:\Windows\system32\secproc_ssp.dll

2014-02-13 20:43:01 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll

2014-02-13 20:43:01 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll

2014-02-13 20:43:01 ----A---- C:\Windows\system32\WMPhoto.dll

2014-02-13 20:43:01 ----A---- C:\Windows\system32\WindowsCodecs.dll

2014-02-13 17:10:03 ----D---- C:\Program Files\McAfee Security Scan

2014-02-11 13:31:57 ----D---- C:\Windows\SYSWOW64\Wat

2014-02-11 13:31:57 ----D---- C:\Windows\system32\Wat

2014-02-09 22:42:38 ----A---- C:\Windows\system32\browserchoice.exe

2014-02-09 16:43:55 ----A---- C:\Windows\system32\wmploc.DLL

2014-02-09 16:43:54 ----A---- C:\Windows\SYSWOW64\wmploc.DLL

2014-02-09 16:43:54 ----A---- C:\Windows\SYSWOW64\wmp.dll

2014-02-09 16:43:53 ----A---- C:\Windows\system32\wmp.dll

2014-02-06 10:15:36 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS

2014-02-06 10:15:36 ----A---- C:\Windows\system32\drivers\bthport.sys

2014-02-06 10:11:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-02-06 10:11:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-02-06 10:11:00 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll

2014-02-06 10:11:00 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll

2014-02-06 10:10:59 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll

2014-02-06 10:10:59 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll

2014-02-06 10:10:59 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll

2014-02-06 10:10:59 ----A---- C:\Windows\SYSWOW64\dxgi.dll

2014-02-06 10:10:59 ----A---- C:\Windows\SYSWOW64\DWrite.dll

2014-02-06 10:10:59 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll

2014-02-06 10:10:59 ----A---- C:\Windows\SYSWOW64\d3d10core.dll

2014-02-06 10:10:59 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll

2014-02-06 10:10:59 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll

2014-02-06 10:10:59 ----A---- C:\Windows\SYSWOW64\d3d10.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\XpsPrint.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\XpsGdiConverter.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\UIAnimation.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\msmpeg2vdec.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\FntCache.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\dxgi.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\DWrite.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\d3d10level9.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\d3d10core.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\d3d10_1core.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\d3d10_1.dll

2014-02-06 10:10:59 ----A---- C:\Windows\system32\d3d10.dll

2014-02-06 09:56:49 ----A---- C:\Windows\system32\drivers\WUDFRd.sys

2014-02-06 09:56:49 ----A---- C:\Windows\system32\drivers\WUDFPf.sys

2014-02-06 09:56:48 ----A---- C:\Windows\system32\WUDFx.dll

2014-02-06 09:56:48 ----A---- C:\Windows\system32\WUDFSvc.dll

2014-02-06 09:56:48 ----A---- C:\Windows\system32\WUDFPlatform.dll

2014-02-06 09:56:48 ----A---- C:\Windows\system32\WUDFHost.exe

2014-02-06 09:56:48 ----A---- C:\Windows\system32\WUDFCoinstaller.dll

======List of files/folders modified in the last 1 month======

2014-03-02 18:31:46 ----D---- C:\Windows\Prefetch

2014-03-02 18:31:39 ----RD---- C:\Program Files

2014-03-02 18:31:31 ----D---- C:\Windows\Temp

2014-03-02 18:29:13 ----D---- C:\ProgramData\Norton

2014-03-02 17:09:15 ----D---- C:\Users\sim\AppData\Roaming\Spotify

2014-03-02 09:34:50 ----D---- C:\Windows\system32\config

2014-03-01 23:45:16 ----D---- C:\Windows\system32\Tasks

2014-03-01 19:33:52 ----D---- C:\Windows\Microsoft.NET

2014-03-01 19:19:19 ----SHD---- C:\System Volume Information

2014-03-01 19:18:14 ----HD---- C:\ProgramData

2014-03-01 19:18:02 ----D---- C:\Windows\system32\drivers

2014-03-01 19:17:51 ----A---- C:\Windows\SYSWOW64\log.txt

2014-03-01 19:14:34 ----RD---- C:\Program Files (x86)

2014-03-01 18:36:02 ----D---- C:\Windows\System32

2014-03-01 18:36:02 ----D---- C:\Windows\inf

2014-03-01 18:36:02 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-03-01 18:04:19 ----SHD---- C:\Windows\Installer

2014-03-01 18:01:17 ----D---- C:\Windows\SysWOW64

2014-02-28 17:37:31 ----SD---- C:\Users\sim\AppData\Roaming\Microsoft

2014-02-28 13:26:20 ----D---- C:\Windows\Logs

2014-02-28 12:37:38 ----D---- C:\Windows\winsxs

2014-02-28 12:36:54 ----D---- C:\Windows

2014-02-28 12:36:06 ----D---- C:\Program Files (x86)\Internet Explorer

2014-02-28 12:36:05 ----D---- C:\Program Files\Internet Explorer

2014-02-28 12:26:16 ----RSD---- C:\Windows\assembly

2014-02-28 12:23:10 ----D---- C:\Windows\SYSWOW64\en-US

2014-02-28 12:23:09 ----D---- C:\Windows\system32\en-US

2014-02-28 12:22:59 ----SD---- C:\ProgramData\Microsoft

2014-02-28 12:21:45 ----D---- C:\Windows\system32\catroot

2014-02-28 12:21:07 ----D---- C:\Windows\system32\catroot2

2014-02-28 12:16:03 ----D---- C:\Windows\Tasks

2014-02-28 12:16:03 ----D---- C:\Windows\system32\wfp

2014-02-28 12:15:55 ----D---- C:\Windows\system32\wbem

2014-02-28 12:15:00 ----D---- C:\Windows\SYSWOW64\wbem

2014-02-28 12:15:00 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-02-28 12:15:00 ----D---- C:\Windows\SYSWOW64\migration

2014-02-28 12:15:00 ----D---- C:\Windows\SYSWOW64\fr-FR

2014-02-28 12:15:00 ----D---- C:\Windows\system32\nl-NL

2014-02-28 12:15:00 ----D---- C:\Windows\system32\migration

2014-02-28 12:15:00 ----D---- C:\Windows\system32\fr-FR

2014-02-28 12:15:00 ----D---- C:\Windows\PolicyDefinitions

2014-02-28 12:13:49 ----D---- C:\Windows\system32\Macromed

2014-02-28 12:13:49 ----D---- C:\Windows\system32\DriverStore

2014-02-28 12:13:48 ----D---- C:\Windows\system32\drivers\NISx64

2014-02-28 12:13:48 ----D---- C:\Windows\system32\CodeIntegrity

2014-02-28 12:13:39 ----D---- C:\Windows\rescache

2014-02-28 12:13:36 ----D---- C:\Windows\AppCompat

2014-02-28 12:13:35 ----D---- C:\Users\sim\AppData\Roaming\ICAClient

2014-02-28 12:13:11 ----D---- C:\ProgramData\McAfee Security Scan

2014-02-28 12:13:04 ----D---- C:\Program Files\Common Files\Symantec Shared

2014-02-28 12:13:04 ----D---- C:\Program Files\Common Files\Microsoft Shared

2014-02-28 12:13:04 ----D---- C:\Program Files\Common Files

2014-02-28 12:11:22 ----D---- C:\Windows\registration

2014-02-28 12:09:44 ----D---- C:\Windows\system32\wdi

2014-02-28 12:09:17 ----D---- C:\Windows\Speech

2014-02-28 12:09:09 ----D---- C:\Windows\servicing

2014-02-28 12:08:57 ----D---- C:\Windows\ehome

2014-02-28 12:08:16 ----D---- C:\Program Files\Windows Sidebar

2014-02-28 12:08:09 ----D---- C:\Program Files\Common Files\System

2014-02-28 12:08:02 ----D---- C:\Program Files (x86)\Windows Sidebar

2014-02-28 12:07:53 ----D---- C:\Program Files (x86)\NortonInstaller

2014-02-28 12:07:36 ----D---- C:\Program Files (x86)\Common Files

2014-02-28 11:18:50 ----D---- C:\ProgramData\NortonInstaller

2014-02-26 22:06:50 ----D---- C:\Windows\fr-FR

2014-02-26 22:06:11 ----D---- C:\Windows\en-US

2014-02-26 21:27:24 ----D---- C:\Program Files (x86)\Microsoft

2014-02-26 21:14:27 ----D---- C:\Windows\debug

2014-02-25 05:21:37 ----D---- C:\Windows\Panther

2014-02-23 03:32:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2014-02-23 03:29:31 ----D---- C:\Program Files\Windows Mail

2014-02-23 03:29:31 ----D---- C:\Program Files (x86)\Windows Photo Viewer

2014-02-23 03:29:31 ----D---- C:\Program Files (x86)\Windows Media Player

2014-02-23 03:29:31 ----D---- C:\Program Files (x86)\Windows Mail

2014-02-23 03:29:31 ----D---- C:\Program Files (x86)\Windows Defender

2014-02-23 03:29:30 ----D---- C:\Program Files\Windows Photo Viewer

2014-02-23 03:29:30 ----D---- C:\Program Files\Windows Media Player

2014-02-23 03:29:30 ----D---- C:\Program Files\Windows Defender

2014-02-23 03:29:30 ----D---- C:\Program Files\DVD Maker

2014-02-23 03:29:29 ----D---- C:\Windows\SYSWOW64\winrm

2014-02-23 03:29:29 ----D---- C:\Windows\SYSWOW64\oobe

2014-02-23 03:29:29 ----D---- C:\Windows\SYSWOW64\migwiz

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\XPSViewer

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\WCN

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\sysprep

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\slmgr

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\Setup

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\MUI

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\DriverStore

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\drivers\UMDF

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\drivers

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\Dism

2014-02-23 03:29:25 ----D---- C:\Windows\SYSWOW64\com

2014-02-23 03:29:25 ----D---- C:\Windows\system32\winrm

2014-02-23 03:29:25 ----D---- C:\Windows\system32\oobe

2014-02-23 03:29:25 ----D---- C:\Windows\system32\migwiz

2014-02-23 03:29:23 ----D---- C:\Windows\system32\WCN

2014-02-23 03:29:23 ----D---- C:\Windows\system32\sysprep

2014-02-23 03:29:23 ----D---- C:\Windows\system32\slmgr

2014-02-23 03:29:23 ----D---- C:\Windows\system32\Setup

2014-02-23 03:29:23 ----D---- C:\Windows\system32\MUI

2014-02-23 03:29:23 ----D---- C:\Windows\system32\drivers\UMDF

2014-02-23 03:29:23 ----D---- C:\Windows\system32\Dism

2014-02-23 03:29:23 ----D---- C:\Windows\system32\Boot

2014-02-23 03:29:22 ----D---- C:\Windows\system32\Printing_Admin_Scripts

2014-02-23 03:29:21 ----D---- C:\Windows\system32\com

2014-02-22 20:30:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-02-09 19:50:57 ----D---- C:\Windows\AppPatch

2014-02-09 19:50:49 ----RSD---- C:\Windows\Fonts

2014-02-09 19:50:49 ----D---- C:\Windows\system32\drivers\nl-NL

2014-02-09 19:50:25 ----D---- C:\Windows\SYSWOW64\de-DE

2014-02-09 19:50:18 ----D---- C:\Windows\system32\de-DE

2014-02-09 19:50:06 ----D---- C:\Windows\SYSWOW64\pt-BR

2014-02-09 19:50:06 ----D---- C:\Windows\SYSWOW64\it-IT

2014-02-09 19:50:05 ----D---- C:\Windows\SYSWOW64\pt-PT

2014-02-09 19:50:05 ----D---- C:\Windows\SYSWOW64\pl-PL

2014-02-09 19:50:05 ----D---- C:\Windows\SYSWOW64\ko-KR

2014-02-09 19:50:04 ----D---- C:\Windows\SYSWOW64\zh-HK

2014-02-09 19:50:04 ----D---- C:\Windows\SYSWOW64\hu-HU

2014-02-09 19:50:04 ----D---- C:\Windows\SYSWOW64\el-GR

2014-02-09 19:50:03 ----D---- C:\Windows\SYSWOW64\zh-TW

2014-02-09 19:50:03 ----D---- C:\Windows\SYSWOW64\tr-TR

2014-02-09 19:50:03 ----D---- C:\Windows\SYSWOW64\sv-SE

2014-02-09 19:50:03 ----D---- C:\Windows\SYSWOW64\fi-FI

2014-02-09 19:50:03 ----D---- C:\Windows\SYSWOW64\es-ES

2014-02-09 19:50:02 ----D---- C:\Windows\SYSWOW64\zh-CN

2014-02-09 19:50:02 ----D---- C:\Windows\SYSWOW64\ja-JP

2014-02-09 19:50:02 ----D---- C:\Windows\SYSWOW64\cs-CZ

2014-02-09 19:50:01 ----D---- C:\Windows\SYSWOW64\ru-RU

2014-02-09 19:50:01 ----D---- C:\Windows\SYSWOW64\nb-NO

2014-02-09 19:50:00 ----D---- C:\Windows\SYSWOW64\da-DK

2014-02-09 19:49:57 ----D---- C:\Windows\system32\pt-PT

2014-02-09 19:49:57 ----D---- C:\Windows\system32\pt-BR

2014-02-09 19:49:57 ----D---- C:\Windows\system32\it-IT

2014-02-09 19:49:56 ----D---- C:\Windows\system32\zh-HK

2014-02-09 19:49:56 ----D---- C:\Windows\system32\pl-PL

2014-02-09 19:49:56 ----D---- C:\Windows\system32\ko-KR

2014-02-09 19:49:56 ----D---- C:\Windows\system32\hu-HU

2014-02-09 19:49:56 ----D---- C:\Windows\system32\el-GR

2014-02-09 19:49:54 ----D---- C:\Windows\system32\tr-TR

2014-02-09 19:49:54 ----D---- C:\Windows\system32\fi-FI

2014-02-09 19:49:53 ----D---- C:\Windows\system32\zh-TW

2014-02-09 19:49:53 ----D---- C:\Windows\system32\sv-SE

2014-02-09 19:49:53 ----D---- C:\Windows\system32\es-ES

2014-02-09 19:49:51 ----D---- C:\Windows\system32\zh-CN

2014-02-09 19:49:51 ----D---- C:\Windows\system32\ru-RU

2014-02-09 19:49:51 ----D---- C:\Windows\system32\nb-NO

2014-02-09 19:49:51 ----D---- C:\Windows\system32\ja-JP

2014-02-09 19:49:51 ----D---- C:\Windows\system32\cs-CZ

2014-02-09 19:49:50 ----D---- C:\Windows\system32\da-DK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-27 30008]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]

R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAVx64\1501010.007\SYMDS64.SYS [2013-09-10 493656]

R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAVx64\1501010.007\SYMEFA64.SYS [2013-09-27 1147480]

R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.1.7\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [2014-02-14 1526488]

R1 ccSet_NAV;NAV Settings Manager; C:\Windows\system32\drivers\NAVx64\1501010.007\ccSetx64.sys [2013-09-26 162392]

R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NSTx64\7DE06060.003\ccSetx64.sys [2013-09-27 162392]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-02-28 484952]

R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.1.7\Definitions\IPSDefs\20140228.001\IDSvia64.sys [2014-02-28 521944]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1501010.007\SRTSPX64.SYS [2014-02-11 36952]

R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1501010.007\Ironx64.SYS [2013-09-27 264280]

R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NAVx64\1501010.007\SYMNETS.SYS [2013-09-26 590936]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-27 43320]

R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-02-22 351864]

R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2011-06-16 133160]

R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-06-06 4729408]

R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]

R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

R3 btwampfl;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-06-15 620584]

R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-06-15 165416]

R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2011-06-15 178728]

R3 BTWDPAN;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\btwdpan.sys [2011-05-21 89640]

R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-02-14 39976]

R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-06-15 21544]

R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-04-15 12228128]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-03-23 77936]

R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.1.7\Definitions\VirusDefs\20140301.008\ENG64.SYS [2014-02-28 126040]

R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.1.7\Definitions\VirusDefs\20140301.008\EX64.SYS [2014-02-28 2099288]

R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NAVx64\1501010.007\SRTSP64.SYS [2014-02-11 875736]

R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-05-27 528384]

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-03-01 177752]

R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]

S1 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NISx64\1300000.080\ccSetx64.sys [2011-05-23 165512]

S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-25 337512]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]

S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-06-17 1083680]

R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]

R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-05-21 103992]

R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-27 30520]

R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-04-08 26680]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]

R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-08 2375168]

R2 jhi_service;Intel® Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-22 326168]

R2 MgAssistService;MgAssist Service; C:\Program Files (x86)\Mobogenie\MgAssist.exe [2014-02-23 63168]

R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\NAV.exe [2014-02-12 262968]

R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\NST.exe [2014-02-07 130104]

R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-05-27 301568]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]

R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-05-21 818232]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-05-06 263496]

S2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe /s NIS /m C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\diMaster.dll /prefetch:1 []

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-22 257928]

S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 289256]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-17 118896]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-09 1255736]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

kape · 3 maart 2014

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {ae07101b-46d4-4a98-af68-0333ea26e113};c
 mobilegeni daemon;s
 C:\Program Files (x86)\Mobogenie;fs
 NextLive;s
 C:\Users\sim\AppData\Roaming\newnext.me;fs
 MgAssistService;s
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
 "NextLive"=-;r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
 ""=-;r64
 "mobilegeni daemon"=-;r64
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r64
 "AppInit_DLLs"=-;r64
 C:\Program Files (x86)\Optimizer Pro;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

Klik op de knop "Options" en vink nu de onderstaande opties aan.
Do a Quick Scan
Shortcut Fix
Auto Clean
De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.

minorthief · 3 maart 2014

Zoek.exe v5.0.0.0 Updated 02-March-2014

Tool run by sim on ma 03/03/2014 at 17:29:23,24.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\sim\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

===== Runcheck 17:30:25,54 =====

--- Create Environment Variables 17:30:26,80

--- Create System Restore Point 17:30:33,01

--- Checking Input 17:30:43,62

--- AU AppData Check 17:30:48,41

--- Remove From Windows Installer 17:30:51,36

- - - Updated - - -

Zoek.exe v5.0.0.0 Updated 02-March-2014

Tool run by sim on ma 03/03/2014 at 17:29:23,24.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\sim\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

===== Runcheck 17:30:25,54 =====

--- Create Environment Variables 17:30:26,80

--- Create System Restore Point 17:30:33,01

--- Checking Input 17:30:43,62

--- AU AppData Check 17:30:48,41

--- Remove From Windows Installer 17:30:51,36

--- Empty Folders Check 17:32:03,43

--- IE Startpage Check 17:32:10,23

--- Program Files DB Check 17:32:33,68

--- C:\Users\Default\AppData\Roaming DB Check 17:33:12,63

--- C:\Users\sim\AppData\Roaming DB Check 17:33:12,63

--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 17:33:12,63

--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 17:33:12,63

--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 17:33:12,63

--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 17:33:12,63

--- C:\Users\sim DB Check 17:34:42,31

--- C:\PROGRA~3 DB Check 17:34:58,09

--- C:\Users\Default\AppData\Local DB Check 17:34:58,98

--- C:\Users\sim\AppData\Local DB Check 17:34:58,98

--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 17:34:58,98

--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 17:34:58,98

--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 17:34:58,98

--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 17:34:58,98

minorthief · 3 maart 2014

Zoek.exe v5.0.0.0 Updated 02-March-2014

Tool run by sim on ma 03/03/2014 at 17:29:23,24.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\sim\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

3/03/2014 17:30:42 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Optimizer Pro deleted successfully

C:\PROGRA~3\Oracle deleted successfully

C:\PROGRA~3\PCSettings deleted successfully

C:\Users\sim\AppData\Local\cache deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1933604204-4146692755-548367785-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully

HKEY_USERS\S-1-5-21-1933604204-4146692755-548367785-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MgAssistService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MgAssistService deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\sim\AppData\Roaming\Mozilla\Firefox\Profiles\xf7f1gkq.default

user.js not found

---- Lines snapdo removed from prefs.js ----

user_pref("keyword.URL", "http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searcht

---- Lines Web Search removed from prefs.js ----

user_pref("browser.search.defaultenginename", "Web Search");

user_pref("browser.search.selectedEngine", "Web Search");

---- FireFox user.js and prefs.js backups ----

prefs_20140303_1739_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"NextLive"=-

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

""=-

"mobilegeni daemon"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Optimizer Pro not found

C:\Users\sim\AppData\Roaming\newnext.me deleted

C:\PROGRA~3\eSellerate deleted

C:\Users\sim\AppData\Local\genienext deleted

C:\Users\sim\.android deleted

C:\Users\sim\AppData\Local\Mobogenie deleted

C:\Users\sim\Downloads\SoftonicDownloader_voor_google-sketchup.exe deleted

C:\Users\sim\Documents\Mobogenie deleted

C:\Users\sim\AppData\Roaming\Mozilla\Firefox\Profiles\xf7f1gkq.default\searchplugins\Web Search.xml deleted

"C:\Users\sim\daemonprocess.txt" deleted

"C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" deleted

"C:\Program Files (x86)\Mobogenie\Device.dll" deleted

"C:\Program Files (x86)\Mobogenie\msvcp100.dll" deleted

"C:\Program Files (x86)\Mobogenie\msvcr100.dll" deleted

"C:\Program Files (x86)\Mobogenie\QtCore4.dll" deleted

"C:\Program Files (x86)\Mobogenie\QtGui4.dll" deleted

"C:\Program Files (x86)\Mobogenie\QtNetwork4.dll" deleted

"C:\Program Files (x86)\Mobogenie\QtSql4.dll" deleted

"C:\Program Files (x86)\Mobogenie\QtWebKit4.dll" deleted

"C:\PROGRA~2\Mobogenie\DaemonProcess.exe" deleted

"C:\PROGRA~2\Mobogenie\Device.dll" deleted

"C:\PROGRA~2\Mobogenie\msvcp100.dll" deleted

"C:\PROGRA~2\Mobogenie\msvcr100.dll" deleted

"C:\PROGRA~2\Mobogenie\QtCore4.dll" deleted

"C:\PROGRA~2\Mobogenie\QtGui4.dll" deleted

"C:\PROGRA~2\Mobogenie\QtNetwork4.dll" deleted

"C:\PROGRA~2\Mobogenie\QtSql4.dll" deleted

"C:\PROGRA~2\Mobogenie\QtWebKit4.dll" deleted

"C:\Program Files (x86)\Mobogenie" deleted

"C:\PROGRA~2\Mobogenie" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-02-13 19:43:16 127AA81343A7C6F665C22CB1293B0A90 67072 ----a-w- C:\Windows\splwow64.exe

====== C:\Users\sim\AppData\Local\Temp ====

====== Java Cache =====

2014-02-26 20:21:54 1259A0E46B9F2F49AEE7C6190E2EAABD 37 ----a-w- C:\Users\sim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\2a38abd1-6.0.lap

2014-02-23 22:03:52 134511B64EF274A4F0F88820CFFE128C 99 ----a-w- C:\Users\sim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap

2014-02-26 20:21:21 7A782BFEDD54CC7D95D98CBD29685A68 37 ----a-w- C:\Users\sim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\6029af97-6.0.lap

2014-02-28 10:58:22 B3AFA41D61FA37D0A38B42ECF0E15ABD 37 ----a-w- C:\Users\sim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\27719521-6.0.lap

2014-02-26 20:21:56 FAC4064A81446A9646541D0559602754 37 ----a-w- C:\Users\sim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\39c013e1-6.0.lap

2014-02-23 21:39:17 8A1E1D15C0068D47E5B12649FA21ED3E 94 ----a-w- C:\Users\sim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\2578a4ea-6.0.lap

2014-03-02 18:21:46 EFE76A7DF7ED0C21CE086CC61B4DE977 227748 ----a-w- C:\Users\sim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\723def-31f214e6

2014-03-01 17:42:18 EFE76A7DF7ED0C21CE086CC61B4DE977 227748 ----a-w- C:\Users\sim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\723def-4dea5094

2014-02-28 12:14:30 B6302C0AC74B1E8F69C3A5CBC3A3CA1D 37 ----a-w- C:\Users\sim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\444f027d-6.0.lap

2014-02-19 18:30:32 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\sim\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7\6619ee07-543a389c

====== C:\Windows\SysWOW64 =====

2014-02-28 11:25:32 5261884D2F3BB0B6A2D775AC49F107B9 1643448 ----a-w- C:\Windows\SysWOW64\PerfStringBackup.INI

2014-02-28 11:21:38 3D485254E43EF4E4F707346B5731EA9A 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-02-28 11:20:33 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-02-28 11:20:33 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-02-28 11:20:32 85AC8EB265EDCAD86D651D45C5E3AB83 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-02-28 11:20:29 C9D1131E2163CE932DF3EAAF0EEA3673 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-02-28 11:20:29 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-02-28 11:20:29 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-02-28 11:20:29 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-02-28 11:20:29 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-02-28 11:20:28 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-02-28 11:20:28 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-02-28 11:20:28 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-02-28 11:20:27 9C89246184979A070B0C6CCF61C68136 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-02-28 11:20:27 34CBED7698D557DDB43F8732FBC2ACB9 2168320 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-02-28 11:20:26 5D9DC6332A4FC66388B09BBE7CF53750 1156096 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-02-28 11:20:26 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-02-28 11:20:25 79FA7D8B488F90EDE325963379A6F738 11266048 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-02-28 11:20:24 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-02-28 11:20:23 99280392987A1A96C756A9F38C4CE396 4244480 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-02-23 02:01:23 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\SysWOW64\elshyph.dll

2014-02-23 02:01:13 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-02-23 02:01:13 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\SysWOW64\ieuinit.inf

2014-02-23 02:01:13 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll

2014-02-23 02:01:13 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\SysWOW64\inseng.dll

2014-02-23 02:01:13 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\SysWOW64\html.iec

2014-02-23 02:01:13 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\SysWOW64\url.dll

2014-02-23 02:01:13 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2014-02-23 02:01:13 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-02-23 02:01:13 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat

2014-02-23 02:01:13 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll

2014-02-23 02:01:13 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe

2014-02-23 02:01:13 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\SysWOW64\licmgr10.dll

2014-02-23 02:01:13 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\SysWOW64\tdc.ocx

2014-02-23 02:01:13 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\SysWOW64\jsIntl.dll

2014-02-23 02:01:13 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe

2014-02-23 02:01:13 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe

2014-02-23 02:01:13 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2014-02-23 02:01:13 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\SysWOW64\jscript.dll

2014-02-23 02:01:13 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\SysWOW64\imgutil.dll

2014-02-23 02:01:13 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe

2014-02-23 02:01:13 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2014-02-23 02:01:13 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2014-02-23 02:01:13 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2014-02-23 02:01:13 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll

2014-02-23 02:01:13 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe

2014-02-23 02:01:13 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll

2014-02-23 02:01:13 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\SysWOW64\pngfilt.dll

2014-02-23 02:01:13 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2014-02-23 02:01:13 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\SysWOW64\msls31.dll

2014-02-23 02:01:13 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\SysWOW64\iepeers.dll

2014-02-23 02:01:13 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\SysWOW64\occache.dll

2014-02-23 02:01:13 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2014-02-23 02:01:13 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\SysWOW64\webcheck.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-03-01 11:52:45 44FE8331D96E0C975B5AD76E19F4A3CC 88567024 ----a-w- C:\Windows\Sysnative\MRT.exe

2014-02-28 11:21:38 F67C7D80745379DC4C5332EFFE5AC696 548864 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-02-28 11:20:33 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-02-28 11:20:32 63B5E990896BA81D604032A48CC80A5C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-02-28 11:20:32 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-02-28 11:20:30 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-02-28 11:20:30 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-02-28 11:20:30 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-02-28 11:20:29 CDE728C8FB1D6E132CED44835FA44C87 627200 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-02-28 11:20:29 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-02-28 11:20:29 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-02-28 11:20:29 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-02-28 11:20:28 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-02-28 11:20:28 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-02-28 11:20:28 D016F5092E4FFC41147E8555A71D2DDE 23170048 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-02-28 11:20:28 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-02-28 11:20:27 F348B2D0983C91392632B4291C517AA4 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-02-28 11:20:27 6300AD525D639CECBB3D144B6D7B30F9 2765824 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-02-28 11:20:26 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-02-28 11:20:26 263B6E451526A90FF8B1CEC759F22956 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-02-28 11:20:26 22874047B810B5B174C68ACD7C0B6510 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-02-28 11:20:25 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-02-28 11:20:23 5922EEA922D3AD686342F866CAEE851F 5768704 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-02-23 02:13:29 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\Sysnative\IEUDINIT.EXE

2014-02-23 02:01:23 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2014-02-23 02:01:13 FD61D51199F3FC9EB0023FBF405EAAD0 147968 ----a-w- C:\Windows\Sysnative\occache.dll

2014-02-23 02:01:13 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\Sysnative\ieuinit.inf

2014-02-23 02:01:13 F00AE7B953ABEF1B53FBBA187DFC8238 243200 ----a-w- C:\Windows\Sysnative\webcheck.dll

2014-02-23 02:01:13 EE10AB99A480875E012CA339EC48F02B 1228800 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2014-02-23 02:01:13 E70D4270C43CE6C46841B684315B9EFF 62464 ----a-w- C:\Windows\Sysnative\pngfilt.dll

2014-02-23 02:01:13 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\Sysnative\msfeedssync.exe

2014-02-23 02:01:13 D6C88A6094D1FDAC56A186BBD7F06357 40448 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2014-02-23 02:01:13 D31AE751B6DACAFD0D7CC99EAE9606C2 131072 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll

2014-02-23 02:01:13 CE8831D2DCB5803A4CBC8EDCCBBC2A05 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx

2014-02-23 02:01:13 C92173481A58935BE15172079CF122B8 235520 ----a-w- C:\Windows\Sysnative\url.dll

2014-02-23 02:01:13 C6ECA2F7A1B189025171E6A29F2605AA 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2014-02-23 02:01:13 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\Sysnative\ieapfltr.dat

2014-02-23 02:01:13 BB6DEAFAC5F0AAEC37FEAF3F3AA48347 774144 ----a-w- C:\Windows\Sysnative\jscript.dll

2014-02-23 02:01:13 ADA5C3D49A12CED9F07913DC00E547A8 48128 ----a-w- C:\Windows\Sysnative\imgutil.dll

2014-02-23 02:01:13 9870EC900829595D191BB03C6C48B479 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2014-02-23 02:01:13 9675B272086CF5D22B83B541FAA8D4EA 30208 ----a-w- C:\Windows\Sysnative\licmgr10.dll

2014-02-23 02:01:13 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\Sysnative\mshta.exe

2014-02-23 02:01:13 8F7FBD0177F79727CF945ABDA657A0AC 235008 ----a-w- C:\Windows\Sysnative\elshyph.dll

2014-02-23 02:01:13 77FBE2E014EFB93FD037FA33AB8C7D6E 263376 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2014-02-23 02:01:13 6F1AF8E1206E92256459E3012C20472A 942592 ----a-w- C:\Windows\Sysnative\jsIntl.dll

2014-02-23 02:01:13 68899208A26E4522D25DBA87FF2E98D1 84992 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2014-02-23 02:01:13 5BBDBE5EBB49EA7C76A2EE7490A45D68 101376 ----a-w- C:\Windows\Sysnative\inseng.dll

2014-02-23 02:01:13 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe

2014-02-23 02:01:13 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe

2014-02-23 02:01:13 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe

2014-02-23 02:01:13 3A4FD19F13F8809BA08E9F76C0E38832 413696 ----a-w- C:\Windows\Sysnative\html.iec

2014-02-23 02:01:13 2EBD0C5B090125AECF017C57344C45AB 247808 ----a-w- C:\Windows\Sysnative\msls31.dll

2014-02-23 02:01:13 2405D24AA28CCC4CC7E0CC0AE008746F 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll

2014-02-23 02:01:13 1FCBE949A67939ADEAE7279E423AA684 135680 ----a-w- C:\Windows\Sysnative\iepeers.dll

2014-02-23 02:01:13 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\Sysnative\wextract.exe

2014-02-23 02:01:13 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 105984 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2014-02-23 02:01:13 0A9D5716CB1F3AFA73703F39647BB8C2 81408 ----a-w- C:\Windows\Sysnative\icardie.dll

2014-02-23 02:01:13 038ABC9BCC86DFF9E181D44E43E2CEBA 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll

2014-02-23 02:01:13 0134898497B6C6CD50F7FC5DE85712A6 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll

====== C:\Windows\Sysnative\drivers =====

2014-02-06 09:15:36 F188B7394D81010767B6DF3178519A37 80384 ----a-w- C:\Windows\Sysnative\drivers\BTHUSB.SYS

2014-02-06 09:15:36 738D0E9272F59EB7A1449C3EC118E6C4 552960 ----a-w- C:\Windows\Sysnative\drivers\bthport.sys

2014-02-06 08:56:49 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys

2014-02-06 08:56:49 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys

2014-02-06 08:56:48 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-03-02 17:31:39 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-02-23 10:46:31 -------- d-----w- C:\PROGRA~2\QuickTime

2014-02-23 10:45:53 -------- d-----w- C:\PROGRA~2\COMMON~1\Apple

2014-02-23 10:45:38 -------- d-----w- C:\PROGRA~2\Apple Software Update

======= C: =====

====== C:\Users\sim\AppData\Roaming ======

2014-02-23 21:43:16 -------- d-----w- C:\Users\sim\AppData\Local\Programs

2014-02-23 10:55:39 -------- d-----w- C:\Users\sim\AppData\Roaming\Apple Computer

2014-02-23 10:53:29 -------- d-----w- C:\Users\sim\AppData\Local\Apple Computer

2014-02-23 10:45:40 -------- d-----w- C:\Users\sim\AppData\Local\Apple

2014-02-23 10:45:22 -------- d-----w- C:\Users\sim\AppData\Locallow\Apple Computer

2014-02-23 10:14:53 -------- d-----w- C:\Users\sim\AppData\Local\Windows Live

2014-02-18 17:43:21 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft

2014-02-11 12:31:48 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\CrashDumps

2014-02-09 18:38:14 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft

2014-02-02 21:44:41 -------- d-----w- C:\Users\sim\AppData\Roaming\Hewlett-Packard

====== C:\Users\sim ======

2014-03-02 17:30:55 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\sim\Downloads\RSITx64.exe

2014-03-01 18:18:14 -------- d-----w- C:\ProgramData\NCOTEMP

2014-03-01 17:45:48 CECF7E3A34734EF243EF9308A36ECECB 1021920 ----a-w- C:\Users\sim\Downloads\NAVDownloader.exe

2014-02-23 10:46:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2014-02-23 10:46:31 -------- d-----w- C:\ProgramData\Apple Computer

2014-02-23 10:45:38 -------- d-----w- C:\ProgramData\Apple

2014-02-23 10:44:57 5C863BA913A83EA4A5BB821C42D58FD4 41404760 ----a-w- C:\Users\sim\Downloads\QuickTimeInstaller.exe

====== C: exe-files ==

2014-03-02 17:31:40 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\sim.exe

2014-03-02 17:30:55 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\sim\Downloads\RSITx64.exe

2014-03-01 17:45:48 CECF7E3A34734EF243EF9308A36ECECB 1021920 ----a-w- C:\Users\sim\Downloads\NAVDownloader.exe

2014-03-01 11:52:45 44FE8331D96E0C975B5AD76E19F4A3CC 88567024 ----a-w- C:\Windows\System32\MRT.exe

2014-02-28 11:20:30 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-02-28 11:20:29 AFAB9B381886ABE3490689B7633A858F 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-02-28 11:20:29 9E8F9FDD407DDE997965EEFD9E635CCF 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-02-28 11:20:29 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-02-28 11:20:29 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-02-28 11:20:28 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-02-28 11:20:26 C6E1178294BDEAB1CACF50427688DF05 806104 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-02-28 11:20:26 4263F6C131E513CEA1AE82B5B81A4E1A 808152 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

=== C: other files ==

2014-03-01 18:18:08 0510396A957E9FD7205BA62D3CAE4528 162392 ----a-r- C:\Windows\System32\drivers\NSTx64\7DE06060.003\ccSetx64.sys

2014-03-01 18:15:32 F718A57D946EAC76EFCB351D74E269F4 875736 ----a-r- C:\Windows\System32\drivers\NAVx64\1501010.007\srtsp64.sys

2014-03-01 18:15:32 B18CE01B9C09C59422BA7C7064248B35 36952 ----a-r- C:\Windows\System32\drivers\NAVx64\1501010.007\srtspx64.sys

2014-03-01 18:15:32 78A2F073AD9EA5EBC04A70931EA36C9A 590936 ----a-r- C:\Windows\System32\drivers\NAVx64\1501010.007\symnets.sys

2014-03-01 18:15:32 5C9EE2303CA7F267665D75237862B39C 493656 ----a-r- C:\Windows\System32\drivers\NAVx64\1501010.007\SymDS64.sys

2014-03-01 18:15:32 48C2934683CBD06F662B088EEF49EF6A 264280 ----a-r- C:\Windows\System32\drivers\NAVx64\1501010.007\Ironx64.sys

2014-03-01 18:15:32 20F758E6339A16F97DD83389D582E09A 23568 ----a-r- C:\Windows\System32\drivers\NAVx64\1501010.007\SymELAM.sys

2014-03-01 18:15:32 08AF51153E441687130B759A8F6892ED 1147480 ----a-r- C:\Windows\System32\drivers\NAVx64\1501010.007\SymEFA64.sys

2014-03-01 18:15:32 0510396A957E9FD7205BA62D3CAE4528 162392 ----a-r- C:\Windows\System32\drivers\NAVx64\1501010.007\ccSetx64.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1933604204-4146692755-548367785-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Spotify"="C:\Users\sim\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"

"HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Spotify"="C:\Users\sim\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"Apoint"="C:\Program Files\Apoint2K\Apoint.exe"

"SetDefault"="C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Folders ======================

2012-06-06 15:45:06 836 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

2014-01-23 21:45:15 1931 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22/02/2014 20:30]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\WSCStub.exe"]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{EF9B72A1-935A-4F41-9B90-54067F471C81}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Analyzer" [C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Processor" [C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\SymErr.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{F04D2D30-776C-4d02-8627-8E4385ECA58D}"="C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.6.3\coFFPlgn" [01/03/2014 19:18]

==== Firefox Extensions ======================

ProfilePath: C:\Users\sim\AppData\Roaming\Mozilla\Firefox\Profiles\xf7f1gkq.default

- Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.1.7\IPSFF

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\sim\AppData\Roaming\Mozilla\Firefox\Profiles\xf7f1gkq.default

D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash

63EE2015B877A2E472CC59E05291AA39 - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll - McAfee Security Scanner +

855B79451ECF62602F20EB4D5C71F99B - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

9ED8AA7D69B73EFF77A6D18A2ACFB954 - C:\Users\sim\AppData\Roaming\Mozilla\plugins\npicaN.dll - Citrix ICA Client

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bopakagnckmlgajfccecajhnimjiiedh - No path found[]

hdhihajbmafmgilcciomnamcjfkdhikl - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[14/04/2011 08:21]

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\Extensions\Chrome.crx[]

nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Norton Identity Safe\Engine\2014.6.6.3\Exts\Chrome.crx[07/02/2014 01:42]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

"Search Page"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&q={searchTerms}&installDate=23/02/2014"

"Search Bar"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&q={searchTerms}&installDate=23/02/2014"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&q={searchTerms}&installDate=23/02/2014"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&q={searchTerms}&installDate=23/02/2014"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&q={searchTerms}&installDate=23/02/2014"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&q={searchTerms}&installDate=23/02/2014"

"SearchAssistant"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=73d19195-e75c-92d1-33a5-21e39c321788&searchtype=ds&q={searchTerms}&installDate=23/02/2014"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="https://www.google.be/"

"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1933604204-4146692755-548367785-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully

HKEY_USERS\S-1-5-21-1933604204-4146692755-548367785-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} deleted successfully

HKEY_USERS\S-1-5-21-1933604204-4146692755-548367785-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\sim\Desktop\Norton-installatiebestanden.lnk - C:\Users\Public\Downloads\Norton\{NAV211107-SHPD-FSD40014}

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Norton AntiVirus.lnk - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine64\21.1.1.7\uiStub.exe

C:\Users\Public\Desktop\SketchUp 8.lnk - C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe

==== shortcuts in Users Start Menu ======================

C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\sim\AppData\Roaming\Spotify\spotify.exe

C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Juniper Networks\Juniper Citrix Services Client\Uninstall.lnk - C:\Users\sim\AppData\Roaming\Juniper Networks\Juniper Citrix Services Client\uninstall.exe

C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton\Norton-installatiebestanden.lnk - C:\Users\Public\Downloads\Norton\{NAV211107-SHPD-FSD40014}

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk - C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\McUICnt.exe SecurityScanner.dll

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Verwijderen.lnk - C:\Program Files\McAfee Security Scan\uninstall.exe C:\Program Files\McAfee Security Scan\3.8.141\McAfee.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\LiveUpdate.lnk - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine64\21.1.1.7\uiStub.exe /lu

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\NBRT.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Norton AntiVirus.lnk - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine64\21.1.1.7\uiStub.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Support.lnk - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.1.1.7\symerr.exe /support

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Uninstall Norton AntiVirus.lnk - C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\8BACC656\21.1.1.7\InstStub.exe /X /shortcut

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe\Norton Identity Safe verwijderen.LNK -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Over QuickTime.lnk - C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\RichText.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk - C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\PictureViewer.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deïnstalleren.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk - C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\QTPlayer.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\sim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\sim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\sim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\sim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Recommended.LNK - C:\Program Files (x86)\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe

C:\Users\sim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\sim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\sim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\sim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live.LNK - C:\Program Files (x86)\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe

C:\Users\sim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\sim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\sim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\sim\AppData\Local\Mozilla\Firefox\Profiles\xf7f1gkq.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1277 folders=111 153461398 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\sim\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\sim\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 03/03/2014 at 17:48:31,77 ======================

kape · 3 maart 2014

Er zijn behoorlijk wat besmettingen van de PC gehaald. Lukt inloggen op die databank nu wel ?

minorthief · 3 maart 2014

Nee werkt nog niet, ik dubbelklik op de toepassing en er wordt iets gestart, ik zie een tijdlopertje gaan, maar uiteindelijk gebeurt er nix...

Norton geeft nu ook een foutmelding.

kape · 4 maart 2014

Welke foutmelding krijg je van Norton ?

minorthief · 4 maart 2014

Ik heb uiteindelijk herformateerd, alles werkt weer naar behoren, voorlopig toch .

toch bedankt voor de hulp !

Inloggen

inlog probleem epact software

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie