RSIT logje: grondige opschoning

[Asus]

Laptopje van een collega zijn eega meegekregen voor een opschoning ... 

 

Hieronder het RSIT-logje, alvast bedankt collega's !

 

Logfile of random's system information tool 1.10 (written by random/random)

Run by Sien at 2014-12-15 19:19:35

Microsoft® Windows Vista™ Home Premium  Service Pack 2

System drive C: has 77 GB (55%) free of 140 GB

Total RAM: 3069 MB (48% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:20:06, on 15/12/2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16575)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Dell\DellDock\DellDock.exe

C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe

C:\Windows\System32\WLTRAY.EXE

C:\Windows\WindowsMobile\wmdSync.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Windows\System32\wpcumi.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Windows\OEM02Mon.exe

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\Sien\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Users\Sien\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sien\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\explorer.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Sien\Desktop\RSIT.exe

C:\Program Files\trend micro\Sien.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.be/ig/dell?hl=nl&client=dell-row&channel=be&ibd=5080729

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3198785&CUI=UN61660094665317434

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

R3 - URLSearchHook: WhiteSmoke US Toolbar - {cce665dd-f6dd-4808-968e-eaec971f70ef} - C:\Program Files\WhiteSmoke_US\prxtbWhit.dll

O1 - Hosts: ::1 localhost

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll

O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: WhiteSmoke US - {cce665dd-f6dd-4808-968e-eaec971f70ef} - C:\Program Files\WhiteSmoke_US\prxtbWhit.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3 - Toolbar: WhiteSmoke US Toolbar - {cce665dd-f6dd-4808-968e-eaec971f70ef} - C:\Program Files\WhiteSmoke_US\prxtbWhit.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe

O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe

O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.133 Safari/534.16" -"http://www.ond.vlaanderen.be/dbo/projecten/venus/Venus_website/web-VENUS/Web/leerstijlentest/Algemeen/lst.dcr"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: AutorunsDisabled

O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe

O4 - Startup: Dropbox.lnk = C:\Users\Sien\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: AutorunsDisabled

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs:    C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe

O23 - Service: BasicScan Service - Unknown owner - C:\Program Files\BasicScan\basicscan.exe (file missing)

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: dlcg_device -   - C:\Windows\system32\dlcgcoms.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (file missing)

O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 13872 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe  

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job - C:\Windows\TEMP\{60371FBB-3B33-43F7-B237-F27CC0A17291}.exe  --uninstall=1 

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core.job - C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe  /c /nocrashserver 

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA.job - C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe  /ua /installsource scheduler 

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /c 

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core.job - C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe  /c 

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA.job - C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]

Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-05 462752]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

AVG Security Toolbar - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-09-28 3627032]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]

PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-11-01 806912]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]

CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cce665dd-f6dd-4808-968e-eaec971f70ef}]

WhiteSmoke US Toolbar - C:\Program Files\WhiteSmoke_US\prxtbWhit.dll [2011-05-09 176936]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-05 171424]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-11-01 806912]

{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

{cce665dd-f6dd-4808-968e-eaec971f70ef} - WhiteSmoke US Toolbar - C:\Program Files\WhiteSmoke_US\prxtbWhit.dll [2011-05-09 176936]

{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-09-28 3627032]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784]

"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-05-16 3444736]

"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]

"dellsupportcenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P dellsupportcenter []

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2516296]

"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]

"WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-12 43848]

"OEM02Mon.exe"=C:\Windows\OEM02Mon.exe [2007-12-03 36864]

"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-03-19 4971024]

"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2014-09-28 2640408]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2008-01-02 405504]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2014-01-17 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-02-21 152392]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"=C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-28 107912]

"Facebook Update"=C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-05 138096]

"MobileDocuments"=C:\Program Files\Common Files\Apple\Internet Services\ubd.exe []

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-05-08 18680424]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"=C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE [2008-08-06 447928]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

AutorunsDisabled

McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

 

C:\Users\Sien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

AutorunsDisabled

Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe

Dropbox.lnk - C:\Users\Sien\AppData\Roaming\Dropbox\bin\Dropbox.exe

OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="   C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]

C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-07-29 10536]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"LogonHoursAction"=2

"DontDisplayLogonHoursWarnings"=1

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"msacm.siren"=sirenacm.dll

"vidc.DIVX"=DivX.dll

"vidc.yv12"=yv12vfw.dll

"VIDC.XVID"=xvidvfw.dll

"msacm.ac3acm"=ac3acm.acm

"msacm.lameacm"=lameACM.acm

"VIDC.FFDS"=ff_vfw.dll

"vidc.VP60"=C:\Windows\system32\vp6vfw.dll

"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 month======

 

2014-12-15 19:19:36 ----D---- C:\Program Files\trend micro

2014-12-15 19:19:35 ----D---- C:\rsit

 

======List of files/folders modified in the last 1 month======

 

2014-12-15 19:19:36 ----D---- C:\Program Files

2014-12-15 19:19:31 ----D---- C:\Windows\Temp

2014-12-15 19:19:11 ----D---- C:\Windows\System32

2014-12-15 19:19:11 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-12-15 19:18:47 ----D---- C:\ProgramData\MFAData

2014-12-15 19:18:16 ----D---- C:\Users\Sien\AppData\Roaming\Dropbox

2014-12-15 19:14:07 ----D---- C:\Windows\inf

2014-12-14 18:50:24 ----D---- C:\ProgramData\CanonIJPLM

2014-12-14 18:47:49 ----D---- C:\Windows\Debug

2014-12-14 18:47:49 ----D---- C:\Windows

2014-12-14 18:35:05 ----HD---- C:\Windows\system32\GroupPolicyUsers

2014-12-14 18:31:58 ----SHD---- C:\$Recycle.Bin

2014-12-14 18:23:22 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-12-14 17:17:02 ----D---- C:\ProgramData\PCDr

2014-12-14 17:17:01 ----D---- C:\Program Files\My Dell

2014-12-14 17:16:38 ----D---- C:\Windows\system32\catroot

2014-12-14 17:16:27 ----D---- C:\Windows\system32\catroot2

2014-12-14 17:16:09 ----D---- C:\Windows\winsxs

2014-12-14 17:12:34 ----D---- C:\Windows\Prefetch

2014-12-14 16:51:02 ----SHD---- C:\Windows\Installer

2014-12-14 16:47:03 ----D---- C:\Windows\Tasks

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-11-25 149272]

R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-10-31 222520]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-10-01 102712]

R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-10 27448]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-02-12 277784]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-11-14 43840]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-01 691696]

R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-11-25 120600]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-11-25 210712]

R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-01-19 22808]

R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-10-31 176952]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-09-28 42784]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]

R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-27 32256]

R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-27 43520]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-27 37376]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]

R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-09-24 155136]

R3 BCM43XX;Stuurprogramma voor de Dell draadloze WLAN-kaart; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-05-16 1044984]

R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-21 45568]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2012-08-21 26840]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-03 986624]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-03 206848]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-06-25 7110880]

R3 OEM02Dev;Creative Camera OEM002 Driver; C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-12-03 235648]

R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-12-03 7424]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]

R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2008-01-02 330240]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-03 659968]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []

S3 amohfcxb;amohfcxb; C:\Windows\system32\drivers\amohfcxb.sys []

S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []

S3 dfg;dfg; C:\Windows\System32\DRIVERS\dfg.sys [2008-12-12 23552]

S3 dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]

S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]

S3 Dot4Scan;Stuurprogramma voor scannerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2008-01-19 10752]

S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 e1express;Stuurprogramma voor Intel® PRO/1000 PCI Express-netwerkverbinding; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]

S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS []

S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys []

S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []

S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]

S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]

S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]

S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]

S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]

S3 WinUSB;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2008-01-02 73728]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-02-23 3782672]

R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 dlcg_device;dlcg_device; C:\Windows\system32\dlcgcoms.exe [2006-12-08 537480]

R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2008-04-28 161048]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]

R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]

R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]

R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]

R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2008-01-02 102400]

R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-09-28 1820184]

R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]

R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-05-16 24064]

R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 553288]

S2 BasicScan Service;BasicScan Service; C:\Program Files\BasicScan\basicscan.exe C:\Program Files\BasicScan\basicscan.dll ihipudoye zovigori []

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28 107912]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-03-01 161384]

S2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter []

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14 267440]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]

S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [2008-07-29 16680]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28 107912]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 235696]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]

S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

 

-----------------EOF-----------------

 

 

 

 

[kape]

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java en download daar de correcte Java versie.

• Klik op "Gratis Java-download".
  
• Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
  
• Het bestand JavaSetup wordt aangeboden - kies hier voor "bestand opslaan".
  
• Sluit alle programma's die eventueel open zijn - zeker je web browser!
  
• Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  
• Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
  
• Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  
• Herhaal dit tot alle oudere versies verdwenen zijn.
  
• Na het verwijderen van alle oudere versies, herstart je pc.
  
• Klik vervolgens op JavaSetup om de nieuwste versie van Java te installeren.
  
• Vink de installatie van de Ask toolbar uit en ga dan verder met de installatie.
  

[kape]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
• Dubbelklik op Zoek.exe om de tool te starten.
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

{cce665dd-f6dd-4808-968e-eaec971f70ef};c
C:\Program Files\WhiteSmoke_US;fs
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac};c
{95B7759C-8C7F-4BF1-B163-73684A933233};c
C:\Program Files\AVG Secure Search;fs
{CCC7A320-B3CA-4199-B1A6-9F516DD69829};c
vProt;s
vToolbarUpdater18.1.9;s
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job;f
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cce665dd-f6dd-4808-968e-eaec971f70ef}];r
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
"vProt"=-;r
emptyfolderscheck;delete
startupall;
filesrcm;

• Klik op de knop "More options" en vink nu de onderstaande opties aan.
• Do a Deep Scan
• Auto Clean
• De optie "Scan All Users" staat standaard aangevinkt.
• Klik nu op de knop "Run script".
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
• Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

15 december 2014 aangepast door kape

[Asus]

 

Zoek.exe v5.0.0.0 Updated 14-December-2014

Tool run by Sien on di 16/12/2014 at  2:02:16,07.

Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Sien\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

 

==== System Restore Info ======================

 

16/12/2014 2:08:42 Zoek.exe System Restore Point Created Succesfully.

 

==== Empty Folders Check ======================

 

C:\Program Files\7-Zip deleted successfully

C:\Program Files\MSXML 4.0 deleted successfully

C:\Program Files\NOS deleted successfully

C:\Program Files\Common Files\SWF Studio deleted successfully

C:\PROGRA~2\CanonEPP deleted successfully

C:\PROGRA~2\CanonIJEPPEX2 deleted successfully

C:\PROGRA~2\NOS deleted successfully

C:\PROGRA~2\Oracle deleted successfully

C:\PROGRA~2\Origin deleted successfully

C:\PROGRA~2\Roxio deleted successfully

C:\Users\Sien\AppData\Roaming\Samsung deleted successfully

C:\Users\Sien\AppData\Roaming\tmp deleted successfully

C:\Users\Sien\AppData\Roaming\WhiteSmokeTranslator deleted successfully

C:\Users\Sien\AppData\Local\calibre-cache deleted successfully

 

==== Deleting CLSID Registry Keys ======================

 

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully

HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully

 

==== Deleting CLSID Registry Values ======================

 

HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{cce665dd-f6dd-4808-968e-eaec971f70ef} deleted successfully

HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{cce665dd-f6dd-4808-968e-eaec971f70ef} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{cce665dd-f6dd-4808-968e-eaec971f70ef} deleted successfully

 

==== Running Processes ======================

 

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\SLsvc.exe

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\System32\bcmwltry.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Dell\DellDock\DellDock.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe

C:\Windows\System32\WLTRAY.EXE

C:\Windows\WindowsMobile\wmdSync.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Windows\System32\wpcumi.exe

C:\Windows\OEM02Mon.exe

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG2014\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\dlcgcoms.exe

C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\STacSV.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\Sien\Desktop\zoek.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

 

==== Deleting Services ======================

 

 

==== Registry Fix Code ======================

 

Windows Registry Editor Version 5.00

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cce665dd-f6dd-4808-968e-eaec971f70ef}] 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 

"vProt"=- 

 

==== Deleting Files \ Folders ======================

 

C:\Program Files\AVG Secure Search not found

C:\Program Files\WhiteSmoke_US deleted

C:\Users\Sien\appdata\locallow\WhiteSmoke_US deleted

C:\Users\Gast\AppData\LocalLow\WhiteSmoke_US deleted

C:\Program Files\Uninstall Information\ib_uninst_0 deleted

C:\Program Files\Uninstall Information\ib_uninst_470 deleted

C:\Program Files\Common Files\DVDVideoSoft\bin deleted

C:\Program Files\WhiteSmokeTranslator deleted

C:\found.000 deleted

C:\found.001 deleted

C:\PROGRA~2\Mobistar Internet Everywhere deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteSmokeTranslator deleted

C:\Users\Gast\AppData\LocalLow\AVGTOOLBAR deleted

C:\Users\Gast\AppData\LocalLow\pdfcreator toolbar deleted

C:\Users\Sien\AppData\LocalLow\store-pp.jbs deleted

C:\Users\Sien\AppData\LocalLow\AVGTOOLBAR deleted

C:\Users\Sien\AppData\LocalLow\pdfcreator toolbar deleted

C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVGTOOLBAR deleted

C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted

C:\Windows\system32\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted

C:\Windows\system32\GroupPolicy\Machine deleted

C:\Windows\system32\GroupPolicy\User deleted

C:\Windows\system32\GroupPolicy\gpt.ini deleted

C:\Windows\System32\SETCB99.tmp deleted

"C:\ProgramData\c637c1aeb13e2fbfec5c9a999d45d65e_c" deleted

 

==== System Specs ======================

 

Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002)

Memory (RAM): 3070 MB

CPU Info: Intel® Core2 Duo CPU     T5750  @ 2.00GHz

CPU Speed: 1993,4 MHz

Sound Card: Luidsprekers / Koptelefoon (Sig | 

Digitaal uitgangapparaat (SPDIF | 

Display Adapters: NVIDIA GeForce 8600M GT | NVIDIA GeForce 8600M GT | RDPDD Chained DD | RDP Encoder Mirror Driver

Monitors: 1x; Algemeen PnP-beeldscherm | 

Screen Resolution: 1440 X 900 - 32 bit

Network: Network Present

Network Adapters: Dell draadloze 1395 WLAN Mini-kaart | Broadcom 440x 10/100 Integrated Controller

CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpDVD+-RW TS-L632H | F: EVWPQJ  KTYJ41278LIN

Ports: COM3 LPT Port NOT Present. 

Mouse: 2 Button Wheel Mouse Present

Hard Disks: C:  136,4GB | D:  10,0GB

Hard Disks - Free: C:  75,1GB | D:  5,4GB

Manufacturer *: Dell Inc.

BIOS Info: AT/AT COMPATIBLE | 04/21/08 | DELL   - 27d80415

Time Zone: Romance (standaardtijd)

Motherboard *: Dell Inc. 0UK437

Country: Belgi‰ 

Language: NLB 

 

==== System Specs (Software) ======================

 

Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)

Default Browser: Google Chrome 39.0.2171.95

Internet Explorer Version: 9.0.8112.16421 

Google Chrome version: 39.0.2171.95

Adobe Reader version: 10.1.13.16

Sun Java version: 1.7.0_71 (32-bit) 

Flash Player version: 15.0.0.246

Shockwave Player version: 11.0r465

 

==== Files Recently Created / Modified ======================

 

====== C:\Windows ====

2014-12-15 22:19:32 5E6A3F72BC79EE22A14760CFA50057CA 380845695 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\Sien\AppData\Local\Temp ====

2014-12-15 21:45:49 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Sien\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_gqjfx.dll

2014-12-15 20:40:28 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\libiconv2.dll

2014-12-15 20:40:28 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\libintl3.dll

2014-12-15 20:40:28 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\pcre3.dll

2014-12-15 20:40:28 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\regex2.dll

2014-12-15 20:40:28 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2014-12-15 18:40:09 D7AD0AD3162BCD50E1D2E462E8C748EA 264488 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes.dll

2014-12-15 18:40:09 7A5A07D9A323DFD9097C9CF39E6802E6 153760 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes_LD.dll

2014-12-15 18:40:08 26FD227409FB73C4D958602B8A3EFFA0 577632 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\McInstallerStartup.dll

2014-12-15 18:40:07 9BD51360CB8F1A2206642599D40FD258 419048 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\mcbrwsr2.dll

2014-12-15 18:40:07 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe

====== Java Cache =====

====== C:\Windows\system32 =====

2014-12-15 19:22:26 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\System32\dfshim.dll

2014-12-15 19:22:26 842DE20A6487D830A458DDB5E0363F13 156824 ----a-w- C:\Windows\System32\mscorier.dll

2014-12-15 19:22:26 653DFC2662680AB61232E1531147558A 81560 ----a-w- C:\Windows\System32\mscories.dll

2014-12-15 19:21:03 51992CC4DF2DB150950C6CB505556B9A 146432 ----a-w- C:\Windows\System32\msaudite.dll

2014-12-15 19:21:01 15F315B53C69930BF907D9A0FFCB6206 619520 ----a-w- C:\Windows\System32\adtschema.dll

2014-12-15 19:20:59 DBD84E59D631569EC3E756EF144E8431 449536 ----a-w- C:\Windows\System32\termsrv.dll

2014-12-15 19:19:50 D7E28676D83AE6568CCF99BD01700734 2048 ----a-w- C:\Windows\System32\tzres.dll

2014-12-15 19:18:56 F074BF1F79D749FCB8C2B739651CD816 974848 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2014-12-15 19:10:00 37A4DF3BCA563FB7537B881AE91BA9C4 1249280 ----a-w- C:\Windows\System32\msxml3.dll

2014-12-15 19:10:00 06A9049BA8B9F20D755CF03FD12E8AFD 2048 ----a-w- C:\Windows\System32\msxml3r.dll

2014-12-15 19:09:23 1DE1C07B256961012DCE0674EA488DE7 499200 ----a-w- C:\Windows\System32\kerberos.dll

2014-12-15 19:08:50 BC4C024BDC8B676CC58BCE1D5BA7BC04 67072 ----a-w- C:\Windows\System32\packager.dll

2014-12-15 19:06:00 FD7A26BF790751B527E632BD9346DDFD 729600 ----a-w- C:\Windows\System32\IMJP10K.DLL

2014-12-15 19:02:58 BE377621E2D2B483F8EF447079E55585 396800 ----a-w- C:\Windows\System32\AudioEng.dll

2014-12-15 19:02:58 A0344CD5E3F552340AB226E864E1710B 170496 ----a-w- C:\Windows\System32\EncDump.dll

2014-12-15 19:02:58 8E98A99187FF17FC1D48E6FAFFD870BE 316928 ----a-w- C:\Windows\System32\audiosrv.dll

2014-12-15 19:02:58 56B73070DB745E192307EB7AB6C55CD5 274432 ----a-w- C:\Windows\System32\AUDIOKSE.dll

2014-12-15 18:50:26 B9F9FD6188CC732F19DB69CAE5CC597C 272808 ----a-w- C:\Windows\System32\javaws.exe

2014-12-15 18:47:19 3594C0ABBFFE10B3CF95714B8B3C89A4 175528 ----a-w- C:\Windows\System32\javaw.exe

2014-12-15 18:47:19 279C281689A48D1CAF37338CAB312C06 96680 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll

2014-12-15 18:47:19 095826BCBBFA5C09C72463A82612B23C 175528 ----a-w- C:\Windows\System32\java.exe

2014-12-15 18:45:53 2908C2D90B78FDC24326B7854079E44E 564224 ----a-w- C:\Windows\System32\oleaut32.dll

2014-12-15 18:33:02 A2083D925A6677229CDE79E9F14A1FBC 278528 ----a-w- C:\Windows\System32\schannel.dll

2014-12-15 18:33:02 0C96812AAEDA38C89DC6C3F0AE7B6930 1259008 ----a-w- C:\Windows\System32\lsasrv.dll

2014-12-15 18:29:56 2833F623494FC1EFC0EAC4401CBBF2F2 2054656 ----a-w- C:\Windows\System32\win32k.sys

2014-12-14 16:23:10 D3FE7135827884946E5ED4E4DD96B472 10752 ----a-w- C:\Windows\System32\msfeedssync.exe

2014-12-14 16:23:10 5281C1E96FDE868A822260478694BA54 421376 ----a-w- C:\Windows\System32\vbscript.dll

2014-12-14 16:23:10 117980ADC4A9E349571810D20B14BFB8 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll

2014-12-14 16:23:09 E633199D0EE2682618FA5B762D892F04 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2014-12-14 16:23:09 823B559B2EF3D86DB920EA16102858E1 353792 ----a-w- C:\Windows\System32\dxtmsft.dll

2014-12-14 16:23:09 70DD19C20344660B1D32057603A9820D 11776 ----a-w- C:\Windows\System32\mshta.exe

2014-12-14 16:23:09 5C3D2065153E4A4273DEDD87A8BC1805 65536 ----a-w- C:\Windows\System32\jsproxy.dll

2014-12-14 16:23:09 407FD4AAE5E119A441CCEAA4C3276DDF 717824 ----a-w- C:\Windows\System32\jscript.dll

2014-12-14 16:23:09 3F0A7F435BAB0ED4070BBCE73F1918F3 1139712 ----a-w- C:\Windows\System32\urlmon.dll

2014-12-14 16:23:08 F18D4C903AE56BD9852D1D9E02CF1730 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-12-14 16:23:08 D32B633111A9F99F8DCE36F1A6278FC7 231936 ----a-w- C:\Windows\System32\url.dll

2014-12-14 16:23:08 898479188B3DBCB7F2BAC888D6456636 1802752 ----a-w- C:\Windows\System32\iertutil.dll

2014-12-14 16:23:05 AA680F0065A505118BDD9181BCE7C83D 1129472 ----a-w- C:\Windows\System32\wininet.dll

2014-12-14 16:23:04 ED7DBB46D75BD5DE33E9E06C7CCDC4E8 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2014-12-14 16:23:04 C23F63949092BC7086BD23743A28C46B 176640 ----a-w- C:\Windows\System32\ieui.dll

2014-12-14 16:23:04 5E251125799567959443D8F466DBEA28 223232 ----a-w- C:\Windows\System32\dxtrans.dll

2014-12-14 16:23:04 5310BF0FF12033B7F79F163805BE721A 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-12-14 16:23:04 4D6B5B1CE39F6A2477FDE3117D84BDAB 367104 ----a-w- C:\Windows\System32\html.iec

2014-12-14 16:23:03 7247B8F630630FCF495B809962D52970 73216 ----a-w- C:\Windows\System32\mshtmled.dll

2014-12-14 16:23:03 4C0FA381EC7348F05432B2976924A031 1810944 ----a-w- C:\Windows\System32\jscript9.dll

2014-12-14 16:23:00 829532FD1584422EB7F4C49F767D1E4B 9740800 ----a-w- C:\Windows\System32\ieframe.dll

2014-12-14 16:22:58 91F488C0ED1D8B1FDC112F95A4965CC6 12369920 ----a-w- C:\Windows\System32\mshtml.dll

====== C:\Windows\system32\drivers =====

2014-12-15 20:47:42 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-12-15 20:47:25 A3F4391DFDF2F9E9FE4EAD193265A5AD 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-12-15 20:47:25 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2014-12-15 20:47:25 6D2DB74A8CF2DDFE372FFF9C73E8F0EF 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-12-15 18:19:36 -------- d-----w- C:\Program Files\trend micro

======= C: =====

====== C:\Users\Sien\AppData\Roaming ======

====== C:\Users\Sien ======

2014-12-16 00:52:20 7AC98BE8593253FDDF8293E1C60B04BA 2166272 ----a-w- C:\Users\Sien\Desktop\adwcleaner_4.105.exe

2014-12-15 19:44:16 C254F3ECEB9B1AC795BA6B25DE008EBA 1707646 ----a-w- C:\Users\Sien\Desktop\JRT.exe

2014-12-15 18:42:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-12-15 18:18:05 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Sien\Desktop\RSIT.exe

 

====== C: exe-files ==

2014-12-16 00:52:20 7AC98BE8593253FDDF8293E1C60B04BA 2166272 ----a-w- C:\Users\Sien\Desktop\adwcleaner_4.105.exe

2014-12-15 22:15:37 FE916605D4C700C524CA16EBC78F7D75 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3928690041-488287106-1210039002-1000\$I2P2RZ8.exe

2014-12-15 20:40:28 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2014-12-15 19:44:16 C254F3ECEB9B1AC795BA6B25DE008EBA 1707646 ----a-w- C:\Users\Sien\Desktop\JRT.exe

2014-12-15 19:19:49 8EC60805F1217633C5EC84602F4D8402 19456 ----a-w- C:\Windows\servicing\GC32\tzupd.exe

2014-12-15 19:06:02 A5300B1610FF61B8C28D1C379CFA7A52 105984 ----a-w- C:\Windows\System32\IME\IMEJP10\imjpuexc.exe

2014-12-15 18:50:26 B9F9FD6188CC732F19DB69CAE5CC597C 272808 ----a-w- C:\Windows\System32\javaws.exe

2014-12-15 18:47:19 3594C0ABBFFE10B3CF95714B8B3C89A4 175528 ----a-w- C:\Windows\System32\javaw.exe

2014-12-15 18:47:19 095826BCBBFA5C09C72463A82612B23C 175528 ----a-w- C:\Windows\System32\java.exe

2014-12-15 18:40:07 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\Sien\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe

2014-12-15 18:39:40 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Sien\AppData\LocalLow\Sun\Java\jre1.7.0_71\lzma.exe

2014-12-15 18:19:37 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Sien.exe

2014-12-15 18:18:05 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Sien\Desktop\RSIT.exe

2014-12-14 16:23:10 D3FE7135827884946E5ED4E4DD96B472 10752 ----a-w- C:\Windows\System32\msfeedssync.exe

2014-12-14 16:23:09 70DD19C20344660B1D32057603A9820D 11776 ----a-w- C:\Windows\System32\mshta.exe

2014-12-14 16:23:09 56E1BFE10166F2CF6EC03E2D8BB31C1B 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-12-14 16:23:08 D7AD6A7CEF0710BB7A8831B1792D5A0A 470016 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-12-14 16:23:06 63BE371C16B163583A5EA9D3DF4AC16B 757968 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-12-14 16:23:05 4867136A725C08C729785CF1E0126E58 22528 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe

2014-12-14 16:23:04 5310BF0FF12033B7F79F163805BE721A 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-12-14 15:53:19 205E775B4B2C165922203A390B115523 40747600 ----a-w- C:\Users\Sien\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_chrome_installer.exe

2014-12-14 15:47:01 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe

2014-12-14 15:47:01 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateBroker.exe

2014-12-14 15:46:54 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe

2014-12-14 15:46:53 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateSetup.exe

2014-12-14 15:46:53 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateBroker.exe

2014-12-14 15:46:47 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateSetup.exe

2014-12-14 15:42:07 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe

2014-12-14 15:41:40 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe

2014-12-14 15:41:19 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe

2014-12-14 15:39:57 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe

2014-12-14 15:39:27 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler64.exe

2014-12-14 15:39:06 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe

2014-12-14 15:37:55 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Users\Sien\AppData\Local\Google\Update\1.3.25.11\GoogleUpdate.exe

2014-12-14 15:36:03 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Sien\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe

2014-12-14 15:35:29 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdate.exe

2014-12-14 15:35:11 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe

2014-12-09 03:49:18 5BDF8CE82C3E4900677CD5A6E2146A3C 262160 ----a-w- C:\Users\Sien\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe

2014-12-09 03:45:30 2F2E573625D314AA7BFBFC57E3EEBA90 225240 ----a-w- C:\Users\Sien\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe

2014-12-09 03:45:28 6226810F26227F083929AC5584122951 39207112 ----a-w- C:\Users\Sien\AppData\Roaming\Dropbox\bin\Dropbox.exe

=== C: other files ==

2014-12-15 20:47:42 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-12-15 20:47:25 A3F4391DFDF2F9E9FE4EAD193265A5AD 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-12-15 20:47:25 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2014-12-15 20:47:25 6D2DB74A8CF2DDFE372FFF9C73E8F0EF 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys

2014-12-15 20:40:28 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\prelim.bat

2014-12-15 20:40:28 EBAA7BD799FC68980A6A8594BB14A950 190569 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\misc.bat

2014-12-15 20:40:28 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\TDL4.bat

2014-12-15 20:40:28 BC28D90D34DB7AC6BB5789BF3C9E8FDB 14957 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\get.bat

2014-12-15 20:40:28 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\medfos.bat

2014-12-15 20:40:28 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\surfvox.bat

2014-12-15 20:40:28 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\searchlnk.bat

2014-12-15 20:40:28 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\firefox.bat

2014-12-15 20:40:28 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\ev_clear.bat

2014-12-15 20:40:28 813FA9E2180EE3BB5EFCE744009B5611 10880 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\runvalues.bat

2014-12-15 20:40:28 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\ask.bat

2014-12-15 20:40:28 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\iexplore.bat

2014-12-15 20:40:28 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\delfolders.bat

2014-12-15 20:40:28 080CFDE64F31E7B50EECF4552033E84D 9937 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\mws.bat

2014-12-15 20:40:28 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Users\Sien\AppData\Local\Temp\jrt\chrome.bat

2014-12-15 18:29:56 2833F623494FC1EFC0EAC4401CBBF2F2 2054656 ----a-w- C:\Windows\System32\win32k.sys

 

==== Startup Registry Enabled ======================

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

 

[HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Facebook Update"="C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter"

"Google Update"="C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Sidebar"="C:\Program Files\windows sidebar\sidebar.exe /autoRun"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

 

[HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"="C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.133 Safari/534.16 -http://www.ond.vlaanderen.be/dbo/projecten/venus/Venus_website/web-VENUS/Web/leerstijlentest/Algemeen/lst.dcr"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DELL Webcam Manager"="C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe /s"

"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"

"CanonSolutionMenuEx"="C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon"

"WPCUMI"="C:\Windows\system32\WpcUmi.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe"

"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"Apoint"="C:\Program Files\DellTPad\Apoint.exe"

"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe"

"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter"

"ECenter"="C:\Dell\E-Center\EULALauncher.exe"

"fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe -autorun"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"

"NVHotkey"="rundll32.exe C:\Windows\system32\nvHotkey.dll,Start"

"NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit"

"NvSvc"="RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart"

"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe"

"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe"

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"Windows Mobile-based device management"="%windir%\WindowsMobile\wmdSync.exe "

"SigmatelSysTrayApp"="%ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe"

"SigmatelSysTrayApp"="%ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe"

"SigmatelSysTrayApp"="%ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Facebook Update"="C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter"

"Google Update"="C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Sidebar"="C:\Program Files\windows sidebar\sidebar.exe /autoRun"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"="C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.133 Safari/534.16 -http://www.ond.vlaanderen.be/dbo/projecten/venus/Venus_website/web-VENUS/Web/leerstijlentest/Algemeen/lst.dcr"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="   C:\\PROGRA~1\\Google\\GOOGLE~2\\GOEC62~1.DLL"

 

==== Startup Registry Disabled ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\dellsupportcenter]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="dellsupportcenter"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Dell Support Center\\bin\\sprtcmd.exe\" /P dellsupportcenter"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="QuickTime Task"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Sien^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]

"path"="C:\\Users\\Sien\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2007 Schermopname en Snel starten.lnk"

"backup"="C:\\Windows\\pss\\OneNote 2007 Schermopname en Snel starten.lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\PROGRA~1\\MICROS~2\\Office12\\ONENOTEM.EXE /tsr"

"item"="OneNote 2007 Schermopname en Snel starten"

 

 

==== Startup Folders ======================

 

2008-07-29 09:33:11 1835 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

2008-07-29 09:33:11 1835 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

2008-08-03 11:33:10 1815 ----a-w- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

2008-08-01 11:27:39 1815 ----a-w- C:\Users\Sien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

2011-03-23 19:17:13 1815 ----a-w- C:\Users\Tibe Janssens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

 

==== Task Scheduler Jobs ======================

 

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/12/2014 18:23]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core.job --a------ C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe [05/08/2012 08:21]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA.job --a------ C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe [05/08/2012 08:21]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/10/2014 16:18]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/10/2014 16:18]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA.job --a------ C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe [28/10/2014 16:21]

 

==== Other Scheduled Tasks ======================

 

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core" [C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA" [C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000Core" [C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3928690041-488287106-1210039002-1000UA" [C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\SystemToolsDailyTest" ["uaclauncher.exe"]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{F7C757B5-7519-42D0-AA67-0DF6232A59A9}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\{62D6DA57-D0EC-44F4-A503-8A0C62F42C84}" [C:\Program Files\Skype\Phone\Skype.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

 

==== Firefox Extensions Registry ======================

 

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [11/08/2009 09:24]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"wcapturex@deskperience.com"="C:\Program Files\WhiteSmokeTranslator\WCaptureMoz" []

 

==== Chromium Look ======================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

mjdepfkicdcciagbigfcmdhknnoaaegf - C:\Program Files\WhiteSmokeTranslator[]

 

YouTube - Sien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Sien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - Sien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

20-20 3D Viewer for IKEA - Sien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp

Gmail - Sien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

 

==== Set IE to Default ======================

 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

"Default_Page_URL"="http://www.google.be/ig/dell?hl=nl&client=dell-row&channel=be&ibd=5080729"

"Search Bar"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Bar"="http://www.mirarsearch.com/?useie5=1&q="

 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_nl"

{AC854C16-CA1E-43f1-8513-0D2F36C726ED} Google  Url="http://www.sicto.com/search/?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&rls=acnJyEQt"

{FDEEDA2D-62C1-4E43-84D7-A925A5168F78} Unknown  Url="Not_Found"

 

==== Deleting CLSID Registry Keys ======================

 

HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FDEEDA2D-62C1-4E43-84D7-A925A5168F78} deleted successfully

 

==== Deleting CLSID Registry Values ======================

 

HKEY_USERS\S-1-5-21-3928690041-488287106-1210039002-1000\Software\Mozilla\Firefox\Extensions\wcapturex@deskperience.com deleted successfully

 

==== Deleting Registry Keys ======================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmokeTranslator deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dellsupportcenter deleted successfully

 

==== HijackThis Entries ======================

 

O1 - Hosts: ::1 localhost

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll

O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe

O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Sien\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sien\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.133 Safari/534.16" -"http://www.ond.vlaanderen.be/dbo/projecten/venus/Venus_website/web-VENUS/Web/leerstijlentest/Algemeen/lst.dcr"

O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418691514

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: AutorunsDisabled

O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe

O4 - Global Startup: AutorunsDisabled

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs:    C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: dlcg_device -   - C:\Windows\system32\dlcgcoms.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (file missing)

O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

==== Empty IE Cache ======================

 

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Sien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Tibe Janssens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Tibe Janssens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ANMW0NGG will be deleted at reboot

C:\Users\Sien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

 

==== Empty FireFox Cache ======================

 

No FireFox Cache found

 

==== Empty Chrome Cache ======================

 

C:\Users\Sien\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

 

==== Empty All Flash Cache ======================

 

Flash Cache Emptied Successfully

 

==== Empty All Java Cache ======================

 

Java Cache cleared successfully

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=1607 folders=231 123624447 bytes)

 

==== Empty Temp Folders ======================

 

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Gast\AppData\Local\Temp emptied successfully

C:\Users\Sien\AppData\Local\Temp will be emptied at reboot

C:\Users\Tibe Janssens\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

 

==== After Reboot ======================

 

==== Empty Temp Folders ======================

 

C:\Windows\Temp successfully emptied

C:\Users\Sien\AppData\Local\Temp successfully emptied

 

==== Empty Recycle Bin ======================

 

C:\$RECYCLE.BIN successfully emptied

 

==== Deleting Files / Folders ======================

 

"C:\Users\Sien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Sien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ANMW0NGG" not found

 

==== EOF on di 16/12/2014 at  2:38:18,87 ======================

[kape]

De update naar de meest recente JAVA-versie zit nog niet in het nieuwe logje. Problemen daarmee ?

 

Download AdwCleaner by Xplode naar het bureaublad.

• Sluit alle openstaande vensters.
• Dubbelklik op AdwCleaner om hem te starten.
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Klik op Scan.
• Klik vervolgens op Clean.
• Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

• Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

16 december 2014 aangepast door kape

[Asus]

Java Versie 7 Update 71 werd gisteren succesvol geïnstalleerd en dat is de recentste versie, zo blijkt na controle via deze link. 

 

AdwCleaner deze nacht gerund:

 

# AdwCleaner v4.105 - Rapport aangemaakt 16/12/2014 op 01:55:46

# Laatste Update 08/12/2014 door Xplode

# Database : 2014-12-08.2 [Local]

# Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits)

# Gebruikersnaam : Sien - PC_VAN_SIEN

# Gestart vanuit : C:\Users\Sien\Desktop\adwcleaner_4.105.exe

# Optie : Verwijderen

 

***** [ Services ] *****

 

 

***** [ Bestanden / Mappen ] *****

 

 

***** [ Taken ] *****

 

 

***** [ Snelkoppelingen ] *****

 

 

***** [ Register ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16599

 

 

-\\ Google Chrome v

 

[C:\Users\Sien\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [search Provider] : hxxp://isearch.avg.com/search?cid={69FB75F4-858F-4A76-A497-24AF2727DC0D}&mid=1929e980475047d6ad9ed1544f331438-96a5a3080fa1d9a8d898eaa940aea76e24d18daf〈=nl&ds=AVG&coid=avgtbavg&pr=fr&d=2013-10-04 17:56:52&v=17.0.0.12&pid=avg&sg=0&sap=dsp&q={searchTerms}

 

*************************

 

AdwCleaner[R0].txt - [1132 octets] - [16/12/2014 01:53:31]

AdwCleaner[s0].txt - [1059 octets] - [16/12/2014 01:55:46]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1119 octets] ##########

[kape]

Dan rest er nog maar één ding: het opruimen van de gebruikte tools ...

 

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
• Purge System Restore
• Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen

 

... en je mag zelf het topic daarna afsluiten

16 december 2014 aangepast door kape

[Asus]

Doen we ...

 

Bedankt voor de snelle assistentie !