alfa10
-
Items
463 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door alfa10
-
als ik de w - - - Updated - - - als ik zip bestand uitpak krijgs een bestand MDSSUMS bestand 7kb
-
heb ik gedaan en krijg weer opgeslagen het Zip bestand!! Geen iso
-
als ik die link druk krijg ik de downloadsite en niet het venster zoals je aangaf
-
waarvandaan heb je nu gedownload, misschien heb ik de verkeerde genomen - - - Updated - - - kan ook liggen aan het fe - - - Updated - - - sorry vorige was te vlug. het kan misschien er ook aan liggen dat ik geen iso op de computer heb
-
ja, dat heb ik
-
wat moet ik installeren, als ik de het ZipBestand wil openen krijg ik de mededeling dat er geen bestand aan gekoppeld is en wordt verwezen naar mapoties.??
-
na het dowloaden vind ik in de map download o.a een WinZip bestand linuxmint 201403-cinnamon-dvd-32bit-rc 1,25 GB, bestand CD BurnerXP Setup(Canneveld ltd) en een bestand Setuo ImgBurn 2.4.4.0 ImgBurn Installer Lightning UK Hoe nu verder
-
Heb nu de ImgBurn gedownload en hoe nu verder?
-
Is wel duidelijk en lijkt niet zo moeilijk, alleen hoe en waar kan ik die ISO branden, staat niet op mijn computer.
-
Ik weet niet zoveel af van computers, maar aangezien windows XP er straks niet meer ondersteunt wordt, denk ik om Linux te gaan gebruiken, waarbij ik dan de wel de op de computer staande gegevens kan blijven gebruiken. Mijn vraag is dan ook waar en hoe kan ik dit voor elkaar krijgen.
-
ij ben in het bezit van een computer met XP er op en wil dit wijzigen in linux Mint. Kan dit maar niet voor elkaar krijgen.Probleem is denk ik ook dat ik geen iso bestanden kan downloaden. Wat kan ik doen? Moederbord : MSI MS-7204 Chipset : Intel 945P Processor : Intel Pentium D 830 @ 3000 MHz Fysiek Geheugen : 1024 MB (2 x 512 DDR2-SDRAM ) Videokaart : NVIDIA GeForce 6700 XL Harde Schijf : Seagate ST3250824AS (250GB) Harde Schijf : Hitachi HDS721010CLA332 (1000GB) DVD-Rom Station : HL-DT-ST DVD-RAM GH22NP20 DVD-Rom Station : SONY DVD-ROM DDU1615 Monitor Type : Medion MD32119PR - 19 inches Netwerkkaart : Realtek Semiconductor RTL8139/810x Fast Ethernet Adapter Besturingssysteem : Microsoft Windows XP Home Editie 5.01.2600 Service Pack 3 (32-bit) DirectX : Versie 9.0c
-
heb het inmiddels al opgelost!!
-
sinds kort heb ik een nieuwe printer Canon MP230 die ik op mijn computer heb geinstalleerd en printen gaat zonder problemen. Ik heb ook een laptop die deel uitmaakt van een thuisgroep en ik wil nu ook vanaf deze laptop de printer aansturen, wat met mijn vroegere printer wel lukte. Ik heb de printer bij de apparaten staan en bij de thuisgroep staat printers delen aangevinkt. De probleemoplosser kan er ook niets mee. Moet ik soms ook de printer via de cd op de laptop installeren? of is het wat anders?
-
bedankt voor de tips, ik heb nu op mijn tablet Malwarebytes geinstalleerd, maar dit helpt niet. vuve.com en diverse andere sites vliegen voorbij en drukken het oorspronkelijke programma weg. Op mijn laptop heb ik er niet veel last van. Als ik een wedstrijd aanklik krijg ik die wel te zien, maar weer op de achtergrond vube.com! met vr. gr.
-
Ik heb een Samsung Galaxy note 10.1 en hierop kijk ik graag wedstrijden zoals b.v amerikaans football via de site ATDee.net (http 88.80.11.29) en dit ging altijd prima. Sinds kort kan ik de site wel laden maar als ik een wedstrijd aanklik krijg eerst even de gevraagde site en die wordt direct overgenomen door allerlei andere sites zoals bv. Vube.com. Hoe kom ik hier vanaf en is dit soms spam? Ik heb de virusscanner AVG op draaien en bij de instellingen de cookies zoveel mogelijk uitgezet.
-
Ik heb via ded bios eea kunnen rechtzetten en het werkt weer! Bedankt voor de hulp
-
Nog even een aanvulling: ik kan nog wel een schijf branden en volgens apparatenbeheer werkt hij correct!
-
Mijn laptop is een Asus K701 series
-
Ik heb al geruime tijd last dat de cd/dvd brander van mijn laptop geen schijf meer herkent. Het is de volgende brander: Schijf Type : CD-Rom Data Randapparaat Type : ATAPI Fabrikant : HL-DT-ST Model : DVDRAM GT30N Recordable : Ja Aangezien ik ook niet weet wanneer dit precies is begonnen kan ik ook niet met systeemherstel werken om dit op te lossen. Wat kan ik doen?
-
Ccleaner gedaan en nog wat rommeltjes verwijderd. Bedankt voor de hulp
-
Die ACMON melding is nu ook verdwenen. Moet er nog wat gebeuren of kan ik afsluiten?
-
Hierbij de inhoud van de log. mijn computer start in ieder geval weer normaal op en ik ben benieuwd wat de oorzaak is geweest. In ieder geval heel hartelijk bedankt voor de hulp. ==== Older Logs ====================== C:\zoek-results10-09-2013-1956.log 22401 bytes C:\zoek-results10-09-2013-2120.log 17342 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A2B28CBC-5F60-4b66-9D90-6B7C93911D79} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C6BE1149-B011-4900-B983-37EADED09F1B} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0 user.js not found ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- ---- Lines AccelerateTab removed from prefs.js ---- ---- Lines AccelerateTab modified from prefs.js ---- ---- Lines Babylon removed from prefs.js ---- ---- Lines Babylon modified from prefs.js ---- ---- Lines yahoo removed from prefs.js ---- user_pref("browser.search.defaultenginename", "Yahoo"); user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&ilc=12&type=800236"); user_pref("browser.search.selectedEngine", "Yahoo"); user_pref("keyword.URL", "Yahoo! Search - Web Search="); ---- Lines yahoo modified from prefs.js ---- ---- Lines freehdsp removed from prefs.js ---- ---- Lines freehdsp modified from prefs.js ---- ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_11-09-2013_1119_.backup ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\extensions user.js not found ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- ---- Lines AccelerateTab removed from prefs.js ---- ---- Lines AccelerateTab modified from prefs.js ---- ---- Lines Babylon removed from prefs.js ---- ---- Lines Babylon modified from prefs.js ---- ---- Lines yahoo removed from prefs.js ---- user_pref("browser.search.defaultenginename", "Yahoo"); user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&ilc=12&type=800236"); user_pref("browser.search.selectedEngine", "Yahoo"); user_pref("keyword.URL", "Yahoo! Search - Web Search="); ---- Lines yahoo modified from prefs.js ---- ---- Lines freehdsp removed from prefs.js ---- ---- Lines freehdsp modified from prefs.js ---- ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_11-09-2013_1119_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "SearchSettings"=- ==== Deleting Files \ Folders ====================== "C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8ZC1JS\SoftonicDownloader_voor_winrar.exe" deleted "C:\Windows\Temp\IObitAppsToolbar.exe" deleted "C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\freehdsport@freehdsport.tv.xpi" deleted "C:\user.js" deleted "C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\torntv@torntv.com.xpi" deleted "C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\yahoo.xml" deleted "C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\freehdsport@freehdsport.tv.xpi" deleted "C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\yahoo.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\user.js" deleted "C:\search.sqlite" deleted "C:\Windows\SysNative\roboot64.exe" deleted "C:\Users\Public\dcmsvcsetup.exe" deleted "C:\Users\Public\invokesi.exe" deleted "C:\user.js" deleted "C:\prefs.js" deleted "C:\Users\henk\AppData\Roaming\Tiig\yrwa.obu" deleted "C:\Users\henk\AppData\Roaming\Mikaky\tyiq.haf" deleted "C:\Users\henk\AppData\Roaming\Tiig" deleted "C:\Users\henk\AppData\Roaming\Emaki" deleted "C:\Users\henk\AppData\Roaming\Mikaky" deleted "C:\Users\henk\AppData\Roaming\GrabPro" deleted "C:\users\henk\AppData\Locallow\Search Settings" deleted "C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownload@OneClickDownload.com" deleted "C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\speeddial@instair.net" deleted "C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted "C:\Program Files (x86)\SpeedyPC Software" deleted "C:\Program Files (x86)\1ClickDownload" deleted "C:\Program Files (x86)\vShare.tv plugin" deleted "C:\Program Files (x86)\Perion" deleted "C:\Program Files (x86)\Conduit" deleted "C:\Program Files (x86)\Common Files\SpeedyPC Software" deleted "C:\found.000" deleted "C:\found.001" deleted "C:\found.002" deleted "C:\Users\henk\AppData\Roaming\SpeedyPC Software" deleted "C:\Users\henk\AppData\Roaming\DriverCure" deleted "C:\Users\henk\AppData\Roaming\Babylon" deleted "C:\Users\henk\AppData\Roaming\Systweak" deleted "C:\Users\henk\AppData\Roaming\OpenCandy" deleted "C:\Users\henk\AppData\Roaming\Media Finder" deleted "C:\Users\henk\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com" deleted "C:\Users\henk\AppData\Local\CRE" deleted "C:\Users\henk\AppData\Local\iMesh" deleted "C:\Users\henk\AppData\Local\PackageAware" deleted "C:\Users\henk\AppData\Local\Conduit" deleted "C:\Users\henk\AppData\LocalLow\IObit Apps" deleted "C:\Users\henk\AppData\LocalLow\boost_interprocess" deleted "C:\Users\henk\AppData\LocalLow\vShare" deleted "C:\Users\henk\AppData\LocalLow\mediabarim" deleted "C:\Users\henk\AppData\LocalLow\imeshbandmltbpi" deleted "C:\Users\henk\AppData\LocalLow\BabylonToolbar" deleted "C:\Users\henk\AppData\LocalLow\Delta" deleted "C:\Users\henk\AppData\LocalLow\Softonic" deleted "C:\Users\henk\AppData\LocalLow\Incredibar.com" deleted "C:\Users\henk\AppData\LocalLow\PriceGong" deleted "C:\Users\henk\AppData\LocalLow\searchquband" deleted "C:\Users\henk\AppData\LocalLow\Conduit" deleted "C:\Users\henk\AppData\LocalLow\Search Settings" deleted "C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\IObit Apps" deleted "C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted "C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownload@OneClickDownload.com" deleted "C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com" deleted "C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0 - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com - AccelerateTab - %ProfilePath%\extensions\speeddial@instair.net ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx[] icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx[] mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx[26-08-2013 22:00] nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx[22-04-2013 19:02] pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[] Softonic Chrome Toolbar - henk - default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf AccelerateTab - henk - default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg AVG Secure Search - henk - default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof ==== Chrome Fix ====================== C:\Users\henk\AppData\Local\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf deleted successfully C:\Users\henk\AppData\Local\Google\Chrome\User Data\default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" "Search Page"="http://nl.woofi.info" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://nl.woofi.info" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://nl.woofi.info" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{A2B28CBC-5F60-4b66-9D90-6B7C93911D79}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A2B28CBC-5F60-4b66-9D90-6B7C93911D79}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="Bing" "Start Page"="https://www.google.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="Bing" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="Bing" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {6CCFDD21-1CA0-4110-84D4-9CF5233A4942} Google Url="{searchTerms} - Google Search" {8515D758-5D0B-4fc3-A4E6-11FDE837688B} Bing Url="{searchTerms} - Bing" {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2 will be deleted at reboot C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8ZC1JS will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\henk\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2" deleted "C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8ZC1JS" deleted ==== EOF on wo 11-09-2013 at 11:29:30,25 ======================
-
Ik heb maar een heel nieuwe en nu complete log gemaakt: Zoek.exe Version 4.0.0.4 Updated 07-September-2013 Tool run by henk on di 10-09-2013 at 21:11:13,51. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\henk\Desktop\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results10-09-2013-1956.log 22401 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== "C:\Program Files (x86)\Common Files\Spigot" not found "C:\ProgramData\Babylon" not found "C:\Program Files (x86)\Secure Speed Dial" not found "C:\Users\henk\AppData\Roaming\Xaef" not found "C:\Users\henk\AppData\Roaming\Ufy" not found "C:\Program Files (x86)\Application Updater" not found "C:\Program Files (x86)\IObit Apps Toolbar" not found ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\henk\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-09-08 18:19:11 C7701820DCF4F795A5D740725872CEFE 431392 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT ====== C:\Windows\Sysnative\drivers ===== 2013-09-09 17:31:15 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-08-14 09:15:37 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2013-08-14 09:15:36 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== 2013-09-08 19:15:46 F495850C896BC145F7041A83B4893F49 3068 ----a-w- C:\Windows\Sysnative\Tasks\ACMON 2013-09-01 17:48:15 E2B4AA4CBDA4758B7595B7BD6794FF23 2864 ----a-w- C:\Windows\Sysnative\Tasks\Net4Switch 2013-08-27 13:53:13 0AC2B7A3440881793D24EAC7E1DD04A2 3164 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefrag_Startup 2013-08-27 13:53:11 6166E64D35B5B42A2DFCD2EEFF046AFA 3162 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefragUpdate 2013-08-18 09:37:37 0A3516E1FC2567FF9DF271AC51822616 3102 ----a-w- C:\Windows\Sysnative\Tasks\P4G Sidebar ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-09-09 10:03:57 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2013-08-26 12:36:14 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2013-08-25 16:25:24 -------- d-----w- C:\Program Files (x86)\HD Tune Pro ======= C: ===== ====== C:\Users\henk\AppData\Roaming ====== 2013-09-10 17:35:34 -------- d-----w- C:\users\henk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-09-08 18:43:53 9D7A5625948F6A885FC8D00B212A34B0 114592 ----a-w- C:\users\henk\AppData\Local\GDIPFONTCACHEV1.DAT 2013-09-01 17:39:02 -------- d-----w- C:\users\henk\AppData\Roaming\InstallShield 2013-08-25 16:25:35 -------- d-----w- C:\users\henk\AppData\Roaming\HD Tune Pro 2013-08-21 09:10:02 -------- d-----w- C:\users\henk\AppData\Locallow\SecurePlugin 2013-08-21 08:32:36 -------- d-----w- C:\users\Default\AppData\Local\Trusteer 2013-08-21 08:32:36 -------- d-----w- C:\users\Default User\AppData\Local\Trusteer 2013-08-13 17:55:51 -------- d-----w- C:\users\henk\AppData\Locallow\Search Settings ====== C:\Users\henk ====== 2013-09-10 17:35:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-09-10 17:35:05 629709F88C305A79E3237DA1EEB5E557 1993392 ----a-w- C:\Users\henk\Desktop\winrar-x64-500.exe 2013-09-08 15:57:51 965E12AE21006B7C91AC610846B517F3 178744 ----a-w- C:\Users\henk\Desktop\Setup.exe 2013-09-03 11:54:17 B696ACECF7BC2CBCB94818AB6A9C4CC8 17920 --sha-w- C:\Users\henk\Thumbs.db 2013-09-02 15:49:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2013-08-25 16:25:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro 2013-08-23 09:12:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging ====== C: exe-files == 2013-09-10 17:35:16 B6853F4C5ABB205A5625B5963AB36F4F 148432 ----a-w- C:\Program Files\WinRAR\Uninstall.exe 2013-09-10 17:35:16 96FF9CF1EC6D83F8FA34522DB513E315 61528 ----a-w- C:\Program Files\WinRAR\Formats\ace32loader.exe 2013-09-10 17:35:16 8786ECC53D903A898FB78B08111B60A8 1342416 ----a-w- C:\Program Files\WinRAR\WinRAR.exe 2013-09-10 17:35:16 760F843B7CE6C20A2E4561F1B312BF4B 520656 ----a-w- C:\Program Files\WinRAR\Rar.exe 2013-09-10 17:35:16 217F6C850E316EE825222F6288B9AB19 328656 ----a-w- C:\Program Files\WinRAR\UnRAR.exe 2013-09-10 17:35:05 629709F88C305A79E3237DA1EEB5E557 1993392 ----a-w- C:\Users\henk\Desktop\winrar-x64-500.exe 2013-09-10 17:33:58 B73BCFC804F1A675F4219301D31A47F4 392024 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8ZC1JS\SoftonicDownloader_voor_winrar.exe 2013-09-10 13:24:29 703799A10C4FE0665586AFE789674DEF 4248736 ----a-w- C:\Windows\Temp\IObitAppsToolbar.exe 2013-09-10 11:20:54 035FF4EA7CA660BBEC2C1794DCBA5B80 102 ----a-w- C:\ProgramData\BOINC\slots\0\minirosetta_3.46_windows_x86_64.exe 2013-09-10 10:39:26 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2\RSITx64.exe 2013-09-09 17:30:27 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2\mbam-setup-1.75.0.1300.exe 2013-09-09 10:03:58 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\henk.exe 2013-09-08 19:04:19 035FF4EA7CA660BBEC2C1794DCBA5B80 102 ----a-w- C:\ProgramData\BOINC\slots\1\minirosetta_3.46_windows_x86_64.exe 2013-09-08 15:57:51 965E12AE21006B7C91AC610846B517F3 178744 ----a-w- C:\Users\henk\Desktop\Setup.exe === C: other files == 2013-09-10 19:03:18 90A594537C3731C9A3AB3B540868B60B 346 ----a-w- C:\Users\henk\AppData\Local\Temp\drives.vbs 2013-09-10 17:23:09 9C3C14EC293C541346D965FDEFF11F21 4377979 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\2013_9_9_mini_x015_folding.zip 2013-09-10 17:22:53 22CCAA7322D22DA5A0663ABECF0A7C2F 6098833 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\IND43_t000___procko_09_03.zip 2013-09-10 17:22:53 1A54CDFD7BDE2A4D7FC57B8899ADFF16 10441794 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\tj_9_9_gradius_30.0_rise_15.0_omega_1.2_21mer_1_vor.rdg5_10.pdb_fold_data.zip 2013-09-10 11:20:54 0A2C5322EA46965A7EC67B3DA4B06DC3 100 ----a-w- C:\ProgramData\BOINC\slots\0\minirosetta_database.zip 2013-09-09 17:31:15 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-09-08 19:11:39 FD8983ABB68848D155C950015AEBF557 15213659 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2\Splendid_K70IJ_1020028.zip 2013-09-08 19:04:20 0A2C5322EA46965A7EC67B3DA4B06DC3 100 ----a-w- C:\ProgramData\BOINC\slots\1\minirosetta_database.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min" "Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "BCU"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware"="C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min" "Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Persistence"="C:\Windows\system32\igfxpers.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "boinctray"="C:\Program Files\BOINC\boinctray.exe" "boincmgr"="C:\Program Files\BOINC\boincmgr.exe /a /s" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray] "command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe" "hkey"="HKLM" "item"="ADSMTray" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Camera ScreenSaver] "command"="C:\\Windows\\AsScrProlog.exe" "hkey"="HKLM" "item"="ASUS Camera ScreenSaver" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "SearchSettings"="\"C:\\Program Files (x86)\\Common Files\\Spigot\\Search Settings\\SearchSettings.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\(default)] "command"="" "hkey"="HKLM" "item"="(default)" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmIcoSinglun64] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AmIcoSinglun64" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\AmIcoSingLun\\AmIcoSinglun64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCU] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCU" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\DeviceVM\\Browser Configuration Utility\\BCU.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDWare] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ETDWare" "hkey"="HKLM" "command"="C:\\Program Files\\Elantech\\ETDCtrl.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IObit Malware Fighter] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IObit Malware Fighter" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMF.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vProt] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="vProt" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\AVG Secure Search\\vprot.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IMFservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\vToolbarUpdater12.2.6] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [27-07-2013 13:57] C:\Windows\tasks\GlaryInitialize 3.job --a------ C:\Program Files (x86)\Glary Utilities 3\Initialize.exe [20-08-2013 11:19] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ :C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ :C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4197950391-4282120674-3398511618-1000Core.job --a------ C:\Users\henk\AppData\Local\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4197950391-4282120674-3398511618-1000UA.job --a------ [undetermined Task] ==== Firefox Extensions ====================== ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0 - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com - Undetermined - %ProfilePath%\extensions\OneClickDownload@OneClickDownload.com - AccelerateTab - %ProfilePath%\extensions\speeddial@instair.net - FreeHDSport.TV - %ProfilePath%\extensions\freehdsport@freehdsport.tv.xpi - Torntv - %ProfilePath%\extensions\torntv@torntv.com.xpi ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com - AccelerateTab - %ProfilePath%\extensions\speeddial@instair.net AppDir: C:\Program Files (x86)\Mozilla Firefox - Babylon - %AppDir%\extensions\ffxtlbr@babylon.com ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx[] icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx[] mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx[26-08-2013 22:00] nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx[22-04-2013 19:02] pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[] Softonic Chrome Toolbar - henk - default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf AccelerateTab - henk - default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg AVG Secure Search - henk - default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof ==== EOF on di 10-09-2013 at 21:20:11,57 ======================
-
Ik heb de tekst tussen de lijnen in de zoek gezet en laten zoeken, heb dus niets gedaan met de dikgedrukte items , moest dit wel? de uitslag van de log hieronder Zoek.exe Version 4.0.0.4 Updated 07-September-2013 Tool run by henk on di 10-09-2013 at 19:38:03,31. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\henk\Desktop\zoek.exe [script inserted] ==== System Restore Info ====================== 10-9-2013 19:39:54 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7757CBCC-0975-4b79-A519-90B142CA3A23} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{7757CBCC-0975-4b79-A519-90B142CA3A23} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IObitBarService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IObitBarService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Application Updater deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== "C:\Program Files (x86)\Common Files\Spigot" deleted "C:\ProgramData\Babylon" deleted "C:\Program Files (x86)\Secure Speed Dial" deleted "C:\Users\henk\AppData\Roaming\Xaef" deleted "C:\Users\henk\AppData\Roaming\Ufy" deleted "C:\Program Files (x86)\Application Updater" deleted "C:\Program Files (x86)\IObit Apps Toolbar" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\henk\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-09-08 18:19:11 C7701820DCF4F795A5D740725872CEFE 431392 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT ====== C:\Windows\Sysnative\drivers ===== 2013-09-09 17:31:15 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-08-14 09:15:37 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2013-08-14 09:15:36 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== 2013-09-08 19:15:46 F495850C896BC145F7041A83B4893F49 3068 ----a-w- C:\Windows\Sysnative\Tasks\ACMON 2013-09-01 17:48:15 E2B4AA4CBDA4758B7595B7BD6794FF23 2864 ----a-w- C:\Windows\Sysnative\Tasks\Net4Switch 2013-08-27 13:53:13 0AC2B7A3440881793D24EAC7E1DD04A2 3164 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefrag_Startup 2013-08-27 13:53:11 6166E64D35B5B42A2DFCD2EEFF046AFA 3162 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefragUpdate 2013-08-18 09:37:37 0A3516E1FC2567FF9DF271AC51822616 3102 ----a-w- C:\Windows\Sysnative\Tasks\P4G Sidebar ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-09-09 10:03:57 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2013-08-26 12:36:14 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2013-08-25 16:25:24 -------- d-----w- C:\Program Files (x86)\HD Tune Pro ======= C: ===== ====== C:\Users\henk\AppData\Roaming ====== 2013-09-10 17:35:34 -------- d-----w- C:\users\henk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-09-08 18:43:53 9D7A5625948F6A885FC8D00B212A34B0 114592 ----a-w- C:\users\henk\AppData\Local\GDIPFONTCACHEV1.DAT 2013-09-01 17:39:02 -------- d-----w- C:\users\henk\AppData\Roaming\InstallShield 2013-08-25 16:25:35 -------- d-----w- C:\users\henk\AppData\Roaming\HD Tune Pro 2013-08-21 09:10:02 -------- d-----w- C:\users\henk\AppData\Locallow\SecurePlugin 2013-08-21 08:32:36 -------- d-----w- C:\users\Default\AppData\Local\Trusteer 2013-08-21 08:32:36 -------- d-----w- C:\users\Default User\AppData\Local\Trusteer 2013-08-13 17:55:51 -------- d-----w- C:\users\henk\AppData\Locallow\Search Settings ====== C:\Users\henk ====== 2013-09-10 17:35:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-09-10 17:35:05 629709F88C305A79E3237DA1EEB5E557 1993392 ----a-w- C:\Users\henk\Desktop\winrar-x64-500.exe 2013-09-08 15:57:51 965E12AE21006B7C91AC610846B517F3 178744 ----a-w- C:\Users\henk\Desktop\Setup.exe 2013-09-03 11:54:17 B696ACECF7BC2CBCB94818AB6A9C4CC8 17920 --sha-w- C:\Users\henk\Thumbs.db 2013-09-02 15:49:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2013-08-25 16:25:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro 2013-08-23 09:12:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging ====== C: exe-files == 2013-09-10 17:35:16 B6853F4C5ABB205A5625B5963AB36F4F 148432 ----a-w- C:\Program Files\WinRAR\Uninstall.exe 2013-09-10 17:35:16 96FF9CF1EC6D83F8FA34522DB513E315 61528 ----a-w- C:\Program Files\WinRAR\Formats\ace32loader.exe 2013-09-10 17:35:16 8786ECC53D903A898FB78B08111B60A8 1342416 ----a-w- C:\Program Files\WinRAR\WinRAR.exe 2013-09-10 17:35:16 760F843B7CE6C20A2E4561F1B312BF4B 520656 ----a-w- C:\Program Files\WinRAR\Rar.exe 2013-09-10 17:35:16 217F6C850E316EE825222F6288B9AB19 328656 ----a-w- C:\Program Files\WinRAR\UnRAR.exe 2013-09-10 17:35:05 629709F88C305A79E3237DA1EEB5E557 1993392 ----a-w- C:\Users\henk\Desktop\winrar-x64-500.exe 2013-09-10 17:33:58 B73BCFC804F1A675F4219301D31A47F4 392024 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8ZC1JS\SoftonicDownloader_voor_winrar.exe 2013-09-10 13:24:29 703799A10C4FE0665586AFE789674DEF 4248736 ----a-w- C:\Windows\Temp\IObitAppsToolbar.exe 2013-09-10 11:20:54 035FF4EA7CA660BBEC2C1794DCBA5B80 102 ----a-w- C:\ProgramData\BOINC\slots\0\minirosetta_3.46_windows_x86_64.exe 2013-09-10 10:39:26 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2\RSITx64.exe 2013-09-09 17:30:27 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2\mbam-setup-1.75.0.1300.exe 2013-09-09 10:03:58 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\henk.exe 2013-09-08 19:04:19 035FF4EA7CA660BBEC2C1794DCBA5B80 102 ----a-w- C:\ProgramData\BOINC\slots\1\minirosetta_3.46_windows_x86_64.exe 2013-09-08 15:57:51 965E12AE21006B7C91AC610846B517F3 178744 ----a-w- C:\Users\henk\Desktop\Setup.exe === C: other files == 2013-09-10 17:23:09 9C3C14EC293C541346D965FDEFF11F21 4377979 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\2013_9_9_mini_x015_folding.zip 2013-09-10 17:22:53 22CCAA7322D22DA5A0663ABECF0A7C2F 6098833 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\IND43_t000___procko_09_03.zip 2013-09-10 17:22:53 1A54CDFD7BDE2A4D7FC57B8899ADFF16 10441794 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\tj_9_9_gradius_30.0_rise_15.0_omega_1.2_21mer_1_vor.rdg5_10.pdb_fold_data.zip 2013-09-10 11:20:54 0A2C5322EA46965A7EC67B3DA4B06DC3 100 ----a-w- C:\ProgramData\BOINC\slots\0\minirosetta_database.zip 2013-09-09 17:31:15 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-09-08 19:11:39 FD8983ABB68848D155C950015AEBF557 15213659 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2\Splendid_K70IJ_1020028.zip 2013-09-08 19:04:20 0A2C5322EA46965A7EC67B3DA4B06DC3 100 ----a-w- C:\ProgramData\BOINC\slots\1\minirosetta_database.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min" "Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "BCU"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware"="C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min" "Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Persistence"="C:\Windows\system32\igfxpers.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "boinctray"="C:\Program Files\BOINC\boinctray.exe" "boincmgr"="C:\Program Files\BOINC\boincmgr.exe /a /s" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray] "command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe" "hkey"="HKLM" "item"="ADSMTray" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Camera ScreenSaver] "command"="C:\\Windows\\AsScrProlog.exe" "hkey"="HKLM" "item"="ASUS Camera ScreenSaver" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "SearchSettings"="\"C:\\Program Files (x86)\\Common Files\\Spigot\\Search Settings\\SearchSettings.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\(default)] "command"="" "hkey"="HKLM" "item"="(default)" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmIcoSinglun64] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AmIcoSinglun64" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\AmIcoSingLun\\AmIcoSinglun64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCU] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCU" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\DeviceVM\\Browser Configuration Utility\\BCU.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDWare] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ETDWare" "hkey"="HKLM" "command"="C:\\Program Files\\Elantech\\ETDCtrl.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IObit Malware Fighter] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IObit Malware Fighter" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMF.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vProt] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="vProt" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\AVG Secure Search\\vprot.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IMFservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\vToolbarUpdater12.2.6] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [27-07-2013 13:57] C:\Windows\tasks\GlaryInitialize 3.job --a------ C:\Program Files (x86)\Glary Utilities 3\Initialize.exe [20-08-2013 11:19] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ :C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ :C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4197950391-4282120674-3398511618-1000Core.job --a------ C:\Users\henk\AppData\Local\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4197950391-4282120674-3398511618-1000UA.job --a------ [undetermined Task] ==== Firefox Extensions ====================== ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0 - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com - Undetermined - %ProfilePath%\extensions\OneClickDownload@OneClickDownload.com - AccelerateTab - %ProfilePath%\extensions\speeddial@instair.net - FreeHDSport.TV - %ProfilePath%\extensions\freehdsport@freehdsport.tv.xpi - Torntv - %ProfilePath%\extensions\torntv@torntv.com.xpi ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com - AccelerateTab - %ProfilePath%\extensions\speeddial@instair.net AppDir: C:\Program Files (x86)\Mozilla Firefox - Babylon - %AppDir%\extensions\ffxtlbr@babylon.com ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx[] icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx[] mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx[26-08-2013 22:00] nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx[22-04-2013 19:02] pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[] Softonic Chrome Toolbar - henk - default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf AccelerateTab - henk - default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg AVG Secure Search - henk - default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully ==== EOF on di 10-09-2013 at 19:56:33,39 ======================
-
Aangezien mij de bovengeplaatste log er watv vreemd uitzag nog maar eens opnieuw een Hijacklog gemaakt: Logfile of random's system information tool 1.09 (written by random/random) Run by henk at 2013-09-10 12:39:50 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 67 GB (56%) free of 119 GB Total RAM: 3037 MB (29% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:40:05, on 10-9-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16660) Boot mode: Normal Running processes: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe C:\Program Files\ASUS\Net4Switch\Net4Switch.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Glary Utilities 3\Integrator.exe C:\Program Files (x86)\POP Peeper\POPPeeper.exe C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.46_windows_x86_64.exe C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.46_windows_x86_64.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\henk.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://nl.woofi.info R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://nl.woofi.info R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file) R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll R3 - URLSearchHook: (no name) - {7757CBCC-0975-4b79-A519-90B142CA3A23} - (no file) R3 - URLSearchHook: (no name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file) R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: (no name) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - (no file) O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADCF69~1\BROWER~1\ASCPLU~1.DLL O2 - BHO: (no name) - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O3 - Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file) O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files (x86)\POP Peeper\POPPeeper.exe" -min O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex (User 'Default user') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll O18 - Protocol: vsharechrome - (no CLSID) - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IObit Toolbar Service (IObitBarService) - IObit - C:\PROGRA~2\IObitBar\toolbar\2.bin\i0barsvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: WMPNetworkSvc - Unknown owner - (no file) -- End of file - 13367 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=db425803-f8ed-4263-9e22-bf5629f61e72 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\2b21d15d-ec52-4c4e-a892-5a109594cd73-188-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe" C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" "C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService "C:\Windows\system32\FBAgent.exe" "C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe" "C:\Program Files\ATKGFNEX\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe" "C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe" "C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe" "C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe" -servicelaunch=true Atouch64.exe "C:\Program Files (x86)\AVG\AVG2013\avgfws.exe" "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" taskeng.exe {368BE772-5123-490D-B8C9-8CBAE72662EB} "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" "C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe" "C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe" "C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe" "C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP "C:\Program Files\P4G\BatteryLife.exe" "C:\Program Files\ASUS\Net4Switch\Net4Switch.exe" "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe" C:\Windows\system32\CISVC.EXE "C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe" C:\PROGRA~2\IObitBar\toolbar\2.bin\i0barsvc.exe "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Windows\System32\igfxtray.exe" "C:\Program Files\BOINC\boinctray.exe" "C:\Program Files\BOINC\boincmgr.exe" /a /s "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe" "C:\Program Files (x86)\Glary Utilities 3\Integrator.exe" /autostart "C:\Program Files (x86)\POP Peeper\POPPeeper.exe" -min "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY "C:\Program Files\BOINC\\boinc.exe" --redirectio --launched_by_manager "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" "C:\Windows\AsScrPro.exe" \??\C:\Windows\system32\conhost.exe "-909630891296179056-698186983509502078-904331492973949267-7428318481569388000 "C:\Program Files (x86)\AVG\AVG2013\avgemca.exe" "C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe" C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=22b69037-61b2-4a38-9159-4d5664d1213d /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\f599804d-be26-405a-8c2a-c3038c442d55-c44-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" WLIDSvcM.exe 5108 \??\C:\Windows\system32\conhost.exe "1173798967-738524579403304743-18787971681572492379-96208413258259358-1135069912 "C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe" C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe ATKOSD.exe KBFiltr.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet WDC.exe "C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding "C:\Program Files (x86)\Windows Live\Mail\wlmail.exe" "C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding "c:\Program Files\Microsoft Security Client\NisSrv.exe" "taskhost.exe" projects/boinc.bakerlab.org_rosetta/minirosetta_3.46_windows_x86_64.exe -frag9 rsy006A09_05.200_v1_3.gz -frag3 rsy006A03_05.200_v1_3.gz -abinitio::increase_cycles 10 -mute all -abinitio::fastrelax -relax::default_repeats 15 -abinitio::rg_reweight 0.5 -abinitio::rsd_wt_helix 0.5 -abinitio::rsd_wt_loop 0.5 -abinitio::use_filters false -ex1 -ex2aro -score:weights enzdes -in:file:boinc_wu_zip 2013_9_9_mini_y006_folding.zip -out:file:silent default.out -silent_gz -mute all -in:file:native y006.pdb.gz -nstruct 10000 -cpu_run_time 10800 -checkpoint_interval 120 -database minirosetta_database -in::file::zip minirosetta_database.zip -boinc::watchdog -run::rng mt19937 -constant_seed -jran 2778279 projects/boinc.bakerlab.org_rosetta/minirosetta_3.46_windows_x86_64.exe -use_filters true -abinitio::increase_cycles 10 -silent_gz -mute all -abinitio::fastrelax -abinitio::rg_reweight 0.5 -abinitio::rsd_wt_helix 0.5 -abinitio::rsd_wt_loop 0.5 -psipred_ss2 t000_.psipred_ss2 -in::file::fasta t000_.fasta -kill_hairpins t000_.nobuformat.psipred_ss2 -frag3 t000_.200.3mers.gz -fragA t000_.200.9mers.gz -fragB t000_.200.3mers.gz -in:file:boinc_wu_zip IND05_t000___procko_09_03.zip -nstruct 10000 -cpu_run_time 10800 -checkpoint_interval 120 -database minirosetta_database -in::file::zip minirosetta_database.zip -boinc::watchdog -run::rng mt19937 -constant_seed -jran 2207738 "C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -unlock-3be2f036c43042cdb03588591c9325c3 "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5600 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5600 CREDAT:3282230 /prefetch:2 C:\Windows\system32\AUDIODG.EXE 0xad4 "C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GlaryInitialize 3.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4197950391-4282120674-3398511618-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4197950391-4282120674-3398511618-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-11-28 356976] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-10-02 5748928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll [2010-10-24 317496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-28 43520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-28 263280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-10-24 842296] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADCF69~1\BROWER~1\ASCPLU~1.DLL [2013-04-24 659264] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-11-28 356976] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-28 263280] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} {95B7759C-8C7F-4BF1-B163-73684A933233} {03EB0E9C-7A91-4381-A220-9B52B641CDB1} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584] "boinctray"=C:\Program Files\BOINC\boinctray.exe [2013-04-16 72848] "boincmgr"=C:\Program Files\BOINC\boincmgr.exe [2013-04-16 5868688] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19875432] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584] "POP Peeper"=C:\Program Files (x86)\POP Peeper\POPPeeper.exe [2011-11-16 1613824] "Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2013-04-18 491840] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\(default)] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-26 375000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare] C:\Program Files\Elantech\ETDCtrl.exe [2009-10-01 621440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2013-08-08 1303360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-08-26 2314416] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""= [] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-07-01 4411440] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-26 375000] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe [2009-10-12 72248] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe [2009-10-12 3054136] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-02-11 272896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-09-09 19:31:15 ----A---- C:\Windows\system32\drivers\mbam.sys 2013-09-09 12:03:57 ----D---- C:\Program Files\trend micro 2013-09-09 12:03:56 ----D---- C:\rsit 2013-09-08 20:19:11 ----A---- C:\Windows\system32\FNTCACHE.DAT 2013-09-01 19:39:02 ----D---- C:\Users\henk\AppData\Roaming\InstallShield 2013-08-27 15:53:12 ----A---- C:\Windows\system32\SmartDefragBootTime.exe 2013-08-26 14:36:14 ----D---- C:\Program Files (x86)\AVG Secure Search 2013-08-25 18:25:35 ----D---- C:\Users\henk\AppData\Roaming\HD Tune Pro 2013-08-25 18:25:24 ----D---- C:\Program Files (x86)\HD Tune Pro 2013-08-25 14:50:58 ----D---- C:\ProgramData\Babylon 2013-08-22 12:34:18 ----A---- C:\Windows\SYSWOW64\sqlite3.dll 2013-08-21 11:10:01 ----D---- C:\Program Files (x86)\Secure Speed Dial 2013-08-20 13:44:01 ----D---- C:\Users\henk\AppData\Roaming\Xaef 2013-08-20 13:44:01 ----D---- C:\Users\henk\AppData\Roaming\Ufy 2013-08-15 10:36:07 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-08-15 10:36:06 ----A---- C:\Windows\system32\ieui.dll 2013-08-15 10:36:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-08-15 10:36:03 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-08-15 10:36:03 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-08-15 10:36:03 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-08-15 10:36:03 ----A---- C:\Windows\system32\iesetup.dll 2013-08-15 10:36:03 ----A---- C:\Windows\system32\iernonce.dll 2013-08-15 10:36:03 ----A---- C:\Windows\system32\ie4uinit.exe 2013-08-15 10:36:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-08-15 10:36:02 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-15 10:36:02 ----A---- C:\Windows\system32\iesysprep.dll 2013-08-15 10:36:01 ----A---- C:\Windows\system32\iertutil.dll 2013-08-15 10:35:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-08-15 10:35:58 ----A---- C:\Windows\system32\msfeeds.dll 2013-08-15 10:35:57 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-08-15 10:35:57 ----A---- C:\Windows\system32\jscript.dll 2013-08-15 10:35:56 ----A---- C:\Windows\system32\jscript9.dll 2013-08-15 10:35:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-08-15 10:35:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-08-15 10:35:52 ----A---- C:\Windows\system32\urlmon.dll 2013-08-15 10:35:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-08-15 10:35:50 ----A---- C:\Windows\system32\jsproxy.dll 2013-08-15 10:35:49 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-08-15 10:35:48 ----A---- C:\Windows\system32\wininet.dll 2013-08-15 10:35:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-08-15 10:35:44 ----A---- C:\Windows\system32\ieframe.dll 2013-08-15 10:35:43 ----A---- C:\Windows\system32\mshtml.dll 2013-08-15 10:35:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-08-14 11:16:47 ----A---- C:\Windows\system32\crypt32.dll 2013-08-14 11:16:46 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-08-14 11:16:46 ----A---- C:\Windows\system32\wintrust.dll 2013-08-14 11:16:45 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2013-08-14 11:16:44 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2013-08-14 11:16:43 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2013-08-14 11:16:43 ----A---- C:\Windows\system32\cryptsvc.dll 2013-08-14 11:16:43 ----A---- C:\Windows\system32\cryptnet.dll 2013-08-14 11:16:10 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-08-14 11:16:10 ----A---- C:\Windows\system32\tzres.dll 2013-08-14 11:15:56 ----A---- C:\Windows\system32\WMVDECOD.DLL 2013-08-14 11:15:55 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL 2013-08-14 11:15:53 ----A---- C:\Windows\system32\rpcrt4.dll 2013-08-14 11:15:52 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2013-08-14 11:15:50 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-08-14 11:15:48 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-08-14 11:15:48 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-08-14 11:15:48 ----A---- C:\Windows\system32\ntdll.dll 2013-08-14 11:15:47 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-08-14 11:15:47 ----A---- C:\Windows\system32\wow64.dll 2013-08-14 11:15:45 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-08-14 11:15:43 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-08-14 11:15:41 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-08-14 11:15:41 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-08-14 11:15:40 ----A---- C:\Windows\SYSWOW64\user.exe 2013-08-14 11:15:37 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2013-08-14 11:15:36 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-08-13 19:55:44 ----D---- C:\Program Files (x86)\Application Updater 2013-08-13 19:55:41 ----D---- C:\Program Files (x86)\IObit Apps Toolbar ======List of files/folders modified in the last 1 month====== 2013-09-10 12:39:59 ----D---- C:\Windows\Temp 2013-09-10 12:39:45 ----D---- C:\Windows\Prefetch 2013-09-10 12:17:45 ----D---- C:\Users\henk\AppData\Roaming\Skype 2013-09-10 12:17:22 ----D---- C:\ProgramData\MFAData 2013-09-10 11:48:19 ----D---- C:\Users\henk\AppData\Roaming\POP Peeper 2013-09-10 11:08:11 ----D---- C:\Windows\system32\config 2013-09-10 00:13:41 ----D---- C:\ProgramData\BOINC 2013-09-09 19:31:23 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-09 19:31:20 ----D---- C:\Windows\system32\drivers 2013-09-09 15:53:47 ----D---- C:\Windows\system32\Tasks 2013-09-09 13:21:37 ----SHD---- C:\System Volume Information 2013-09-09 12:03:57 ----D---- C:\Program Files 2013-09-08 23:00:02 ----D---- C:\Windows\system32\LogFiles 2013-09-08 22:01:10 ----D---- C:\Program Files (x86)\Glary Utilities 3 2013-09-08 21:15:49 ----SHD---- C:\Windows\Installer 2013-09-08 21:15:49 ----SHD---- C:\Config.Msi 2013-09-08 20:19:42 ----D---- C:\Windows 2013-09-08 20:19:11 ----D---- C:\Windows\System32 2013-09-08 20:19:07 ----D---- C:\Program Files\WinRAR 2013-09-08 15:57:33 ----D---- C:\Program Files (x86)\IObit 2013-09-06 19:04:06 ----RD---- C:\Program Files (x86) 2013-09-06 11:31:36 ----D---- C:\Users\henk\AppData\Roaming\Foxit Software 2013-09-05 18:55:58 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-09-05 18:55:57 ----D---- C:\Windows\inf 2013-09-02 13:22:52 ----HD---- C:\ProgramData 2013-09-02 10:16:27 ----A---- C:\Windows\system32\AutoRunFilter.ini 2013-09-02 10:15:29 ----D---- C:\Windows\debug 2013-09-01 21:30:29 ----D---- C:\Program Files (x86)\Common Files 2013-09-01 21:30:09 ----D---- C:\Windows\system32\catroot2 2013-09-01 21:27:59 ----D---- C:\Program Files (x86)\Adobe 2013-09-01 21:27:53 ----D---- C:\ProgramData\Adobe 2013-09-01 21:26:49 ----D---- C:\Windows\SysWOW64 2013-09-01 19:53:39 ----D---- C:\Program Files\ATKGFNEX 2013-09-01 19:39:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2013-09-01 11:26:32 ----A---- C:\Windows\system32\acovcnt.exe 2013-08-26 14:34:35 ----D---- C:\Windows\system32\catroot 2013-08-26 14:34:33 ----D---- C:\Windows\system32\DriverStore 2013-08-26 11:33:04 ----A---- C:\Windows\system32\ServiceFilter.ini 2013-08-25 12:59:08 ----D---- C:\Windows\Tasks 2013-08-25 12:29:36 ----D---- C:\Windows\system32\wfp 2013-08-25 12:29:34 ----D---- C:\Windows\system32\wbem 2013-08-25 12:28:36 ----D---- C:\Windows\SYSWOW64\Fast Boot 2013-08-25 12:28:36 ----D---- C:\ProgramData\P4G 2013-08-25 12:28:34 ----D---- C:\Windows\registration 2013-08-24 22:27:12 ----D---- C:\Windows\system32\NDF 2013-08-24 11:21:17 ----D---- C:\Users\henk\AppData\Roaming\DiskDefrag 2013-08-22 12:21:49 ----D---- C:\Windows\system32\CodeIntegrity 2013-08-22 12:21:49 ----D---- C:\Windows\AppCompat 2013-08-22 12:21:44 ----D---- C:\ProgramData\IObit 2013-08-20 14:14:27 ----D---- C:\Windows\Panther 2013-08-20 11:21:52 ----A---- C:\Windows\system32\BootDefrag.exe 2013-08-18 18:52:48 ----D---- C:\Users\henk\AppData\Roaming\ArcSoft 2013-08-15 12:57:28 ----D---- C:\Windows\rescache 2013-08-15 12:13:49 ----D---- C:\Windows\Microsoft.NET 2013-08-15 12:13:45 ----RSD---- C:\Windows\assembly 2013-08-15 10:46:58 ----D---- C:\Windows\winsxs 2013-08-15 10:43:15 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-08-15 10:43:15 ----D---- C:\Windows\system32\nl-NL 2013-08-15 10:43:12 ----D---- C:\Program Files (x86)\Internet Explorer 2013-08-15 10:43:08 ----D---- C:\Program Files\Internet Explorer 2013-08-15 10:43:04 ----D---- C:\Windows\AppPatch 2013-08-15 10:35:15 ----D---- C:\ProgramData\Microsoft Help 2013-08-15 10:24:23 ----D---- C:\Windows\system32\MRT 2013-08-15 10:19:53 ----A---- C:\Windows\system32\MRT.exe 2013-08-14 19:27:57 ----D---- C:\Program Files (x86)\Calibre2 2013-08-13 19:55:52 ----A---- C:\prefs.js ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-10-12 35384] R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-07-10 45880] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600] R0 ***laby;***laby; C:\Windows\system32\DRIVERS\***laby.sys [2009-06-18 15928] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2013-07-25 295696] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-08-16 45856] R1 RapportCerberus_56758;RapportCerberus_56758; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [2013-08-23 589872] R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-07-25 265872] R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-07-25 384144] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904] R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 17464] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616] R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-09-29 114688] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-05-25 138752] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416] R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144] S0 BootDefragDriver;BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [] S3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2; C:\Windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys [] S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys [] S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys [] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-09-28 109056] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272] R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-15 359552] R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2013-08-08 807800] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208] R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-07-25 1432080] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136] R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464] R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456] R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232] R2 IObitBarService;IObit Toolbar Service; C:\PROGRA~2\IObitBar\toolbar\2.bin\i0barsvc.exe [2010-07-10 28766] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808] R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-07-25 1435928] R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [2013-08-16 1643184] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600] R3 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-27 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-27 257416] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-27 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-06 182768] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 nosGetPlusHelper;getPlus® Helper 3004; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736] -----------------EOF-----------------
