Custard
-
Items
243 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Custard
-
Beste Al lang geleden heb ik moeilijkheden met het afspelen van bepaalde mp3 bestanden. Ik gebruik sinds en nog steeds Winamp als mediaplayer. Wat nu het probleem is is dat ik een enorme database aan muziek heb (2,5 TB) Afspelen gaat vlot tot hij bepaalde muziekmappen tegenkomt en de muziekbestanden niet wil afspelen. Ik heb erop gelet dat het alleen geripte cd's waren die de speler niet wou afspelen. Tot zover was dat het geval. Na enige tijd viel mij op dat telkens het een andere muziekmap was die de speler niet wou afspelen. Dus m.a.w. dan die 1ne map NIET en daarna die 1ne map WEL. De speler wisselde/wisselt bepaalde mappen onwillekeurig alsof hij dan wel "goesting" heeft om die bepaalde map af te spelen en dan weer niet. Het is dus nooit dezelfde map die hapert. Mijn versie van Winamp is legaal van de officiële website gedownload. Al van de pc afgezwierd en terug geïnstalleerd maar het probleem blijft aanhouden. Wat ik meestal doe is de map die niet wil afspelen terug converteren van mp3 naar mp3 met Switch Sound File Converter en dan is het opgelost. Maar ik kan toch steeds niet alles wat hij niet wil afspelen blijven converteren!!? Dat is op de duur onbegonnen werk omdat het zoveel muziek is. Ook doet Winamp raar sinds de computer mijn PC remote controller heeft gedetecteerd. Er blijft bij het openen van Winamp een foutmelding verschijnen van een soort van remote invoegtoepassing 'sleep dll'. (het vensterje gaat enorm vlug open en dicht). Mijn vraag is ook of dat een mediaspeler zoveel muziek wel aankan???? Nu komt er nog eens bij dat ik speciaal een pc remote controller heb gekocht om Winamp te willen besturen via afstand maar dit controllertje werkt niet naar behoren. Dus heb ik even Winamp gelaten voor wat het was en WMP terug zijn gang laten gaan. Na al die jaartjes is het terug allemaal uitzoeken hoe het werkt natuurlijk. Alleen de pc remote controller werkt WEL met WMP. Het spijtige aan deze zaak is dat ik niet graag met WMP wil afspelen. Metagegevens en consorten is anders als bij Winamp denk ik?!? Plus Winamp scant veel vlugger heb ik de indruk. Wat ik eigenlijk wil is dat ik met men pc remote controller Winamp wil besturen. Het spijtige is dat ik weinig info kan vinden over dit apparaatje en dat er een manier kan zijn om deze 2 compatibel te maken. Voor wat het waard is, al mijn muziek komt van cd's EN van het internet geplukt. Veel van betrouwbare bron. Ik heb ook nog een reactie gestuurd i.v.m. browserproblemen wat ook veranderingen en complicaties heeft meegebracht dat de pc trager werkt en men browser enorm traag en raar doet. Als dit invloed zou hebben op mijn programma's??? Let me know alsjeblief??? Heb ondertussen een schrik gevat van malware en virussen en van die toestanden. Ik wil deze pc niet naar de vaantjes helpen zoals ik mijn 1ste heb gemarteld tot deze tilt sloeg lol. In elk geval ik hoop dat het kan opgelost worden. Niet perfect maar ben al tevreden met antwoorden en dat het toch ietsje kan opgelost worden. Cheers
-
Hellow Nog niet zo lang geleden had ik problemen met men browser en nu is het weeral. Sinds ik die nieuwe IE11 heb gedownload vanwege sommige pagina's het 'vragen' of 'aanraden' om IE11 te gebruiken gaat mijn browser enorm traag. Aan/af verbindingen met het net en kwam er een soort van Safe Protect icoontje in men werkbalk te staan. Ondertussen heb ik dat verwijdert en dacht dat het opgelost zou zijn omdat deze altijd mijn google-startpagina overschreef. Neen dus... Daarbij is het soms moeilijk in te loggen op sommige pagina's (o.a. deze van pchelpforum). Sommige websites vertonen maar de helft van wat ze moeten voorstellen of hebben geregeld een 'error 404 of dergelijk" te melden. Kan iemand me hiermee helpen? cheers
-
Alles is probleemloos verlopen. Clean!!!!! Vriendelijk bedankt om me te helpen met dit probleem. Alvast en een :alberteinstein:gewenst Over and out.
-
Het lijkt....opgelost google staat fier als startpagina!!! Enkel nog een kleine vraag. Hoe verwijder ik het hardnekkige stof en vuil uit mijn pc? Er zijn bepaalde plekken waar ik moeilijk durf aankomen zowel met air-spray of een doekje. Dat kleine ventilatortje midden in de pc zit vast op een printplaat en daar zit enorm veel vuil rond en in. Ik durf er niet aankomen. Of is het misschien beter dat ik dat onder een ander onderwerp zet hier op het forum? In elk geval bedankt bedankt bedankt:shakehands: om dit probleem op te lossen.
-
# AdwCleaner v3.018 - Report created 17/02/2014 at 12:20:02 # Updated 28/01/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Jürgen - Nancy - JÜRGEN-NANCY-PC # Running from : C:\Users\Jürgen - Nancy\Downloads\!TE DOEN\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Jürgen - Nancy\AppData\Roaming\DefaultTab Folder Deleted : C:\Users\Jürgen - Nancy\AppData\Roaming\goforfiles Folder Deleted : C:\Users\Jürgen - Nancy\AppData\Roaming\Industriya File Deleted : C:\Users\Jürgen - Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js File Deleted : C:\Users\Jürgen - Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\Users\Jürgen - Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Shortcut Disinfected : C:\Users\Jürgen - Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Shortcut Disinfected : C:\Users\Jürgen - Nancy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Shortcut Disinfected : C:\Users\Jürgen - Nancy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1 Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1 Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\driverscanner Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr Key Deleted : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Key Deleted : HKCU\Software\53edbdde06de546 Key Deleted : HKLM\SOFTWARE\53edbdde06de546 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader23974[1]_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader23974[1]_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_revealer-keylogger_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_revealer-keylogger_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_fences_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_fences_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_free-mp3-cutter-and-editor_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_free-mp3-cutter-and-editor_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_free-youtube-downloader_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_free-youtube-downloader_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B25AEDC4-8086-41E3-8349-328223FA9FCB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355305536} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366306636} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A7C4DE54-D7A3-44DF-9C9D-26E08177C6FF} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344304436} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355305536} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366306636} Key Deleted : HKCU\Software\BabSolution Key Deleted : HKCU\Software\BI Key Deleted : HKCU\Software\Delta Key Deleted : HKCU\Software\installedbrowserextensions Key Deleted : HKCU\Software\PrivitizeVPNInstallDates Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\StartSearch Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKCU\Software\AppDataLow\Software\videosaver Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Delta Key Deleted : HKLM\Software\Vittalia Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16518 -\\ Mozilla Firefox v [ File : C:\Users\Jürgen - Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ] [ File : C:\Users\Jürgen - Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ] ************************* AdwCleaner[R0].txt - [10535 octets] - [17/02/2014 10:19:45] AdwCleaner[s0].txt - [9633 octets] - [17/02/2014 12:20:02] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [9693 octets] ##########
-
Zoek.exe v5.0.0.0 Updated 15-February-2014 Tool run by Jrgen - Nancy on zo 16/02/2014 at 21:37:40,80. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JRGEN-~1\Documents\Jürgen\Software\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-08-145037.log 49462 bytes C:\zoek-results2013-11-09-095449.log 4972 bytes C:\zoek-results2014-02-11-124341.log 23581 bytes C:\zoek-results2014-02-12-165952.log 1330 bytes C:\zoek-results2014-02-14-211653.log 30476 bytes C:\zoek-results2014-02-15-111652.log 1089 bytes C:\zoek-results2014-02-16-132146.log 32453 bytes ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=- [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Run] "f.lux"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "f.lux"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- "zulagames@ZulaGames.com"=- [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "zulagames@ZulaGames.com"=- ==== Deleting Files \ Folders ====================== C:\Windows\SysNative\tasks\{04902170-FAB5-4221-8A26-C54A801ABD8B} deleted C:\Windows\SysNative\tasks\{0D9410E3-651B-44B0-8114-B1377C2F8A68} deleted C:\Windows\SysNative\tasks\{4E3895D7-2AF7-44DD-AED7-96601D575516} deleted C:\Windows\SysNative\tasks\{72C2AD64-B6BB-4F2E-A5F0-F81C82E6A407} deleted C:\Windows\SysNative\tasks\{7C6507C9-154F-4F31-A85D-9C15CB592043} deleted C:\Windows\SysNative\tasks\{B978FA62-FCE5-419F-ACE6-7EA92A7F51EE} deleted C:\Windows\SysNative\tasks\{F9536317-D79F-46A0-97DF-FB1ED69CF44F} deleted C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Flux.lnk" deleted ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\zulagames@ZulaGames.com deleted successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=693 folders=145 284276045 bytes) ==== After Reboot ====================== ==== Deleting Files / Folders ====================== "C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EMRE3Z6S" not found "C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KB2WS2AB" not found "C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRUI1537" not found "C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W6GEAKNY" not found ==== EOF on zo 16/02/2014 at 21:47:37,87 ======================
-
Vraagje.... sinds de vorige scan met zoek.exe valt geregeld mijn scherm uit voor 1 à 2 seconden, is dat normaal?
-
Zoek.exe v5.0.0.0 Updated 15-February-2014 Tool run by Jrgen - Nancy on zo 16/02/2014 at 14:02:01,27. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JRGEN-~1\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-11-08-145037.log 49462 bytes C:\zoek-results2013-11-09-095449.log 4972 bytes C:\zoek-results2014-02-11-124341.log 23581 bytes C:\zoek-results2014-02-12-165952.log 1330 bytes C:\zoek-results2014-02-14-211653.log 30476 bytes C:\zoek-results2014-02-15-111652.log 1089 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-02-06 22:54:27 C56815AABC7C7BA77123D91CDAB919E9 719336401 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\JRGEN-~1\AppData\Local\Temp ==== ====== Java Cache ===== 2014-02-11 16:33:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-7224f923 ====== C:\Windows\SysWOW64 ===== 2014-02-12 23:16:55 3D485254E43EF4E4F707346B5731EA9A 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-02-12 23:15:47 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-02-12 23:15:47 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-02-12 23:15:45 85AC8EB265EDCAD86D651D45C5E3AB83 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-02-12 23:15:42 C9D1131E2163CE932DF3EAAF0EEA3673 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-02-12 23:15:42 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-02-12 23:15:41 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-02-12 23:15:41 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-02-12 23:15:41 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-12 23:15:41 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-02-12 23:15:41 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-02-12 23:15:40 9C89246184979A070B0C6CCF61C68136 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-02-12 23:15:40 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-02-12 23:15:40 5D9DC6332A4FC66388B09BBE7CF53750 1156096 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-02-12 23:15:40 34CBED7698D557DDB43F8732FBC2ACB9 2168320 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-02-12 23:15:39 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-02-12 23:15:38 79FA7D8B488F90EDE325963379A6F738 11266048 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-02-12 23:15:37 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-02-12 23:15:37 99280392987A1A96C756A9F38C4CE396 4244480 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-02-12 11:25:56 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-12 11:25:56 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\SysWOW64\RMActivate.exe 2014-02-12 11:25:56 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-12 11:25:55 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-12 11:25:54 BBCE3E9E74C7CEA47FA4115B360AC2C6 423936 ----a-w- C:\Windows\SysWOW64\secproc_isv.dll 2014-02-12 11:25:54 9158DBE2F8483434FC72F320690C9DB8 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-12 11:25:54 7FA485555BF802FE3DB5598004DBDFAC 390144 ----a-w- C:\Windows\SysWOW64\msdrm.dll 2014-02-12 11:25:54 58712A48D31B40EBCB35B47205F87771 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-12 11:25:54 12A9F24DC9F465DA79AC2272D829A81E 428032 ----a-w- C:\Windows\SysWOW64\secproc.dll 2014-02-12 11:25:48 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\SysWOW64\locale.nls 2014-02-12 11:25:47 E4561704CBFA193761743E5AF746C669 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-02-12 11:25:47 17B06F23237FCD731FA2E10ECD6EDFE1 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-02-12 11:25:34 D96106CF60505734B14F6AE80AAA4B07 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-02-12 11:25:32 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-12 23:16:55 F67C7D80745379DC4C5332EFFE5AC696 548864 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-02-12 23:15:47 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-02-12 23:15:46 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-02-12 23:15:44 63B5E990896BA81D604032A48CC80A5C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-02-12 23:15:43 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-02-12 23:15:43 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-02-12 23:15:43 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-02-12 23:15:42 CDE728C8FB1D6E132CED44835FA44C87 627200 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-02-12 23:15:42 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-02-12 23:15:41 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-02-12 23:15:41 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-02-12 23:15:41 D016F5092E4FFC41147E8555A71D2DDE 23170048 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-02-12 23:15:41 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-02-12 23:15:41 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-02-12 23:15:40 F348B2D0983C91392632B4291C517AA4 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-02-12 23:15:40 6300AD525D639CECBB3D144B6D7B30F9 2765824 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-02-12 23:15:40 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-02-12 23:15:40 263B6E451526A90FF8B1CEC759F22956 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-02-12 23:15:40 22874047B810B5B174C68ACD7C0B6510 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-02-12 23:15:39 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-02-12 23:15:38 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-02-12 23:15:36 5922EEA922D3AD686342F866CAEE851F 5768704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-02-12 11:25:58 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 ----a-w- C:\Windows\Sysnative\RMActivate_isv.exe 2014-02-12 11:25:57 1B3741488AA7E237961A29D1E7A44C0A 626176 ----a-w- C:\Windows\Sysnative\RMActivate.exe 2014-02-12 11:25:56 297926B15AE5390409F1007EB28A8EFB 552960 ----a-w- C:\Windows\Sysnative\RMActivate_ssp_isv.exe 2014-02-12 11:25:55 5693212AB2EBCACBBE05EC3A642113E2 485888 ----a-w- C:\Windows\Sysnative\secproc_isv.dll 2014-02-12 11:25:55 03F8F411F118CFDA508E77C747BB05EA 553984 ----a-w- C:\Windows\Sysnative\RMActivate_ssp.exe 2014-02-12 11:25:54 DC6DD779F35BB42E2E76FDFEC565C251 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp_isv.dll 2014-02-12 11:25:54 C6AC2C91541D24F9E236A670C0CA793D 528384 ----a-w- C:\Windows\Sysnative\msdrm.dll 2014-02-12 11:25:54 B41B1FEDEBBD955B4E25676B42087885 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp.dll 2014-02-12 11:25:54 399FC1B75790EE606A6FD9F2FB4C891C 488448 ----a-w- C:\Windows\Sysnative\secproc.dll 2014-02-12 11:25:48 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\Sysnative\locale.nls 2014-02-12 11:25:47 CD2C20CC3B385A32701F78C0ACBBE9F3 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-02-12 11:25:47 0D298133C359AB8CB9EB4FA178BF3947 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-02-12 11:25:34 E8710B5DDA963E6BA198DF5FB209E72A 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-02-12 11:25:32 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll 2014-02-02 23:22:13 ED01633E2BEBC53446767093A7D8B6C0 7549 ----a-w- C:\Windows\Sysnative\dopdf7.ctm 2014-02-02 23:22:08 4D328694BB516E46D2D184950D94433F 1700352 ----a-w- C:\Windows\Sysnative\GdiPlus.dll ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\JRGEN-~1\AppData ====== 2014-02-11 11:38:00 -------- d-----w- C:\Users\JRGEN-~1\AppData\Local\Temp 2014-02-02 23:22:19 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Softland 2014-02-02 23:22:19 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\Softland 2014-01-25 23:08:20 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\piServer 2014-01-17 19:12:31 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The King ====== C:\Users\JRGEN-~1 ====== 2014-02-04 15:44:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2014-01-17 19:12:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King ====== C: exe-files == 2014-02-13 19:40:44 B0AB350E3E98C7FB1E4930F762D0477B 3273016 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000057eb\DAO.17845377.exe 2014-02-12 23:15:42 9E8F9FDD407DDE997965EEFD9E635CCF 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-02-12 23:15:41 AFAB9B381886ABE3490689B7633A858F 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-02-12 23:15:39 C6E1178294BDEAB1CACF50427688DF05 806104 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-02-12 23:15:39 4263F6C131E513CEA1AE82B5B81A4E1A 808152 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-02-12 16:05:13 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe 2014-02-12 16:05:13 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe 2014-02-12 16:05:12 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe 2014-02-12 16:04:54 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe 2014-02-12 16:04:52 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe 2014-02-12 16:04:51 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe 2014-02-12 16:04:47 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe 2014-02-12 11:26:37 E70CDCC45794FC5D47EE6B4C0E36B061 319024 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgndisa.exe 2014-02-11 19:38:47 69BAC259A78561327ECFDE108BB5B686 3241056 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000057d2\DAO.17829829.exe 2014-02-10 09:16:48 FFD052D0F464ADC243C24E71D15C9990 12344 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe 2014-02-10 09:16:48 F9A63E15E78C2E6470CE3DFC526970D3 32472 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AfterUpgradingToWin81.exe 2014-02-10 09:16:48 F86275D16121F6591B69B801DE6ED394 21408 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_NetworkCheck.exe 2014-02-10 09:16:48 F6D2EA7FCB0F094B53CB88480FB5E582 30424 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness_Ex.exe 2014-02-10 09:16:48 F4CCCAB03392ECA3BCB6EAB9DB2089E0 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_NSPOS.exe 2014-02-10 09:16:48 F228ECDCDF7D094326F43ADF29A0DBD5 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_EMEA.exe 2014-02-10 09:16:48 E4F8F4F057E3164A52D9D206D1F99193 31544 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness.exe 2014-02-10 09:16:48 E49E5BF9C8C5F1508F63DA3C6C824984 30936 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupPasswordReminder.exe 2014-02-10 09:16:48 DDE93A9FB974B6DCDEE299AF055CFFF1 59608 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\WarrantyObjectChecker.exe 2014-02-10 09:16:48 DD79A6B15C2F28DE98DF4852AAF6B13B 21720 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe 2014-02-10 09:16:48 CAE98FD09A88C575E7853218103A212A 29912 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_HPConnectedPhoto.exe 2014-02-10 09:16:48 C7EC72A8673DD2CC88A8384CA6D00120 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_US.exe 2014-02-10 09:16:48 C6CA25804A7F161D3D9986DF5A305EBD 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BeforeUpgradingToWin81.exe 2014-02-10 09:16:48 9DFDD8AC6D33626A90E97D7B74E1F9A4 29912 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_US.exe 2014-02-10 09:16:48 8BBE4ACE9EA06D5BAE4BEE2A2B42BC8D 27352 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_EMEA.exe 2014-02-10 09:16:48 5288FEC36ADB27C8A24623F6DB8858B8 72920 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_toastNotify.exe 2014-02-10 09:16:48 51D3A8E9A26EA3DE98A80BF117519F85 42712 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_EMEA.exe 2014-02-10 09:16:48 4C5282B9AF02E930E85761395610DCA1 27864 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\SystemAgeOneYear.exe 2014-02-10 09:16:48 2DA14CADC35E8CAEC6D0FD7D3A5844C2 21208 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_GuestAccount.exe 2014-02-10 09:16:48 2BCA2C6866D24EEEA37968D0B48FAEFF 78136 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe 2014-02-10 09:16:48 136D8804CB446BB88C19856B1DC75861 32472 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe 2014-02-10 09:16:48 086CE228EEEB9968C33C924355DEBF72 121144 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtilDT.exe 2014-02-10 09:16:48 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe 2014-02-10 09:13:32 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Jürgen - Nancy\Documents\Jürgen\Software\RSITx64.exe === C: other files == 2014-02-10 09:16:59 22A341D42D1568B948E2204D1EA446DE 36570 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\nl-NL\hcsolutions.zip 2014-02-10 09:16:56 02F8664D3039D1A181F716A867D0A3CF 1238598 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guidAcheck.zip 2014-02-10 09:16:52 59F14B5DF9F1C9CCA13CC0EB7A7035DB 1829427 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guid.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "f.lux"="C:\Users\Jrgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN" "ROC_JAN2013_TB"="C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe /PROMPT /CMPID=JAN2013_TB" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "ContentTransferWMDetector.exe"="C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" "PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "f.lux"="C:\Users\Jrgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\progra~3\\bitguard\\261673~1.238\\{c16c1~1\\bitguard.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background" "PC-Doctor for Windows localizer"="C:\Program Files\PC-Doctor for Windows\localizer.exe" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\Jrgen - Nancy\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" "Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPADVISOR" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe view=DOCKVIEW" ==== Startup Folders ====================== 2012-09-30 17:47:13 1316 ----a-w- C:\Users\JRGEN-~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2013-08-06 14:36:02 1032 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk 2013-04-18 17:50:30 2047 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Flux.lnk 2013-07-14 11:45:02 2101 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05/02/2014 13:23] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/12/2010 00:40] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/12/2010 00:40] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe] "C:\Windows\SysNative\tasks\ExtendedServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Jrgen - Nancy\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\Orb Startup" [C:\Program Files (x86)\Winamp Remote\bin\OrbTray.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3597228709-2799698942-2323137413-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3597228709-2799698942-2323137413-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{04902170-FAB5-4221-8A26-C54A801ABD8B}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{0D9410E3-651B-44B0-8114-B1377C2F8A68}" [C:\Users\Jrgen - Nancy\Downloads\TE DOEN\riknl111.exe] "C:\Windows\SysNative\tasks\{4E3895D7-2AF7-44DD-AED7-96601D575516}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{72C2AD64-B6BB-4F2E-A5F0-F81C82E6A407}" [C:\Program Files (x86)\Bit Che\Bit_Che.exe] "C:\Windows\SysNative\tasks\{7C6507C9-154F-4F31-A85D-9C15CB592043}" [C:\Users\Jrgen - Nancy\Documents\PS_AIO_NonNetwork_NLD_NB.exe] "C:\Windows\SysNative\tasks\{B978FA62-FCE5-419F-ACE6-7EA92A7F51EE}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{F9536317-D79F-46A0-97DF-FB1ED69CF44F}" [C:\Program Files (x86)\Disc2Phone\D2P.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\NCH Swift Sound\switchShakeIcon" [C:\Program Files (x86)\NCH Swift Sound\Switch\Switch.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "zulagames@ZulaGames.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com" [17/10/2013 16:43] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "zulagames@ZulaGames.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com" [17/10/2013 16:43] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{B3F21F8A-5E8D-4245-86E1-9A5BEEC62229}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {7FE3B0FB-0424-422C-A321-62DC4DF5CA98} Bing Url="{searchTerms} - Bing" {B3F21F8A-5E8D-4245-86E1-9A5BEEC62229} Google Url="{searchTerms} - Google Search" {F71D9DCE-B6DB-44FD-A2CB-5608C24BA223} Microsoft Url="{searchTerms - Search Microsoft.com}" ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\Freemake Video Converter.lnk - C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe C:\Users\Public\Desktop\HP f2480 printer.lnk - C:\Program Files (x86)\hp\Digital Imaging\bin\Hpqdirec.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Public\Desktop\Meda MP3 Joiner.lnk - C:\Program Files (x86)\Meda MP3 Joiner\MP3Joiner.exe C:\Users\Public\Desktop\PMB Help.lnk - C:\Program Files (x86)\Sony\PMB\help\PMBHelp.chm C:\Users\Public\Desktop\PMB Launcher.lnk - C:\Program Files (x86)\Sony\PMB\PMBLauncher.exe C:\Users\Public\Desktop\PMB.lnk - C:\Program Files (x86)\Sony\PMB\PMBBrowser.exe C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\Recuva64.exe C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe C:\Users\Public\Desktop\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe C:\Users\Public\Desktop\Switch Sound File Converter.lnk - C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\Wifi-fikser.lnk - C:\Program Files (x86)\Wifi-fikser\Wifi-fikser.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\License.lnk - C:\THEKING\license.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\Read Me First.lnk - C:\THEKING\readme.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\Register Now.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\The King Help.lnk - C:\THEKING\THEKING.HLP C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\The King.lnk - C:\THEKING\theking.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\Uninstall.lnk - C:\THEKING\uninstal.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EMRE3Z6S will be deleted at reboot C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KB2WS2AB will be deleted at reboot C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRUI1537 will be deleted at reboot C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W6GEAKNY will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=656 folders=140 284038103 bytes) ==== Empty Temp Folders ====================== C:\Windows\Temp will be emptied at reboot de portaldo-site is nog steeds als 1ste die opent bij het openen van men browser.
-
Ik gebruik Internet Explorer 10
-
dit is het logje Zoek.exe v5.0.0.0 Updated 13-February-2014 Tool run by Jrgen - Nancy on za 15/02/2014 at 12:14:35,88. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JRGEN-~1\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-08-145037.log 49462 bytes C:\zoek-results2013-11-09-095449.log 4972 bytes C:\zoek-results2014-02-11-124341.log 23581 bytes C:\zoek-results2014-02-12-165952.log 1330 bytes C:\zoek-results2014-02-14-211653.log 30476 bytes ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 "mobilegeni daemon"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Mobogenie not found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=656 folders=140 284038103 bytes) ==== EOF on za 15/02/2014 at 12:16:52,23 ====================== En ik heb nog steeds die PortalDo als begintabblad
-
nogmaals Zoek.exe v5.0.0.0 Updated 13-February-2014 Tool run by Jrgen - Nancy on vr 14/02/2014 at 22:07:20,51. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JRGEN-~1\Documents\Jürgen\Software\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-11-08-145037.log 49462 bytes C:\zoek-results2013-11-09-095449.log 4972 bytes C:\zoek-results2014-02-11-124341.log 23581 bytes C:\zoek-results2014-02-12-165952.log 1330 bytes ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-02-06 22:54:27 C56815AABC7C7BA77123D91CDAB919E9 719336401 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\JRGEN-~1\AppData\Local\Temp ==== ====== Java Cache ===== 2014-02-11 16:33:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-7224f923 ====== C:\Windows\SysWOW64 ===== 2014-02-12 23:16:55 3D485254E43EF4E4F707346B5731EA9A 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-02-12 23:15:47 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-02-12 23:15:47 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-02-12 23:15:45 85AC8EB265EDCAD86D651D45C5E3AB83 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-02-12 23:15:42 C9D1131E2163CE932DF3EAAF0EEA3673 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-02-12 23:15:42 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-02-12 23:15:41 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-02-12 23:15:41 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-02-12 23:15:41 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-12 23:15:41 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-02-12 23:15:41 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-02-12 23:15:40 9C89246184979A070B0C6CCF61C68136 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-02-12 23:15:40 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-02-12 23:15:40 5D9DC6332A4FC66388B09BBE7CF53750 1156096 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-02-12 23:15:40 34CBED7698D557DDB43F8732FBC2ACB9 2168320 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-02-12 23:15:39 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-02-12 23:15:38 79FA7D8B488F90EDE325963379A6F738 11266048 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-02-12 23:15:37 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-02-12 23:15:37 99280392987A1A96C756A9F38C4CE396 4244480 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-02-12 11:25:56 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-12 11:25:56 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\SysWOW64\RMActivate.exe 2014-02-12 11:25:56 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-12 11:25:55 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-12 11:25:54 BBCE3E9E74C7CEA47FA4115B360AC2C6 423936 ----a-w- C:\Windows\SysWOW64\secproc_isv.dll 2014-02-12 11:25:54 9158DBE2F8483434FC72F320690C9DB8 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-12 11:25:54 7FA485555BF802FE3DB5598004DBDFAC 390144 ----a-w- C:\Windows\SysWOW64\msdrm.dll 2014-02-12 11:25:54 58712A48D31B40EBCB35B47205F87771 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-12 11:25:54 12A9F24DC9F465DA79AC2272D829A81E 428032 ----a-w- C:\Windows\SysWOW64\secproc.dll 2014-02-12 11:25:48 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\SysWOW64\locale.nls 2014-02-12 11:25:47 E4561704CBFA193761743E5AF746C669 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-02-12 11:25:47 17B06F23237FCD731FA2E10ECD6EDFE1 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-02-12 11:25:34 D96106CF60505734B14F6AE80AAA4B07 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-02-12 11:25:32 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-12 23:16:55 F67C7D80745379DC4C5332EFFE5AC696 548864 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-02-12 23:15:47 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-02-12 23:15:46 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-02-12 23:15:44 63B5E990896BA81D604032A48CC80A5C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-02-12 23:15:43 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-02-12 23:15:43 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-02-12 23:15:43 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-02-12 23:15:42 CDE728C8FB1D6E132CED44835FA44C87 627200 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-02-12 23:15:42 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-02-12 23:15:41 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-02-12 23:15:41 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-02-12 23:15:41 D016F5092E4FFC41147E8555A71D2DDE 23170048 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-02-12 23:15:41 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-02-12 23:15:41 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-02-12 23:15:40 F348B2D0983C91392632B4291C517AA4 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-02-12 23:15:40 6300AD525D639CECBB3D144B6D7B30F9 2765824 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-02-12 23:15:40 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-02-12 23:15:40 263B6E451526A90FF8B1CEC759F22956 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-02-12 23:15:40 22874047B810B5B174C68ACD7C0B6510 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-02-12 23:15:39 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-02-12 23:15:38 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-02-12 23:15:36 5922EEA922D3AD686342F866CAEE851F 5768704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-02-12 11:25:58 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 ----a-w- C:\Windows\Sysnative\RMActivate_isv.exe 2014-02-12 11:25:57 1B3741488AA7E237961A29D1E7A44C0A 626176 ----a-w- C:\Windows\Sysnative\RMActivate.exe 2014-02-12 11:25:56 297926B15AE5390409F1007EB28A8EFB 552960 ----a-w- C:\Windows\Sysnative\RMActivate_ssp_isv.exe 2014-02-12 11:25:55 5693212AB2EBCACBBE05EC3A642113E2 485888 ----a-w- C:\Windows\Sysnative\secproc_isv.dll 2014-02-12 11:25:55 03F8F411F118CFDA508E77C747BB05EA 553984 ----a-w- C:\Windows\Sysnative\RMActivate_ssp.exe 2014-02-12 11:25:54 DC6DD779F35BB42E2E76FDFEC565C251 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp_isv.dll 2014-02-12 11:25:54 C6AC2C91541D24F9E236A670C0CA793D 528384 ----a-w- C:\Windows\Sysnative\msdrm.dll 2014-02-12 11:25:54 B41B1FEDEBBD955B4E25676B42087885 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp.dll 2014-02-12 11:25:54 399FC1B75790EE606A6FD9F2FB4C891C 488448 ----a-w- C:\Windows\Sysnative\secproc.dll 2014-02-12 11:25:48 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\Sysnative\locale.nls 2014-02-12 11:25:47 CD2C20CC3B385A32701F78C0ACBBE9F3 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-02-12 11:25:47 0D298133C359AB8CB9EB4FA178BF3947 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-02-12 11:25:34 E8710B5DDA963E6BA198DF5FB209E72A 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-02-12 11:25:32 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll 2014-02-02 23:22:13 ED01633E2BEBC53446767093A7D8B6C0 7549 ----a-w- C:\Windows\Sysnative\dopdf7.ctm 2014-02-02 23:22:08 4D328694BB516E46D2D184950D94433F 1700352 ----a-w- C:\Windows\Sysnative\GdiPlus.dll ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\JRGEN-~1\AppData ====== 2014-02-11 11:38:00 -------- d-----w- C:\Users\JRGEN-~1\AppData\Local\Temp 2014-02-02 23:22:19 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Softland 2014-02-02 23:22:19 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\Softland 2014-01-25 23:08:20 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\piServer 2014-01-17 19:12:31 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The King ====== C:\Users\JRGEN-~1 ====== 2014-02-04 15:44:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2014-01-17 19:12:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King ====== C: exe-files == 2014-02-13 19:40:44 B0AB350E3E98C7FB1E4930F762D0477B 3273016 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000057eb\DAO.17845377.exe 2014-02-12 23:15:42 9E8F9FDD407DDE997965EEFD9E635CCF 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-02-12 23:15:41 AFAB9B381886ABE3490689B7633A858F 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-02-12 23:15:39 C6E1178294BDEAB1CACF50427688DF05 806104 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-02-12 23:15:39 4263F6C131E513CEA1AE82B5B81A4E1A 808152 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-02-12 16:05:13 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe 2014-02-12 16:05:13 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe 2014-02-12 16:05:12 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe 2014-02-12 16:04:54 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe 2014-02-12 16:04:52 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe 2014-02-12 16:04:51 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe 2014-02-12 16:04:47 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe 2014-02-12 11:26:37 E70CDCC45794FC5D47EE6B4C0E36B061 319024 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgndisa.exe 2014-02-11 19:38:47 69BAC259A78561327ECFDE108BB5B686 3241056 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000057d2\DAO.17829829.exe 2014-02-10 09:16:48 FFD052D0F464ADC243C24E71D15C9990 12344 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe 2014-02-10 09:16:48 F9A63E15E78C2E6470CE3DFC526970D3 32472 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AfterUpgradingToWin81.exe 2014-02-10 09:16:48 F86275D16121F6591B69B801DE6ED394 21408 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_NetworkCheck.exe 2014-02-10 09:16:48 F6D2EA7FCB0F094B53CB88480FB5E582 30424 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness_Ex.exe 2014-02-10 09:16:48 F4CCCAB03392ECA3BCB6EAB9DB2089E0 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_NSPOS.exe 2014-02-10 09:16:48 F228ECDCDF7D094326F43ADF29A0DBD5 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_EMEA.exe 2014-02-10 09:16:48 E4F8F4F057E3164A52D9D206D1F99193 31544 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness.exe 2014-02-10 09:16:48 E49E5BF9C8C5F1508F63DA3C6C824984 30936 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupPasswordReminder.exe 2014-02-10 09:16:48 DDE93A9FB974B6DCDEE299AF055CFFF1 59608 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\WarrantyObjectChecker.exe 2014-02-10 09:16:48 DD79A6B15C2F28DE98DF4852AAF6B13B 21720 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe 2014-02-10 09:16:48 CAE98FD09A88C575E7853218103A212A 29912 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_HPConnectedPhoto.exe 2014-02-10 09:16:48 C7EC72A8673DD2CC88A8384CA6D00120 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_US.exe 2014-02-10 09:16:48 C6CA25804A7F161D3D9986DF5A305EBD 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BeforeUpgradingToWin81.exe 2014-02-10 09:16:48 9DFDD8AC6D33626A90E97D7B74E1F9A4 29912 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_US.exe 2014-02-10 09:16:48 8BBE4ACE9EA06D5BAE4BEE2A2B42BC8D 27352 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_EMEA.exe 2014-02-10 09:16:48 5288FEC36ADB27C8A24623F6DB8858B8 72920 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_toastNotify.exe 2014-02-10 09:16:48 51D3A8E9A26EA3DE98A80BF117519F85 42712 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_EMEA.exe 2014-02-10 09:16:48 4C5282B9AF02E930E85761395610DCA1 27864 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\SystemAgeOneYear.exe 2014-02-10 09:16:48 2DA14CADC35E8CAEC6D0FD7D3A5844C2 21208 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_GuestAccount.exe 2014-02-10 09:16:48 2BCA2C6866D24EEEA37968D0B48FAEFF 78136 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe 2014-02-10 09:16:48 136D8804CB446BB88C19856B1DC75861 32472 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe 2014-02-10 09:16:48 086CE228EEEB9968C33C924355DEBF72 121144 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtilDT.exe 2014-02-10 09:16:48 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe 2014-02-09 12:00:06 D963226B497FB5BBB5C5B768B3D6C0C7 5973552 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgcrema.exe === C: other files == 2014-02-10 09:16:59 22A341D42D1568B948E2204D1EA446DE 36570 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\nl-NL\hcsolutions.zip 2014-02-10 09:16:56 02F8664D3039D1A181F716A867D0A3CF 1238598 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guidAcheck.zip 2014-02-10 09:16:52 59F14B5DF9F1C9CCA13CC0EB7A7035DB 1829427 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guid.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "f.lux"="C:\Users\Jrgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN" "ROC_JAN2013_TB"="C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe /PROMPT /CMPID=JAN2013_TB" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "ContentTransferWMDetector.exe"="C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" "PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "f.lux"="C:\Users\Jrgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\progra~3\\bitguard\\261673~1.238\\{c16c1~1\\bitguard.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background" "PC-Doctor for Windows localizer"="C:\Program Files\PC-Doctor for Windows\localizer.exe" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\Jrgen - Nancy\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" "Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPADVISOR" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe view=DOCKVIEW" ==== Startup Folders ====================== 2012-09-30 17:47:13 1316 ----a-w- C:\Users\JRGEN-~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2013-08-06 14:36:02 1032 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk 2013-04-18 17:50:30 2047 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Flux.lnk 2013-07-14 11:45:02 2101 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05/02/2014 13:23] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/12/2010 00:40] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/12/2010 00:40] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe] "C:\Windows\SysNative\tasks\ExtendedServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Jrgen - Nancy\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\Orb Startup" [C:\Program Files (x86)\Winamp Remote\bin\OrbTray.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3597228709-2799698942-2323137413-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3597228709-2799698942-2323137413-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{04902170-FAB5-4221-8A26-C54A801ABD8B}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{0D9410E3-651B-44B0-8114-B1377C2F8A68}" [C:\Users\Jrgen - Nancy\Downloads\TE DOEN\riknl111.exe] "C:\Windows\SysNative\tasks\{4E3895D7-2AF7-44DD-AED7-96601D575516}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{72C2AD64-B6BB-4F2E-A5F0-F81C82E6A407}" [C:\Program Files (x86)\Bit Che\Bit_Che.exe] "C:\Windows\SysNative\tasks\{7C6507C9-154F-4F31-A85D-9C15CB592043}" [C:\Users\Jrgen - Nancy\Documents\PS_AIO_NonNetwork_NLD_NB.exe] "C:\Windows\SysNative\tasks\{B978FA62-FCE5-419F-ACE6-7EA92A7F51EE}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{F9536317-D79F-46A0-97DF-FB1ED69CF44F}" [C:\Program Files (x86)\Disc2Phone\D2P.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\NCH Swift Sound\switchShakeIcon" [C:\Program Files (x86)\NCH Swift Sound\Switch\Switch.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "zulagames@ZulaGames.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com" [17/10/2013 16:43] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "zulagames@ZulaGames.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com" [17/10/2013 16:43] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{B3F21F8A-5E8D-4245-86E1-9A5BEEC62229}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {7FE3B0FB-0424-422C-A321-62DC4DF5CA98} Bing Url="{searchTerms} - Bing" {B3F21F8A-5E8D-4245-86E1-9A5BEEC62229} Google Url="{searchTerms} - Google Search" {F71D9DCE-B6DB-44FD-A2CB-5608C24BA223} Microsoft Url="{searchTerms - Search Microsoft.com}" ==== Reset Google Chrome ====================== Nothing found to reset ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\Freemake Video Converter.lnk - C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe C:\Users\Public\Desktop\HP f2480 printer.lnk - C:\Program Files (x86)\hp\Digital Imaging\bin\Hpqdirec.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Public\Desktop\Meda MP3 Joiner.lnk - C:\Program Files (x86)\Meda MP3 Joiner\MP3Joiner.exe C:\Users\Public\Desktop\PMB Help.lnk - C:\Program Files (x86)\Sony\PMB\help\PMBHelp.chm C:\Users\Public\Desktop\PMB Launcher.lnk - C:\Program Files (x86)\Sony\PMB\PMBLauncher.exe C:\Users\Public\Desktop\PMB.lnk - C:\Program Files (x86)\Sony\PMB\PMBBrowser.exe C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\Recuva64.exe C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe C:\Users\Public\Desktop\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe C:\Users\Public\Desktop\Switch Sound File Converter.lnk - C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\Wifi-fikser.lnk - C:\Program Files (x86)\Wifi-fikser\Wifi-fikser.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\License.lnk - C:\THEKING\license.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\Read Me First.lnk - C:\THEKING\readme.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\Register Now.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\The King Help.lnk - C:\THEKING\THEKING.HLP C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\The King.lnk - C:\THEKING\theking.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King\Uninstall.lnk - C:\THEKING\uninstal.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=656 folders=140 284038103 bytes) ==== EOF on vr 14/02/2014 at 22:16:53,62 ======================
-
Hier is ie Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2014.02.14.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Jürgen - Nancy :: JÜRGEN-NANCY-PC [administrator] 14/02/2014 19:27:25 mbam-log-2014-02-14 (19-27-25).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 239874 Verstreken tijd: 7 minuut/minuten, 48 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 3 HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\AppDataLow\Software\Plus-HD-2.2 (PUP.Optional.PlusHD.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Vittalia\AxtanInstaller (PUP.Optional.BundleInstaller.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 2 C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 4 C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Jürgen - Nancy\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) (nog iets... ik ga je de "foute" startpagina die url geven -> PortalDoSites Deze is diegene die altijd opent bij het opstarten van de browser i.p.v. Google, het is misschien handig om dit te hebben of te weten??) Cheers
-
Hellow Ik moet je eigenlijk teleurstellen, de "doPortal" startpagina is nog steeds aanwezig. En de pop-ups zijn er ook nog steeds Misschien heb ik iets fout gedaan? Ik heb gelezen dat een "dosearches" of "doPortal" startpagina eigenlijk een vast nestelend virus is dat naar gelang de tijd het erger kan worden. Ondertussen heb ik AVG hernieuwd (een 30 dagen volledige proefversie) en deze laten scannen maar is er niet tegen opgewassen. Andere keren heeft iemand mij geholpen door Malwarebytes en HiJackthis te laten scannen en toen heeft het een tijdje geholpen. Is het misschien nu dan een ander probleem? Ik wou dat ik er meer van af wist...van computers bedoel ik dus xD:adore: Anyway... Grtjs
-
Nogmaals het bestandje Zoek.exe v5.0.0.0 Updated 10-February-2014 Tool run by Jrgen - Nancy on wo 12/02/2014 at 17:57:35,62. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JRGEN-~1\Documents\Jürgen\Software\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-08-145037.log 49462 bytes C:\zoek-results2013-11-09-095449.log 4972 bytes C:\zoek-results2014-02-11-124341.log 23581 bytes ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "speedanalysis03@SpeedAnalysis.com"=- [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "speedanalysis03@SpeedAnalysis.com"=- ==== Deleting Files \ Folders ====================== C:\Windows\SysNative\tasks\0 deleted C:\Windows\SysNative\tasks\4775 deleted C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com deleted ==== C:\zoek_backup content ====================== C:\zoek_backup (files=656 folders=140 284038103 bytes) ==== EOF on wo 12/02/2014 at 17:59:52,89 ======================
-
hier het logbestandje Zoek.exe v5.0.0.0 Updated 10-February-2014 Tool run by Jrgen - Nancy on di 11/02/2014 at 12:17:59,78. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AE9TES81\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-11-08-145037.log 49462 bytes C:\zoek-results2013-11-09-095449.log 4972 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\Uniblue deleted successfully C:\ProgramData\Oracle deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NextLive"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ==== Deleting Files \ Folders ====================== C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me not found C:\Program Files (x86)\Mobogenie deleted C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted C:\Users\JRGEN-~1\daemonprocess.txt deleted C:\Users\JRGEN-~1\.android deleted C:\Users\JRGEN-~1\AppData\LocalLow\Plus-HD-2.2 deleted C:\Users\JRGEN-~1\AppData\LocalLow\Magnet Downloader deleted C:\Windows\tasks\ROC_JAN2013_TB_rmv.job deleted C:\windows\SysNative\tasks\ROC_JAN2013_TB_rmv deleted C:\Users\JRGEN-~1\Documents\Mobogenie deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-02-06 22:54:27 C56815AABC7C7BA77123D91CDAB919E9 719336401 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\JRGEN-~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-02 23:22:13 ED01633E2BEBC53446767093A7D8B6C0 7549 ----a-w- C:\Windows\Sysnative\dopdf7.ctm 2014-02-02 23:22:08 4D328694BB516E46D2D184950D94433F 1700352 ----a-w- C:\Windows\Sysnative\GdiPlus.dll ====== C:\Windows\Sysnative\drivers ===== 2014-01-15 10:47:12 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2014-01-15 10:47:12 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2014-01-15 10:47:12 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2014-01-15 10:47:12 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2014-01-15 10:47:12 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2014-01-15 10:47:12 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2014-01-15 10:47:12 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2014-01-15 10:47:10 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\JRGEN-~1\AppData ====== 2014-02-02 23:22:19 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Softland 2014-02-02 23:22:19 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\Softland 2014-01-25 23:08:20 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\piServer 2014-01-17 19:12:31 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The King ====== C:\Users\JRGEN-~1 ====== 2014-02-04 15:44:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2014-01-17 19:12:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The King ====== C: exe-files == 2014-02-10 09:16:48 FFD052D0F464ADC243C24E71D15C9990 12344 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe 2014-02-10 09:16:48 F9A63E15E78C2E6470CE3DFC526970D3 32472 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AfterUpgradingToWin81.exe 2014-02-10 09:16:48 F86275D16121F6591B69B801DE6ED394 21408 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_NetworkCheck.exe 2014-02-10 09:16:48 F6D2EA7FCB0F094B53CB88480FB5E582 30424 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness_Ex.exe 2014-02-10 09:16:48 F4CCCAB03392ECA3BCB6EAB9DB2089E0 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_NSPOS.exe 2014-02-10 09:16:48 F228ECDCDF7D094326F43ADF29A0DBD5 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_EMEA.exe 2014-02-10 09:16:48 E4F8F4F057E3164A52D9D206D1F99193 31544 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness.exe 2014-02-10 09:16:48 E49E5BF9C8C5F1508F63DA3C6C824984 30936 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupPasswordReminder.exe 2014-02-10 09:16:48 DDE93A9FB974B6DCDEE299AF055CFFF1 59608 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\WarrantyObjectChecker.exe 2014-02-10 09:16:48 DD79A6B15C2F28DE98DF4852AAF6B13B 21720 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe 2014-02-10 09:16:48 CAE98FD09A88C575E7853218103A212A 29912 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_HPConnectedPhoto.exe 2014-02-10 09:16:48 C7EC72A8673DD2CC88A8384CA6D00120 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_US.exe 2014-02-10 09:16:48 C6CA25804A7F161D3D9986DF5A305EBD 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BeforeUpgradingToWin81.exe 2014-02-10 09:16:48 9DFDD8AC6D33626A90E97D7B74E1F9A4 29912 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_US.exe 2014-02-10 09:16:48 8BBE4ACE9EA06D5BAE4BEE2A2B42BC8D 27352 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_EMEA.exe 2014-02-10 09:16:48 5288FEC36ADB27C8A24623F6DB8858B8 72920 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_toastNotify.exe 2014-02-10 09:16:48 51D3A8E9A26EA3DE98A80BF117519F85 42712 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_EMEA.exe 2014-02-10 09:16:48 4C5282B9AF02E930E85761395610DCA1 27864 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\SystemAgeOneYear.exe 2014-02-10 09:16:48 2DA14CADC35E8CAEC6D0FD7D3A5844C2 21208 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_GuestAccount.exe 2014-02-10 09:16:48 2BCA2C6866D24EEEA37968D0B48FAEFF 78136 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe 2014-02-10 09:16:48 136D8804CB446BB88C19856B1DC75861 32472 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe 2014-02-10 09:16:48 086CE228EEEB9968C33C924355DEBF72 121144 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtilDT.exe 2014-02-10 09:16:48 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe 2014-02-04 19:32:30 EFBB12554A646E87E72B65C1621E8877 3238136 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000057aa\DAO.17777837.exe 2014-02-04 15:35:32 8725ED11EF032D408C109DF0816D33BA 123192 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\Tools\UninstallHPSA.exe 2014-02-04 15:34:30 41CB698F967B4D9F2580EA2A21A5A710 107320 ----a-w- C:\Users\Jürgen - Nancy\AppData\Local\Temp\{C81956B2-2F83-4448-8FF6-8EA3B917B346}\ISBEW64.exe 2014-02-04 15:31:39 41CB698F967B4D9F2580EA2A21A5A710 107320 ------w- C:\Users\Jürgen - Nancy\AppData\Local\Temp\{F8ED6807-9454-4A29-80C1-DC0DF7D6F694}\ISBEW64.exe 2014-02-04 15:28:48 8725ED11EF032D408C109DF0816D33BA 123192 ----a-w- C:\Users\Jürgen - Nancy\AppData\Local\Temp\UninstallHPSA.exe === C: other files == 2014-02-10 09:16:59 22A341D42D1568B948E2204D1EA446DE 36570 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\nl-NL\hcsolutions.zip 2014-02-10 09:16:56 02F8664D3039D1A181F716A867D0A3CF 1238598 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guidAcheck.zip 2014-02-10 09:16:52 59F14B5DF9F1C9CCA13CC0EB7A7035DB 1829427 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guid.zip 2014-02-08 16:50:38 313210E22131EBFA4407345D20109198 98068 ----a-w- C:\Users\Jürgen - Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LZVASQFQ\IMIHBAC2014[1].zip 2014-02-04 15:43:28 8982A18BF989AECCBFFF14B246F5571F 141 ----a-w- C:\Windows\Help\OEM\Scripts\winNetworkDianosticTool.bat 2014-02-04 15:43:28 8198CB1BBFE605E2D9029F5CC39A80F9 104 ----a-w- C:\Windows\Help\OEM\Scripts\sysproperty.bat 2014-02-04 15:43:27 3A7A37197511A6AF3FB1E5FD0C846816 28 ----a-w- C:\Windows\Help\OEM\Scripts\ProgramCompatibilityWizard.bat 2014-02-04 15:43:26 875A1490532B2E58A32B30F1F613121E 92 ----a-w- C:\Windows\Help\OEM\Scripts\openPerformanceRatingTools.bat 2014-02-04 15:29:53 C8A9B21B203188163732BBABA8EB2CC1 435 ----a-w- C:\ProgramData\Hewlett-Packard\temp.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "f.lux"="C:\Users\Jrgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN" "ROC_JAN2013_TB"="C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe /PROMPT /CMPID=JAN2013_TB" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "ContentTransferWMDetector.exe"="C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" "PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "f.lux"="C:\Users\Jrgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\progra~3\\bitguard\\261673~1.238\\{c16c1~1\\bitguard.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background" "PC-Doctor for Windows localizer"="C:\Program Files\PC-Doctor for Windows\localizer.exe" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\Jrgen - Nancy\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" "Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPADVISOR" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe view=DOCKVIEW" ==== Startup Folders ====================== 2012-09-30 17:47:13 1316 ----a-w- C:\Users\JRGEN-~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2013-08-06 14:36:02 1032 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk 2013-04-18 17:50:30 2047 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Flux.lnk 2013-07-14 11:45:02 2101 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05/02/2014 13:23] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/12/2010 00:40] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/12/2010 00:40] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\SysNative\tasks\4775" [wscript.exe C:\Users\JRGEN-~1\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe] "C:\Windows\SysNative\tasks\ExtendedServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Jrgen - Nancy\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\Orb Startup" [C:\Program Files (x86)\Winamp Remote\bin\OrbTray.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3597228709-2799698942-2323137413-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3597228709-2799698942-2323137413-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{04902170-FAB5-4221-8A26-C54A801ABD8B}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{0D9410E3-651B-44B0-8114-B1377C2F8A68}" [C:\Users\Jrgen - Nancy\Downloads\TE DOEN\riknl111.exe] "C:\Windows\SysNative\tasks\{4E3895D7-2AF7-44DD-AED7-96601D575516}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{72C2AD64-B6BB-4F2E-A5F0-F81C82E6A407}" [C:\Program Files (x86)\Bit Che\Bit_Che.exe] "C:\Windows\SysNative\tasks\{7C6507C9-154F-4F31-A85D-9C15CB592043}" [C:\Users\Jrgen - Nancy\Documents\PS_AIO_NonNetwork_NLD_NB.exe] "C:\Windows\SysNative\tasks\{B978FA62-FCE5-419F-ACE6-7EA92A7F51EE}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{F9536317-D79F-46A0-97DF-FB1ED69CF44F}" [C:\Program Files (x86)\Disc2Phone\D2P.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\NCH Swift Sound\switchShakeIcon" [C:\Program Files (x86)\NCH Swift Sound\Switch\Switch.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "speedanalysis03@SpeedAnalysis.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com" [17/10/2013 16:43] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "speedanalysis03@SpeedAnalysis.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com" [17/10/2013 16:43] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{B3F21F8A-5E8D-4245-86E1-9A5BEEC62229}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {7FE3B0FB-0424-422C-A321-62DC4DF5CA98} Bing Url="{searchTerms} - Bing" {B3F21F8A-5E8D-4245-86E1-9A5BEEC62229} Google Url="{searchTerms} - Google Search" {F71D9DCE-B6DB-44FD-A2CB-5608C24BA223} Microsoft Url="{searchTerms - Search Microsoft.com}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.2 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AE9TES81 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=623 folders=135 283745843 bytes) ==== Empty Temp Folders ====================== C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\JRGEN-~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AE9TES81" not found ==== EOF on di 11/02/2014 at 13:43:41,24 ======================
-
Hoihoi kape Hier het logbestandje : Logfile of random's system information tool 1.09 (written by random/random) Run by Jürgen - Nancy at 2014-02-10 10:14:55 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 650 GB (69%) free of 941 GB Total RAM: 3959 MB (42% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:14:59, on 10/02/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Users\Jürgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Jürgen - Nancy.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [f.lux] "C:\Users\Jürgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3597228709-2799698942-2323137413-1007\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3597228709-2799698942-2323137413-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Flux.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~3\bitguard\261673~1.238\{c16c1~1\bitguard.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14708 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=373a0646-0887-4205-b352-6e529633941c /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\33d35a14-177e-4e26-9c68-8345aeb2142c-1c4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork taskeng.exe {3B1518F0-74D0-4D79-A19E-45B978489603} "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" C:\Windows\System32\svchost.exe -k HPZ12 "C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe" "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe" taskeng.exe {366C6CF7-FF90-4CF7-AF0F-DA9E2045527A} C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" taskeng.exe {5D10C75E-F11D-4F51-9528-4B04F42DA4C0} WLIDSvcM.exe 2808 "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe" "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "C:\Users\Jürgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow "C:\Windows\SysWOW64\rundll32.exe" "C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe" "C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2014\avgemca.exe" "C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" "C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F2400 series#1373802423" -Startup "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe" "\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ad1ca710-9054-4092-ad1f-51d309dc1df5 -SystemEventPortName:HostProcess-071d7852-d79e-4767-954d-5964ddc1bd05 -IoCancelEventPortName:HostProcess-938792cc-8acb-41fa-9129-3c99f1850a02 -NonStateChangingEventPortName:HostProcess-ecdea2be-32ba-4a4d-a19c-540fb48ff96c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3124612e-ee3e-4fd6-8d85-092794ff7b44 -DeviceGroupId:WpdFsGroup C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding "C:\Program Files\Internet Explorer\iexplore.exe" PortalDoSites "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5300 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_44_ActiveX.exe -Embedding "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /L Analysis "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536 "C:\Users\Jürgen - Nancy\Downloads\!TE DOEN\RSITx64.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe" HP.SupportFramework C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\ROC_JAN2013_TB_rmv.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-13 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-13 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-09-14 610360] "PC-Doctor for Windows localizer"=C:\Program Files\PC-Doctor for Windows\localizer.exe [2009-09-17 95728] "Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-07-03 1028896] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-12-02 39408] "f.lux"=C:\Users\Jürgen [2012-11-19 52654] "NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-09-29 1685048] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2009-10-02 284696] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2009-09-02 60464] "ContentTransferWMDetector.exe"=C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [2009-11-19 583016] "PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-06-01 600928] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-11-07 4956176] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe Flux.lnk - C:\Users\Jürgen - Nancy\Local Settings\Apps\F.lux\flux.exe HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe C:\Users\Jürgen - Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-03-08 52272] "UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= [] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-02-04 16:31:33 ----D---- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} 2014-02-03 00:22:19 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\Softland 2014-02-03 00:22:08 ----A---- C:\Windows\system32\GdiPlus.dll 2014-01-26 00:39:25 ----D---- C:\Windows\Migration 2014-01-26 00:08:20 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\piServer 2014-01-21 23:07:44 ----D---- C:\ProgramData\Oracle 2014-01-21 23:03:34 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-01-21 23:03:25 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-01-21 23:03:25 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-01-21 23:03:25 ----A---- C:\Windows\SYSWOW64\java.exe 2014-01-17 20:12:31 ----D---- C:\THEKING 2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-15 11:47:12 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-15 11:47:11 ----A---- C:\Windows\system32\win32k.sys 2014-01-15 11:47:10 ----A---- C:\Windows\system32\drivers\netio.sys 2014-01-11 20:35:06 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\newnext.me 2014-01-11 20:34:29 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\vlc 2014-01-11 20:34:24 ----D---- C:\Program Files (x86)\Mobogenie 2014-01-11 20:33:32 ----D---- C:\Program Files (x86)\VideoLAN ======List of files/folders modified in the last 1 month====== 2014-02-10 10:14:59 ----D---- C:\Windows\Prefetch 2014-02-10 10:14:58 ----D---- C:\Program Files\trend micro 2014-02-10 10:10:00 ----D---- C:\Windows\Temp 2014-02-10 09:52:12 ----D---- C:\Windows\system32\config 2014-02-10 09:45:12 ----D---- C:\ProgramData\MFAData 2014-02-10 09:39:38 ----D---- C:\ProgramData\NVIDIA 2014-02-09 22:28:17 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\uTorrent 2014-02-09 16:45:21 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\Mp3tag 2014-02-07 10:00:40 ----SHD---- C:\Windows\Installer 2014-02-07 10:00:40 ----HD---- C:\Config.Msi 2014-02-06 23:54:31 ----D---- C:\Windows\Minidump 2014-02-06 23:54:31 ----D---- C:\Windows 2014-02-06 12:13:15 ----D---- C:\Windows\Logs 2014-02-06 12:13:14 ----D---- C:\Windows\debug 2014-02-05 13:23:15 ----D---- C:\Windows\SysWOW64 2014-02-05 13:23:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-02-04 16:49:43 ----SHD---- C:\System Volume Information 2014-02-04 16:43:05 ----D---- C:\Windows\winsxs 2014-02-04 16:36:37 ----D---- C:\Windows\Help 2014-02-04 16:36:00 ----RSD---- C:\Windows\assembly 2014-02-04 16:35:03 ----D---- C:\Windows\system32\drivers 2014-02-04 16:34:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-02-04 16:34:11 ----D---- C:\Program Files (x86)\Hewlett-Packard 2014-02-04 16:31:33 ----HD---- C:\ProgramData 2014-02-04 16:29:53 ----D---- C:\ProgramData\Hewlett-Packard 2014-02-04 16:28:45 ----AD---- C:\swsetup 2014-02-03 00:30:32 ----RD---- C:\Program Files 2014-02-03 00:30:28 ----D---- C:\Windows\System32 2014-02-02 23:53:01 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-02 23:53:00 ----D---- C:\Windows\inf 2014-01-29 10:31:59 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-01-27 23:41:36 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-01-27 23:40:28 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\HpUpdate 2014-01-27 23:40:28 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\HP Support Assistant 2014-01-27 20:24:42 ----D---- C:\Windows\system32\catroot2 2014-01-26 10:21:53 ----D---- C:\Windows\Microsoft.NET 2014-01-26 00:39:46 ----D---- C:\Windows\SYSWOW64\en-US 2014-01-26 00:39:46 ----D---- C:\Windows\system32\en-US 2014-01-26 00:39:25 ----SD---- C:\ProgramData\Microsoft 2014-01-26 00:31:38 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-01-26 00:31:38 ----D---- C:\Windows\system32\nl-NL 2014-01-26 00:20:39 ----RD---- C:\Program Files (x86) 2014-01-21 23:03:25 ----D---- C:\Program Files (x86)\Java 2014-01-15 12:18:20 ----D---- C:\Windows\system32\DriverStore 2014-01-15 12:05:59 ----D---- C:\ProgramData\Microsoft Help 2014-01-15 12:05:01 ----D---- C:\Windows\system32\MRT 2014-01-15 12:00:46 ----A---- C:\Windows\system32\MRT.exe 2014-01-15 11:46:57 ----D---- C:\Windows\system32\catroot 2014-01-14 15:07:41 ----D---- C:\Windows\system32\NDF 2014-01-11 23:46:53 ----D---- C:\Windows\system32\Tasks ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-10-24 194872] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544] R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-02 537112] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-05 150808] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-04 240920] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-10-31 212280] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-02-08 39768] R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2009-09-17 26624] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-09-07 2484072] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-21 239616] R3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2011-06-01 848384] R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664] R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-08-05 58744] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488] S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-12-07 14448] S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-12-07 27760] S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-30 30208] S3 msvad_simple;Power Mp3 Recorder Virtual Driver (WDM); C:\Windows\system32\drivers\vadSimpl.sys [2011-09-20 27800] S3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-25 2426672] S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; syswow64\drivers\pcdrndisuio.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 5504] S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-08-28 211560] S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664] S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336] S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472] S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008] R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 NMSAccess;NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-03 1887520] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-07-30 192368] S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-02 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-03-18 947528] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-02 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-12 194032] S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------
-
Hallo Al een tijdje heb ik vreemde meldingen dat ik malware zou hebben op mijn pc. Zo ook al een lange tijd dat ipv google een "doportals" of "dosearches" als 1ste tabbladvenster van men browser opent. AVG kan dit niet oplossen en ben het stilletjes beu aan het worden dat ik het er niet van af krijg. Kan iemand me helpen? Groetjes
-
Terug een problematiek....nu doet men browser helemaal raar...ik hoop nog dat ik op de website geraak dat jullie me kunnen helpen. Het gaat uur na uur slechter met men pc, is dat normaal?
-
Nog een vraagje, is het normaal dat als ik men browser open mijn favorieten niet kan aanklikken?
-
Zoek.exe Version 4.0.0.5 Updated 09-November-2013 Tool run by Jrgen - Nancy on za 09/11/2013 at 10:33:12,38. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JRGEN-~1\Downloads\TE DOEN\zoek\zoek.com [script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-08-145037.log 49462 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Users\Jürgen - Nancy\AppData\Locallow\Plus-HD-2.2 not found C:\Users\Jürgen - Nancy\AppData\Locallow\Magnet Downloader not found C:\Users\Jürgen - Nancy\AppData\Roaming\SpeedAnalysis3 not found "C:\Users\Jürgen - Nancy\AppData\Roaming\speedanalysis.ico" not found ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "speedanalysis03@SpeedAnalysis.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com" [17/10/2013 16:43] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "speedanalysis03@SpeedAnalysis.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com" [17/10/2013 16:43] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{B3F21F8A-5E8D-4245-86E1-9A5BEEC62229}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {7FE3B0FB-0424-422C-A321-62DC4DF5CA98} Bing Url="{searchTerms} - Bing" {B3F21F8A-5E8D-4245-86E1-9A5BEEC62229} Google Url="{searchTerms} - Google Search" {F71D9DCE-B6DB-44FD-A2CB-5608C24BA223} Microsoft Url="{searchTerms - Search Microsoft.com}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\JRGEN-~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 09/11/2013 at 10:54:49,30 ====================== - - - Updated - - - Ik heb de indruk dat vele websites meer en meer rommel op het net gooien dan tevoren. Overal komen vensters uit het niets en heb je meer en meer moeite om te ontwijken. Ik probeer zoveel mogelijk "rommel" van mijn pc te houden. Is er geen krachtige tool (gratis dan wel) dat meer kan tegenhouden?
-
Dit is een legale Windows-versie
-
Zoek.exe Version 4.0.0.5 Updated 05-November-2013 Tool run by Jrgen - Nancy on vr 08/11/2013 at 15:19:36,56. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JRGEN-~1\Desktop\zoek\zoek.scr [script inserted] [Checkboxes used] ==== System Restore Info ====================== 8/11/2013 15:24:22 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\LG Electronics deleted successfully C:\PROGRA~2\Solveig Multimedia deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\ProgramData\Babylon deleted successfully C:\ProgramData\MediaMonkey deleted successfully C:\ProgramData\Oracle deleted successfully C:\ProgramData\Soulseek deleted successfully ==== Creating Sample_20130811_1532.zip ====================== Copied file C:\Users\JRGEN-~1\mssefullinstall-amd64fre-nl-nl-vista-win7.exe to sample\mssefullinstall-amd64fre-nl-nl-vista-win7.exe sample\mssefullinstall-amd64fre-nl-nl-vista-win7.exe renamed to 8B56E2B2E133E13AD7BC591060A0771C C:\Users\Public\Desktop\sample_20130811_1532.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311301136} deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311301136} deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75} deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Internet Explorer\SearchScopes\{479AABD8-3333-482C-9128-15280151B424} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311301136} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311301136} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311301136} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311301136} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311301136} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater14.1.7 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater14.1.7 deleted successfully ==== FireFox Fix ====================== Deleted from C:\Users\JRGEN-~1\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js: user_pref("browser.startup.homepage", "Zoek 23:06:55&v=14.0.2.14&pid=avg&sg=&sap=hp"); user_pref("browser.search.defaultenginename", "AVG Secure Search"); user_pref("browser.search.selectedEngine", "AVG Secure Search"); Added to C:\Users\JRGEN-~1\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\JRGEN-~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: Added to C:\Users\JRGEN-~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311301136}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311301136}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] ==== Deleting Files \ Folders ====================== {11111111-1111-1111-1111-110311301136} not found C:\Users\Jürgen - Nancy\AppData\Roaming\DefaultTab not found C:\Users\Jürgen - Nancy\AppData\Roaming\SpeedAnalysis3 not found C:\Program Files (x86)\Industriya deleted C:\Program Files (x86)\Delta deleted C:\Program Files (x86)\Common Files\DVDVideoSoft deleted C:\Program Files (x86)\Plus-HD-2.2 deleted C:\Program Files (x86)\Magnet-TV.com deleted C:\ProgramData\IBUpdaterService deleted C:\58624d33eaa4caebb0 deleted C:\PROGRA~2\Uniblue\DriverScanner deleted C:\PROGRA~2\Coupons deleted C:\PROGRA~2\SoftwareUpdater deleted C:\PROGRA~2\GoforFiles deleted C:\PROGRA~2\MyPC Backup deleted C:\PROGRA~2\Gophoto.it deleted C:\PROGRA~2\VideoSaver deleted C:\PROGRA~2\COMMON~1\AVG Secure Search deleted C:\extensions deleted C:\ProgramData\BrowserProtect deleted C:\ProgramData\Tarma Installer deleted C:\Users\JRGEN-~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard deleted C:\windows\SysNative\Tasks\Your File Updater deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Security Toolbar deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\tasks\Plus-HD-2.2-chromeinstaller.job deleted C:\Windows\tasks\Plus-HD-2.2-codedownloader.job deleted C:\Windows\tasks\Plus-HD-2.2-enabler.job deleted C:\Windows\tasks\Plus-HD-2.2-firefoxinstaller.job deleted C:\Windows\tasks\Plus-HD-2.2-updater.job deleted C:\windows\SysNative\tasks\Plus-HD-2.2-chromeinstaller deleted C:\windows\SysNative\tasks\Plus-HD-2.2-codedownloader deleted C:\windows\SysNative\tasks\Plus-HD-2.2-enabler deleted C:\windows\SysNative\tasks\Plus-HD-2.2-firefoxinstaller deleted C:\windows\SysNative\tasks\Plus-HD-2.2-updater deleted C:\windows\SysNative\Tasks\BrowserProtect deleted C:\windows\SysNative\Tasks\GoforFilesUpdate deleted C:\windows\SysNative\Tasks\EPUpdater deleted C:\windows\SysNative\tasks\AddLyrics update deleted C:\Windows\tasks\AddLyrics update.job deleted C:\Windows\tasks\VideoSaver Update.job deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\JRGEN-~1\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\fbphotozoom@installdaddy.com.xpi deleted C:\Users\JRGEN-~1\mssefullinstall-amd64fre-nl-nl-vista-win7.exe deleted "C:\Windows\tasks\PCDRScheduledMaintenance.job" deleted "C:\ProgramData\5d3cea0df61c267cb9911e078f1e3dc4_c" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\JRGEN-~1\AppData\Local\Temp ==== ====== Java Cache ===== 2013-11-02 19:21:54 1229DD87EAA79ADCE1B8E64A22CAA598 149777 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\7a2a874a-75cc7b96 2013-10-18 19:52:54 8712EAE4B1F2704BC0E2459402662AE7 97 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\2c3863ce-6.0.lap 2013-10-18 09:43:21 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-108d814c 2013-10-18 09:43:21 93FAD1B78122927C18605797A4ABAA90 100 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap 2013-10-18 09:43:16 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-6e10c43e 2013-11-02 19:22:05 1DF2DDE3986C042D5BD50612736391D4 460 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\5bd0c21a-62c60dc3 2013-10-23 14:08:31 E8AC11C89D075953D8C9384D3726BD80 80 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\6009e5db-6.0.lap 2013-11-02 19:21:42 6626992D02FBB90614FF0D44D7A27580 101 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\e474fe1-6.0.lap 2013-11-02 19:22:05 818063E724AE99C0EE6172FDE809013E 16373 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\4867e6a4-3655c79a 2013-11-02 19:22:03 E035E0B09BCADCCD3FBAD1CD731585A4 469 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\e4f6ea4-6e6c97d5 2013-10-23 14:08:31 3E679ED7824DF947DE4B4AC68EEF5F38 80 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\2392ee44-6.0.lap 2013-10-23 14:08:26 56C1A0370555C3DEB39218BED00827C6 3136 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\2392ee44-77fc9f5f 2013-10-18 09:43:24 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-6d5a6452 2013-10-23 14:08:38 7C42705D8575AFBACE6C654087F5DB00 28659 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\56c95e30-242f828c 2013-10-18 19:52:58 AF8427C5F470561B692E186EA48B1235 8130 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\150f18b8-2fb2c499 2013-10-23 14:08:39 DD530C17E63A5FB55FDE07D7949F0DE4 35571 ----a-w- C:\Users\JRGEN-~1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\5b611dbe-6096bc22 ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-11-07 11:20:16 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2013-11-07 11:20:16 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2013-11-07 11:20:16 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2013-11-07 11:20:16 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2013-11-07 11:20:16 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2013-11-07 11:20:16 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2013-11-07 11:20:16 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2013-10-10 13:10:06 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2013-10-10 13:10:04 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys 2013-10-10 13:10:04 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2013-10-10 13:10:04 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2013-10-10 13:10:04 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2013-10-10 13:10:03 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-10-10 13:10:03 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-10-10 13:10:03 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2013-10-10 13:09:53 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-11-08 12:27:53 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2013-10-18 09:42:55 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2013-10-17 15:43:09 -------- d-----w- C:\PROGRA~2\ffdshow ======= C: ===== ====== C:\Users\JRGEN-~1\AppData ====== 2013-11-07 21:52:52 -------- d-----w- C:\Users\JRGEN-~1\AppData\Locallow\Plus-HD-2.2 2013-11-07 21:52:52 -------- d-----w- C:\Users\JRGEN-~1\AppData\Locallow\Magnet Downloader 2013-10-17 15:43:14 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\SpeedAnalysis3 2013-10-17 15:43:08 7E87C3301ED85E468ABF1204B85B335C 30894 ----a-w- C:\Users\JRGEN-~1\AppData\Roaming\speedanalysis.ico 2013-10-17 15:43:08 -------- d-----w- C:\Users\JRGEN-~1\AppData\Roaming\zulagames 2013-10-17 15:30:02 -------- d-----w- C:\Users\JRGEN-~1\AppData\Local\FluxSoftware ====== C:\Users\JRGEN-~1 ====== 2013-10-18 09:38:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2013-10-17 15:43:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow 2013-10-11 17:31:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag 2013-10-10 11:21:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG ====== C: exe-files == 2013-11-08 12:27:53 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Jürgen - Nancy.exe 2013-11-08 12:27:16 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Jürgen - Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LEOK3GPX\RSITx64.exe 2013-11-07 21:51:53 AA023839E9DFBB84A6F446889994344F 116608 ----a-w- C:\Users\Jürgen - Nancy\AppData\Local\Temp\MircosoftStudio\Baofeng.exe 2013-11-07 21:51:53 2370FAED1638BB128CCEB0636E1178A6 1706152 ----a-w- C:\Users\Jürgen - Nancy\AppData\Local\Temp\MircosoftStudio\eGdpSvc.exe 2013-11-02 18:17:39 42047732F6FF71587DDAE77EC5E2E871 2416200 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000054ed\dao.17204360.exe 2013-11-01 18:17:02 CF721557812D6EB5A5F91B4F925CA776 2448744 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000054d9\dao.17194503.exe === C: other files == 2013-11-08 14:32:51 E68B3209E4880C3DCDA81F94F070051D 7318562 ----a-w- C:\Users\Public\Desktop\sample_20130811_1532.zip 2013-11-07 21:51:53 8631B751291C18D7B489F9D19753E0AD 2690523 ----a-w- C:\Users\Jürgen - Nancy\AppData\Local\Temp\MircosoftStudio\package.zip 2013-11-07 21:51:40 8631B751291C18D7B489F9D19753E0AD 2690523 ----a-w- C:\Users\Jürgen - Nancy\AppData\Local\Temp\fullpackage_temp\package.zip 2013-11-07 11:20:16 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-11-07 11:20:16 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-11-07 11:20:16 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-11-07 11:20:16 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-11-07 11:20:16 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-11-07 11:20:16 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-11-07 11:20:16 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-11-05 12:52:26 95B71CFE7B5F00F8BDC427F8D1F5F4AB 177481 ----a-w- C:\Users\Jürgen - Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\b026053c-c151-481a-a83e-4fb8d5b1b1a4@cb8a450e-83dd-422a-b921-028b1cbf9831.com.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "f.lux"="C:\Users\Jrgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN" "ROC_JAN2013_TB"="C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe /PROMPT /CMPID=JAN2013_TB" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "ContentTransferWMDetector.exe"="C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" "PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "f.lux"="C:\Users\Jrgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\progra~3\\bitguard\\261673~1.238\\{c16c1~1\\bitguard.dll " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background" "PC-Doctor for Windows localizer"="C:\Program Files\PC-Doctor for Windows\localizer.exe" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\Jrgen - Nancy\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" "Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Christmas spirit] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Christmas spirit" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Christmas Spirit.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ChristmasTree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ChristmasTree" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Desktop Christmas Tree.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Deluxe Tree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Deluxe Tree" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Deluxe Christmas Tree.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\deskTannenbaum] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="deskTannenbaum" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Desktop Tannenbaum.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DesktopXmasTree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DesktopXmasTree" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Desktop Xmas Tree.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FreeXmasTree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FreeXmasTree" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Free Xmas Tree.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GetChristmas] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GetChristmas" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Get Christmas.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Happy Christmas] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Happy Christmas" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Happy Christmas.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPADVISOR" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe view=DOCKVIEW" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Little Tree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Little Tree" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Little Tree.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Live Xmas Tree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Live Xmas Tree" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Live Xmas Tree.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LiveChristmasTree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LiveChristmasTree" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Live Christmas Tree.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Magic Tree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Magic Tree" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Desktop Magic Tree.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Rainbow Tree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Rainbow Tree" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Rainbow Tree.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Red Christmas Tree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Red Christmas Tree" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Red Christmas Tree.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Win Christmas Tree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Win Christmas Tree" "hkey"="HKCU" "command"="C:\\Users\\Jrgen - Nancy\\Documents\\Jrgen\\Software\\trees\\Christmas Trees\\Windows Christmas Tree.exe" ==== Startup Folders ====================== 2012-09-30 17:47:13 1316 ----a-w- C:\Users\JRGEN-~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2013-08-06 14:36:02 1032 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk 2013-04-18 17:50:30 2047 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Flux.lnk 2013-07-14 11:45:02 2101 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 12:25] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/12/2010 00:40] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\ROC_JAN2013_TB_rmv.job --a------ C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\SysNative\tasks\4775" [wscript.exe C:\Users\JRGEN-~1\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe] "C:\Windows\SysNative\tasks\ExtendedServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Jrgen - Nancy\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\Orb Startup" [C:\Program Files (x86)\Winamp Remote\bin\OrbTray.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3597228709-2799698942-2323137413-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3597228709-2799698942-2323137413-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\ROC_JAN2013_TB_rmv" [C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{04902170-FAB5-4221-8A26-C54A801ABD8B}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{4E3895D7-2AF7-44DD-AED7-96601D575516}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{72C2AD64-B6BB-4F2E-A5F0-F81C82E6A407}" [C:\Program Files (x86)\Bit Che\Bit_Che.exe] "C:\Windows\SysNative\tasks\{7C6507C9-154F-4F31-A85D-9C15CB592043}" [C:\Users\Jrgen - Nancy\Documents\PS_AIO_NonNetwork_NLD_NB.exe] "C:\Windows\SysNative\tasks\{B978FA62-FCE5-419F-ACE6-7EA92A7F51EE}" [E:\Setup.exe] "C:\Windows\SysNative\tasks\{F9536317-D79F-46A0-97DF-FB1ED69CF44F}" [C:\Program Files (x86)\Disc2Phone\D2P.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\NCH Swift Sound\switchShakeIcon" [C:\Program Files (x86)\NCH Swift Sound\Switch\Switch.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "speedanalysis03@SpeedAnalysis.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com" [17/10/2013 16:43] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "speedanalysis03@SpeedAnalysis.com"="C:\Users\Jrgen - Nancy\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com" [17/10/2013 16:43] ==== Firefox Extensions ====================== ProfilePath: C:\Users\JRGEN-~1\AppData\Roaming\Mozilla\Firefox\Profiles\0 - Online HD TV - %ProfilePath%\extensions\onlinehdtv@onlinehd.tv.xpi ==== Firefox Plugins ====================== ==== Deleted Firefox Extensions ====================== C:\Users\JRGEN-~1\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\onlinehdtv@onlinehd.tv.xpi deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dfcfkhnlpcoafpoepljegijlkinbhjgb - C:\Program Files (x86)\Magnet.TV\magnet-downloader10.crx[] dkinklhnkmkhkhofcnapakaoehijaoih - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx[] eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Jrgen - Nancy\AppData\Roaming\BabSolution\CR\Delta.crx[23/05/2013 11:15] gflandjopdloblmlcoiidmncpinmmacn - C:\Users\Jrgen - Nancy\AppData\Roaming\zulagames\zulagames.crx[03/10/2013 18:33] ifjgookacnmjghjfagggbkpebmndnbib - C:\Program Files (x86)\VideoSaver\Chrome.crx[] jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[] kdlfddggdloaadnphbhejknhaggjaeld - C:\Program Files (x86)\AddLyrics\Chrome.crx[] mpieaakhacmfleokhjcjnpcnmnmpfkid - C:\Program Files (x86)\fbphotozoom\fbphotozoom16.crx[] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\14.0.2.14\avg.crx[] pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx[] pmcmflmkceipgecmhoddphflfndnfbbe - C:\Users\Jrgen - Nancy\AppData\Local\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx[14/08/2012 11:42] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions pmcmflmkceipgecmhoddphflfndnfbbe - C:\Users\Jrgen - Nancy\AppData\Local\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx[14/08/2012 11:42] ==== Chrome Fix ====================== C:\Users\Jrgen - Nancy\AppData\Local\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx deleted successfully C:\Users\Jrgen - Nancy\AppData\Roaming\BabSolution\CR\Delta.crx deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" "Default_Page_URL"="DO SEARCHES" "Search Page"="zoeken Govome}" "Default_Search_URL"="zoeken Govome}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="zoeken Govome}" "Default_Page_URL"="DO SEARCHES" "Start Page"="DO SEARCHES" "Search Page"="zoeken Govome}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="zoeken Govome}" "Default_Page_URL"="DO SEARCHES" "Start Page"="DO SEARCHES" "Search Page"="zoeken Govome}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="zoeken Govome}" "CustomizeSearch"="zoeken Govome}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="zoeken Govome}" "CustomizeSearch"="zoeken Govome}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="Bing" "Default_Search_URL"="Bing" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="https://www.google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Bing" "Search Page"="Bing" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Bing" "Search Page"="Bing" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {7FE3B0FB-0424-422C-A321-62DC4DF5CA98} Bing Url="{searchTerms} - Bing" {B3F21F8A-5E8D-4245-86E1-9A5BEEC62229} Google Url="{searchTerms} - Google Search" {F71D9DCE-B6DB-44FD-A2CB-5608C24BA223} Microsoft Url="{searchTerms - Search Microsoft.com}" ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\videosaver@videosaver.net deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Mozilla\Firefox\Extensions\addlyrics@addlyrics.net deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Mozilla\Firefox\Extensions\addlyrics@addlyrics.net deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1000\Software\Mozilla\Firefox\Extensions\videosaver@videosaver.net deleted successfully HKEY_USERS\S-1-5-21-3597228709-2799698942-2323137413-1007\Software\Mozilla\Firefox\Extensions\videosaver@videosaver.net deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{75488BFE-6B6A-2B7A-AC50-27925C98F01B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dfcfkhnlpcoafpoepljegijlkinbhjgb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifjgookacnmjghjfagggbkpebmndnbib deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdlfddggdloaadnphbhejknhaggjaeld deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pmcmflmkceipgecmhoddphflfndnfbbe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pmcmflmkceipgecmhoddphflfndnfbbe deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Christmas spirit deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChristmasTree deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deluxe Tree deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\deskTannenbaum deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DesktopXmasTree deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeXmasTree deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GetChristmas deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Happy Christmas deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Little Tree deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Xmas Tree deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveChristmasTree deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magic Tree deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainbow Tree deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Red Christmas Tree deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Win Christmas Tree deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LEOK3GPX will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\JRGEN-~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\JRGEN-~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LEOK3GPX" deleted ==== EOF on vr 08/11/2013 at 15:50:37,72 ======================
-
Logfile of random's system information tool 1.09 (written by random/random) Run by Jürgen - Nancy at 2013-11-08 13:27:53 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 690 GB (73%) free of 941 GB Total RAM: 3959 MB (21% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:27:59, on 8/11/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16720) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Users\Jürgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Winamp\winamp.exe C:\Program Files (x86)\Mp3tag\Mp3tag.exe C:\program files (x86)\plus-hd-2.2\plus-hd-2.2-bg.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Jürgen - Nancy.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = DO SEARCHES R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = zoeken Govome} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = zoeken Govome} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = DO SEARCHES R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = zoeken Govome} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = zoeken Govome} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = DO SEARCHES R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = zoeken Govome} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = zoeken Govome} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: CrossriderApp0033036 - {11111111-1111-1111-1111-110311301136} - C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho.dll O2 - BHO: privitize Helper Object - {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files (x86)\Industriya\privitize\1.8.16.22\bh\privitize.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Jürgen - Nancy\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [f.lux] "C:\Users\Jürgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3597228709-2799698942-2323137413-1007\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3597228709-2799698942-2323137413-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Flux.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~3\bitguard\261673~1.238\{c16c1~1\bitguard.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Jürgen - Nancy\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater14.1.7 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 18212 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=002aa015-a60b-4250-8ede-ad58567d3e37 /coreSdkOptions=4364 /logConfFile="C:\Windows\TEMP\eafc6d53-9c22-477b-81aa-093d60258c1f-1c8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork taskeng.exe {BEDB3204-955C-4AEA-B582-FF3A84EE0061} "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" "C:\Users\Jürgen - Nancy\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "taskhost.exe" "C:\Windows\system32\Dwm.exe" "c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" C:\Windows\System32\svchost.exe -k HPZ12 "C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe" "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe" C:\Windows\System32\svchost.exe -k HPZ12 taskeng.exe {D321C08B-5E1D-4C5A-ABD4-8FFDA77F0D43} C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe" "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2014\avgemca.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" WLIDSvcM.exe 3156 "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe" "C:\Users\Jürgen - Nancy\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" "C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe" "\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-08cced8b-c504-4b5d-a564-49a7f5567973 -SystemEventPortName:HostProcess-e3bb6f19-0ecd-48f6-a33b-9b81220214fb -IoCancelEventPortName:HostProcess-683f679f-01b1-4cb7-958d-99e52c6a75a2 -NonStateChangingEventPortName:HostProcess-801cf3ce-80e3-46ef-a755-f49a016d9b0f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ba862e1d-9d59-43bb-bf88-8d94dcb3acc4 -DeviceGroupId:WpdFsGroup "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F2400 series#1373802423" -Startup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Winamp\winamp.exe" C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding "C:\Program Files (x86)\Mp3tag\Mp3tag.exe" "C:\Program Files\Internet Explorer\iexplore.exe" DO SEARCHES "C:\program files (x86)\plus-hd-2.2\plus-hd-2.2-bg.exe" /createbg C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6644 CREDAT:3937560 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6644 CREDAT:1250588 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6644 CREDAT:2561349 /prefetch:2 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\sppsvc.exe "C:\Users\Jürgen - Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LEOK3GPX\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\AddLyrics update.job C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\PCDRScheduledMaintenance.job C:\Windows\tasks\Plus-HD-2.2-chromeinstaller.job C:\Windows\tasks\Plus-HD-2.2-codedownloader.job C:\Windows\tasks\Plus-HD-2.2-enabler.job C:\Windows\tasks\Plus-HD-2.2-firefoxinstaller.job C:\Windows\tasks\Plus-HD-2.2-updater.job C:\Windows\tasks\ROC_JAN2013_TB_rmv.job C:\Windows\tasks\VideoSaver Update.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311301136}] Plus-HD-2.2 - C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho64.dll [2013-11-07 966504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-09 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2013-01-30 342176] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311301136}] Plus-HD-2.2 - C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho.dll [2013-11-07 641384] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}] privitize Helper Object - C:\Program Files (x86)\Industriya\privitize\1.8.16.22\bh\privitize.dll [2013-03-25 251288] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] DefaultTab Browser Helper - C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-09 194640] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] delta Helper Object - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll [2013-05-20 295832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-01-30 281760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-09 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {82E1477C-B154-48D3-9891-33D83C26BCD3} - Delta Toolbar - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll [2013-05-20 284056] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-09 194640] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-09-14 610360] "PC-Doctor for Windows localizer"=C:\Program Files\PC-Doctor for Windows\localizer.exe [2009-09-17 95728] "Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-07-03 1028896] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-12-02 39408] "f.lux"=C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Christmas spirit] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChristmasTree] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deluxe Tree] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\deskTannenbaum] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DesktopXmasTree] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeXmasTree] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GetChristmas] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Happy Christmas] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-09-29 1685048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Little Tree] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Xmas Tree] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveChristmasTree] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magic Tree] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainbow Tree] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Red Christmas Tree] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Win Christmas Tree] C:\Users\Jürgen [2012-11-19 52654] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2009-10-02 284696] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2009-09-02 60464] "ContentTransferWMDetector.exe"=C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [2009-11-19 583016] "PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-06-01 600928] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-10-07 4908592] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe Flux.lnk - C:\Users\Jürgen - Nancy\Local Settings\Apps\F.lux\flux.exe HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe C:\Users\Jürgen - Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-03-08 52272] "UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= [] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-11-08 13:27:53 ----D---- C:\rsit 2013-11-08 13:27:53 ----D---- C:\Program Files\trend micro 2013-11-07 22:52:30 ----D---- C:\Program Files (x86)\Plus-HD-2.2 2013-11-07 22:51:15 ----D---- C:\Program Files (x86)\Magnet-TV.com 2013-11-07 12:20:16 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2013-11-07 12:20:16 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-11-07 12:20:16 ----A---- C:\Windows\system32\drivers\usbohci.sys 2013-11-07 12:20:16 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-11-07 12:20:16 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-11-07 12:20:16 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-11-07 12:20:16 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2013-10-18 10:43:01 ----D---- C:\ProgramData\Oracle 2013-10-18 10:42:49 ----A---- C:\Windows\SYSWOW64\javaws.exe 2013-10-18 10:42:37 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2013-10-18 10:42:37 ----A---- C:\Windows\SYSWOW64\javaw.exe 2013-10-18 10:42:37 ----A---- C:\Windows\SYSWOW64\java.exe 2013-10-17 16:43:16 ----D---- C:\Program Files (x86)\MyPC Backup 2013-10-17 16:43:14 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\SpeedAnalysis3 2013-10-17 16:43:10 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll 2013-10-17 16:43:09 ----D---- C:\ProgramData\IBUpdaterService 2013-10-17 16:43:09 ----D---- C:\Program Files (x86)\ffdshow 2013-10-17 16:43:08 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\zulagames 2013-10-11 11:03:25 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-10-11 11:03:24 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-10-11 11:03:24 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-10-11 11:03:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-10-11 11:03:24 ----A---- C:\Windows\system32\ieui.dll 2013-10-11 11:03:24 ----A---- C:\Windows\system32\iesetup.dll 2013-10-11 11:03:24 ----A---- C:\Windows\system32\iernonce.dll 2013-10-11 11:03:23 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-10-11 11:03:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-10-11 11:03:23 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-11 11:03:23 ----A---- C:\Windows\system32\iesysprep.dll 2013-10-11 11:03:23 ----A---- C:\Windows\system32\iertutil.dll 2013-10-11 11:03:23 ----A---- C:\Windows\system32\ie4uinit.exe 2013-10-11 11:03:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-10-11 11:03:22 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-10-11 11:03:22 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-11 11:03:22 ----A---- C:\Windows\system32\jscript.dll 2013-10-11 11:03:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-10-11 11:03:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-10-11 11:03:21 ----A---- C:\Windows\system32\urlmon.dll 2013-10-11 11:03:21 ----A---- C:\Windows\system32\jscript9.dll 2013-10-11 11:03:20 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-10-11 11:03:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-10-11 11:03:20 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-11 11:03:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-10-11 11:03:19 ----A---- C:\Windows\system32\wininet.dll 2013-10-11 11:03:18 ----A---- C:\Windows\system32\ieframe.dll 2013-10-11 11:03:17 ----A---- C:\Windows\system32\mshtml.dll 2013-10-11 11:03:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-10-11 01:23:10 ----D---- C:\58624d33eaa4caebb0 2013-10-10 14:10:09 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-10 14:10:09 ----A---- C:\Windows\system32\comctl32.dll 2013-10-10 14:10:08 ----A---- C:\Windows\SYSWOW64\lpk.dll 2013-10-10 14:10:08 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2013-10-10 14:10:08 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-10 14:10:08 ----A---- C:\Windows\system32\lpk.dll 2013-10-10 14:10:08 ----A---- C:\Windows\system32\dciman32.dll 2013-10-10 14:10:08 ----A---- C:\Windows\system32\atmfd.dll 2013-10-10 14:10:07 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2013-10-10 14:10:07 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-10 14:10:07 ----A---- C:\Windows\system32\fontsub.dll 2013-10-10 14:10:07 ----A---- C:\Windows\system32\atmlib.dll 2013-10-10 14:10:06 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-10 14:10:04 ----A---- C:\Windows\system32\drivers\usbscan.sys 2013-10-10 14:10:04 ----A---- C:\Windows\system32\drivers\usbcir.sys 2013-10-10 14:10:04 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-10 14:10:04 ----A---- C:\Windows\system32\drivers\hidclass.sys 2013-10-10 14:10:03 ----A---- C:\Windows\SYSWOW64\WebClnt.dll 2013-10-10 14:10:03 ----A---- C:\Windows\SYSWOW64\mswsock.dll 2013-10-10 14:10:03 ----A---- C:\Windows\SYSWOW64\davclnt.dll 2013-10-10 14:10:03 ----A---- C:\Windows\system32\WebClnt.dll 2013-10-10 14:10:03 ----A---- C:\Windows\system32\mswsock.dll 2013-10-10 14:10:03 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-10-10 14:10:03 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2013-10-10 14:10:03 ----A---- C:\Windows\system32\drivers\afd.sys 2013-10-10 14:10:03 ----A---- C:\Windows\system32\davclnt.dll 2013-10-10 14:10:02 ----A---- C:\Windows\system32\win32k.sys 2013-10-10 14:09:59 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-10-10 14:09:59 ----A---- C:\Windows\system32\advapi32.dll 2013-10-10 14:09:58 ----A---- C:\Windows\SYSWOW64\tdh.dll 2013-10-10 14:09:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-10-10 14:09:58 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-10-10 14:09:58 ----A---- C:\Windows\SYSWOW64\advapi32.dll 2013-10-10 14:09:58 ----A---- C:\Windows\system32\tdh.dll 2013-10-10 14:09:58 ----A---- C:\Windows\system32\ntdll.dll 2013-10-10 14:09:57 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-10-10 14:09:57 ----A---- C:\Windows\SYSWOW64\user.exe 2013-10-10 14:09:57 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-10-10 14:09:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-10-10 14:09:57 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-10-10 14:09:57 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-10-10 14:09:57 ----A---- C:\Windows\system32\wow64.dll 2013-10-10 14:09:54 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 14:09:54 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 14:09:53 ----A---- C:\Windows\system32\scavengeui.dll 2013-10-10 14:09:53 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys ======List of files/folders modified in the last 1 month====== 2013-11-08 13:27:53 ----RD---- C:\Program Files 2013-11-08 13:26:31 ----D---- C:\Windows\Temp 2013-11-08 13:20:30 ----D---- C:\Windows\Panther 2013-11-08 13:20:30 ----D---- C:\Windows\inf 2013-11-08 13:20:30 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\uTorrent 2013-11-08 13:20:04 ----D---- C:\Windows\Minidump 2013-11-08 13:20:04 ----D---- C:\Windows\Logs 2013-11-08 13:20:04 ----D---- C:\Windows\debug 2013-11-08 13:20:04 ----D---- C:\Windows 2013-11-08 13:06:54 ----D---- C:\Program Files\CCleaner 2013-11-08 12:13:48 ----D---- C:\Windows\system32\config 2013-11-08 12:01:10 ----D---- C:\ProgramData\MFAData 2013-11-08 11:56:29 ----D---- C:\Windows\Prefetch 2013-11-08 11:55:37 ----D---- C:\ProgramData\NVIDIA 2013-11-07 22:57:47 ----RD---- C:\Program Files (x86) 2013-11-07 22:57:47 ----D---- C:\Windows\Tasks 2013-11-07 22:57:47 ----D---- C:\Windows\system32\Tasks 2013-11-07 19:18:53 ----D---- C:\Windows\winsxs 2013-11-07 19:14:16 ----D---- C:\Windows\system32\DriverStore 2013-11-07 19:14:16 ----D---- C:\Windows\system32\drivers 2013-11-07 12:20:42 ----SHD---- C:\System Volume Information 2013-11-07 12:16:01 ----D---- C:\Windows\system32\catroot 2013-11-07 12:16:00 ----D---- C:\Windows\system32\catroot2 2013-11-06 12:22:39 ----D---- C:\Windows\System32 2013-11-06 12:22:39 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-11-05 18:13:03 ----SHD---- C:\Windows\Installer 2013-11-05 18:13:03 ----HD---- C:\Config.Msi 2013-11-05 12:23:48 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\Mp3tag 2013-11-05 11:45:50 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2013-11-05 11:44:47 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\HpUpdate 2013-11-05 11:44:47 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\HP Support Assistant 2013-10-23 14:12:18 ----D---- C:\Windows\SYSWOW64\Adobe 2013-10-18 10:43:01 ----HD---- C:\ProgramData 2013-10-18 10:42:55 ----D---- C:\Program Files (x86)\Common Files 2013-10-18 10:42:49 ----D---- C:\Windows\SysWOW64 2013-10-18 10:42:37 ----D---- C:\Program Files (x86)\Java 2013-10-17 16:43:14 ----D---- C:\Users\Jürgen - Nancy\AppData\Roaming\Mozilla 2013-10-11 22:36:26 ----D---- C:\Windows\rescache 2013-10-11 18:31:23 ----D---- C:\Program Files (x86)\Mp3tag 2013-10-11 11:22:50 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-11 11:21:14 ----D---- C:\Program Files (x86)\Internet Explorer 2013-10-11 11:21:13 ----D---- C:\Program Files\Internet Explorer 2013-10-11 11:05:33 ----D---- C:\ProgramData\Microsoft Help 2013-10-11 11:01:47 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-11 09:08:17 ----D---- C:\Windows\Microsoft.NET 2013-10-11 09:06:35 ----RSD---- C:\Windows\assembly 2013-10-11 08:35:48 ----D---- C:\Windows\AppPatch 2013-10-11 01:21:30 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2013-10-11 01:15:38 ----D---- C:\Windows\system32\MRT 2013-10-11 01:11:42 ----A---- C:\Windows\system32\MRT.exe 2013-10-11 01:02:53 ----D---- C:\Windows\system32\nl-NL 2013-10-10 12:20:35 ----HD---- C:\$AVG 2013-10-09 12:25:27 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-09-02 192824] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-09-02 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-08-20 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-08 31544] R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-02 537112] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-09-25 148792] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-09-02 241464] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-09-02 212280] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-02-08 39768] R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2009-09-17 26624] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-09-07 2484072] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-25 2426672] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-21 239616] R3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2011-06-01 848384] R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664] R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-08-28 211560] R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336] R3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856] R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-08-05 58744] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488] S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-12-07 14448] S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-12-07 27760] S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-30 30208] S3 msvad_simple;Power Mp3 Recorder Virtual Driver (WDM); C:\Windows\system32\drivers\vadSimpl.sys [2011-09-20 27800] S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; syswow64\drivers\pcdrndisuio.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 5504] S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664] S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152] R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Jürgen [2012-11-19 52654] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 NMSAccess;NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-03 1887520] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472] R2 vToolbarUpdater14.1.7;vToolbarUpdater14.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe [2013-02-08 965296] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-07-30 192368] S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-02 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-03-18 947528] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-02 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-12 194032] S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------
-
Beste We zijn weer een tijdje verder en de problemen waren weer tijdelijk opgelost xD Nu heb ik weer last van pop-ups, vreemde meldingen, vensters die openen met "PAS OP VIRUSSSSS!!" en etc. Door op een site te klikken heb ik plots Google niet meer als standaardbrowser maar is het ineens DO SEARCHE geworden. En ik krijg het er niet meer af, hoe vaak ik ook mijn browser aanpas helpt het niet. Wat dan wel raar is als ik een 2de nieuw tabblad open is het wel GOOGLE dat open gaat. (Ik heb tussen mijn Programma's Magnet TV staan dat er eigenlijk niet hoeft te staan. Dat heb ik proberen te verwijderen maar het blijft opduiken. En ik denk dat deze de boosdoener is voor de browser en rare meldingen). Sinds ik een beetje muziek download heb ik constant meldingen over seks. Deze sites zijn "gesponsord" door al die ads en 1 klikje te ver en hupla. Dat ben ik eigenlijk beu. Zo ook mijn AVG, ik kreeg de melding dat er een nieuwe versie was, heb die dan geïnstalleerd en nu vraagt deze elke keer de computer op te starten. Ik heb AVG er af gegooid en terug op de pc gezet maar het blijft raar doen en vragen de pc herop te starten. En verder is het probleem met mijn winamp nog steeds niet opgelost. Sommige muziekbestanden wil hij nog steeds niet afspelen en wederom als ik winamp afsluit en terug open speelt hij die bepaalde muziekbestanden dan weer wel af maar dan speelt hij andere weer niet af. Kan toch iemand mij wat meer uitleg geven hoe dat zou komen? Wil er iemand mij een handje helpen alstublieft??? ;-) Grtz
-
http://speccy.piriform.com/results/pT2esqrXI3mD52PnY6Sjsqm (is het normaal dat ik op deze site mijn enter toetsen niet kan gebruiken?) ik heb ondervonden dat het enkel hier is...
