Charlotte Deruyck

Bedoel je met 'clean' 'verwijderen' of 'deïnstalleren'? Ik vermoed 'verwijderen' maar wil liever zeker zijn Groetjes!

Dank je! Snelle service, zeg zoek-results.txt

Dank je! In bijlage mijn bestandje! zoek-results.txt

Done log.txt

Beste, Ik krijg nu en dan de melding dat mijn beeldschermstuurprogramma niet meer reageert... Dan wordt mijn scherm even helemaal zwart en na enkele seconden kan ik opnieuw verder... Computer werkt sinds enige tijd ook serieus trager dan anders en loopt heel vaak vast... Graag wat tips!

Tot nu toe gaat het prima! Ik zie nergens geen woorden meer die veranderd zijn in links naar ongewenste reclame... Experts zijn jullie toch! Dikke merci!

Bij deze... zoek-results.txt

Super! Bedankt!

[ATTACH]35992[/ATTACH] Hey, Alvast bedankt voor de vlugge reactie! In bijlage het logje! log.txt

Hallo, Ik heb last van coupoanpeak... Ik heb dit reeds verwijderd uit mijn programma's en als extensie verwijderd uit Google Chrome, toch blijf ik hier last van hebben... Ik heb een logje gemaakt met hijack this! Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 7:54:28, on 27/09/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17280) FIREFOX: 32.0.3 (x86 nl) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe C:\Users\Charlotte\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Charlotte\Downloads\HijackThis.exe C:\Users\Charlotte\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1408779444&from=cor&uid=ST31000528AS_5VP67VF8&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1408779444&from=cor&uid=ST31000528AS_5VP67VF8&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=Userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll O2 - BHO: (no name) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: coupoNpeaiK - {B7AB8DE4-6B39-337A-E65D-7470B1C38198} - C:\ProgramData\coupoNpeaiK\efUnnTDjq.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [NetworkChecker] C:\Users\Mounier\AppData\Local\Temp\temp1144259936.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\Charlotte\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{0349578F-0331-46A2-848A-C59E55B44D2B}: NameServer = 94.242.222.66,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{3383178C-C401-4A7D-806F-1C1C5083815F}: NameServer = 94.242.222.66,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{74AB470E-7830-4A49-9ED8-E40C203A19AD}: NameServer = 94.242.222.66,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{0349578F-0331-46A2-848A-C59E55B44D2B}: NameServer = 94.242.222.66,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{0349578F-0331-46A2-848A-C59E55B44D2B}: NameServer = 94.242.222.66,8.8.8.8 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~3\perfor~1\perfor~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15051 bytes Groetjes!

Ondertussen kreeg ik ook deze pop-up:

Ik heb net een scan laten uitvoeren door McAfee en kreeg dit: ... - - - Updated - - - Ik heb net een scan laten uitvoeren door McAfee en kreeg dit: ...

Dit is het resultaat: C:\Users\All Users\GoogleUpd\omylcqksw.exe a variant of Win32/Kryptik.BVCC trojan C:\Users\All Users\Microsoft\BingDesktop\BingCore\temp\tmp1065.exe a variant of Win32/Kryptik.BUFJ trojan C:\Users\All Users\Microsoft\BingDesktop\BingCore\temp\tmp3FFC.exe a variant of Win32/Kryptik.BUVR trojan C:\Users\All Users\Microsoft\BingDesktop\BingCore\temp\tmpC7D0.exe a variant of Win32/Kryptik.BUWU trojan C:\CHARLOTTE\Fabrieksinstellingen\Cute pdf writer\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined C:\ProgramData\GoogleUpd\omylcqksw.exe a variant of Win32/Kryptik.BVCC trojan cleaned by deleting - quarantined C:\ProgramData\Microsoft\BingDesktop\BingCore\temp\tmp1065.exe a variant of Win32/Kryptik.BUFJ trojan cleaned by deleting - quarantined C:\ProgramData\Microsoft\BingDesktop\BingCore\temp\tmp3FFC.exe a variant of Win32/Kryptik.BUVR trojan cleaned by deleting - quarantined C:\ProgramData\Microsoft\BingDesktop\BingCore\temp\tmpC7D0.exe a variant of Win32/Kryptik.BUWU trojan cleaned by deleting - quarantined C:\Users\Charlotte\AppData\Roaming\Adobe\crsscmgr\service.exe a variant of Win64/BitCoinMiner.U potentially unsafe application deleted - quarantined C:\Users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe a variant of Win32/Kryptik.BURM trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\@Evolutietheorie.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\@MATRIX lengtematen.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\@MIJN EVALUATIEDOCUMENTEN.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\@Thema cultuur.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\@Thema milieu.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Afdrukken.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Back-up email.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\BB lessen.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Bestanden donderdaggroep.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Bestanden maandaggroep.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Bestanden vrijdaggroep.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\CLW 2013-2014 - 2014-02-12.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Dropbox CLW West-Vlaanderen.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Evaluatie NFTE.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Evaluatiedocumenten 2014-2015.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Frans - lessen.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Klassenraden krokus 2014.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Mailen drukkerij.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\NIEUW AV.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Op netwerk CLW zetten.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Rapporten krokus 2014.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\RSV.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Schaal - aangepast.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Smartschool documenten.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Charlotte\Desktop\Snelkoppelingsmapjes stick\Solliciteren 13-14.lnk LNK/Agent.U trojan cleaned by deleting - quarantined C:\Users\Mounier\AppData\Roaming\Adobe\acupx217.dll a variant of Win32/Kryptik.BVEH trojan cleaned by deleting - quarantined C:\Users\Mounier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe a variant of Win32/Kryptik.BVEH trojan cleaned by deleting - quarantined C:\zoek_backup\C_Users_Charlotte_AppData_Roaming_Mozilla_Firefox_Profiles_3nqgqq6u.default_extensions_{8F58782C-34D7-DD8D-B020-75C8F4D52146}\components\SystemSecurityCryptography.js Win32/Boaxxe.BE trojan cleaned by deleting - quarantined Ik heb ondertussen de map vanop mijn bureaublad gewist, daar had ik de mapjes vanop mijn stick in gezet die plots een snelkoppeling werden...

Ja, McAfee geeft melding van een Trojaans paard, Redyms-FDIR!194DAC34BEF5 in quarantaine geplaatst vanaf C:\Users\AppData\Roaming\Adobe\acupx217.dll Ik heb dit bestand nochtans gisteren of eergisteren via de verkenner gezocht en vernietigd, maar blijkbaar had dit geen effect?

Dit is het logje: Zoek.exe v5.0.0.0 Updated 15-February-2014 Tool run by Charlotte on zo 16/02/2014 at 16:46:37,05. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Charlotte\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 16/02/2014 16:50:27 Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\CHARLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\3nqgqq6u.default ---- Lines Web Search removed from prefs.js ---- user_pref("browser.search.defaultenginename", "Web Search"); ---- FireFox user.js and prefs.js backups ---- user_20141602_1707_.backup prefs_20141602_1707_.backup ProfilePath: C:\Users\Mounier\AppData\Roaming\Mozilla\Firefox\Profiles\ur1dpi4u.default user.js not found ---- Lines snapdo removed from prefs.js ---- user_pref("browser.newtab.url", "http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca& user_pref("browser.startup.homepage", "http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b64158 user_pref("keyword.URL", "http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searcht ---- Lines Web Search removed from prefs.js ---- user_pref("browser.search.defaultenginename", "Web Search"); user_pref("browser.search.selectedEngine", "Web Search"); ---- FireFox user.js and prefs.js backups ---- prefs_20141602_1707_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- "mobilegeni daemon"=- [HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Imcyha"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Mobogenie not found C:\Users\Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\3nqgqq6u.default\extensions\{8F58782C-34D7-DD8D-B020-75C8F4D52146} deleted C:\Users\Charlotte\AppData\Roaming\Ecbunau deleted C:\Users\Charlotte\AppData\Roaming\newnext.me deleted C:\Users\Charlotte\AppData\Local\genienext deleted C:\Users\Charlotte\.android deleted C:\Users\Mounier\AppData\Roaming\Solvusoft deleted C:\Users\Charlotte\AppData\Local\Mobogenie deleted C:\Users\Charlotte\AppData\Local\cache deleted C:\windows\SysNative\tasks\Windows Update Check - 0x159F03DA deleted C:\Users\CHARLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\3nqgqq6u.default\searchplugins\conduit-search.xml deleted C:\Users\CHARLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\3nqgqq6u.default\searchplugins\Web Search.xml deleted C:\Users\Mounier\AppData\Roaming\Mozilla\Firefox\Profiles\ur1dpi4u.default\searchplugins\Web Search.xml deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\CHARLO~1\AppData\Local\Temp ==== 2014-02-15 15:33:21 AB44CCD0FA8E55EF88DB941EEF95560A 49152 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\vfind.exe 2014-02-15 15:33:21 92BD80F82FE8A28385B7D9D3F215E8B3 73728 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\pv.exe 2014-02-15 14:19:35 8C9BF11EDF0A9B3FC0DF749B8F3D6966 29712 ----a-w- C:\Users\Mounier\AppData\Local\Temp\xszuvidpeaj.exe 2014-02-15 12:29:56 A59BABFEA99B2D046E9B9AF8B22689CE 284204 --sha-w- C:\Users\Charlotte\AppData\Local\Temp\UpdateFlashPlayer_29e3c6c1.exe 2014-02-15 09:53:08 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Users\Mounier\AppData\Local\Temp\temp1144259936.exe 2014-02-15 09:53:08 75DF33591256914A6BC2782E5C2042A4 50176 ----a-w- C:\Users\Mounier\AppData\Local\Temp\gkqvolpx.exe 2014-02-14 17:44:33 04FD350AF203F11CF7477C6BA2B9263C 93599 ----a-w- C:\Users\Mounier\AppData\Local\Temp\vpmsvptelmr.exe 2014-02-04 12:42:31 5FC1DF7FF1E2A4D3C521E6C8B783BF51 19212504 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\setupA9_.exe 2014-02-04 12:41:59 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\nso879B\SpSetup.exe 2014-02-04 12:41:50 EA3E3A130E364903B8D9CEDFC4D941C8 332288 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\setup__270.exe 2014-02-03 10:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\nsyC5B7.exe 2014-02-03 10:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\nstCA7A.exe 2014-02-03 10:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\nstA76D.exe 2014-02-03 10:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\nspCFA3.exe 2014-02-03 10:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\nsjA55A.exe 2014-02-03 10:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\nseC848.exe 2014-02-03 10:17:16 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\nseA318.exe ====== Java Cache ===== 2014-02-06 16:04:14 86E51F360DAF19AAE1785F70B952C4B1 77 ----a-w- C:\Users\Charlotte\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\469e3201-6.0.lap 2014-01-23 15:54:25 2D39752BE292A934E9CB9054A5385B4C 94 ----a-w- C:\Users\Charlotte\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\4f038bca-6.0.lap 2014-01-23 15:54:27 FC594A1FD05A1E024227953C6FC03A96 8867 ----a-w- C:\Users\Charlotte\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\5b890a02-46b91a3c 2014-01-19 17:11:19 C7BBD1B61589C06610932E97880EC5A3 45818 ----a-w- C:\Users\Charlotte\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\3ef6df66-18fbfd91 2014-01-26 18:26:12 0735170FDF0F7EEFB120FC43D86D49FE 37 ----a-w- C:\Users\Charlotte\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\4c35466a-6.0.lap 2014-01-19 17:11:09 C3CD87F4D53F35281C0F809D47B3BF77 88 ----a-w- C:\Users\Charlotte\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\2ade64f1-6.0.lap 2014-01-19 17:11:10 4D9B419B429D26BE6800CACE2749764D 201100 ----a-w- C:\Users\Charlotte\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\6135dc36-7f99bab9 2014-01-19 17:11:14 701682356BA25C5FC1CB23CA5CD90C3D 63060 ----a-w- C:\Users\Charlotte\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\2fd8cbb9-2a30441f 2014-02-06 16:04:19 795D9229C20C4B83D0DABAEEDF4F7D65 2126280 ----a-w- C:\Users\Charlotte\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\1ba8977c-5c749b76-0.2.3.4- 2014-01-20 18:45:22 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Charlotte\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-1f9029da 2014-01-20 18:45:21 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\Charlotte\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7\6619ee07-71c03f47 2014-02-07 18:23:03 F9F296079FED40F3A527160449E54A2B 37 ----a-w- C:\Users\Mounier\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\61174921-6.0.lap 2014-02-15 20:20:54 4FE46A3011265C7CEDF0598D0DE3900C 37 ----a-w- C:\Users\Mounier\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\3d3173e6-6.0.lap 2014-01-28 18:17:26 5D529BA461A8B327ECD694FE9E4BD65E 37 ----a-w- C:\Users\Mounier\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\1bd55833-6.0.lap 2014-02-15 20:08:35 9C385947116AB197430ECFE5A3ADFE0B 37 ----a-w- C:\Users\Mounier\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\6d468bf8-6.0.lap 2014-02-15 20:10:51 7CD5DAFD851632905E6D32F9FE333A9E 37 ----a-w- C:\Users\Mounier\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\4470effd-6.0.lap 2014-01-21 19:49:30 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Mounier\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-2e4d25de 2014-01-25 17:04:14 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\Mounier\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7\6619ee07-5de442bf ====== C:\Windows\SysWOW64 ===== 2014-02-13 17:06:51 3D485254E43EF4E4F707346B5731EA9A 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-02-13 17:06:22 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-02-13 17:06:22 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-02-13 17:06:22 85AC8EB265EDCAD86D651D45C5E3AB83 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-02-13 17:06:21 C9D1131E2163CE932DF3EAAF0EEA3673 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-02-13 17:06:21 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-02-13 17:06:21 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-02-13 17:06:21 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-02-13 17:06:21 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-02-13 17:06:20 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-02-13 17:06:20 34CBED7698D557DDB43F8732FBC2ACB9 2168320 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-02-13 17:06:20 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-13 17:06:20 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-02-13 17:06:19 9C89246184979A070B0C6CCF61C68136 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-02-13 17:06:19 5D9DC6332A4FC66388B09BBE7CF53750 1156096 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-02-13 17:06:19 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-02-13 17:06:18 79FA7D8B488F90EDE325963379A6F738 11266048 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-02-13 17:06:17 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-02-13 17:06:17 99280392987A1A96C756A9F38C4CE396 4244480 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-02-13 16:08:08 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\SysWOW64\locale.nls 2014-02-13 16:08:07 E4561704CBFA193761743E5AF746C669 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-02-13 16:08:07 17B06F23237FCD731FA2E10ECD6EDFE1 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-02-13 16:08:00 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-13 16:08:00 BBCE3E9E74C7CEA47FA4115B360AC2C6 423936 ----a-w- C:\Windows\SysWOW64\secproc_isv.dll 2014-02-13 16:08:00 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\SysWOW64\RMActivate.exe 2014-02-13 16:08:00 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-13 16:08:00 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-13 16:07:59 9158DBE2F8483434FC72F320690C9DB8 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-13 16:07:59 7FA485555BF802FE3DB5598004DBDFAC 390144 ----a-w- C:\Windows\SysWOW64\msdrm.dll 2014-02-13 16:07:59 58712A48D31B40EBCB35B47205F87771 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-13 16:07:59 12A9F24DC9F465DA79AC2272D829A81E 428032 ----a-w- C:\Windows\SysWOW64\secproc.dll 2014-02-13 16:07:56 D96106CF60505734B14F6AE80AAA4B07 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-02-13 16:07:56 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-13 17:06:51 F67C7D80745379DC4C5332EFFE5AC696 548864 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-02-13 17:06:23 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-02-13 17:06:22 63B5E990896BA81D604032A48CC80A5C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-02-13 17:06:22 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-02-13 17:06:21 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-02-13 17:06:21 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-02-13 17:06:21 CDE728C8FB1D6E132CED44835FA44C87 627200 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-02-13 17:06:21 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-02-13 17:06:21 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-02-13 17:06:21 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-02-13 17:06:21 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-02-13 17:06:20 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-02-13 17:06:20 F348B2D0983C91392632B4291C517AA4 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-02-13 17:06:20 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-02-13 17:06:20 D016F5092E4FFC41147E8555A71D2DDE 23170048 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-02-13 17:06:20 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-02-13 17:06:19 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-02-13 17:06:19 6300AD525D639CECBB3D144B6D7B30F9 2765824 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-02-13 17:06:19 263B6E451526A90FF8B1CEC759F22956 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-02-13 17:06:19 22874047B810B5B174C68ACD7C0B6510 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-02-13 17:06:18 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-02-13 17:06:17 5922EEA922D3AD686342F866CAEE851F 5768704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-02-13 16:08:08 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\Sysnative\locale.nls 2014-02-13 16:08:07 CD2C20CC3B385A32701F78C0ACBBE9F3 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-02-13 16:08:07 0D298133C359AB8CB9EB4FA178BF3947 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-02-13 16:08:01 1B3741488AA7E237961A29D1E7A44C0A 626176 ----a-w- C:\Windows\Sysnative\RMActivate.exe 2014-02-13 16:08:01 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 ----a-w- C:\Windows\Sysnative\RMActivate_isv.exe 2014-02-13 16:08:00 C6AC2C91541D24F9E236A670C0CA793D 528384 ----a-w- C:\Windows\Sysnative\msdrm.dll 2014-02-13 16:08:00 5693212AB2EBCACBBE05EC3A642113E2 485888 ----a-w- C:\Windows\Sysnative\secproc_isv.dll 2014-02-13 16:08:00 399FC1B75790EE606A6FD9F2FB4C891C 488448 ----a-w- C:\Windows\Sysnative\secproc.dll 2014-02-13 16:08:00 297926B15AE5390409F1007EB28A8EFB 552960 ----a-w- C:\Windows\Sysnative\RMActivate_ssp_isv.exe 2014-02-13 16:08:00 03F8F411F118CFDA508E77C747BB05EA 553984 ----a-w- C:\Windows\Sysnative\RMActivate_ssp.exe 2014-02-13 16:07:59 DC6DD779F35BB42E2E76FDFEC565C251 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp_isv.dll 2014-02-13 16:07:59 B41B1FEDEBBD955B4E25676B42087885 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp.dll 2014-02-13 16:07:56 E8710B5DDA963E6BA198DF5FB209E72A 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-02-13 16:07:56 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll ====== C:\Windows\Sysnative\drivers ===== 2014-01-26 20:11:17 29F981739E50305128022CBE10B3659C 197704 ----a-w- C:\Windows\Sysnative\drivers\HipShieldK.sys ====== C:\Windows\Tasks ====== 2014-02-15 15:33:34 E99D56F1F31F818674172F294C104047 3162 ----a-w- C:\Windows\Sysnative\Tasks\{CD68CA15-0DC3-4304-8349-4D5428227D58} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-02-16 12:14:34 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-02-04 13:05:04 -------- d-----w- C:\PROGRA~2\Anvisoft 2014-01-19 17:09:40 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-01-19 17:09:11 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\Charlotte\AppData\Roaming ====== 2014-02-15 18:22:16 0C4B1ACB72943D8D024DABD9CDC37F85 7605 ----a-w- C:\Users\Mounier\AppData\Local\Resmon.ResmonCfg 2014-02-04 13:05:04 -------- d-----w- C:\Users\Charlotte\AppData\Local\Anvisoft 2014-01-28 18:12:37 -------- d-----w- C:\Users\Mounier\AppData\Local\Imsoft 2014-01-27 08:37:33 -------- d-----w- C:\Users\Mounier\AppData\Roaming\vlc 2014-01-21 19:48:52 -------- d-----w- C:\Users\Mounier\AppData\Locallow\Sun 2014-01-19 17:08:15 -------- d-----w- C:\Users\Charlotte\AppData\Locallow\Sun ====== C:\Users\Charlotte ====== 2014-02-16 12:15:07 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Charlotte\Desktop\RSITx64.exe 2014-02-14 17:43:16 -------- d-sh--w- C:\ProgramData\GoogleUpd 2014-02-04 13:05:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft 2014-01-21 14:39:40 -------- d-----w- C:\Users\Public\CyberLink 2014-01-19 17:09:53 -------- d-----w- C:\ProgramData\Oracle 2014-01-19 17:09:40 -------- d-----w- C:\ProgramData\Sun 2014-01-19 17:09:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2014-02-16 15:50:43 FDC55EB56E7402C04828AFAEDCB0C681 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$I79Y1NI.exe 2014-02-16 15:50:43 BCCF32CEEBBFFF220260540BD0B478DA 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$IY6QR6E.exe 2014-02-16 15:50:43 BBB4AFA5FD11A59496586BCBC95962DD 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$IOAOF4M.exe 2014-02-16 15:50:43 AA8440CDD34D3F097871F4263871FAE1 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$IO2TPYH.exe 2014-02-16 15:50:43 7D47ED2D0476AC315118855FAE834E0B 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$IDSEBS5.exe 2014-02-16 15:50:43 5DC321B7CA477F2CE8C383D512274B42 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$IJDMZ5P.exe 2014-02-16 15:50:43 44696F505BA82E927DF7E214ADE84CA4 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$IRC1XRI.exe 2014-02-16 15:50:43 0D4BB06CA7FAD17CD4DC5EC2E36047EB 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$ILMAZ7D.exe 2014-02-16 15:47:01 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe 2014-02-16 15:47:01 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe 2014-02-16 15:47:00 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe 2014-02-16 15:46:52 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe 2014-02-16 15:46:52 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe 2014-02-16 15:46:51 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe 2014-02-16 15:46:47 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe 2014-02-16 15:45:36 7B4E6EA4FB7778A36F5D95087DE10606 1283584 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$RJDMZ5P.exe 2014-02-16 12:15:07 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Charlotte\Desktop\RSITx64.exe 2014-02-16 12:14:37 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Charlotte.exe 2014-02-16 12:14:16 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$R79Y1NI.exe 2014-02-15 18:18:04 AE2189ED1B3C91C47652589A2B2A6CB9 204800 ----a-w- C:\Users\Mounier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe 2014-02-15 15:43:08 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Easy Write Wizard\wisptis.exe 2014-02-15 15:43:08 !HASH: COULD NOT OPEN FILE !!!!! 0 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Book Wizard\fra\hkcr.exe 2014-02-15 15:33:21 AB44CCD0FA8E55EF88DB941EEF95560A 49152 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\vfind.exe 2014-02-15 15:33:21 92BD80F82FE8A28385B7D9D3F215E8B3 73728 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\pv.exe 2014-02-15 15:33:14 A37C8C8523B2027897BE24C9DEC7CF35 132597 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$RRC1XRI.exe 2014-02-15 15:06:22 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Master Password Wizard\dea\jucheck.exe 2014-02-15 15:06:22 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Master Password Wizard\dea\hkcr.exe 2014-02-15 15:06:22 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Master Password Wizard\dea\convert.exe 2014-02-15 15:05:48 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Master Password Wizard\des\wisptis.exe 2014-02-15 15:05:48 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Master Password Wizard\des\lucoms.exe 2014-02-15 15:05:48 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Master Password Wizard\des\jucheck.exe 2014-02-15 15:05:48 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Master Password Wizard\des\iexplore.exe 2014-02-15 15:05:48 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Master Password Wizard\des\hkcr.exe 2014-02-15 15:05:48 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Master Password Wizard\des\convert.exe 2014-02-15 15:05:48 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Help\Master Password Wizard\dea\wisptis.exe 2014-02-15 15:05:48 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Books\Fun & Learning\Detective Bob.HTML\wisptis.exe 2014-02-15 15:05:48 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Books\Fun & Learning\Detective Bob.HTML\hkcr.exe 2014-02-15 15:05:48 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Program Files (x86)\EasyBits For Kids\Books\Fun & Learning\Detective Bob.HTML\gearsec.exe 2014-02-15 14:19:35 8C9BF11EDF0A9B3FC0DF749B8F3D6966 29712 ----a-w- C:\Users\Mounier\AppData\Local\Temp\xszuvidpeaj.exe 2014-02-15 12:29:56 A59BABFEA99B2D046E9B9AF8B22689CE 284204 --sha-w- C:\Users\Charlotte\AppData\Local\Temp\UpdateFlashPlayer_29e3c6c1.exe 2014-02-15 12:26:56 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYKQB70F\exe[1].exe 2014-02-15 09:53:08 7C6B3FBC171A40F430E47C4709A33357 851984 ---ha-r- C:\Users\Mounier\AppData\Local\Temp\temp1144259936.exe 2014-02-15 09:53:08 75DF33591256914A6BC2782E5C2042A4 50176 ----a-w- C:\Users\Mounier\AppData\Local\Temp\gkqvolpx.exe 2014-02-14 17:44:33 04FD350AF203F11CF7477C6BA2B9263C 93599 ----a-w- C:\Users\Mounier\AppData\Local\Temp\vpmsvptelmr.exe 2014-02-14 17:43:12 69BDF57C73492FE5D48E8F8DDDD501AD 230912 ---h--r- C:\ProgramData\GoogleUpd\omylcqksw.exe 2014-02-13 17:06:21 AFAB9B381886ABE3490689B7633A858F 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-02-13 17:06:21 9E8F9FDD407DDE997965EEFD9E635CCF 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-02-13 17:06:21 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-02-13 17:06:21 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-02-13 17:06:21 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-02-13 17:06:20 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-02-13 17:06:19 C6E1178294BDEAB1CACF50427688DF05 806104 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-02-13 17:06:19 4263F6C131E513CEA1AE82B5B81A4E1A 808152 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-02-13 16:08:01 1B3741488AA7E237961A29D1E7A44C0A 626176 ----a-w- C:\Windows\System32\RMActivate.exe 2014-02-13 16:08:01 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe 2014-02-13 16:08:00 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-13 16:08:00 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\SysWOW64\RMActivate.exe 2014-02-13 16:08:00 297926B15AE5390409F1007EB28A8EFB 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe 2014-02-13 16:08:00 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-13 16:08:00 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-13 16:08:00 03F8F411F118CFDA508E77C747BB05EA 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe 2014-02-11 17:16:59 962145C73210053BA85C17CF91400EF5 217088 ----a-w- C:\Users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe === C: other files == 2014-02-16 14:21:29 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\_MEI39202\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2014-02-15 15:57:20 9465A22EF7950C1A57CBE8A0CC461227 1068005 ----a-w- C:\CHARLOTTE\Google Drive\Back-up\Losse bestanden\Re Studie Kijk in je brein.zip 2014-02-15 15:40:52 9465A22EF7950C1A57CBE8A0CC461227 1068005 ----a-w- C:\Users\Charlotte\Desktop\Back-up\Losse bestanden\Re Studie Kijk in je brein.zip 2014-02-15 12:29:58 2F9E35EF375AF5116F3D16F1CC9B4C0B 240 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\tmpb1fef043.bat 2014-02-11 13:22:13 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Charlotte\AppData\Local\Temp\_MEI38122\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2014-02-11 08:56:27 A3DC20485D754C0769C2185BC22927A5 10095 ----a-w- C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DBYT8CD3\SMClientDB[1].vbs 2014-02-11 08:56:27 9833B2B18D5254B3BBB506A13674E6C6 24837 ----a-w- C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RZC6L0FW\SMShowMessage[1].vbs 2014-02-11 08:56:27 6DB634C11FCA96B90762B26918DEB612 3444 ----a-w- C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L51Q7KSV\SMProviderEnum[1].vbs 2014-02-11 08:56:27 6D71C45E948CACE4E905531A06EE5291 5747 ----a-w- C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RZC6L0FW\SMUIContainer[1].vbs 2014-02-11 08:56:27 42D3A2293DE78572A16211E1FE4889BB 7104 ----a-w- C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y3GVL803\SMUtils[1].vbs 2014-02-11 08:56:27 3DDF47DFBF3EDE3DEBAE9E2A7A8FE57E 11025 ----a-w- C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IQPD0SAH\SMConstantsdef[1].vbs 2014-02-11 08:56:27 2565B7DAC37F8A062A2100539C4C6A11 11986 ----a-w- C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MTZAQDYU\SMSystemData[1].vbs ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "NetworkChecker"="C:\Users\Mounier\AppData\Local\Temp\temp1144259936.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2013-12-02 20:34:07 1017 ----a-w- C:\Users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-02-11 17:16:59 217088 ----a-w- C:\Users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe 2014-02-15 18:18:04 204800 ----a-w- C:\Users\Mounier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/01/2014 13:32] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/01/2014 13:32] C:\Windows\tasks\HPCeeScheduleForCharlotte.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [05/01/2010 11:53] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForCharlotte" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [11/02/2014 09:49] ==== Firefox Extensions ====================== ProfilePath: C:\Users\CHARLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\3nqgqq6u.default - Undetermined - C:\Users\Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\3nqgqq6u.default\extensions\{8F58782C-34D7-DD8D-B020-75C8F4D52146} ProfilePath: C:\Users\Mounier\AppData\Roaming\Mozilla\Firefox\Profiles\ur1dpi4u.default - System.Security.Cryptography.DSASignatureFormatter - %ProfilePath%\extensions\{8F58782C-34D7-DD8D-B020-75C8F4D52146} AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\3nqgqq6u.default FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash 63EE2015B877A2E472CC59E05291AA39 - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll - McAfee Security Scanner + ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[02/02/2014 08:58] Google Docs - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Google Wallet - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Mounier\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Mounier\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Mounier\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Mounier\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Mounier\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Google Wallet - Mounier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Mounier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com/?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8DAB9BCF-DDFC-48B8-AF1B-DAC60E8CD8EF&SSPV=" "Search Page"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searchtype=ds&q={searchTerms}&installDate=07/01/2014" "Search Bar"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searchtype=ds&q={searchTerms}&installDate=07/01/2014" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searchtype=ds&q={searchTerms}&installDate=07/01/2014" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searchtype=ds&q={searchTerms}&installDate=07/01/2014" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searchtype=ds&q={searchTerms}&installDate=07/01/2014" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searchtype=ds&q={searchTerms}&installDate=07/01/2014" "SearchAssistant"="http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searchtype=ds&q={searchTerms}&installDate=07/01/2014" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {28205FEB-945F-4360-A178-D5DE5B4C74B7} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{28205FEB-945F-4360-A178-D5DE5B4C74B7} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mounier\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mounier\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Mounier\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Charlotte\AppData\Local\Mozilla\Firefox\Profiles\3nqgqq6u.default\Cache will be emptied at reboot C:\Users\Mounier\AppData\Local\Mozilla\Firefox\Profiles\ur1dpi4u.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Charlotte\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Mounier\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=226 folders=41 6209309 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Mounier\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Charlotte\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\CHARLO~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Mounier\AppData\Local\Temp\temp1144259936.exe" deleted ==== EOF on zo 16/02/2014 at 17:27:42,79 ======================

Dit zou het moeten zijn: Logfile of random's system information tool 1.09 (written by random/random) Run by Charlotte at 2014-02-16 13:16:55 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 850 GB (91%) free of 939 GB Total RAM: 6071 MB (53% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:18:04, on 16/02/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Users\Charlotte\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Mounier\AppData\Local\Temp\temp1144259936.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Charlotte.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searchtype=ds&q={searchTerms}&installDate=07/01/2014 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searchtype=ds&q={searchTerms}&installDate=07/01/2014 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searchtype=ds&q={searchTerms}&installDate=07/01/2014 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=BE&userid=e358357c-d7c0-8bb7-4bc6-0b641587c6ca&searchtype=ds&q={searchTerms}&installDate=07/01/2014 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O1 - Hosts: 79.142.66.242 Google Analytics Official Website ? Web Analytics & Reporting. O1 - Hosts: 79.142.66.242 google-analytics.com. O1 - Hosts: 79.142.66.242 connect.facebook.net. O1 - Hosts: 79.142.66.242 bing.com. O1 - Hosts: 79.142.66.242 Bing. O1 - Hosts: 79.142.66.242 search.yahoo.com. O1 - Hosts: 79.142.66.242 Yahoo Search - Web Search. O1 - Hosts: 79.142.66.242 Google Analytics Official Website ? Web Analytics & Reporting. O1 - Hosts: 79.142.66.242 google-analytics.com. O1 - Hosts: 79.142.66.242 connect.facebook.net. O1 - Hosts: 79.142.66.242 bing.com. O1 - Hosts: 79.142.66.242 Bing. O1 - Hosts: 79.142.66.242 search.yahoo.com. O1 - Hosts: 79.142.66.242 Yahoo Search - Web Search. O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NetworkChecker] C:\Users\Mounier\AppData\Local\Temp\temp1144259936.exe O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\Charlotte\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: EPUHelp.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{0349578F-0331-46A2-848A-C59E55B44D2B}: NameServer = 94.242.222.66,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{3383178C-C401-4A7D-806F-1C1C5083815F}: NameServer = 94.242.222.66,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{74AB470E-7830-4A49-9ED8-E40C203A19AD}: NameServer = 94.242.222.66,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{0349578F-0331-46A2-848A-C59E55B44D2B}: NameServer = 94.242.222.66,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{0349578F-0331-46A2-848A-C59E55B44D2B}: NameServer = 94.242.222.66,8.8.8.8 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16292 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService atieclxx C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Windows\SysWOW64\ezSharedSvcHost.exe "c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc "C:\Windows\system32\mfevtps.exe" "C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files\McAfee\MSC\McAPExe.exe" "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" WLIDSvcM.exe 1692 C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\servicing\TrustedInstaller.exe "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c4460dde-dc19-48a6-86a8-4acc61243343 -SystemEventPortName:HostProcess-cc4a273b-9dfb-439a-8487-a9a8b3f94289 -IoCancelEventPortName:HostProcess-384e66cb-5613-4dc4-9bb5-bce12d8b889f -NonStateChangingEventPortName:HostProcess-80fb9599-5e31-4c02-823b-5b5e77bc86ac -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d4055683-0ffb-4791-81a0-f126c54fc3ad -DeviceGroupId:WpdFsGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe" "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart "C:\Users\Charlotte\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui /runkey "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Users\Mounier\AppData\Local\Temp\temp1144259936.exe" "C:\Users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe" "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3988.0.84537155\112488845" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23 --gpu-vendor-id=0x1002 --gpu-device-id=0x68d9 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.740.0.0 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3988.1.1601938256\1213147292" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3988.2.6349862\955592726" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3988.3.1413956024\1591611853" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3988.5.1261729270\898069447" /prefetch:673131151 C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=128170176 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ < \\.\pipe\chrome.nativeMessaging.in.5c87a19ec0bbc51d > \\.\pipe\chrome.nativeMessaging.out.5c87a19ec0bbc51d \??\C:\Windows\system32\conhost.exe "-9154191961973164234-310756826-1895543759-1461026395-1206166269-1375569591-1967131390 "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=128170176 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ "c:\PROGRA~2\mcafee\SITEAD~1\saui.exe" -Embedding "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3988.8.1046564585\45349420" /prefetch:673131151 "C:\Users\Charlotte\Desktop\RSITx64.exe" "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HPCeeScheduleForCharlotte.job =========Mozilla firefox========= ProfilePath - C:\Users\Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\3nqgqq6u.default [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.44 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin] "Description"=McAfee Mss Plugin "Path"=C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10] "Description"=McAfee Total Protection MIME Plugin "Path"=c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10] "Description"=McAfee Total Protection MIME Plugin "Path"=c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Users\Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\3nqgqq6u.default\extensions\ {8F58782C-34D7-DD8D-B020-75C8F4D52146} C:\Users\Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\3nqgqq6u.default\searchplugins\ conduit-search.xml Web Search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-01-24 301104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-19 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-01-24 252664] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-19 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-01-24 301104] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-01-24 252664] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768] "SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2010-01-18 568888] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-01-28 21720] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2013-12-06 20203904] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2009-10-14 563736] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-18 98304] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696] "HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] ""= [] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-04-25 61112] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2013-09-24 537512] "mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "NetworkChecker"=C:\Users\Mounier\AppData\Local\Temp\temp1144259936.exe [2014-02-15 851984] [HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Imcyha"=C:\Users\Charlotte\AppData\Roaming\Ecbunau\qaloux.exe [] C:\Users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Charlotte\AppData\Roaming\Dropbox\bin\Dropbox.exe EPUHelp.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-09-26 52920] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 "NoRun"=0 "HideSCAHealth"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbam.exe] "Debugger="lxdd.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamgui.exe] "Debugger="rpeu.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe] "Debugger="skskjbpjxc.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-02-16 13:14:34 ----D---- C:\rsit 2014-02-16 13:14:34 ----D---- C:\Program Files\trend micro 2014-02-15 13:29:57 ----D---- C:\Users\Charlotte\AppData\Roaming\Ecbunau 2014-02-14 18:43:16 ----SHD---- C:\ProgramData\GoogleUpd 2014-02-13 18:06:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-02-13 18:06:51 ----A---- C:\Windows\system32\vbscript.dll 2014-02-13 18:06:22 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-02-13 18:06:22 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-02-13 18:06:22 ----A---- C:\Windows\system32\msrating.dll 2014-02-13 18:06:22 ----A---- C:\Windows\system32\ieui.dll 2014-02-13 18:06:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-02-13 18:06:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-02-13 18:06:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-02-13 18:06:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-02-13 18:06:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-02-13 18:06:21 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-13 18:06:21 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-13 18:06:21 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-13 18:06:21 ----A---- C:\Windows\system32\iesetup.dll 2014-02-13 18:06:21 ----A---- C:\Windows\system32\iernonce.dll 2014-02-13 18:06:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-02-13 18:06:21 ----A---- C:\Windows\system32\ie4uinit.exe 2014-02-13 18:06:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-02-13 18:06:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-02-13 18:06:20 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-02-13 18:06:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-02-13 18:06:20 ----A---- C:\Windows\system32\mshtml.dll 2014-02-13 18:06:20 ----A---- C:\Windows\system32\jscript9diag.dll 2014-02-13 18:06:20 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-02-13 18:06:20 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-02-13 18:06:20 ----A---- C:\Windows\system32\ieapfltr.dll 2014-02-13 18:06:19 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-02-13 18:06:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-02-13 18:06:19 ----A---- C:\Windows\system32\wininet.dll 2014-02-13 18:06:19 ----A---- C:\Windows\system32\urlmon.dll 2014-02-13 18:06:19 ----A---- C:\Windows\system32\iertutil.dll 2014-02-13 18:06:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-02-13 18:06:18 ----A---- C:\Windows\system32\ieframe.dll 2014-02-13 18:06:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-02-13 18:06:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-02-13 18:06:17 ----A---- C:\Windows\system32\jscript9.dll 2014-02-13 17:08:07 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-02-13 17:08:07 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-02-13 17:08:07 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-13 17:08:07 ----A---- C:\Windows\system32\msxml3.dll 2014-02-13 17:08:01 ----A---- C:\Windows\system32\RMActivate_isv.exe 2014-02-13 17:08:01 ----A---- C:\Windows\system32\RMActivate.exe 2014-02-13 17:08:00 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll 2014-02-13 17:08:00 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe 2014-02-13 17:08:00 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe 2014-02-13 17:08:00 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe 2014-02-13 17:08:00 ----A---- C:\Windows\SYSWOW64\RMActivate.exe 2014-02-13 17:08:00 ----A---- C:\Windows\system32\secproc_isv.dll 2014-02-13 17:08:00 ----A---- C:\Windows\system32\secproc.dll 2014-02-13 17:08:00 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-13 17:08:00 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2014-02-13 17:08:00 ----A---- C:\Windows\system32\msdrm.dll 2014-02-13 17:07:59 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll 2014-02-13 17:07:59 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll 2014-02-13 17:07:59 ----A---- C:\Windows\SYSWOW64\secproc.dll 2014-02-13 17:07:59 ----A---- C:\Windows\SYSWOW64\msdrm.dll 2014-02-13 17:07:59 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2014-02-13 17:07:59 ----A---- C:\Windows\system32\secproc_ssp.dll 2014-02-13 17:07:56 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-02-13 17:07:56 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2014-02-13 17:07:56 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-13 17:07:56 ----A---- C:\Windows\system32\d2d1.dll 2014-02-13 17:03:51 ----D---- C:\Program Files\McAfee Security Scan 2014-02-04 14:05:04 ----D---- C:\Program Files (x86)\Anvisoft 2014-01-29 11:37:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-01-29 11:35:45 ----D---- C:\Windows\Migration 2014-01-26 21:11:17 ----A---- C:\Windows\system32\drivers\HipShieldK.sys 2014-01-19 18:09:53 ----D---- C:\ProgramData\Oracle 2014-01-19 18:09:40 ----D---- C:\ProgramData\Sun 2014-01-19 18:09:35 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-01-19 18:09:22 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-01-19 18:09:22 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-01-19 18:09:22 ----A---- C:\Windows\SYSWOW64\java.exe 2014-01-19 18:09:11 ----D---- C:\Program Files (x86)\Java ======List of files/folders modified in the last 1 month====== 2014-02-16 13:14:34 ----RD---- C:\Program Files 2014-02-16 13:14:12 ----D---- C:\Windows\System32 2014-02-16 13:14:12 ----D---- C:\Windows\inf 2014-02-16 13:14:12 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-16 13:08:37 ----D---- C:\Windows\Temp 2014-02-16 13:08:23 ----D---- C:\Users\Charlotte\AppData\Roaming\Dropbox 2014-02-16 13:07:05 ----D---- C:\Users\Charlotte\AppData\Roaming\Adobe 2014-02-16 13:06:03 ----D---- C:\Windows\system32\config 2014-02-16 13:05:53 ----A---- C:\Windows\SYSWOW64\log.txt 2014-02-15 17:09:23 ----D---- C:\Windows\Microsoft.NET 2014-02-15 17:09:10 ----RSD---- C:\Windows\assembly 2014-02-15 16:58:03 ----D---- C:\Program Files (x86)\EasyBits For Kids 2014-02-15 16:56:59 ----SHD---- C:\System Volume Information 2014-02-15 16:33:34 ----D---- C:\Windows\system32\Tasks 2014-02-15 16:18:52 ----D---- C:\Users\Charlotte\AppData\Roaming\newnext.me 2014-02-15 16:17:18 ----D---- C:\Users\Charlotte\AppData\Roaming\Canon 2014-02-15 15:20:31 ----D---- C:\Windows\system32\drivers\etc 2014-02-15 13:36:21 ----D---- C:\Windows\Tasks 2014-02-14 18:43:16 ----HD---- C:\ProgramData 2014-02-13 19:57:25 ----D---- C:\Windows\winsxs 2014-02-13 19:56:02 ----AD---- C:\Windows\SysWOW64 2014-02-13 19:55:57 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-02-13 19:55:57 ----D---- C:\Windows\system32\nl-NL 2014-02-13 19:55:56 ----D---- C:\Program Files\Internet Explorer 2014-02-13 19:55:56 ----D---- C:\Program Files (x86)\Internet Explorer 2014-02-13 18:12:04 ----SHD---- C:\Windows\Installer 2014-02-13 18:12:03 ----D---- C:\ProgramData\Microsoft Help 2014-02-13 18:07:57 ----D---- C:\Windows\system32\catroot2 2014-02-13 18:07:57 ----D---- C:\Windows\system32\catroot 2014-02-13 18:07:02 ----A---- C:\Windows\win.ini 2014-02-13 17:17:16 ----D---- C:\CHARLOTTE 2014-02-13 17:01:51 ----D---- C:\ProgramData\PDFC 2014-02-12 19:53:25 ----D---- C:\Users\Charlotte\AppData\Roaming\HpUpdate 2014-02-12 19:53:25 ----D---- C:\Users\Charlotte\AppData\Roaming\HP Support Assistant 2014-02-11 09:49:16 ----D---- C:\Program Files (x86)\McAfee 2014-02-07 19:28:11 ----D---- C:\Windows\LiveKernelReports 2014-02-05 14:11:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-02-04 14:05:04 ----D---- C:\Program Files (x86) 2014-01-30 17:53:23 ----SD---- C:\Users\Charlotte\AppData\Roaming\Microsoft 2014-01-29 11:35:51 ----D---- C:\Windows\SYSWOW64\en-US 2014-01-29 11:35:51 ----D---- C:\Windows\system32\en-US 2014-01-29 11:35:45 ----SD---- C:\ProgramData\Microsoft 2014-01-29 11:35:45 ----AD---- C:\Windows 2014-01-26 21:11:17 ----D---- C:\Windows\system32\drivers 2014-01-22 22:04:43 ----D---- C:\Windows\Prefetch 2014-01-21 15:39:45 ----D---- C:\Users\Charlotte\AppData\Roaming\CyberLink 2014-01-21 15:39:45 ----D---- C:\ProgramData\CyberLink 2014-01-19 18:09:40 ----D---- C:\Program Files (x86)\Common Files 2014-01-19 17:48:12 ----RSD---- C:\Windows\Fonts ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-11-04 179792] R2 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-11-04 311120] R2 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-11-04 782360] R2 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-11-04 343696] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-17 6853632] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-17 263680] R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-08 2394216] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-11-04 519576] R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2013-11-26 411944] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2009-12-19 852256] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2013-11-04 70112] S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2013-09-23 197704] S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2013-11-26 96112] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-17 203264] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232] R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-06-11 121344] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-10-01 268824] R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2013-11-28 178048] R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-11-26 1025232] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-11-04 219272] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-11-04 182752] R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07 116648] S2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] S2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] S2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07 116648] S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-05-15 230968] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 289256] S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2013-08-02 602944] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-26 119408] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-19 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF----------------- Alvast bedankt!

Ondertussen geeft mijn McAfee melding van een Trojaans paard... Hij vraagt om de PC af te sluiten, zodat het bestand kan worden hersteld... Ik heb dit reeds gedaan en dan krijg ik nog steeds die melding... Gedetecteerd: Redyms-FDIR!194DAC34BEF5 (Trojaans paard) In quarantaine geplaatst vanuit: C:\Users\Charlotte\AppData\Roaming\Adope\acupx217.dll ?

Hallo, Ik heb gisteren nog probleemloos met mijn stick op een laptop op school gewerkt. Ik stop die daarnet in mijn desktop thuis en al mijn mapjes zijn snelkoppelingen geworden... Als ik erop dubbelklik, kom ik niet bij de inhoud van dat mapje, maar soms bij 'mijn documenten' en soms krijg ik een foutmelding dat hij iets niet kan vinden... Daarbij ook meldingen van '****.exe' waarbij men zegt: 'Er bevindt zich geen schijf in het station. Plaats een geschikt medium in station / Device / Harddisk1/DR1... Als ik dat annuleer, krijg ik een volgend dialoogvenster met dezelfde foutmelding met op het einde /DR2 en dat gaat zo verder tot en met /DR4... Kan ik nog aan mijn bestanden geraken?!

De iPad werkt perfect in het bijzijn van de pc, vandaag voortdurend naast elkaar gebruikt en geen problemen gehad... Ik heb windows 7 op mijn pc... Wat de recentste driver zijn, weet ik niet, ik ken daar niet zoveel van, dus ik weet niet of ik die heb... En een kabel aansluiten zal moeilijk gaan, de modem en dlink staan in de garage en de pc is een desktop die in de living staat... Met mijn laptop waar windows vista op staat, lukt het trouwens ook niet... En ik heb de indruk dat het slechter wordt, ik kon voordien nu en dan kort op internet, dat is me de laatste uren helemaal niet meer gelukt...

Heb die workaround geprobeerd, had helaas geen effect... Het is echt vervelend! Ik kreeg een mail terug van Telenet, op mijn vraag die ik stelde omtrent het probleem... Ik krijg nu een mail terug waarin ze zeggen dat ik misschien een andere modem nodig heb en dat gratis is als ik verander van internetabonnement... Yes right... Ze weten niet eens of de modem het probleem is, vermoed ik dan? Als ik een nieuwe modem wil zonder verandering van abonnement, dan kost me dat 75 euro. Terwijl ik niet eens weet of daar het probleem ligt want ik blijf internet hebben op de ipad!!

Heb ik gedaan maar maakte geen verschil... Ik heb de pc nu een systeemherstel laten doen naar een herstelpunt van een hele tijd geleden, misschien kan dat helpen? Zo raar dat er via ipad geen enkel probleem,is en met de pc wel... Alvast bedankt om mee te denken!

En hoe doe ik dat? Sorry, hoor, ben nogal een leek...

Hey, De lichtjes blijven inderdaad werken en ik kan ook op datzelfde moment met de ipad surfen...

Ik denk niet dat het internet zelf een probleem vormt, aangezien de wifi op de ipad wel goed werkt, het probleem moet dus bij de pc liggen?

Heb twee toestelletjes, een 'modem'? met vier lampjes, die allemaal branden en één lichtje PC Activity dat knippert. Dan heb ik ook nog een D-Link... Het rare is dat ik rechts onderaan kan zien dat de verbinding er nog is, maar toch kan ik in mijn mozilla of welke browser dan ook, niet verder werken... Thx!