Ga naar inhoud

Jade

Lid
  • Items

    20
  • Registratiedatum

  • Laatst bezocht

Jade's prestaties

  1. Beste Mako, Oké heel erg bedankt! Hij is in elk geval een stuk sneller nu, helemaal top Groetjes!
  2. Hoi Mako, Alle scans en het verwijderen is gelukt. Probleem is alleen dat het logbestand van de fix nu ook verwijderd is. Of kan ik die nog ergens terugvinden? Groetjes!
  3. Hallo Mako! Sorry het wilde eerst niet lukken en toen had ik een hele poos geen tijd (druk druk druk). Ik kwam erachter dat de nieuw gedownloade EmiSoft scanner nog aan stond. Het is in elk geval nu wel gelukt. Hierbij het logbestand. ZHPDiag.txt
  4. Goedenavond! Oké, goed om te horen! Hierbij het volgende logbestand. scan_150614-204538.txt
  5. Hierbij de logbestanden (van de AdwCleaner waren er twee opgeslagen, ik heb beide toegevoegd) zoek-results.log AdwCleanerS0.txt AdwCleanerR0.txt
  6. Beste Mako, Bedankt voor je uitgebreide antwoord. Ik snap inderdaad dat er geen eenduidig antwoord voor is, maar hier heb ik zeker wat aan! Ik hoop dat ie nog wat te versnellen valt. Bedankt voor de hulp! Groetjes!
  7. Bedankt voor de snelle reactie. Zie bijlage voor het logbestand. log.txt
  8. Voor mijn studie heb ik mijn laptop hard nodig, maar hij is tegenwoordig zo langzaam dat ik hem bijna niet meer kan gebruiken. Ik heb de computer nu bijna 4 jaar, het is een Acer met Windows 7. Ik vraag me af hoe lang je het beste een computer kan hebben voordat hij aan vervanging toe is? Daarnaast hoop ik door middel van dit forum erachter te komen waarom de computer zo traag is geworden? Ik hoop dat jullie mij hierbij kunnen helpen. Het zou fantastisch zijn! Groetjes
  9. Yes, allemaal gelukt! Nogmaals bedankt! Voel me erg opgelucht! Groetjes, Emmy!
  10. Nee volgens mij is het weg! Is daarmee alles opgelost? Echt heel erg bedankt! Nog één vraagje, als ik een nieuwe virusscanner wil, moet ik dus McAffee verwijderen? Groetjes
  11. # AdwCleaner v3.010 - Report created 28/10/2013 at 16:43:27 # Updated 20/10/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Emmy - EMMY-PC # Running from : C:\Users\Emmy\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4pc ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_inkscape_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_inkscape_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_logosmartz-logo-maker-software_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_logosmartz-logo-maker-software_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-media-player-plugin(1)_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-media-player-plugin_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-media-player-plugin_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\smartbar Key Deleted : HKCU\Software\smartbarbackup Key Deleted : HKCU\Software\smartbarlog Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\Tutorials Key Deleted : HKCU\Software\TutoTag Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\AppDataLow\Software\Savings Sidekick Key Deleted : HKLM\Software\eSafeSecControl Key Deleted : HKLM\Software\qone8Software Key Deleted : HKLM\Software\Softonic Key Deleted : HKLM\Software\Tuto4PC Key Deleted : HKLM\Software\Tutorials Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16720 -\\ Mozilla Firefox v24.0 (nl) [ File : C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\prefs.js ] ************************* AdwCleaner[R0].txt - [8268 octets] - [28/10/2013 16:37:26] AdwCleaner[s0].txt - [7918 octets] - [28/10/2013 16:43:27] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7978 octets] ##########
  12. Zoek.exe Version 4.0.0.5 Updated 26-October-2013 Tool run by Emmy on ma 28-10-2013 at 15:26:25,54. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Emmy\Desktop\zoek.exe [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-10-28-151039.log 4685 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\ProgramData\Oracle deleted successfully C:\Users\Emmy\AppData\Roaming\Publish Providers deleted successfully C:\Users\Emmy\AppData\Local\PackageAware deleted successfully ==== Creating Sample_28-10-2013_1539.zip ====================== Copied file C:\ProgramData\MxlfprbVJsBCd.exe to sample\MxlfprbVJsBCd.exe Copied file C:\ProgramData\YTYuWibiySyhLX.exe to sample\YTYuWibiySyhLX.exe sample\MxlfprbVJsBCd.exe renamed to D41D8CD98F00B204E9800998ECF8427E sample\YTYuWibiySyhLX.exe renamed to D41D8CD98F00B204E9800998ECF8427E C:\Users\Public\Desktop\sample_28-10-2013_1539.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVKService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVKService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVKProxy deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVKProxy deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVKProxy deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVKProxy deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVKWCtl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVKWCtl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\GDFwSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\GDFwSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\GDScan deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GDScan deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\GDScan deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\GDScan deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WsysSvc deleted successfully ==== FireFox Fix ====================== Deleted from C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\prefs.js: user_pref("browser.search.useDBForOrder", "false"); Added to C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\prefs.js: ProfilePath: C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_28-10-2013_1540_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "G Data AntiVirus Tray Application"=- "GDFirewallTray"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\eSafe deleted C:\ProgramData\IBUpdaterService deleted C:\Users\Emmy\Downloads\SoftonicDownloader_voor_inkscape.exe deleted C:\Users\Emmy\Downloads\SoftonicDownloader_voor_windows-media-player-plugin(1).exe deleted C:\Users\Emmy\Downloads\SoftonicDownloader_voor_windows-media-player-plugin.exe deleted C:\Users\Emmy\AppData\LocalLow\Softonic deleted C:\Users\Emmy\AppData\LocalLow\Smartbar deleted C:\Windows\wininit.ini deleted C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\searchplugins\Web Search.xml deleted C:\ProgramData\MxlfprbVJsBCd.exe deleted C:\ProgramData\YTYuWibiySyhLX.exe deleted "C:\Program Files (x86)\Common Files\G Data\ObjBrwse.dll" deleted "C:\Program Files (x86)\Common Files\G Data\ObjBrwse64.dll" not deleted "C:\PROGRA~2\tuto4pc_pt_28\tuto4pc_pt_28.exe" deleted "C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe" deleted "C:\Program Files (x86)\G Data\InternetSecurity\ASK\GDASpam.dll" deleted "C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe" deleted "C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwsc64.dll" deleted "C:\Program Files (x86)\G Data\InternetSecurity\AVK\MiniIcpt2X64.dll" deleted "C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll" deleted "C:\Program Files (x86)\G Data\InternetSecurity\AVK\SysIcptx64.dll" deleted "C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" deleted "C:\Program Files (x86)\G Data\InternetSecurity\Common\AVKRes.dll" deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.dll" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.exe" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvc.dac" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GdFwSvc.dat" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtRes.exe" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtResx64.exe" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSys.dat" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\InitInstx64.exe" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dac" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dat" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dac" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dat" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcpt2x64.dll" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcptX64.dll" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dac" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dat" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dac" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dat" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\SqLiteGDx64.dll" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap32.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKIM.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\avksmtp.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\BehaviourService64.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\BehaviourServiceResources64.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\FileBlSrv.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\FileBlSrv64.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdDeepAnalyse64.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\gdwfpcd.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\GeoIP.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\SecSrv.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\AVKScanP.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\AvkScanPx64.dll" deleted "C:\Program Files (x86)\Common Files\G Data\GDScan\AVKScanPS.dll" deleted "C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\aswEngLdrOem.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\BD1\avxdisk.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\BD1\bdcore.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\acshort.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\algo.dll" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCleanerDLL.dll" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnBS.dll" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnIS.dll" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnOS.dll" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswEngin.dll" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswFiDb.dll" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRawFS.dll" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRep.dll" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswScan.dll" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\certs.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_as.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_el.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_evope.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_ob2.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe2.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe3.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_sql.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_tx.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_u.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_wh2.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_xtn.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_d.txt" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_i.txt" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\lshe3.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_idx.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_nmp.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_dst.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_src.dat" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf.bin" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf1.bin" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_idx.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_nmp.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_idx.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_nmp.map" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\whitelist.db" not deleted "C:\Program Files (x86)\G Data" not deleted "C:\Program Files (x86)\Common Files\G Data" not deleted "C:\PROGRA~2\tuto4pc_pt_28" deleted "C:\Users\Emmy\AppData\Local\tuto4pc_pt_28" deleted "C:\Program Files (x86)\G Data\InternetSecurity" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\ASK" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\AVK" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\AVKTray" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Common" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall" not deleted "C:\Program Files (x86)\G Data\InternetSecurity\Shredder" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKProxy" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP" not deleted "C:\Program Files (x86)\Common Files\G Data\GDScan" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\BD1" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs" not deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Emmy\AppData\Local\Temp ==== 2013-10-26 23:29:36 B4F54911FD477012FDABF5EF7EFAA945 1706064 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\eGdpSvc.exe 2013-10-26 23:29:36 530F2D77C7F116FA0BD2A110C254F718 694864 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\help.exe 2013-10-17 19:06:40 3C9C391E565D6A7418964C9E9D146CD9 457296 ------w- C:\Users\Emmy\AppData\Local\Temp\is2095933935\199609084_stp\cor_ar_qone8.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2013-10-28 14:56:56 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2013-10-28 14:56:46 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2013-10-28 14:56:46 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-28 14:56:46 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\SysWOW64\java.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-10-09 23:08:32 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2013-10-09 23:07:38 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2013-10-09 23:07:38 1F775DA4CF1A3A1834207E975A72E9D7 185344 ----a-w- C:\Windows\Sysnative\drivers\usbvideo.sys 2013-10-09 23:07:29 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2013-10-09 23:07:29 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2013-10-09 22:47:38 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2013-10-09 22:47:28 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-10-09 22:47:28 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-10-09 22:44:26 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys ====== C:\Windows\Tasks ====== 2013-10-28 15:26:46 B4B4661FCD9823E9F902E60EA9A0F8C5 3100 ----a-w- C:\Windows\Sysnative\Tasks\{7C7B3737-5FC7-412B-B209-0C26306896C2} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-10-27 12:29:45 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2013-10-28 14:58:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2013-10-28 14:56:30 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\Emmy\AppData\Roaming ====== 2013-10-28 14:38:09 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun 2013-10-26 23:29:49 -------- d-----w- C:\Users\Emmy\AppData\Local\Programs ====== C:\Users\Emmy ====== 2013-10-28 14:56:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2013-10-28 14:30:30 40644BE06A1E87CF268EE8C33E921702 915368 ----a-w- C:\Users\Emmy\Downloads\jxpiinstall.exe 2013-10-27 12:28:21 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Emmy\Downloads\RSITx64.exe 2013-10-26 23:29:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TUTO4PC 2013-10-26 23:28:47 1C48841E422DF02EE4A9F785FE00FCD6 611648 ----a-w- C:\Users\Emmy\Downloads\le-fabuleux-destin-damelie-poulain-eng-4781112.exe 2013-10-09 20:56:23 -------- d-----w- C:\Users\Emmy\5-10 km ====== C: exe-files == 2013-10-28 15:24:23 464692C94730F7234BE3C24A72141B00 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$ID9R3F2.exe 2013-10-28 15:23:47 AE2A651D96799156164C61C8189ACB5F 1269248 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RD9R3F2.exe 2013-10-28 15:21:09 03E88119CEA4BAB37ABCF6BA2BB6B0D1 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$IA7WYPN.exe 2013-10-28 15:07:57 98A481677CA3EFC70DBBD17E646B6A7C 1269248 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RWCN002\Z-Analyse.exe 2013-10-28 15:06:17 98A481677CA3EFC70DBBD17E646B6A7C 1269248 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RA7WYPN.exe 2013-10-28 14:56:34 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe 2013-10-28 14:56:34 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe 2013-10-28 14:56:34 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe 2013-10-28 14:56:34 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe 2013-10-28 14:56:34 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe 2013-10-28 14:56:34 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe 2013-10-28 14:56:34 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe 2013-10-28 14:56:34 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe 2013-10-28 14:56:34 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe 2013-10-28 14:56:34 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe 2013-10-28 14:56:34 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe 2013-10-28 14:56:34 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe 2013-10-28 14:56:34 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe 2013-10-28 14:56:34 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe 2013-10-28 14:56:34 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe 2013-10-28 14:56:33 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe 2013-10-28 14:56:33 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe 2013-10-28 14:56:33 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe 2013-10-28 14:56:33 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 2013-10-28 14:56:33 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe 2013-10-28 14:56:33 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe 2013-10-28 14:40:31 D6B709CB3C1FBE805DE8961F572A971C 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$I4KK3C8.exe 2013-10-28 14:31:32 40644BE06A1E87CF268EE8C33E921702 915368 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$R4KK3C8.exe 2013-10-27 12:29:45 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Emmy.exe 2013-10-26 23:29:36 B4F54911FD477012FDABF5EF7EFAA945 1706064 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\eGdpSvc.exe 2013-10-26 23:29:36 530F2D77C7F116FA0BD2A110C254F718 694864 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\help.exe === C: other files == 2013-10-28 15:24:23 C3BA2BD8148F4E13BAF4B35832BBA7FE 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$I0HHZV1.zip 2013-10-28 15:24:23 358AB50FDB0DB39ABA1E898197363F45 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$IZ63PNU.com 2013-10-28 15:23:46 D836D31D211FC1109A40490CE1995516 1393061 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RZ63PNU.com 2013-10-28 15:14:58 1D483F455EB8FEE959A17ED1979416F6 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$IIWZIR0.zip 2013-10-28 15:14:26 A299BC2E273DEAF8D7741FE0D3BC38EF 4035542 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$R0HHZV1.zip 2013-10-28 15:02:13 88F31293B1362217F718D7786E90A6A7 2521086 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RIWZIR0.zip 2013-10-28 14:56:35 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip 2013-10-26 23:29:38 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DG9T4I63\1.1.6.6[1].crx 2013-10-26 23:29:38 2D0E258C08354FA84E5CB5D312B8E83F 416279 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\newtab.crx ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "WebDriveTray"="C:\Program Files\WebDrive\webdrive.exe /trayicon" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" "EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" "EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d" "Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" "BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "Dolby Advanced Audio v2"="C:\Dolby PCEE4\pcee4.exe -autostart" "ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "tuto4pc_pt_28"="C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "upt4pc_pt_28.exe"="C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "WebDriveTray"="C:\Program Files\WebDrive\webdrive.exe /trayicon" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\System32\\nvinitx.dll" ==== Startup Folders ====================== 2011-12-15 21:09:16 1051 ----a-w- C:\Users\Emmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-01-19 12:55:19 1935 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk 2013-01-18 13:28:20 2653 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-10-2013 20:34] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"] "C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"] "C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"] "C:\Windows\SysNative\tasks\{610CF1B8-6945-4F11-81B2-847C255F9A5C}" [C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe] "C:\Windows\SysNative\tasks\{F035AC8A-7292-42B6-8945-AB9DD91A403F}" [C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897 - WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - G Data BankGuard - %AppDir%\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} - G Data WebFilter - %AppDir%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash 7EF7E4C1325D533F5186E7118ABB0E7C - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll - McAfee Security Scanner + C548328E9DE5EB73350EF292D7140662 - C:\Users\Emmy\Picasa3\npPicasa3.dll - Picasa ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dhdepfaagokllfmhfbcfmocaeigmoebo - C:\Users\Emmy\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx[] ==== Chrome Fix ====================== C:\Users\Emmy\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0 deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {30C03312-7964-4677-8F81-FC0845ADE690} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo deleted successfully ==== HijackThis Entries ====================== R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [tuto4pc_pt_28] "C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [upt4pc_pt_28.exe] C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [WebDriveTray] C:\Program Files\WebDrive\webdrive.exe /trayicon O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe O4 - Global Startup: vpngui.exe.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - Unknown owner - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WebDrive Service (WebDriveService) - South River Technologies, LLC - C:\Program Files\WebDrive\wdService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Emmy\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Emmy\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Emmy\AppData\Local\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Emmy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Common Files\G Data\ObjBrwse64.dll" deleted "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.dll" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.exe" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvc.dac" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GdFwSvc.dat" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtRes.exe" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtResx64.exe" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSys.dat" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\InitInstx64.exe" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dac" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dat" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dac" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dat" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcpt2x64.dll" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcptX64.dll" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dac" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dat" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dac" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dat" not found "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\SqLiteGDx64.dll" not found "C:\Program Files (x86)\Common Files\G Data\AVKProxy\GeoIP.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\acshort.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\algo.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCleanerDLL.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnBS.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnIS.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnOS.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswEngin.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswFiDb.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRawFS.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRep.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswScan.dll" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\certs.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_as.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_el.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_evope.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_ob2.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe2.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe3.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_sql.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_tx.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_u.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_wh2.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_xtn.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_d.txt" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_i.txt" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\lshe3.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_idx.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_nmp.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_dst.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_src.dat" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf.bin" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf1.bin" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_idx.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_nmp.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_idx.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_nmp.map" deleted "C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\whitelist.db" deleted "C:\Program Files (x86)\G Data" not found "C:\Program Files (x86)\Common Files\G Data" deleted ==== EOF on ma 28-10-2013 at 15:59:19,90 ======================
  13. Bedankt voor de snelle reactie. Ik heb inderdaad twee scanners. Alleen beide scanners zijn verlopen en niet meer actief. Na dit opgelost te hebben wil ik waarschijnlijk McAfee verlengen. Gdata mag dus wat mij betreft weg. Hierbij de Log: Logfile of random's system information tool 1.09 (written by random/random) Run by Emmy at 2013-10-27 12:29:44 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 262 GB (57%) free of 461 GB Total RAM: 3948 MB (34% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:29:55, on 27-10-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16720) Boot mode: Normal Running processes: C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\Emmy.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [tuto4pc_pt_28] "C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe" O4 - HKLM\..\RunOnce: [upt4pc_pt_28.exe] C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [WebDriveTray] C:\Program Files\WebDrive\webdrive.exe /trayicon O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe O4 - Global Startup: vpngui.exe.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WebDrive Service (WebDriveService) - South River Technologies, LLC - C:\Program Files\WebDrive\wdService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe -- End of file - 14603 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe" "C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe" winlogon.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 37713520 C:\ProgramData\eSafe\eGdpSvc.exe \??\C:\Windows\system32\conhost.exe "-1757915117-705199051478481944192383376227072009683521270916130325732115442648 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe" "C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe" "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe" "C:\Program Files (x86)\Launch Manager\dsiwmis.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe" "C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" "C:\Program Files (x86)\Acer\Registration\GREGsvc.exe" "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE "C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\WebDrive\wdService.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted WLIDSvcM.exe 2416 "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe" -Embedding C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding "taskhost.exe" taskeng.exe {4FE8A9AF-28BF-4B5B-A7FE-963287F02CC0} "C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe" "C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe" -runhelper "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" C:\Windows\system32\igfxsrvc.exe -Embedding "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4 "C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" C:\Windows\system32\igfxext.exe -Embedding "C:\Program Files\WebDrive\WebDrive.exe" /trayicon C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k "C:\Program Files (x86)\Launch Manager\LManager.exe" "C:\DOLBY PCEE4\pcee4.exe" -autostart "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe" "C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" "C:\Program Files (x86)\Launch Manager\LMworker.exe" "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" "C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" C:\Windows\system32\sppsvc.exe C:\Windows\servicing\TrustedInstaller.exe "C:\Users\Emmy\Downloads\RSITx64.exe" "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe18_ Global\UsGthrCtrlFltPipeMssGthrPipe18 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job =========Mozilla firefox========= ProfilePath - C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897 prefs.js - "browser.search.useDBForOrder" - "false" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Users\Emmy\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1] "Description"= "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin] "Description"=McAfee Mss Plugin "Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32] "Description"= "Path"=C:\Windows\system32\npdeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\extensions\ {906305f7-aafc-45e9-8bbd-941950a84dad} {9AA46F4F-4DC7-4c06-97AF-5035170633FE} C:\Program Files (x86)\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll NPOFF12.DLL nppdf32.dll WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\extensions\ {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\searchplugins\ firefox-add-ons.xml Web Search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}] G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll [2011-06-22 634376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] Snap.DoEngine - C:\Windows\system32\mscoree.dll [2010-11-21 444752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-10-04 351008] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-10-04 53536] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}] G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll [2011-06-22 577544] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-20 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}] G Data BankGuard - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll [2011-08-10 52216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll [2011-06-22 634376] {ae07101b-46d4-4a98-af68-0333ea26e113} - Snap.Do - C:\Windows\system32\mscoree.dll [2010-11-21 444752] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll [2011-06-22 577544] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-05-09 168216] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-05-09 392472] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-05-09 416024] "IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-07-29 2280232] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-10 11785832] "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-09 2189416] "Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"=C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-10-11 1140736] "WebDriveTray"=C:\Program Files\WebDrive\webdrive.exe [2010-05-25 2442328] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-09-14 283160] "SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-09-28 340336] "EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-09-17 407920] "EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-09-17 201584] "Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-01 1155928] "BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-03-09 297280] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424] "Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2011-02-03 506712] "ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-02-18 177448] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-08-18 421736] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520] "G Data AntiVirus Tray Application"=C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [2011-09-22 1012232] "GDFirewallTray"=C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [2011-09-22 1619976] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "tuto4pc_pt_28"=C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe [2013-10-11 3989488] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "upt4pc_pt_28.exe"=C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe [2013-10-11 3154416] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe vpngui.exe.lnk - C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe C:\Users\Emmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\System32\nvinitx.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-04-15 385024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-03-20 247296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2013-10-27 12:29:45 ----D---- C:\Program Files\trend micro 2013-10-27 12:29:44 ----D---- C:\rsit 2013-10-26 23:30:00 ----D---- C:\ProgramData\eSafe 2013-10-26 23:29:52 ----D---- C:\Program Files (x86)\tuto4pc_pt_28 2013-10-18 16:26:34 ----D---- C:\Program Files\McAfee Security Scan 2013-10-11 13:19:37 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-10-11 13:19:36 ----A---- C:\Windows\system32\ieui.dll 2013-10-11 13:19:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-10-11 13:19:34 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-10-11 13:19:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-10-11 13:19:34 ----A---- C:\Windows\system32\iesetup.dll 2013-10-11 13:19:34 ----A---- C:\Windows\system32\iernonce.dll 2013-10-11 13:19:32 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-10-11 13:19:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-10-11 13:19:32 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-11 13:19:32 ----A---- C:\Windows\system32\iesysprep.dll 2013-10-11 13:19:32 ----A---- C:\Windows\system32\ie4uinit.exe 2013-10-11 13:19:31 ----A---- C:\Windows\system32\iertutil.dll 2013-10-11 13:19:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-10-11 13:19:29 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-11 13:19:28 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-10-11 13:19:28 ----A---- C:\Windows\system32\jscript.dll 2013-10-11 13:19:27 ----A---- C:\Windows\system32\jscript9.dll 2013-10-11 13:19:26 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-10-11 13:19:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-10-11 13:19:24 ----A---- C:\Windows\system32\urlmon.dll 2013-10-11 13:19:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-10-11 13:19:22 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-11 13:19:21 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-10-11 13:19:20 ----A---- C:\Windows\system32\wininet.dll 2013-10-11 13:19:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-10-11 13:19:18 ----A---- C:\Windows\system32\ieframe.dll 2013-10-11 13:19:15 ----A---- C:\Windows\system32\mshtml.dll 2013-10-11 13:19:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-10-09 23:26:31 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-09 23:26:31 ----A---- C:\Windows\system32\comctl32.dll 2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\lpk.dll 2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-09 23:13:47 ----A---- C:\Windows\system32\lpk.dll 2013-10-09 23:13:47 ----A---- C:\Windows\system32\fontsub.dll 2013-10-09 23:13:47 ----A---- C:\Windows\system32\dciman32.dll 2013-10-09 23:13:47 ----A---- C:\Windows\system32\atmlib.dll 2013-10-09 23:13:47 ----A---- C:\Windows\system32\atmfd.dll 2013-10-09 23:08:32 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-09 23:07:38 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2013-10-09 23:07:38 ----A---- C:\Windows\system32\drivers\usbcir.sys 2013-10-09 23:07:29 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-09 23:07:29 ----A---- C:\Windows\system32\drivers\hidclass.sys 2013-10-09 22:47:38 ----A---- C:\Windows\SYSWOW64\WebClnt.dll 2013-10-09 22:47:38 ----A---- C:\Windows\SYSWOW64\davclnt.dll 2013-10-09 22:47:38 ----A---- C:\Windows\system32\WebClnt.dll 2013-10-09 22:47:38 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2013-10-09 22:47:38 ----A---- C:\Windows\system32\davclnt.dll 2013-10-09 22:47:28 ----A---- C:\Windows\SYSWOW64\mswsock.dll 2013-10-09 22:47:28 ----A---- C:\Windows\system32\mswsock.dll 2013-10-09 22:47:28 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-10-09 22:47:28 ----A---- C:\Windows\system32\drivers\afd.sys 2013-10-09 22:47:10 ----A---- C:\Windows\system32\win32k.sys 2013-10-09 22:47:06 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-10-09 22:47:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-10-09 22:47:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-10-09 22:47:04 ----A---- C:\Windows\system32\advapi32.dll 2013-10-09 22:47:03 ----A---- C:\Windows\SYSWOW64\tdh.dll 2013-10-09 22:47:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-10-09 22:47:03 ----A---- C:\Windows\system32\wow64.dll 2013-10-09 22:47:03 ----A---- C:\Windows\system32\tdh.dll 2013-10-09 22:47:03 ----A---- C:\Windows\system32\ntdll.dll 2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\user.exe 2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\advapi32.dll 2013-10-09 22:44:41 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 22:44:41 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 22:44:26 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2013-10-09 22:44:19 ----A---- C:\Windows\system32\scavengeui.dll ======List of files/folders modified in the last 1 month====== 2013-10-27 12:29:56 ----D---- C:\Windows\Prefetch 2013-10-27 12:29:51 ----D---- C:\Windows\Temp 2013-10-27 12:29:45 ----RD---- C:\Program Files 2013-10-27 12:29:43 ----D---- C:\Users\Emmy\AppData\Roaming\Dropbox 2013-10-27 12:28:53 ----D---- C:\Windows\system32\config 2013-10-27 12:01:35 ----D---- C:\Windows\System32 2013-10-27 12:01:34 ----D---- C:\Windows\inf 2013-10-27 12:01:34 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-27 11:58:27 ----A---- C:\Windows\SYSWOW64\log.txt 2013-10-27 11:56:27 ----D---- C:\ProgramData\clear.fi 2013-10-27 01:05:08 ----D---- C:\Users\Emmy\AppData\Roaming\Skype 2013-10-26 23:30:00 ----D---- C:\ProgramData 2013-10-26 23:29:52 ----RD---- C:\Program Files (x86) 2013-10-26 22:35:31 ----SHD---- C:\System Volume Information 2013-10-18 21:15:38 ----SHD---- C:\Windows\Installer 2013-10-18 21:15:37 ----D---- C:\ProgramData\Skype 2013-10-18 21:15:34 ----RD---- C:\Program Files (x86)\Skype 2013-10-18 16:15:38 ----D---- C:\Windows\Microsoft.NET 2013-10-18 16:15:00 ----RSD---- C:\Windows\assembly 2013-10-14 21:07:48 ----D---- C:\Windows\winsxs 2013-10-14 21:06:45 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-14 21:06:43 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-13 23:57:09 ----D---- C:\Windows\system32\catroot2 2013-10-13 23:55:58 ----D---- C:\Windows\SysWOW64 2013-10-13 23:55:53 ----D---- C:\Program Files (x86)\Internet Explorer 2013-10-13 23:55:48 ----D---- C:\Program Files\Internet Explorer 2013-10-13 23:55:46 ----D---- C:\Windows\system32\drivers 2013-10-13 23:55:36 ----D---- C:\Windows\AppPatch 2013-10-13 23:55:06 ----D---- C:\Windows\system32\DriverStore 2013-10-11 20:44:49 ----D---- C:\Users\Emmy\AppData\Roaming\Spotify 2013-10-11 14:07:18 ----D---- C:\Windows\rescache 2013-10-11 13:24:02 ----D---- C:\ProgramData\Microsoft Help 2013-10-11 13:20:11 ----D---- C:\Windows\system32\catroot 2013-10-11 13:08:51 ----D---- C:\Windows\system32\MRT 2013-10-11 13:03:28 ----A---- C:\Windows\system32\MRT.exe 2013-10-11 12:56:48 ----D---- C:\Windows\system32\nl-NL 2013-10-09 20:34:59 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys [2011-10-27 50552] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-09-14 437272] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-23 59728] R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2011-10-27 110968] R1 gdwfpcd;G Data WFP CD; C:\Windows\system32\drivers\gdwfpcd64.sys [2011-10-27 65912] R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [2011-10-07 106488] R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2011-10-27 51576] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-06-08 22912] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-06-08 20328] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-06-08 62584] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192] R2 WebDriveFSD;WebDrive Filesystem Driver; \??\C:\Program Files\WebDrive\wdfsd.sys [2010-05-25 118872] R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\drivers\b57xdbd.sys [2011-01-21 67624] R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\drivers\b57xdmp.sys [2011-01-21 19496] R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-03-01 4720704] R3 bScsiMSa;bScsiMSa; C:\Windows\system32\drivers\bScsiMSa.sys [2011-01-20 52264] R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-01-14 85544] R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784] R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968] R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2011-10-27 59256] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-04-15 12228128] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-15 2814952] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-01-17 412712] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-07-29 1383472] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992] S3 GdNetMon;G Data Network Monitor; \??\C:\Windows\system32\drivers\GdNetMon64.sys [2011-09-21 31448] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664] R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-09-22 1500680] R2 AVKService;G Data Scheduler; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2011-09-22 464392] R2 AVKWCtl;G Data Bestandssysteembewaker; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2011-05-26 1929104] R2 Bonjour Service;Bonjour-service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944] R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336] R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168] R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-01 2804568] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-03-09 257344] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] R2 WebDriveService;WebDrive Service; C:\Program Files\WebDrive\wdService.exe [2010-05-25 2156120] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R2 WsysSvc;Wsys Service; C:\ProgramData\eSafe\eGdpSvc.exe [2013-10-26 1706064] R3 GDFwSvc;G Data Personal Firewall; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2011-08-10 1556816] R3 GDScan;G Data Scanner; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2011-09-22 448008] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2011-08-18 934760] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560] S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-28 655624] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 288776] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-17 118680] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-01 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------
  14. Beste pc-helpmedewerker, Na het verkeerd downloaden van een bestand op internet, heb ik last van opeens verschijnende reclames en dat soort praktijken. Het gebeurt wel alleen als ik Mozilla Firefox gebruik. Ik heb een HiJackthisLog gemaakt en hoop dat u me kan helpen. Alvast bedankt. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:12:07, on 27-10-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16720) Boot mode: Normal Running processes: C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file) O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [tuto4pc_pt_28] "C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe" O4 - HKLM\..\RunOnce: [upt4pc_pt_28.exe] C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [WebDriveTray] C:\Program Files\WebDrive\webdrive.exe /trayicon O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe O4 - Global Startup: vpngui.exe.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WebDrive Service (WebDriveService) - South River Technologies, LLC - C:\Program Files\WebDrive\wdService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe -- End of file - 14987 bytes
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.